Small Business Lending Under the Equal Credit Opportunity Act (Regulation B), 35150-35571 [2023-07230]
Download as PDF
<![CDATA[
35150
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
CONSUMER FINANCIAL PROTECTION
BUREAU
12 CFR Part 1002
[Docket No. CFPB–2021–0015]
RIN 3170–AA09
Small Business Lending Under the
Equal Credit Opportunity Act
(Regulation B)
Consumer Financial Protection
Bureau.
ACTION: Final rule.
AGENCY:
The Consumer Financial
Protection Bureau (CFPB or Bureau) is
amending Regulation B to implement
changes to the Equal Credit Opportunity
Act (ECOA) made by section 1071 of the
Dodd-Frank Wall Street Reform and
Consumer Protection Act (Dodd-Frank
Act). Consistent with section 1071,
covered financial institutions are
required to collect and report to the
CFPB data on applications for credit for
small businesses, including those that
are owned by women or minorities. The
final rule also addresses the CFPB’s
approach to privacy interests and the
publication of data; shielding certain
demographic data from underwriters
and other persons; recordkeeping
requirements; enforcement provisions;
and the rule’s effective and compliance
dates.
DATES:
Effective date: This final rule is
effective August 29, 2023.
Compliance dates: Covered financial
institutions must comply with the final
rule beginning October 1, 2024, April 1,
2025, or January 1, 2026, as set forth in
§ 1002.114(b).
FOR FURTHER INFORMATION CONTACT:
Camille Gray, Paralegal Specialist; Kris
Andreassen, Pavitra Bacon, Joseph
Devlin, Amy Durant, Angela Fox,
Caroline Hong, David Jacobs, Kathryn
Lazarev, Lawrence Lee, Adam Mayle,
Kristen Phinnessee, or Melissa Stegman,
Senior Counsels, Office of Regulations,
at 202–435–7700 or https://
reginquiries.consumerfinance.gov/. If
you require this document in an
alternative electronic format, please
contact CFPB_Accessibility@cfpb.gov.
SUPPLEMENTARY INFORMATION:
SUMMARY:
lotter on DSK11XQN23PROD with RULES2
I. Summary of the Final Rule
In 2010, Congress passed the DoddFrank Act. Section 1071 of that Act 1
amended ECOA 2 to require that
1 Public Law 111–203, tit. X, section 1071, 124
Stat. 1376, 2056 (2010), codified at ECOA section
704B, 15 U.S.C. 1691c–2.
2 15 U.S.C. 1691 et seq.
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
financial institutions collect and report
to the CFPB certain data regarding
applications for credit for womenowned, minority-owned, and small
businesses. Section 1071’s statutory
purposes are to (1) facilitate
enforcement of fair lending laws, and (2)
enable communities, governmental
entities, and creditors to identify
business and community development
needs and opportunities of womenowned, minority-owned, and small
businesses.
Section 1071 specifies a number of
data points that financial institutions
are required to collect and report, and
also provides authority for the CFPB to
require any additional data that it
determines would aid in fulfilling
section 1071’s statutory purposes.
Section 1071 also contains a number of
other requirements, including those that
address restricting the access of
underwriters and other persons to
certain data; recordkeeping; publication
of small business lending data; and
modifications or deletions of data prior
to publication in order to advance a
privacy interest.
Section 1071 directs the CFPB to
prescribe such rules and issue such
guidance as may be necessary to carry
out, enforce, and compile data pursuant
to section 1071, and permits it to adopt
exceptions to any requirement or to
exempt financial institutions from the
requirements of section 1071 as it deems
necessary or appropriate to carry out the
purposes of section 1071. The CFPB is
adding a new subpart B to Regulation B
to implement the requirements of
section 1071. Key aspects of the CFPB’s
final rule are summarized below.
As envisioned by Congress, the small
business lending rule will create our
nation’s first consistent and
comprehensive database regarding
lending to small businesses, including
small farms. This will fulfill section
1071’s statutory purposes by allowing
Federal, State, and local enforcement
agencies to assess potential areas for fair
lending enforcement and by enabling a
range of stakeholders to better identify
business and community development
needs and opportunities for small
businesses, including women-owned
and minority-owned small businesses.
The database, again as dictated by
Congress, will not reveal privacyprotected information about any
particular small business applicant, and
small businesses will retain control over
how much of their demographic
information they choose to divulge. In
addition, the CFPB believes that its final
rule will help to sharpen competition in
credit supply by creating greater
PO 00000
Frm 00002
Fmt 4701
Sfmt 4700
transparency around small business
lending.
Scope. The CFPB is requiring
financial institutions to collect and
report data regarding applications for
credit for small businesses, including
those that are owned by women and
minorities. The CFPB is not requiring
financial institutions to collect and
report data regarding applications for
women-owned and minority-owned
businesses that are not small. Because
more than 99 percent of women-owned
and minority-owned businesses are
small businesses, covering small
businesses necessarily means nearly all
women-owned and minority-owned
businesses will also be covered. The
CFPB believes that this scope is
consistent with the statute and will
allow the rule to carry out section
1071’s purposes without requiring
collection of data that would be of
limited utility.
Covered financial institutions.
Consistent with language from section
1071, a ‘‘financial institution’’ is defined
to include any partnership, company,
corporation, association (incorporated
or unincorporated), trust, estate,
cooperative organization, or other entity
that engages in any financial activity.
The rule thus applies to a variety of
entities that engage in small business
lending, including depository
institutions (i.e., banks, savings
associations, and credit unions),3 online
lenders, platform lenders, community
development financial institutions (both
depository and nondepository
institutions), Farm Credit System
lenders, lenders involved in equipment
and vehicle financing (captive financing
companies and independent financing
companies), commercial finance
companies, governmental lending
entities, and nonprofit nondepository
lenders.4
3 For purposes of this document, the Bureau is
using the term depository institution to mean any
bank or savings association defined by the Federal
Deposit Insurance Act, 12 U.S.C. 1813(c)(1), or
credit union defined pursuant to the Federal Credit
Union Act, 12 U.S.C. 1751 et seq., as implemented
by 12 CFR 700.2. The Bureau notes that the DoddFrank Act defines a depository institution to mean
any bank or savings association defined by the
Federal Deposit Insurance Act, 12 U.S.C. 1811 et
seq.; there, that term does not encompass credit
unions. 12 U.S.C. 5301(18)(A), 1813(c)(1). To
facilitate analysis and discussion, the Bureau is
referring to banks and savings associations together
with credit unions as depository institutions
throughout this document, unless otherwise
specified.
4 The Bureau’s rules, including this final rule to
implement section 1071, generally do not apply to
motor vehicle dealers, as defined in section
1029(f)(2) of the Dodd-Frank Act, that are
predominantly engaged in the sale and servicing of
motor vehicles, the leasing and servicing of motor
vehicles, or both. 12 U.S.C. 5519.
E:\FR\FM\31MYR2.SGM
31MYR2
lotter on DSK11XQN23PROD with RULES2
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
The rule uses the term ‘‘covered
financial institution’’ to refer to those
financial institutions that are required to
comply with its data collection and
reporting requirements. A covered
financial institution is defined as a
financial institution that originated at
least 100 covered credit transactions
(rather than 25, as proposed) for small
businesses in each of the two preceding
calendar years. The CFPB is not
adopting an asset-based exemption
threshold for depository institutions, or
any other general exemptions for
particular categories of financial
institutions.
The final rule also permits creditors
that are not covered financial
institutions to voluntarily collect and
report small business lending data in
certain circumstances.
Covered credit transactions. Covered
financial institutions are required to
collect and report data regarding
covered applications from small
businesses for covered credit
transactions. A ‘‘covered credit
transaction’’ is one that meets the
definition of business credit under
existing Regulation B, with certain
exceptions. Transactions within the
scope of the rule include loans, lines of
credit, credit cards, merchant cash
advances, and credit products used for
agricultural purposes. The CFPB is
excluding trade credit, public utilities
credit, securities credit, and incidental
credit as proposed. In addition, the
CFPB has added exclusions for
transactions that are reportable under
the Home Mortgage Disclosure Act of
1975 (HMDA) 5 and insurance premium
financing. Consistent with the CFPB’s
proposal, factoring, leases, and
consumer-designated credit that is used
for business or agricultural purposes are
also not covered credit transactions. In
addition, the CFPB has made clear that
purchases of originated covered credit
transactions are not reportable.
Covered applications. A ‘‘covered
application’’—which triggers data
collection, reporting, and related
requirements when submitted by a
small business—is defined as an oral or
written request for a covered credit
transaction that is made in accordance
with procedures used by a financial
institution for the type of credit
requested. This definition of covered
application is largely consistent with
the existing Regulation B definition of
that term. However, certain
circumstances are not covered
applications for purposes of this rule,
even if they are considered applications
under existing Regulation B.
Specifically, covered applications for
purposes of this rule do not include (1)
reevaluation, extension, or renewal
requests on existing business credit
accounts, unless the request seeks
additional credit amounts; or (2)
inquiries and prequalification requests.
Small business definition. A covered
financial institution is required to
collect and report data on a covered
application from a ‘‘small business,’’
which the rule defines in accordance
with the meaning of ‘‘business concern
or concern’’ and ‘‘small business
concern’’ under the Small Business
Act 6 and Small Business
Administration (SBA) regulations.
However, in lieu of using the SBA’s size
standards for defining a small business
concern, the definition in this final rule
looks to whether the business had $5
million or less in gross annual revenue
for its preceding fiscal year. The CFPB
believes that a straightforward $5
million threshold strikes the right
balance in terms of broadly covering the
small business credit market to fulfill
section 1071’s statutory purposes while
meeting the SBA’s criteria for an
alternative size standard.7 The final rule
also anticipates updates to this size
standard, not more than every five
years, to account for inflation. The SBA
Administrator has approved the CFPB’s
use of this alternative size standard
pursuant to the Small Business Act.8
Data to be collected and reported. The
rule addresses the data points that must
be collected and reported by covered
financial institutions for covered
applications from small businesses.
Congress specifically enumerated many
of these data points in ECOA section
704B(e)(2); for the others, the Congress
granted the CFPB express authority in
704B(e)(2)(H) to require financial
institutions to compile and maintain,
along with enumerated data points, a
record of ‘‘any additional data that the
Bureau determines would aid in
fulfilling the purposes’’ of section 1071.
Certain of these data points are or could
be collected from the applicant; other
data points are based on information
within the financial institution’s
control. Covered financial institutions
must not discourage an applicant from
responding to requests for applicantprovided data and must otherwise
maintain procedures to collect such data
at a time and in a manner that are
reasonably designed to obtain a
response; when collecting data directly
from the applicant, the rule identifies
certain minimum provisions that must
6 15
U.S.C. 631 et seq.
15 U.S.C. 632(a)(2)(C); 13 CFR 121.903.
8 See 15 U.S.C. 632(a)(2)(C).
7 See
5 12
U.S.C. 2801 et seq.
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
PO 00000
Frm 00003
Fmt 4701
Sfmt 4700
35151
be included within financial
institutions’ procedures in order for
them to be considered ‘‘reasonably
designed.’’ The rule also addresses what
financial institutions should do if,
despite having such procedures in
place, they are unable to obtain certain
data from an applicant. Furthermore,
the rule makes clear that a financial
institution may rely on information
from the applicant, or appropriate thirdparty sources, when compiling data. If
the financial institution verifies
particular information, however, it must
report that verified information.
Financial institutions are permitted to
reuse previously collected data in
certain circumstances, rather than
having to request it from the applicant
for each covered application.
As noted above, the rule includes data
points that are, or could be, provided by
the applicant. Some data points
specifically relate to the credit being
applied for: the credit type (which
includes information on the credit
product, types of guarantees, and loan
term); the credit purpose; and the
amount applied for. There are also data
points that relate to the applicant’s
business: census tract based on an
address or location provided by the
applicant; gross annual revenue for the
applicant’s preceding full fiscal year;
the 3-digit North American Industry
Classification System (NAICS) code for
the applicant; the number of workers
that the applicant has; the applicant’s
time in business; and the number of
principal owners the applicant has.
There are also applicant-provided
data points on the demographics of the
applicant’s ownership: first, whether the
applicant is a minority-owned business
or a women-owned business, along with
a new data field capturing whether the
applicant is an LGBTQI+-owned
business; and second, the ethnicity,
race, and sex of the applicant’s principal
owners. The CFPB refers to these data
points collectively as an applicant’s
‘‘protected demographic information.’’
Principal owners’ ethnicity and race
will be collected from applicants using
aggregate categories as well as
disaggregated subcategories. Principal
owners’ sex/gender will be collected
from applicants without using predefined response categories.
The CFPB is not finalizing its
proposed requirement to have financial
institutions collect race and ethnicity
via visual observation or surname if an
in-person applicant does not provide
any ethnicity, race, or sex information
for any principal owners; instead, the
final rule requires that these data be
reported based only on information
provided by the applicant.
E:\FR\FM\31MYR2.SGM
31MYR2
lotter on DSK11XQN23PROD with RULES2
35152
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
The CFPB is providing lenders with a
sample data collection form, in both
digital and paper form, to assist them in
collecting protected demographic data
from applicants. Although the contents
of the sample form reflect certain legal
requirements that financial institutions
must follow, their use of the sample
form is not itself required under the
final rule. Rather, it is an available
resource to financial institutions.
In addition, the rule includes data
points that will be generated or supplied
solely by the financial institution. These
data points include, for all applications:
a unique identifier for each application
for or extension of credit; the
application date; the application
method (that is, the means by which the
applicant submitted the application);
the application recipient (that is,
whether the financial institution or its
affiliate received the application
directly, or whether it was received by
the financial institution via a third
party); the action taken by the financial
institution on the application; and the
action taken date. For denied
applications, there is also a data point
for denial reasons. For applications that
are originated or approved but not
accepted, there is a data point for the
amount originated or approved, and a
data point for pricing information
(which includes, as applicable, interest
rate, total origination charges, broker
fees, initial annual charges, additional
cost for merchant cash advances or
other sales-based financing, and
prepayment penalties).
Firewall. The CFPB’s rule implements
a requirement in section 1071 that
certain data collected from applicants be
shielded from underwriters and certain
other persons (or, if a firewall is not
feasible, a notice is given instead); the
CFPB refers to this as the ‘‘firewall.’’
Generally, an employee or officer of a
financial institution or a financial
institution’s affiliate that is involved in
making any determination concerning a
covered application is prohibited from
accessing the applicant’s responses to
the inquiries about protected
demographic information that the
financial institution makes pursuant to
the rule. This prohibition does not
apply to an employee or officer,
however, if the financial institution
determines that employee or officer
should have access to an applicant’s
responses to its inquiries regarding the
applicant’s protected demographic
information and the financial institution
provides a notice to the applicant
regarding that access. The notice must
be provided to each applicant whose
information will be accessed or,
alternatively, the financial institution
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
could provide the notice to all
applicants. The final rule does not
require specific language for this notice
but does provide sample language that
a covered financial institution may use.
The final rule also clarifies several key
points of the firewall provision.
Reporting data to the CFPB;
publication of data by the CFPB and
other disclosures; and privacy
considerations. Financial institutions
must collect small business lending data
on a calendar year basis and report it to
the CFPB on or before June 1 of the
following year. Financial institutions
reporting data to the CFPB are required
to provide certain identifying
information about themselves as part of
their submission. The CFPB is releasing,
concurrently with this final rule,
technical instructions for the
submission of small business lending
data in a Filing Instructions Guide.9
The CFPB will make available to the
public, on an annual basis, the
application-level data submitted to it by
financial institutions, subject to
modifications or deletions made by the
CFPB, to advance privacy interests. To
ease burden on covered entities, CFPB
publication of application-level data
will satisfy financial institutions’
statutory obligation to make data
available to the public upon request. At
this time, the CFPB is not making a final
decision on the best way to protect
privacy interests through prepublication modification and deletion of
reported data. Assessing the many
comments it received in this area, the
CFPB is preliminarily of the view that
its privacy assessment will focus
primarily on whether (and, if so, how)
small business lending data,
individually or in combination with
other data, pose re-identification risk for
small businesses and, as a result, for
their owners. The CFPB also anticipates
taking account of compelling risks to
financial institution privacy interests.
The CFPB does not anticipate that it can
carry out the necessary analysis of prepublication modifications and deletions
without at least one full year of
application-level data. The CFPB
intends to further engage with
stakeholders on the issue of data
publication before it resolves on a
particular approach to protecting
privacy interests through modifications
and deletions. Finally, the CFPB
anticipates publishing select aggregate
data—i.e., data that does not include
9 See CFPB, Small Business Lending Filing
Instructions Guide, https://
www.consumerfinance.gov/data-research/smallbusiness-lending/filing-instructions-guide/.
PO 00000
Frm 00004
Fmt 4701
Sfmt 4700
application-level information—before it
publishes application-level data.
In addition, the final rule prohibits a
financial institution or third party from
disclosing protected demographic
information, except in limited
circumstances. Specifically, the final
rule prohibits financial institutions from
disclosing or providing to third parties
the protected demographic information
collected pursuant to the rule, except to
further compliance with ECOA or
Regulation B or as required by law. The
final rule also limits third parties’
disclosure of protected demographic
information.
Recordkeeping, enforcement, and
severability. The rule addresses issues
related to recordkeeping, enforcement of
violations, and severability. The CFPB is
also finalizing provisions regarding
treatment of bona fide errors under the
rule in general along with several safe
harbors for particular kinds of errors.
Relatedly, as explained in part VII
below, covered financial institutions
will also have a 12-month grace period
during which the CFPB—for institutions
under its jurisdiction—will not assess
penalties for errors in data reporting,
and will conduct examinations only to
assist institutions in diagnosing
compliance weaknesses, to the extent
that these institutions engaged in good
faith compliance efforts.
Effective and compliance dates,
transitional provisions. This final rule
will become effective 90 days after
publication in the Federal Register. The
CFPB is adopting a tiered compliance
date schedule because it believes that
smaller and mid-sized lenders would
have particular difficulties complying
within the single 18-month compliance
period proposed in the NPRM.
Compliance with the rule beginning
October 1, 2024 is required for financial
institutions that originate the most
covered credit transactions for small
businesses. However, institutions with a
moderate transaction volume have until
April 1, 2025 to begin complying with
the rule, and those with the lowest
volume have until January 1, 2026.
Covered financial institutions may begin
collecting applicants’ protected
demographic information one year prior
to their compliance date to help prepare
for coming into compliance with this
final rule. The CFPB is also adopting a
new provision to permit financial
institutions that do not have ready
access to sufficient information to
determine their compliance tier (or
whether they are covered by the rule at
all) to use reasonable methods to
estimate their volume of originations to
small businesses for this purpose.
E:\FR\FM\31MYR2.SGM
31MYR2
lotter on DSK11XQN23PROD with RULES2
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
Compliance and technical assistance.
The CFPB is supporting small business
lenders with a variety of compliance
and technical tools to help them
determine if they are covered by this
new rule, and if so when their
obligations arise. For lenders that are
covered, the agency is also making
available a range of resources to assist
with effective implementation of the
rule, including a small entity
compliance guide. These materials are
available at https://
www.consumerfinance.gov/compliance/
compliance-resources/small-businesslending-resources/small-businesslending-collection-and-reportingrequirements. The CFPB is also
launching a dedicated regulatory and
technical support program that can
provide oral and written assistance in
response to stakeholder questions about
collection and reporting obligations, and
a range of technical resources to make
it easier to report data to the CFPB. The
support program and related materials
are available at https://
www.consumerfinance.gov/dataresearch/small-business-lending-data/.
To further assist covered financial
institutions that serve small business
customers in their preferred languages,
the CFPB will make the sample data
collection form available in several
languages. The CFPB is also planning to
develop resources to help small
businesses understand how their data
are treated, the availability of the
dataset, and the broader purposes of the
rule.
Use of technology partners and
industry consortia for accurate, costefficient data collection and reporting.
The final rule broadly permits financial
institutions to work with third parties,
including industry consortia, to develop
services and technologies to aid in
collecting and reporting data. So long as
they meet the obligations stated in the
rule, including collecting data in a
manner that does not discourage small
businesses from providing it, financial
institutions are free to work with third
parties to assist them with their
compliance obligations, whether that is
with respect to data collection,
maintenance or reporting. The CFPB
plans to work with consortia or other
entities seeking to assist financial
institutions to deploy industryidentified solutions. For example, the
CFPB plans to provide Application
Programming Interfaces in an opensource environment to assist financial
institutions’ technology partners to
develop accurate and efficient data
reporting tools.
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
35153
II. Background
Overview
As discussed above, in 2010, Congress
enacted the Dodd-Frank Act. Section
1071 of the Dodd-Frank Act, which
amended ECOA, requires financial
institutions to collect and report to the
CFPB data regarding applications for
credit for women-owned, minorityowned, and small businesses. Section
1071 was adopted for the dual purposes
of facilitating fair lending enforcement
and enabling communities,
governmental entities, and creditors to
identify business and community
development needs and opportunities of
such businesses. Section 1071
complements other Federal efforts to
ensure fair lending and to promote
community development for small
businesses, including through ECOA,
the Community Reinvestment Act of
1977 (CRA),10 and the Community
Development Financial Institutions
(CDFI) Fund.11
The collection and subsequent
publication of more robust and granular
data regarding credit applications for
small businesses will provide muchneeded transparency to the small
business lending market. The COVID–19
pandemic has shown that transparency
is essential, particularly at a time of
crisis, when small businesses are in
urgent need of credit to recover from
economic shocks.
In addition to informing
policymaking, data collected under the
final rule can help creditors identify
potentially profitable opportunities to
extend credit. As a result, small
business owners stand to benefit from
increased credit availability. More
transparency will also allow small
business owners to more easily compare
credit terms and evaluate credit
alternatives, helping them to find the
credit product that best suits their needs
at the best price. In these different ways,
the data will help stakeholders to
enhance business and community
development, boosting broad-based
economic activity and growth.
Furthermore, in the years and decades
to come, the collection and publication
of these data will be helpful in
identifying potential fair lending
violations and otherwise facilitating the
enforcement of anti-discrimination
laws.
Small businesses are a cornerstone of
the U.S. economy. There were over 33
million small businesses in the U.S. in
2019, employing almost half of all
private sector employees.12 Small
businesses, particularly start-ups, also
generated 62 percent of new jobs since
1995.13 Small businesses were hit hard
by two major shocks in the last two
decades. First, the Great Recession,
which began in 2007, disproportionately
affected small businesses.14 Between
2007 and 2009, employment at
businesses with under 50 employees fell
by 10.4 percent, compared with 7.5
percent at larger firms,15 while between
2008 and 2011, lending to small firms
fell by 18 percent, compared with 9
percent for all firms.16 Small businesses
suffered again because of the COVID–19
pandemic. Around 40 percent of small
businesses were at least temporarily
closed in late March and early April
2020, due primarily to demand shocks
and employee health concerns.17 Across
the first year of the pandemic, some
10 12
U.S.C. 2901 et seq.
Riegle Community Development Banking
and Financial Institutions Act of 1994, 12 U.S.C.
4701 et seq., authorized the Community
Development Financial Institution Fund (CDFI
Fund). The CDFI Fund is discussed in more detail
in part II.F.2.ii below.
11 The
PO 00000
Frm 00005
Fmt 4701
Sfmt 4700
12 Off. of Advocacy, Small Bus. Admin., 2022
Small Business Profile, at 2, 4 (Aug. 2022), https://
cdn.advocacy.sba.gov/wp-content/uploads/2022/
08/30121338/Small-Business-Economic-ProfileUS.pdf (estimating 33.2 million small businesses in
the United States, accounting for 46.4 percent of
employees) (2022 Small Business Profile).
13 Off. of Advocacy, Small Bus. Admin.,
Frequently Asked Questions About Small Business,
at 1 (Dec. 2021), https://cdn.advocacy.sba.gov/wpcontent/uploads/2021/12/06095731/SmallBusiness-FAQ-Revised-December-2021.pdf (SBA
OA 2021 FAQs). See generally Cong. Rsch. Serv.,
Small Business Administration and Job Creation
(updated Jan. 4, 2022), https://fas.org/sgp/crs/misc/
R41523.pdf (discussing small business job creation);
John Haltiwanger et al., Who Creates Jobs? Small
Versus Large Versus Young, 95 Rev. Econ. Stat. 347,
347–48 (May 2013), https://direct.mit.edu/rest/
article/95/2/347/58100/Who-Creates-Jobs-Smallversus-Large-versus-Young (finding that young
firms, which are generally small, contribute
disproportionately to both gross and net job
creation).
14 Jason Dietrich et al., CFPB, Data Point: Small
Business Lending and the Great Recession, at 9 (Jan.
23, 2020), https://files.consumerfinance.gov/f/
documents/cfpb_data-point_small-businesslending-great-recession.pdf (finding that small
business lending fell sharply during the Great
Recession and recovered slowly, still not reaching
pre-Recession levels by 2017).
15 Ays
¸egu¨l S
¸ ahin et al., Fed. Rsrv. Bank of N.Y.,
17 Current Issues in Econ. & Fin., Why Small
Businesses Were Hit Harder by the Recent
Recession, at 1 (2011), https://www.newyorkfed.org/
medialibrary/media/research/current_issues/ci174.pdf.
16 Rebel A. Cole, Off. of Advocacy, Small Bus.
Admin., How Did the Financial Crisis Affect Small
Business Lending in the United States?, at 25–26
(Nov. 2012), https://www.microbiz.org/wp-content/
uploads/2014/04/SBA-SmallBizLending-andFiscalCrisis.pdf.
17 Alexander W. Bartik et al., The Impact of
COVID–19 on Small Business Outcomes and
Expectations, 117 Proc. Nat’l Acad. Sci. 17656,
17656 (July 2020), https://www.pnas.org/content/
pnas/117/30/17656.full.pdf.
E:\FR\FM\31MYR2.SGM
31MYR2
35154
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
lotter on DSK11XQN23PROD with RULES2
200,000 more businesses exited the
market relative to historic levels.18 It
took until July 2021 for non-farm private
sector jobs at establishments with fewer
than 50 employees to recover to prepandemic levels.19 As of mid-2022,
small business loan approvals (other
than for government emergency
programs) still remained below prepandemic levels.20
During the last two decades, the small
business lending landscape has also
transformed. Traditional providers—
namely banks—consolidated, leading to
branch closures. The number of banks
in the U.S. has declined from over
18,000 in 1986 to under 4,800 as of June
30, 2022 and the number of branches
declined by 14 percent from 2009 to
2020.21 Meanwhile, new providers and
products, such as online lenders and
merchant cash advances, have become
increasingly prevalent in the small
business lending market. Financing by
merchant cash advance providers is
estimated to have increased from $8.6
18 Leland D. Crane et al., Bd. of Governors of the
Fed. Rsrv. Sys., Finance and Economics Discussion
Series, 2020–089, Business Exit During the COVID–
19 Pandemic: Non-Traditional Measures in
Historical Context, at 4 (2020), https://
www.federalreserve.gov/econres/feds/files/
2020089r1pap.pdf (estimating excess establishment
exits and analyzing other estimates of small
business exits during the pandemic). The paper
defines ‘‘exit’’ as permanent shutdown and
calculates ‘‘excess’’ exits by comparing the number
of exits during the 12-month period from March
2020 to February 2021 with previous years. Id. at
2–4. See also Ryan A. Decker & John Haltiwanger,
Bd. of Governors of the Fed. Rsrv. Sys., FEDS Notes,
Business Entry and Exit in the COVID–19
Pandemic: A Preliminary Look at Official Data
(May 6, 2022), https://www.federalreserve.gov/
econres/notes/feds-notes/business-entry-and-exitin-the-covid-19-pandemic-a-preliminary-look-atofficial-data-20220506.html (estimating excess
establishment exits to be roughly 181,000).
19 ADP Rsch. Inst., ADP National Employment
Report, https://adpemploymentreport.com/ (last
visited Mar. 20, 2023) (seasonally adjusted nonfarm private sector jobs at establishments with
between 1–49 employees as of July 1, 2021 as
compared to March 1, 2020).
20 Biz2Credit, Biz2Credit Small Business Lending
Index Finds April 2021 Non-PPP Loan Approval
Rates Move Little for All Types of Lenders (Apr.
2021), https://www.biz2credit.com/small-businesslending-index/april-2021; Biz2Credit, Biz2Credit
Small Business Lending Index Finds Business Loan
Approval Rates Rose at Small Banks, dipped at Big
Banks in July 2022 (July 2022), https://
www.biz2credit.com/small-business-lending-index/
july-2022 (approvals as of July 2022).
21 Cong. Rsch. Serv., Small Business Credit
Markets and Selected Policy Issues, at 6 (Aug. 20,
2019), https://fas.org/sgp/crs/misc/R45878.pdf
(decline since 1986); Fed. Deposit Ins. Corp.,
Quarterly Banking Profile, at 6 (Aug. 2022), https://
www.fdic.gov/analysis/quarterly-banking-profile/
qbp/2022jun/qbp.pdf (number of banks as of June
30, 2022); Bruce C. Mitchell et al., Nat’l Cmty.
Reinvestment Coal., Relationships Matter: Small
Business and Bank Branch Locations (Mar. 2021),
https://ncrc.org/relationships-matter-smallbusiness-and-bank-branch-locations/ (branch
closures).
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
billion in volume in 2014 to $15.3
billion in 2017.22 From 2017 to 2019,
the volume may have increased further
to $19 billion.23 Meanwhile, financing
provided by online ‘‘fintech’’ 24 lenders
is estimated to have increased from $1.4
billion 25 in outstanding balances in
2013 to approximately $25 billion 26 in
2019.
Regarding trends in the small
business financing landscape, the shift
away from traditional providers of small
business credit toward newer types of
providers gives rise to both potential
harm and opportunity. In terms of
potential harms, bank closures may
have made it more difficult for small
businesses, particularly those that are
already underserved, to access credit
and remain open—especially in lowand moderate-income areas and rural
communities. Newer providers, often
22 PYMNTS, How Long Can MCAs Avoid the
‘Loan’ Label? (Jan. 20, 2016), https://
www.pymnts.com/in-depth/2016/how-long-canmcas-avoid-the-loan-label/.
23 Paul Sweeney, Gold Rush: Merchant Cash
Advances are Still Hot, deBanked (Aug. 18, 2019),
https://debanked.com/2019/08/gold-rushmerchant-cash-advances-are-still-hot/. Although
the article does not specify one way or the other,
estimates by the underlying source, Bryant Park
Capital, appear to reference origination volumes
rather than outstanding balances. See Nimayi Dixit,
S&P Glob. Mkt. Intel., Payment Fintechs Leave
Their Mark On Small Business Lending (Aug. 28,
2018), https://www.spglobal.com/
marketintelligence/en/news-insights/research/
payment-fintechs-leave-their-mark-on-smallbusiness-lending. Depending on credit multiplier
effects, the value of annual origination volumes
could be smaller or greater than outstanding
balances. Without information on outstanding
balances and for the purposes of calculating a
market size for small business financing in 2019,
the Bureau assumes in this paper a 1:1 ratio
between annual origination volumes and
outstanding balances for merchant cash advance
products. See part II.D below for discussion of
credit multiplier effects and for market size
calculations for merchant cash advance and other
small business financing products in 2019.
24 ‘‘Fintechs’’ have been defined as ‘‘technology
companies providing alternatives to traditional
banking services, most often exclusively in an
online environment,’’ and may overlap in part with
other categories of financial institutions, such as
commercial finance companies and/or providers of
specialized products, including factoring and
merchant cash advances. Brett Barkley & Mark
Schweitzer, The Rise of Fintech Lending to Small
Businesses: Businesses’ Perspectives on Borrowing,
17 Int’l J. Cent. Banking 35, 35–36 (Mar. 2021),
https://www.ijcb.org/journal/ijcb21q1a2.pdf.
25 Id. (citing Katie Darden et al., S&P Glob. Mkt.
Intel., 2018 US Fintech Market Report, at 5, https://
www.spglobal.com/marketintelligence/en/
documents/2018-us-fintech-market-report.pdf (2018
US Fintech Market Report)). This figure annualizes
$121 million in estimated 2013 quarterly
originations to $484 million in annual originations
and scales up to estimated outstanding balances
using the ratio between the FFIEC Call Report and
the CRA data discussed in part II.D below.
26 2018 US Fintech Market Report at 6. This figure
scales up $9.3 billion in estimated 2019 credit
originations for small- to medium-sized enterprise
borrowers to outstanding balances using the ratio
methodology discussed in part II.D below.
PO 00000
Frm 00006
Fmt 4701
Sfmt 4700
offering newer products, have less
experience complying with both Federal
and State lending laws and regulations
than traditional providers. Differences
in funding models may also make nontraditional credit providers less resilient
than depository banks or credit unions
during shocks to the financial system
such as the onset of the COVID–19
pandemic.27 Additionally, they may use
complex algorithms and artificial
intelligence, which may create or
heighten ‘‘risks of unlawful
discrimination, unfair, deceptive, or
abusive acts or practices . . . or privacy
concerns.’’ 28 Opaque product terms and
high costs can also trap business owners
in cycles of debt. In terms of
opportunity, some newer approaches
may help applicants with low or
nonexistent personal or business credit
scores—including women and
minorities who own or seek to start
small businesses but on average have
lower personal credit scores than male
and white business owners 29—to access
credit.30 Non-traditional credit
providers as well as digital offerings by
traditional financial institutions may
also help offset decreases in lending
27 Itzhak Ben-David et al., Nat’l Bureau of Econ.
Res., Why Did Small Business Fintech Lending Dry
Up During March 2020, at 1–7 (Sept. 2021), https://
www.nber.org/system/files/working_papers/
w29205/w29205.pdf (discussing how nondepository
lenders faced a credit crunch in March 2020 that
impaired their ability to continue funding small
business borrowers despite increased demand due
to the COVID–19 shock).
28 86 FR 16837, 16839 (Mar. 31, 2021); see also
Rohit Chopra, CFPB, Remarks of Director Rohit
Chopra at a Joint DOJ, CFPB, and OCC Press
Conference on the Trustmark National Bank
Enforcement Action (Oct. 22, 2021), https://
www.consumerfinance.gov/about-us/newsroom/
remarks-of-director-rohit-chopra-at-a-joint-doj-cfpband-occ-press-conference-on-the-trustmarknational-bank-enforcement-action/ (discussing risks
of discriminatory bias from black box underwriting
algorithms).
29 Geng Li, Bd. of Governors of the Fed. Rsrv.
Sys., FEDS Notes: Gender-Related Differences in
Credit Use and Credit Scores (June 22, 2018),
https://www.federalreserve.gov/econres/notes/fedsnotes/gender-related-differences-in-credit-use-andcredit-scores-20180622.htm (finding that single
women on average have lower credit scores than
single men); Alicia Robb, Off. of Advocacy, Small
Bus. Admin., Minority-Owned Employer Businesses
and their Credit Market Experiences in 2017, at 4
(July 22, 2020), https://cdn.advocacy.sba.gov/wpcontent/uploads/2020/07/22172533/MinorityOwned-Employer-Businesses-and-their-CreditMarket-Experiences-in-2017.pdf (finding that Black
and Hispanic small business borrowers are
disproportionately denied credit or discouraged
from applying for credit on the basis of their credit
score).
30 See Jessica Battisto et al., Who Benefited from
PPP Loans by Fintech Lenders?, Liberty St. Econ.
(May 27, 2021), https://libertystreeteconomics.
newyorkfed.org/2021/05/who-received-ppp-loansby-fintech-lenders.html (Who Benefited from PPP
Loans) (showing that online lenders were an
important source of credit for Black owners during
the COVID–19 pandemic.
E:\FR\FM\31MYR2.SGM
31MYR2
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
lotter on DSK11XQN23PROD with RULES2
associated with the closure of bank
branches.31
The precise impacts of these broader
trends are not well understood at
present because there are no
comprehensive, comparable, and
application-level data across the
fragmented and complex small business
lending market. Some small business
lending data exist, provided in data
reported to Federal regulators, but
available data are incomplete in certain
ways. Some do not include lending by
certain categories of institutions, such as
smaller depository institutions. And
none include lending by nondepository
institutions, which comprises almost
half of all small business financing.32
The datasets that do exist both overand underestimate small business
lending in certain respects by including
small dollar loans to non-small
businesses and by excluding larger
loans to small businesses.33 Further,
these datasets almost exclusively
concern originated loans; they do not
include information on applications that
do not result in originated loans. Nor do
they generally include borrower
demographics. Other public, private,
and nonprofit datasets offer only partial
snapshots of particular areas of the
market. Finally, much of the publicly
available data are aggregated, which
does not permit more granular, loan- or
application-level analysis that would
facilitate fair lending or business and
community development analysis by
stakeholders other than those that
collected the data. See part II.B below
for a detailed discussion on existing
data on small business financing.
The remainder of this part II focuses
on several broad topics that explain, in
31 See Cong. Rsch. Serv., Fintech: Overview of
Innovative Financial Technology and Selected
Policy Issues, at 1 (Apr. 28, 2020), https://
crsreports.congress.gov/product/pdf/R/R46332.
32 The Bureau estimates that nondepository
private business financing totaled approximately
$550 billion out of around $1.2 trillion in total
private outstanding balances in 2019 (47 percent).
This $550 billion figure includes estimated
financing by fintechs (around $25 billion),
commercial finance companies (around $160
billion), nondepository CDFIs (around $1.5 billion),
merchant cash advance providers (around $19
billion), factors (around $100 billion), equipment
leasing providers (around $160 billion),
nondepository mortgage lenders originating loans
for 5+ unit residential developments (around $30
billion), and non-financial trade creditors (around
$50 billion). There may additionally be lending that
is not captured here by equipment and vehicle
dealers originating loans in their own names. Public
lenders include SBA, the Federal Housing
Administration, Fannie Mae and Freddie Mac, and
the Farm Credit System, with public lending
totaling around $210 billion in traditional lending
programs plus $1 trillion in emergency COVID–19
SBA lending programs. See part II.D below for
methodology and sources regarding market size
estimates for each lending category.
33 See part II.B below.
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
more detail, the need for the small
business lending data that the CFPB’s
rule to implement section 1071 will
provide: (A) improved understanding of
the role of small businesses in the U.S.
economy; (B) existing data on small
business financing; (C) the landscape of
small business financing; (D) estimating
the size of the small business financing
market despite limited data; (E) the
particular challenges faced by womenowned, minority-owned, and LGBTQI+owned small businesses; and (F) the
purposes and impact of section 1071.
A. Small Businesses in the United States
Small businesses are an important,
dynamic, and widely diverse part of the
U.S. economy. They are critical to
employment, innovation, and economic
growth and stability, both overall and
specifically for minority, women, and
LGBTQI+ entrepreneurs.
The Small Business Act, as
implemented by the Small Business
Administration (SBA), defines a small
business using size standards that
generally hinge on the average number
of employees or average annual receipts
of the business concern and are
customized industry by industry across
1,012 six-digit North American Industry
Classification System (NAICS) codes.34
Size standards based on average number
of employees are used in all industries
in the manufacturing and wholesale
trade sectors, as well as in certain
industries across a variety of other
sectors. Employee-based size standards
range from 100 employees (used almost
entirely in certain industries within the
wholesale trade sector) to 1,500
employees (used in industries across a
variety of sectors including, for
example, petroleum refineries,
automobile manufacturing, and greeting
card publishers).35 Size standards based
on average annual receipts are used in
nearly all other industries, and range
from $2.25 million (used in several
industries in the crop production and
animal production and aquaculture
subsectors) to $47 million (used in
industries across a variety of sectors
including, for example, passenger car
leasing, television broadcasting, and
general medical and surgical
hospitals).36
34 See Small Bus. Admin., Table of Small
Business Size Standards Matched to North
American Industry Classification System Codes
(effective Mar. 17, 2023), https://www.sba.gov/sites/
default/files/2023-03/Table%20of%20Size
%20Standards_Effective%20March%2017
%2C%202023%20%281%29%20%281%29_0.pdf.
35 See id.
36 A small number of industries use a size
standard based on a metric other than average
annual receipts or average number of employees.
For example, the commercial banking industry
PO 00000
Frm 00007
Fmt 4701
Sfmt 4700
35155
Simpler definitions of what
constitutes a small business are used in
certain contexts. For example, in certain
annual research releases the SBA Office
of Advocacy defines a small business as
one that has fewer than 500
employees.37 According to the Office of
Advocacy, and based on this definition
of a small business, in 2018 there were
32.5 million such businesses in the U.S.
that represent 99.9 percent of all U.S.
firms and employ over 60 million
Americans.38 Over six million of these
small businesses have paid employees,
while 26.5 million are non-employer
businesses (i.e., the owner(s) are the
only people involved in the business).39
From 1995 to 2020, small businesses,
particularly young businesses and startups, created 12.7 million net new jobs
in the U.S., while large businesses
created 7.9 million.40
Nearly one third of all businesses are
minority-owned and more than one
third are women-owned, though
minorities and women own a smaller
share of employer firms. As of 2019,
minorities owned around 1.1 million
employer firms in the U.S. (amounting
to 18.7 percent of all employer firms) 41
and, as of 2018, approximately 8.7
million non-employer firms (33.6
percent of all non-employer firms).42
Likewise, as of 2019, women owned
about 1.2 million employer firms (20.9
percent of all employer firms) 43 and, as
of 2018, approximately 10.9 million
non-employer firms (41.0 percent of all
non-employer firms).44 Additionally, in
(NAICS 522110) is subject to an asset-based size
standard. See id.
37 See SBA OA 2021 FAQs at 1.
38 See id.
39 See id.
40 See id.; see also Haltiwanger et al., 95 Rev.
Econ. Stat. at 347–48 (finding that young firms,
which are generally small, contribute
disproportionately to both gross and net job
creation).
41 See Press Release, U.S. Census Bureau, Census
Bureau Releases New Data on Minority-Owned,
Veteran-Owned and Women-Owned Businesses
(Oct. 28, 2021), https://www.census.gov/newsroom/
press-releases/2021/characteristics-of-employerbusinesses.html (Census Bureau 2021 Minority- and
Women-Owned Businesses Data).
42 Minority Bus. Dev. Agency, U.S. Dep’t of Com.,
All Minority-Owned Firms: Fact Sheet (June 10,
2022), https://www.mbda.gov/sites/default/files/
2022-06/All%20Minority%20Owned%20Firms
%20Fact%20Sheet%20-%20FINAL%206.10.
2022.pdf (stating that the nearly 8.7 million
minority non-employer firms in the U.S. generated
$306.1 billion in revenues in 2018).
43 See Census Bureau 2021 Minority- and
Women-Owned Businesses Data.
44 See Press Release, U.S. Census Bureau,
Nonemployer Statistics by Demographics (Dec. 16,
2021), https://www.census.gov/newsroom/pressreleases/2021/nonemployer-statistics-bydemographics.html (also stating that these firms
collectively generated $300 billion in annual
receipts). In 2017, nearly half of all women-owned
E:\FR\FM\31MYR2.SGM
Continued
31MYR2
35156
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
lotter on DSK11XQN23PROD with RULES2
2016 there were an estimated 1.4
million LGBTQI+ business owners in
the United States.45
Businesses are legally structured in
several ways. In 2018, 87 percent of
non-employer businesses were sole
proprietorships, which means that the
business is not distinguishable from the
owner for tax and legal purposes; the
owner receives profits directly but is
also legally responsible for the
business’s obligations.46 Seven percent
of non-employer businesses were
partnerships, which can be structured to
limit the personal liability of some or all
owners; limited partners may exchange
control for limited liability, while
general partners that run the business
may remain personally liable.47 Six
percent of non-employer businesses
were structured as corporations—4.5
percent are S-corporations and 1.5
percent are C-corporations—which are
independent legal entities owned by
shareholders who are not personally
liable for the corporation’s obligations.48
In 2018, most small employer
businesses were corporations, with 52.1
percent choosing to be S-corporations
and 15.3 percent preferring Ccorporation status, although sole
proprietorship and partnership
structures remained relatively popular
at 13.7 percent and 11.9 percent,
respectively.49 By contrast, in 2017, 74.2
percent of large employer businesses
chose to be C-corporations, with 9.3
percent preferring a partnership
structure and 8.1 percent S-corporation
status.50
Small businesses are particularly
important in specific sectors of the
economy. In 2019, in the services sector,
small businesses supplied 9.2 million
healthcare and social services jobs (44
percent of all healthcare and social
services jobs), 8.8 million
accommodation and food services jobs
non-employer firms generated less than $10,000 in
annual receipts, while only 0.05 percent generated
$1 million or more in receipts. See Press Release,
Nat’l Women’s Bus. Council, NWBC Shares 2017
Nonemployer Statistics by Demographics Estimates
for Women-Owned Businesses (Dec. 17, 2020),
https://www.nwbc.gov/2020/12/17/nwbc-shares2017-nonemployer-statistics-by-demographicsestimates-for-women-owned-businesses/.
45 Nat’l Gay & Lesbian Chamber of Com.,
America’s LGBT Economy: The Premiere Report on
the Impact of LGBT-Owned Businesses, at 2 (Jan.
2017), https://nglcc.org/wp-content/uploads/2022/
02/REPORT-NGLCC-Americas-LGBT-Economy-11.pdf.
46 See SBA OA 2021 FAQs at 3.
47 Id. at 4.
48 Id.
49 Id.
50 Off. of Advocacy, Small Bus. Admin.,
Frequently Asked Questions About Small Business,
at 4 (Oct. 2020), https://cdn.advocacy.sba.gov/wpcontent/uploads/2020/11/05122043/SmallBusiness-FAQ-2020.pdf (SBA OA 2020 FAQs).
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
(61 percent), and 5.7 million
construction jobs (81 percent).51 In the
same year, in manufacturing, small
businesses supplied 5.1 million
manufacturing jobs (42 percent of all
manufacturing jobs).52 Finally, in 2016,
family farms with annual gross sales
under $500,000 totaled over 91 percent
out of 2.2 million farms,53 and small
businesses provided over 137,000
agriculture, forestry, fishing and hunting
jobs (84 percent of all agriculture,
forestry, fishing and hunting jobs).54 As
such, the financial health of small
businesses is essential to the U.S.
economy, especially to the supply of
critical and basic goods and services—
from producing food to serving it at
restaurants, and from home building to
healthcare.
Small businesses were especially
hard-hit by the onset of the COVID–19
pandemic. At one point in the pandemic
in April 2020, 20 percent of selfemployed workers had temporarily
exited the labor market.55 Industries in
which small businesses played a large
role have been particularly impacted.
For example, comparing April 2020
with April 2019, employment declined
by almost 50 percent in the leisure and
hospitality businesses (also declining by
almost 50 percent among food services
and drinking establishments within the
leisure and hospitality industry), in
which small businesses employ over 60
percent of workers.56 Women-,
minority-, and LGBTQI+-owned small
businesses were hit particularly hard.
Between February and April 2020, some
373,000 jobs were lost in child daycare
51 See
2022 Small Business Profile at 4.
52 Id.
53 Nat’l Inst. of Food & Agric., U.S. Dep’t of Agric.,
Family Farms, https://nifa.usda.gov/family-farms
(last visited Mar. 20, 2023) (classifying family farms
as any farm organized as a sole proprietorship,
partnership, or family corporation. Family farms
exclude farms organized as non-family corporations
or cooperatives, as well as farms with hired
managers).
54 2022 Small Business Profile at 4.
55 Daniel Wilmoth, Off. of Advocacy, Small Bus.
Admin., The Effects of the COVID–19 Pandemic on
Small Businesses (Issue Brief No. 16), at 5 (Mar.
2021), https://cdn.advocacy.sba.gov/wp-content/
uploads/2021/03/02112318/COVID-19-Impact-OnSmall-Business.pdf.
56 Id. at 4. By the third quarter of 2020 many of
these jobs had since returned as mandatory closure
orders ended and the economy began to recover. Cf.
Robert W. Fairlie et al., Nat’l Bureau of Econ. Res.,
Were Small Businesses More Likely to Permanently
Close in the Pandemic, at 3, 14 (July 2022), https://
www.nber.org/system/files/working_papers/
w30285/w30285.pdf (finding a sharp increase in
California business closures in the first and second
quarters of 2020 that reversed in the third quarter
of 2020). However, small businesses still appear to
have suffered more than large businesses. See id.
(finding that small businesses experienced
substantially higher closure rates than large
businesses).
PO 00000
Frm 00008
Fmt 4701
Sfmt 4700
services, a sector in which womenownership predominates and minorityownership is very significant. Only 54
percent of these jobs were recovered by
the end of 2020.57 In 2021, 85 percent
of LGBTQI+-owned small businesses
reported the pandemic was having a
negative effect on their business,
compared to 76 percent of nonLGBTQI+-owned small businesses.58
Since 2022, small businesses have faced
different economic shocks, including
inflation and a shortage of labor, as the
economy reopened and resurgent
consumer demand has stretched stillfragile supply chains.59
B. Existing Data on Small Business
Lending
While small businesses are a critical
part of the U.S. economy and require
financial support, it is still true—as it
was in 2017 when the CFPB published
its White Paper on small business
lending—that it is not possible with
current data to confidently answer basic
questions regarding the state of small
business lending. This limitation is
especially the case with regard to the
ethnicity, race, and sex of small
business owners, applications as
opposed to originations, and for small
business financing products that are not
currently reported in Call Report data.60
Data on small business lending are
fragmented, incomplete, and not
standardized, making it difficult to
57 Bureau of Labor Stat., COVID–19 Ends Longest
Employment Recovery and Expansion in CES
History, Causing Unprecedented Job Losses in 2020
(June 2021), https://www.bls.gov/opub/mlr/2021/
article/covid-19-ends-longest-employmentexpansion-in-ces-history.htm. An estimated 90
percent of childcare businesses are women-owned
and over half of these owners are minority women.
Cindy Larson & Bevin Parker-Cerkez, Investing in
Child Care Fuels Women-owned Businesses &
Racial Equity, Loc. Initiatives Support Corp. (Mar.
8, 2022), https://www.lisc.org/our-stories/story/
investing-child-care-fuels-women-ownedbusinesses-racial-equity/.
58 Spencer Watson et al., LGBTQ-Owned Small
Businesses in 2021, Ctr. for LGBTQ Econ.
Advancement & Rsch. And Movement
Advancement Project, at 9 (July 2022), https://
www.lgbtmap.org/file/LGBTQ-Small-Businesses-in2021.pdf (using data from the Federal Reserve’s
Small Business Credit Survey, which began
collecting demographic data on LGBTQ small
business ownership in 2021).
59 See William C. Dunkelberg & Holly Wade,
Small Business Economic Trends, Nat’l Fed’n of
Indep. Bus., at 2, 11, 19 (Aug. 2022), https://
assets.nfib.com/nfibcom/SBET-August-2022.pdf
(finding that, out of 622 small businesses polled, 29
percent considered inflation their biggest problem,
49 percent had at least one unfilled job opening,
and 32 percent reported that supply chain
disruptions had a significant impact on their
business).
60 CFPB, Key dimensions of the small business
lending landscape, at 39–40 (May 2017), https://
files.consumerfinance.gov/f/documents/201705_
cfpb_Key-Dimensions-Small-Business-LendingLandscape.pdf (White Paper).
E:\FR\FM\31MYR2.SGM
31MYR2
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
lotter on DSK11XQN23PROD with RULES2
conduct meaningful comparisons across
products and over time. Against this
background, it is not hard to see why
Congress believed that the collection of
small business application data would
serve to identify business and
community development needs and
opportunities. The lack of data hinders
attempts by policymakers and other
stakeholders to understand the size,
shape, and dynamics of the small
business lending marketplace, including
the interaction of supply and demand,
as well as potentially problematic
lending practices, gaps in the market, or
trends in funding that may be holding
back some communities.61 For example,
absent better data, it is hard to
determine if relatively lower levels of
bank loans to small businesses in the
decade before the pandemic began were
reflective of a net relative decline in
lending to small businesses as compared
to large businesses or rather a shift
within small business lending from
banks to nondepository lenders.62 To
the extent there may have been a
relative decline, it is difficult to assess
if that decline affected certain types of
small businesses more than others,
including women-owned and minorityowned small businesses.63
The primary sources of information
on lending by depository institutions
are the Federal Financial Institutions
Examination Council (FFIEC) and
National Credit Union Administration
(NCUA) Consolidated Reports of
Condition and Income (Call Reports), as
well as reporting under the Community
Reinvestment Act (CRA). Under the
FFIEC and CRA reporting regimes, small
loans to businesses of any size are used
in whole or in part as a proxy for loans
to small businesses. The FFIEC Call
Report captures banks’ outstanding
number and amount of small loans to
businesses (that is, loans originated
under $1 million to businesses of any
size; small loans to farms are those
61 While Call Report and CRA data provide some
indication of the level of supply of small business
credit, the lack of data on small business credit
applications makes demand for credit by small
businesses more difficult to assess, including with
respect to local markets or protected classes.
62 Rebel A. Cole, Off. of Advocacy, Small Bus.
Admin., How Did Bank Lending to Small Business
in the United States Fare After the Financial Crisis?,
at 26 (Jan. 2018), https://cdn.advocacy.sba.gov/wpcontent/uploads/2019/05/09134658/439-How-DidBank-Lending-to-Small-Business-Fare.pdf (showing
a decline in bank loans to small businesses from
2008 to 2015 from $710 billion to $600 billion). The
level of bank lending to small businesses has
recovered somewhat since a trough in 2012–13 that
represented the lowest amount of lending since
2005. Fed. Deposit Ins. Corp., Quarterly Banking
Profile, https://www.fdic.gov/analysis/quarterlybanking-profile/qbp/timeseries/small-businessfarm-loans.xlsx (last visited Mar. 20, 2023).
63 White Paper at 40.
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
originated under $500,000).64 The CRA
currently requires banks and savings
associations with assets over a specified
threshold to report loans in original
amounts of $1 million or less to
businesses; reporters are asked to
indicate whether the borrower’s gross
annual revenue is $1 million or less, if
they have that information.65 The
NCUA Call Report captures data on all
loans over $50,000 to members for
commercial purposes, regardless of any
indicator about the business’s size.66
There are no similar sources of
information about lending to small
businesses by nondepository
institutions. The SBA also releases loanlevel data concerning some of its loan
programs, but these typically do not
include demographic information, and
cover only a small portion of the overall
small business financing market.
These public data sources provide
some of the most extensive information
currently available on small business
lending. However, they suffer from four
material limitations: namely that the
data capture only parts of the market,
are published at a high level of
aggregation, do not permit detailed
analysis across the market, and lack
standardization across different
agencies.
First, these datasets exclude entire
categories of lenders. For example,
banks under $1.384 billion in assets, as
of 2022, do not have to report under the
CRA.67 The FFIEC and NCUA Call
Reports and CRA data do not include
64 See Fed. Fin. Insts. Examination Council,
Reporting Forms 31, 41, and 51 (last updated Mar.
16, 2023), https://www.ffiec.gov/ffiec_report_
forms.htm (FFIEC Call Report).
65 See Fed. Fin. Insts. Examination Council, A
Guide to CRA Data Collection and Reporting, at 11,
13 (2015), https://www.ffiec.gov/cra/pdf/2015_
CRA_Guide.pdf (2015 FFIEC CRA Guide). Small
business loans are currently defined for CRA
purposes as loans whose original amounts are $1
million or less and that were reported on the
institution’s Call Report or Thrift Financial Report
as either ‘‘Loans secured by nonfarm or
nonresidential real estate’’ or ‘‘Commercial and
industrial loans.’’ Small farm loans are currently
defined for CRA purposes as loans whose original
amounts are $500,000 or less and were reported as
either ‘‘Loans to finance agricultural production
and other loans to farmers’’ or ‘‘Loans secured by
farmland.’’ Id. at 11. The Federal agencies
responsible for implementing the CRA have
proposed to amend the CRA regulations to adopt
the Bureau’s definition of small business. 87 FR
33884 (June 3, 2022).
66 See Nat’l Credit Union Admin., Call Report
Form 5300 Instructions, at 74–84 (Mar. 31, 2022),
https://www.ncua.gov/files/publications/
regulations/call-report-instructions-march-2022.pdf
(Call Report Form 5300 Instructions).
67 Joint Press Release, Bd. of Governors of the Fed.
Rsrv. Sys. & Fed. Deposit Ins. Corp., Agencies
Release Annual Asset-Size Thresholds Under
Community Reinvestment Act Regulations (Dec. 16,
2021), https://www.federalreserve.gov/newsevents/
pressreleases/bcreg20211216a.htm.
PO 00000
Frm 00009
Fmt 4701
Sfmt 4700
35157
lending by nondepository financial
institutions, which the CFPB estimates
to represent 37 percent of the small
business financing market and is rapidly
growing.68
Second, Federal agencies publish
summary data at a high level in a
manner that does not facilitate
independent analysis by other agencies
or stakeholders. The FFIEC and NCUA
Call Reports and the CRA data are all
available at a higher level of aggregation
than loan-level, limiting fair lending
and detailed geographic analyses since
ethnicity, race, and sex as well as
business location data are rarely
disclosed.
Third, the detailed data collected by
these Federal sources have significant
limitations as well, preventing any
analysis into certain issues or types of
borrowers, even by the regulators
possessing these data. Neither Call
Report nor CRA data include
applications, which limits insights into
any potential discrimination or
discouragement in application processes
as well as into the interaction between
credit supply and demand. The FFIEC
Call Report and CRA data separately
identify loans of under $1 million in
value and, among loans of under $1
million in value, CRA data also identify
loans to businesses with annual
revenues of $1 million or less (if the
lender collects borrower revenue
information).69 However, the Call
Report definition of ‘‘small business
loans’’ as those with a loan size of $1
million or less at origination is both
overinclusive, as it counts small loans to
businesses of all sizes, and
underinclusive, as it excludes loans
over $1 million made to small
businesses. Credit unions report any
loans under $50,000 as consumer loans
and not as commercial loans on the
NCUA Call Report,70 potentially
excluding from measurement an
important source of funding for many
small businesses, particularly the
smallest and often most underserved.
Finally, the Federal sources of small
business lending data are not
68 Nondepository lending is estimated to total
approximately $550 billion out of $1.5 trillion in
total lending, excluding $1 trillion in COVID–19
emergency program lending. See part II.D below
(providing a detailed breakdown and methodology
of estimates across lending products).
69 Fed. Fin. Insts. Examination Council, Schedule
RC–C, Part II Loans to Small Businesses and Farms
(2017), at 1, https://www.fdic.gov/regulations/
resources/call/crinst-031-041/2017/2017-03-rcc2.pdf (detailing the Call Report loan size threshold
of $1 million at origination for loans to small
businesses); 2015 FFIEC CRA Guide at 11 (detailing
the CRA size thresholds of $1 million both for loan
amount at origination and for revenue of small
business borrowers).
70 Call Report Form 5300 Instructions at 44.
E:\FR\FM\31MYR2.SGM
31MYR2
35158
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
lotter on DSK11XQN23PROD with RULES2
standardized across agencies and cannot
be easily compared. For example, as
noted above, the FFIEC Call Report
collects small loans to businesses as a
proxy for small business lending,
whereas the NCUA Call Report collects
loans to members for commercial
purposes above $50,000 but with no
upper limit. The loan-level data for the
Paycheck Protection Program offer an
unprecedented level of insight into
small business lending, but this dataset
is a one-off snapshot into the market for
a specific lending program at an acute
moment of crisis and is also limited in
utility by relatively low response levels
to demographic questions concerning
borrowers.71
The Federal government also
conducts and releases a variety of
statistics, surveys, and research reports
on small business lending through the
member banks for the Federal Reserve
System, the FDIC, CDFI Fund, and the
U.S. Census Bureau. These data sources
offer insights into broad trends and
specific small business lending issues
but are less useful for detailed fair
lending analyses or identification of
specific areas, industries, or
demographic groups being underserved.
Periodic changes in survey
methodology, sample sizes, and
questions can also limit comparability
and the ability to track developments
over time.
There are also a variety of nongovernmental data sources, issued by
both private and nonprofit entities, that
cover small businesses and/or the small
business financing market. These
include datasets and surveys published
by commercial data and analytics firms,
credit reporting agencies, trade
associations, community groups, and
academic institutions. Certain of these
data sources are publicly available and
track specific topics, such as small
business optimism,72 small business
employment,73 rates of small business
71 Zachary Warmbrodt, Tracking the Money: Bid
to Make Business Rescue More Inclusive Undercut
by Lack of Data, Politico (Mar. 2, 2021), https://
www.politico.com/news/2021/03/02/businessesinclusive-coronavirus-relief-money-data-472539
(reporting that 75 percent of Paycheck Protection
Program loan recipients did not report their
ethnicity and 58 percent did not reveal their
gender); see also Rachel Atkins et al.,
Discrimination in Lending? Evidence from the
Paycheck Protection Program, 58 Small Bus. Econ.
843, 844 (Feb. 2022), https://link.springer.com/
article/10.1007/s11187-021-00533-1 (finding that
borrower business owner race was reported for only
10 percent of Paycheck Protection Program loans).
72 Nat’l Fed’n of Indep. Bus., Small Business
Optimism Index (July 2022), https://www.nfib.com/
surveys/small-business-economic-trends/.
73 ADP Rsch. Inst., Employment Reports, https://
adpemploymentreport.com/ (last visited Mar. 20,
2023).
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
credit application approvals,74 and
small business lending and delinquency
levels.75 Other databases have more
granularity and provide detailed
information on individual businesses,
including revenue, credit utilization,
industry, and location.76
While these non-public sources of
data on small businesses may provide a
useful supplement to existing Federal
sources of small business lending data,
these private and nonprofit sources
often do not have lending information,
may rely in places on unverified selfreporting or research based on public
internet sources, and/or narrowly limit
use cases for parties accessing data.
Further, commercial datasets are
generally not free to public users and
can be costly as well as have restrictions
on their use, raising equity issues for
stakeholders who cannot afford access
or are not permitted to use the data for
their desired purposes.
C. The Landscape of Small Business
Finance
Notwithstanding the lack of data on
the market, it is clear that financing
plays an important role in enabling
small businesses to grow and contribute
to the economy. When it is available,
financing not only provides resources
for small businesses to smooth cash
flows for current operations, but also
affords business owners the opportunity
to invest in business growth. A study by
a small business trade group found a
correlation between small business
owners’ ability to access credit and their
ability to hire.77 This same study found
that, while not the sole cause, the
inability to secure financing may have
led 16 percent of small businesses to
reduce their number of employees and
approximately 10 percent of small
businesses to reduce employee benefits.
Lack of access to financing also
contributed to a further 10 percent of
small businesses being unable to
increase store inventory in order to meet
existing demand.78
To support their growth or to make it
through harder times, small businesses
74 Biz2Credit, Biz2Credit Small Business Lending
Index, https://www.biz2credit.com/small-businesslending-index (last visited Mar. 20, 2023).
75 PayNet, Small Business Lending Index, https://
sbinsights.paynetonline.com/lending-activity/ (last
visited Mar. 20, 2023).
76 See, e.g., Dun & Bradstreet, https://
www.dnb.com/ (data provider and credit reporter);
Data Axle, https://www.data-axle.com/ (data
provider); Equifax, https://www.equifax.com/
business/product/business-credit-reports-smallbusiness/ (credit reporter); Experian, https://
www.experian.com/small-business/business-creditreports (credit reporter).
77 White Paper at 17.
78 Id.
PO 00000
Frm 00010
Fmt 4701
Sfmt 4700
look to a variety of funding sources.
Especially when starting out,
entrepreneurs often rely on their own
savings and help from family and
friends. If a business generates a profit,
its owners may decide to reinvest
retained earnings to fund further
growth. However, for many aspiring
business owners—and their personal
networks—savings and retained
earnings may not be sufficient to fund
a new venture or grow it, leading
owners to seek other sources of funding.
This is particularly true for minority
households and women-led households,
which on average have less wealth than
white households and male-led
households.79
One such source of funding comes
from others besides family and friends,
whether high net worth individuals or
‘‘angel investors,’’ venture capital funds,
or, in a more recent development
usually facilitated by online platforms,
via crowdsourcing from retail investors.
Often, these early investments take the
form of equity funding, which business
owners are not obligated to repay to
investors. However, equity funding
requires giving up some ownership and
control to investors, which some
entrepreneurs may not wish to do. For
small businesses, equity funding also
tends to be somewhat more expensive
than debt financing in the long run. This
is for a number of reasons, including
that loan interest payments, unlike
capital gains, are tax-deductible.80
Finally, equity investments from others
besides family and friends are available
to only a small fraction of small
businesses.
Many small businesses instead seek
debt financing from a wide range of
79 Emily Moss et al., The Black-White Wealth Gap
Left Black Households More Vulnerable, Brookings
Inst. (Dec. 8, 2020), https://www.brookings.edu/
blog/up-front/2020/12/08/the-black-white-wealthgap-left-black-households-more-vulnerable/
(detailing wealth gaps in 2019 by race and sex that
show white male households with more wealth
than white female or Black male or female
households at all age brackets). See also Erin Ruel
& Robert Hauser, Explaining the Gender Wealth
Gap, 50 Demography 1155, 1165 (Dec. 2012),
https://read.dukeupress.edu/demography/article/
50/4/1155/169553/Explaining-the-Gender-WealthGap (finding a gender wealth gap of over $100,000
in a longitudinal study over 50 years of a single age
cohort in Wisconsin); Neil Bhutta et al., Bd. of
Governors of the Fed. Rsrv. Sys., Disparities in
Wealth by Race and Ethnicity in the 2019 Survey
of Consumer Finances (Sept. 28, 2020), https://
www.federalreserve.gov/econres/notes/feds-notes/
disparities-in-wealth-by-race-and-ethnicity-in-the2019-survey-of-consumer-finances-20200928.htm
(finding median white family wealth in 2019 of
$188,200 compared with $24,100 for Black families
and $36,100 for Hispanic families).
80 Jim Woodruff, The Advantages and
Disadvantages of Debt and Equity Financing,
CHRON (updated Mar. 4, 2019), https://
smallbusiness.chron.com/advantagesdisadvantages-debt-equity-financing-55504.html.
E:\FR\FM\31MYR2.SGM
31MYR2
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
lotter on DSK11XQN23PROD with RULES2
providers. These providers include
depository institutions, such as banks,
savings associations, and credit
unions,81 as well as online lenders and
commercial finance companies,
specialized providers of specific
financing products, nonprofits, and a
range of government and governmentsponsored enterprises, among others.
In the past, small businesses
principally sought credit from banks;
however, as banks have merged and
consolidated, particularly in the wake of
the Great Recession, they have provided
less financing to small businesses.82 As
noted earlier, the number of banks has
declined significantly since a post-Great
Depression peak in 1986 of over 18,000
institutions to under 4,800 institutions
as of June 30, 2022,83 while 13,500
branches closed from 2009 to mid-2020,
representing a 14 percent decrease.84
Although nearly half of counties either
gained bank branches or retained the
same number between 2012 and 2017,
the majority lost branches over this
period.85 Out of 44 counties that were
81 For purposes of this document, the Bureau is
using the term depository institution to mean any
bank or savings association defined by section
3(c)(1) of the Federal Deposit Insurance Act, 12
U.S.C. 1813(c)(1), or credit union defined pursuant
to the Federal Credit Union Act, as implemented by
12 CFR 700.2. The Bureau notes that the DoddFrank Act defines a depository institution to mean
any bank or savings association defined by the
Federal Deposit Insurance Act; there, that term does
not encompass credit unions. 12 U.S.C.
5301(18)(A), 1813(c)(1). The Bureau is referring to
banks and savings associations together with credit
unions as depository institutions throughout this
document, unless otherwise specified, to facilitate
analysis and discussion.
82 Rebel A. Cole, Off. of Advocacy, Small Bus.
Admin., How Did Bank Lending to Small Business
in the United States Fare After the Financial Crisis?,
at 26 (Jan. 2018), https://cdn.advocacy.sba.gov/wpcontent/uploads/2019/05/09134658/439-How-DidBank-Lending-to-Small-Business-Fare.pdf (showing
a decline in bank loans to small businesses from
2008 to 2015 from $710 billion to $600 billion). The
level of bank lending to small businesses has
recovered somewhat since a trough in 2012–13 that
represented the lowest amount of lending since
2005. Fed. Deposit Ins. Corp., https://www.fdic.gov/
analysis/quarterly-banking-profile/qbp/timeseries/
small-business-farm-loans.xlsx (last visited Mar. 20,
2023).
83 Cong. Rsch. Serv., Small Business Credit
Markets and Selected Policy Issues, at 6 (Aug. 20,
2019), https://fas.org/sgp/crs/misc/R45878.pdf
(decline since 1986); Fed. Deposit Ins. Corp.,
Quarterly Banking Profile, at 7 (Aug. 2022), https://
www.fdic.gov/analysis/quarterly-banking-profile/
qbp/2022jun/qbp.pdf (number of banks as of June
30, 2022).
84 Bruce C. Mitchell et al., Nat’l Cmty.
Reinvestment Coal., Relationships Matter: Small
Business and Bank Branch Locations, at 6 (2020),
https://ncrc.org/relationships-matter-smallbusiness-and-bank-branch-locations/ (stating that
in 2009 there were 95,596 brick and mortar fullservice branches or retail locations but, as of June
30, 2020, that number had fallen to 82,086).
85 Bd. of Governors of the Fed. Rsrv. Sys.,
Perspectives from Main Street: Bank Branch Access
in Rural Communities, at 1, 3–4, 19 (Nov. 2019),
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
deeply affected by branch closures,
defined as having 10 or fewer branches
in 2012 and seeing five or more of those
close by 2017, 39 were rural counties.86
Of rural counties, just over 40 percent
lost bank branches in that period; the
rural counties that experienced
substantial declines in bank branches
tend to be lower-income and with a
higher proportion of African American
residents relative to other rural
counties,87 raising concerns about equal
access to credit.
As banks have merged and the
number of branches reduced, the share
of banking assets has also become
increasingly concentrated in the largest
institutions, with banks of over $10
billion in assets representing 86 percent
of all industry assets in 2021, totaling
$20.3 trillion out of $23.7 trillion.88
Nevertheless, banks of under $10 billion
in assets continue to hold
approximately half of all small business
loans (using the FFIEC Call Report
definition of loans of under $1 million),
highlighting the importance of smaller
banks to the small business lending
market.89 Since smaller bank credit
approvals have traditionally been close
to 50 percent, while large banks approve
only 25–30 percent of applications,
bank consolidation may have
implications for small business credit
access.90 Since institutions under
https://www.federalreserve.gov/publications/files/
bank-branch-access-in-rural-communities.pdf.
86 Id.
87 Id.
88 Fed. Deposit Ins. Corp., Bank Data and
Statistics, https://www.fdic.gov/bank/statistical/
(last visited Mar. 20, 2023); see also Cong. Rsch.
Serv., Small Business Credit Markets and Selected
Policy Issues, at 6 (Aug. 20, 2019), https://fas.org/
sgp/crs/misc/R45878.pdf (stating that banks over
$10 billion held 84 percent of all industry assets in
2018).
89 Speech by Board Governor Lael Brainard:
Community Banks, Small Business Credit, and
Online Lending (Sept. 30, 2015), https://
www.federalreserve.gov/newsevents/speech/
brainard20150930a.htm. Banks with under $10
billion in assets are often referred to as ‘‘community
banks.’’ Cong. Rsch. Serv., Over the Line: Asset
Thresholds in Bank Regulation, at 2–3 (May 3,
2021), https://fas.org/sgp/crs/misc/R46779.pdf
(noting that the Board of Governors of the Federal
Reserve System (Board) and the Office of the
Comptroller of the Currency (OCC) define
community banks as having under $10 billion in
assets, although there may be other criteria, with
the FDIC considering also geographic footprint and
a relative emphasis on making loans and taking
deposits as opposed to engaging in securities and
derivatives trading).
90 Biz2Credit, Biz2Credit Small Business Lending
Index, https://www.biz2credit.com/small-businesslending-index (last visited Mar. 20, 2023). These
historical approval rates are reflected in prepandemic Small Business Lending Index releases
by Biz2Credit. See, e.g., Biz2Credit, Small Business
Loan Approval Rates at Big Banks Remain at
Record High in February 2020: Biz2Credit Small
Business Lending Index, https://
www.biz2credit.com/small-business-lending-index/
PO 00000
Frm 00011
Fmt 4701
Sfmt 4700
35159
$1.384 billion in assets currently are not
required to report on lending under the
CRA,91 it is difficult to precisely
quantify the negative impact of bank
consolidation and shuttered branches
on small business lending and access to
credit in local areas.92 Qualitatively,
community banks typically receive high
satisfaction scores among small business
borrowers, reflecting their greater
commitment to relationship banking, a
model of banking ‘‘used to serve
families, businesses, and communities
as individuals, with an emphasis on
providing customized help, rather than
assembly line service.’’ 93
In contrast to banks, credit unions
increased their small business lending
from $30 billion in 2008 to $71 billion
in 2021.94 Like community banks, credit
february-2020 (last visited Mar. 20, 2023) (showing
large bank approvals of 28.3 percent in February
2020 and of 27.2 percent in February 2019 and
smaller bank approvals of 50.3 percent in February
2020 and of 48.6 percent in February 2019).
91 See part II.B above.
92 Bruce C. Mitchell et al., Nat’l Cmty.
Reinvestment Coal., Relationships Matter: Small
Business and Bank Branch Locations (Mar. 2021),
https://ncrc.org/relationships-matter-smallbusiness-and-bank-branch-locations/.
93 Rohit Chopra, CFPB, Prepared Remarks of
CFPB Director Rohit Chopra in Great Falls,
Montana on Relationship Banking and Customer
Service (June 14, 2022), https://
www.consumerfinance.gov/about-us/newsroom/
prepared-remarks-of-cfpb-director-rohit-chopra-ingreat-falls-montana-on-relationship-banking-andcustomer-service/; see also 87 FR 36828, 36829
(June 21, 2022) (stating that relationship banking is
‘‘an aspirational model of banking that meets its
customers’ needs through strong customer service,
responsiveness, and care’’); Cong. Rsch. Serv., Over
the Line: Asset Thresholds in Bank Regulation, at
3 (May 3, 2021), https://fas.org/sgp/crs/misc/
R46779.pdf (stating that community banks are more
likely to engage in relationship-based lending).
94 Rebel A. Cole, Off. of Advocacy, Small Bus.
Admin., How Did Bank Lending to Small Business
in the United States Fare After the Financial Crisis?,
at 51 (Jan. 2018), https://cdn.advocacy.sba.gov/wpcontent/uploads/2019/05/09134658/439-How-DidBank-Lending-to-Small-Business-Fare.pdf ($30
billion in lending in 2008); Calculated from NCUA
Call Report data accessed on October 18, 2022 ($71
billion in lending in 2021). The Bureau notes that,
as discussed in part II.B above, credit unions only
report credit transactions made to members for
commercial purposes with values over $50,000. The
Bureau uses this value as a proxy for small business
credit. The Bureau acknowledges that the true value
of small business credit extended by credit unions
may be different than what is presented here. For
example, this proxy may overestimate the value of
outstanding small business credit because some
members are taking out loans for large businesses.
Alternatively, this proxy may underestimate the
value of outstanding small business credit if credit
unions originate a substantial number of small
business loans with origination values of under
$50,000. For this analysis, the Bureau includes all
types of commercial loans to members except
construction and development loans and
multifamily residential property. This includes
loans secured by farmland; loans secured by owneroccupied, non-farm, non-residential property; loans
secured by non-owner occupied, non-farm, nonresidential property; loans to finance agricultural
E:\FR\FM\31MYR2.SGM
Continued
31MYR2
35160
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
lotter on DSK11XQN23PROD with RULES2
unions typically receive high
satisfaction scores among small business
borrowers, reflecting more high-contact,
relationship-based lending models.95
Certain banks and credit unions
choose to be mission-based lenders, as
CDFIs or minority depository
institutions.96 Mission-based lenders
focus on providing credit to
traditionally underserved and lowincome communities and individuals to
promote community development and
expand economic opportunity, making
them a relatively smaller by dollar value
but essential part of the small business
lending market. There were almost
1,400 CDFIs (over half of which are
depository institutions) as of August
2022 and over 140 minority depository
institutions as of March 2022.97
During a period in which depository
institutions have been providing
relatively less funding to small
businesses,98 some small businesses
have increasingly relied on
nondepository institutions for financing.
Since nondepositories typically do not
report their small business financing
production and other loans to farmers; commercial
and industrial loans; unsecured commercial loans;
and unsecured revolving lines of credit for
commercial purposes.
95 Fed. Rsrv. Banks, Small Business Credit
Survey, 2021 Report On Employer Firms, at 28
(2021), https://www.fedsmallbusiness.org/survey/
2021/report-on-employer-firms.
96 Minority depository institutions are depository
institutions that are majority-owned by socially and
economically disadvantaged individuals or that
have a majority-minority board of directors and
serve a predominantly minority community. Fed.
Deposit Ins. Corp., Minority Depository Institutions:
Structure, Performance, and Social Impact, at 1
(2019), https://www.fdic.gov/regulations/resources/
minority/2019-mdi-study/full.pdf. Minority
depository institutions focus more than other banks
on minority and low- and moderate-income
communities. See id. at 1, 5. CDFI banks are
certified through the U.S. Department of the
Treasury by demonstrating they serve low-income
communities. CDFI Fund, CDFI Certification,
https://www.cdfifund.gov/programs-training/
certification/cdfi (last visited Mar. 17, 2023).
97 CDFI Fund., CDFI Certification, https://
www.cdfifund.gov/programs-training/certification/
cdfi (last visited Mar. 20, 2023); Fed. Deposit Ins.
Corp., Minority Depository Institutions Program
(last visited Mar. 20, 2023), https://www.fdic.gov/
regulations/resources/minority/mdi.html.
98 See Rebel A. Cole, Off. of Advocacy, Small Bus.
Admin., How Did Bank Lending to Small Business
in the United States Fare After the Financial Crisis?,
at 26 (Jan. 2018), https://cdn.advocacy.sba.gov/wpcontent/uploads/2019/05/09134658/439-How-DidBank-Lending-to-Small-Business-Fare.pdf (showing
a decline in bank loans to small businesses from
2008–15 from $710 billion to $600 billion). The
level of bank lending to small businesses has
recovered somewhat since a trough in 2012–13 that
represented the lowest amount of lending since
2005. See also Fed. Deposit Ins. Corp., https://
www.fdic.gov/analysis/quarterly-banking-profile/
qbp/timeseries/small-business-farm-loans.xlsx (last
visited Mar. 20, 2023) (tabulating outstanding
balances for credit extended to small- and nonsmall business lending by banks and thrifts over
time).
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
activities to regulators, there are no
authoritative sources for either the
number of such entities or the dollar
value of financing they provide to small
businesses.99 However, what data are
available make clear that nondepository
online lenders are increasing their share
of the small business financing
market.100
Whether depository or nondepository,
each provider of small business
financing may assess a variety of
different criteria to determine whether
and on what terms to grant an extension
of credit or other financing product,
including business and financial
performance, the credit history of the
business and its owner(s), the time in
business, and the industry, among other
factors. Protections such as guarantees,
collateral, and insurance can mitigate
perceived risks, potentially enabling a
lender to offer better terms or facilitating
an extension of credit that would
otherwise not meet lending limit or
underwriting criteria. Often,
government agencies—including the
SBA, Federal Housing Administration,
and USDA—guarantee or insure loans to
encourage lenders to provide credit to
borrowers that may not otherwise be
able to obtain credit, either on
affordable terms and conditions or at
all.101 Different lenders also employ
diverse methods for assessing risk, with
smaller banks generally relying more on
traditional underwriting methods and
typically managing multi-product
relationships. Online lenders
increasingly use complex algorithms,
automation, and even artificial
intelligence to assess risk and make
underwriting decisions, with
originations typically being less
relationship-based in nature.
As well as diversity in underwriting
methodology and criteria, there are also
considerable differences across small
business financing products and
providers with respect to pricing
methods and repayment structures. As a
result, it can be challenging to compare
the competitiveness of product pricing
part II.B above.
part II.D below.
101 Cong. Rsch. Serv., Small Business
Administration 7(a) Loan Guaranty Program
(updated June 30, 2022), https://fas.org/sgp/crs/
misc/R41146.pdf (discussing the SBA’s flagship 7(a)
loan guarantee program); U.S. Dep’t of Hous. &
Urban Dev., Descriptions Of Multifamily Programs,
https://www.hud.gov/program_offices/housing/
mfh/progdesc (last visited Mar. 20, 2023) (listing
Federal Housing Administration mortgage
insurance programs for 5+ unit residential
developments); Farm Serv. Agency, U.S. Dep’t of
Agric., Guaranteed Loan Program Fact Sheet (Mar.
2020), https://www.fsa.usda.gov/Assets/USDA-FSAPublic/usdafiles/FactSheets/guaranteed_loan_
program-factsheet.pdf (discussing the USDA’s Farm
Service Agency guaranteed loan program).
and terms. Term loans, lines of credit,
and credit cards typically disclose
annualized interest rates; leases often
take into account depreciation; factoring
products discount an invoice’s value
and add a fee; and merchant cash
advances apply a multiple to the value
of the up-front payment.102 Moreover,
providers may add additional fees that
are not standardized within industries,
much less across them.
D. Estimating the Size and Scope of the
Small Business Financing Market
In light of the lack of data and the
heterogeneity of products and providers
within the small business financing
market, it can be difficult to get a clear
sense of the size and scope of the
market. In this part, the CFPB describes
its estimates of the total outstanding
balances of credit in the market, the
number of institutions that are active in
the small business financing market,
and how the CFPB arrived at these
estimates. Where possible, the CFPB
tries to estimate the state of the small
business financing market at the end of
2019 in order to estimate the state of the
market during the year prior to the onset
of the COVID–19 pandemic.
One challenge is that some of the data
report the dollar value of originations
and some report outstanding balances.
For the purposes of this exercise and for
most, but not all, products, the CFPB
assumes that for every $1 originated in
the market in a given year, there is
approximately a corresponding $3 of
outstanding balances. This assumption
is based on the ratio of the 2019 FFIEC
Call Report data, which totaled $721
billion in outstanding balances on bank
loans to small businesses and small
farms, and the 2019 CRA data, which
recorded $264 billion in bank loan
originations to small businesses and
small farms.103 This assumption is
limited by the extent to which other
small business financing products differ
from loans and lines of credit, which
make up the majority of financing
products captured by the FFIEC Call
Report data and the CRA data.104
99 See
100 See
PO 00000
Frm 00012
Fmt 4701
Sfmt 4700
102 See part II.D below for definitions of the
different product categories.
103 FFIEC Call Report data records outstanding
balances on loans with origination amounts less
than $1 million across Commercial & Industrial,
Nonfarm Nonresidential, Agricultural, and Secured
by Farmland lending categories. See FDIC Quarterly
Banking Profile Time Series, https://www.fdic.gov/
analysis/quarterly-banking-profile/qbp/timeseries/
small-business-farm-loans.xlsx (last visited Mar. 20,
2023).
104 FFIEC Call Report data and CRA data on small
business credit products also include business
credit card products, but loans and lines of credit
made up $713 billion out of $775 billion in
outstanding balances on bank, savings association,
and credit union loans to small businesses in 2019.
E:\FR\FM\31MYR2.SGM
31MYR2
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
lotter on DSK11XQN23PROD with RULES2
As detailed in this section, the CFPB
estimates that the market for small
business financing products totaled $1.4
trillion in outstanding balances in 2019.
The CFPB estimates that small business
financing by depository institutions
makes up just over half of small
business financing by private
institutions. In 2020 and 2021, COVID–
19 emergency lending programs added a
further $1 trillion to this value, bringing
the overall size of the small business
financing market up to $2.4 trillion.
However, by July 2022, over $740
billion in Paycheck Protection Program
loans had been forgiven, bringing the
total market size back below $1.7
trillion.105 Below, the CFPB estimates
the market share for different small
business financing products.
Since the available data regarding
depository institutions’ small loans to
businesses address term loans, lines of
credit, and credit cards together, the
respective shares of these three products
in the overall small business financing
market are difficult to assess. As
detailed in this part, the CFPB estimates
that together, private term loans and
lines of credit constitute the largest
small business credit product by value,
totaling approximately $770 billion in
outstanding balances in 2019. As of July
2022, outstanding balances for
Economic Impact Disaster Loan Program
and Paycheck Protection Program loans
totaled $260 billion, bringing the total
value of all outstanding loans and lines
of credit to around $1 trillion.106
Lending by banks, saving
associations, and credit unions
comprises the largest part of this total
amount for private term loans and lines
of credit. Using FFIEC Call Report data
for December 2019, the CFPB estimates
that banks and savings associations
accounted for a total of about $721
billion in outstanding credit to small
One important caveat to this assumption is that
products with materially shorter average term
lengths, for example credit cards, factoring
products, and merchant cash advances, may have
an inverse ratio of originations to outstanding
balances. For example, top issuers of generalpurpose credit cards recorded purchase volumes of
two to seven times their outstanding balances in
2020. Nilson Report, Issue 1192, at 6 (Feb. 2021),
https://nilsonreport.com/publication_newsletter_
archive_issue.php?issue=1192. If business-purpose
credit cards, factoring products, and merchant cash
advances behaved similarly with respect to the ratio
of originations to outstanding balances, then for
every $1 originated in the market in a given year,
there could be a corresponding $0.14–0.50 in
outstanding balances for such products ($1 divided
by two to seven).
105 Pandemic Response Accountability Comm.,
Paycheck Protection Program: Loan Forgiveness by
the Numbers (July 2022), https://www.pandemic
oversight.gov/media/file/ppp-loan-forgiveness-factsheet-july-2022-updatepdf.
106 Id.
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
businesses and small farms as of
December 2019.107 Using NCUA Call
Report data for December 2019, the
CFPB estimates that credit unions
accounted for a total of about $55 billion
in outstanding credit to members for
commercial purposes.108 From this
value, the CFPB subtracts $62 billion in
credit card lending to arrive at $713
billion in outstanding balances for term
loans and lines of credit. From this
value, the CFPB further subtracts $134
billion in SBA guaranteed loans to
arrive at $580 billion in outstanding
balances for private term loans and lines
of credit extended by depository
institutions (i.e., banks, savings
associations, and credit unions) as of
December 2019.
The remaining $190 billion in
outstanding balances for private term
loans and lines of credit was extended
by various nondepository institutions,
namely commercial finance companies,
online lenders, and nondepository
CDFIs.109
Commercial finance companies
specialize in financing equipment and
vehicle purchases. The CFPB estimates
that the value of outstanding balances
on credit extended by commercial
finance companies totaled
approximately $160 billion. Using data
from the Board’s Finance Company
Business Receivables data on owned
assets as of December 2019, the CFPB
estimates commercial finance
companies outstanding credit for
commercial purposes as the value of
retail motor vehicle loans plus
equipment loans and other business
receivables, which totaled about $215
billion.110 The CFPB further assumes
107 Calculated from FFIEC Call Report data
accessed on October 18, 2022. The CFPB notes that,
as discussed in part II.B above, these estimates rely
on small loans to businesses as a proxy for loans
to small businesses. As such, the CFPB
acknowledges that the true outstanding value of
credit extended to small businesses by such
institutions may be different than what is presented
here. For example, the small loans to businesses
proxy would overestimate the value of outstanding
credit if a significant number of small loans to
businesses and farms are to businesses or farms that
are actually large. Alternatively, the proxy would
underestimate the value of outstanding credit to
small businesses if a significant number of
businesses and farms that are small under the rule
take out loans that are larger than $1 million or
$500,000, for businesses and farms, respectively.
108 Calculated from NCUA Call Report data
accessed on October 18, 2022.
109 There may additionally be lending that is not
captured here by equipment and vehicle dealers
originating loans in their own names.
110 Bd. of Governors of the Fed. Rsrv. Sys.,
Finance Companies—G.20 (updated Aug. 17, 2022),
https://www.federalreserve.gov/releases/g20/hist/
fc_hist_b_levels.html. The Bureau does not include
leases, since they are already counted within the
product category of equipment and vehicle leasing,
or wholesale loans, which it assumes are typically
made to non-small businesses.
PO 00000
Frm 00013
Fmt 4701
Sfmt 4700
35161
that about 75 percent of this value, or
$162 billion, can be attributed to loans
to small businesses.111
Typical ‘‘fintech’’ providers are
characterized primarily by providing
financial services exclusively in an
online environment.112 The CFPB
estimates that total outstanding loan
balances for such providers reached
around $25 billion in 2019. Using this
estimate, the CFPB scales up an
estimated $9.3 billion in credit
originations by online platform lenders
to small and medium enterprises in
2019 to $25 billion in estimated
outstanding balances, under the
assumptions discussed above.113 At the
beginning of the COVID–19 pandemic
and associated financial crisis, these
lenders originated around $22 billion in
Paycheck Protection Program loans to
small businesses from March to August
2020 114 and likely continued to
originate billions more during the third
wave of Paycheck Protection Program
loans in 2021, which represents an
almost 90 percent increase or more in
outstanding balances since 2019.115
This follows already rapid growth from
$1.4 billion in estimated outstanding
balances in 2013.116
111 This methodology is consistent with the
approach taken by Gopal and Schnabl (2020).
112 Barkley & Schweitzer, 17 Int’l J. Cent. Banking
at 35–36.
113 See 2018 US Fintech Market Report at 6. The
Bureau notes that this figure may underestimate the
total value of such lending because it focuses on
platform lenders and may overestimate the value of
lending to small businesses because it also includes
credit to medium businesses. Additionally, the
Bureau notes that fintechs often offer products
besides loans and lines of credit, and that there is
no clear demarcation between fintech, commercial
finance company, and merchant cash advance
provider, limiting the precision of market size
estimates. Finally, fintechs often sell loans once
originated to other entities, securitize their
originations, or purchase loans that banks have
originated, which may further present challenges to
the precision of market size estimates for this
market segment.
114 Small Bus. Admin., Paycheck Protection
Program (PPP) Report (approvals through 12 p.m.
EST Apr. 16, 2020), https://www.sba.gov/sites/
default/files/2020-06/PPP%20Deck%20copy508.pdf; Small Bus. Admin., Paycheck Protection
Program (PPP) Report (approvals through Aug. 8,
2020), https://www.sba.gov/sites/default/files/202008/PPP_Report%20-%202020-08-10-508.pdf.
115 Per the program’s intent, many Paycheck
Protection Program loans have been forgiven since
the program began, which likely means that
outstanding balances on Paycheck Protection
Program loans extended by online lenders have
since declined. See Pandemic Response
Accountability Comm., Paycheck Protection
Program: Loan Forgiveness by the Numbers (July
2022), https://www.pandemicoversight.gov/media/
file/ppp-loan-forgiveness-fact-sheet-july-2022updatepdf (reporting that $742 billion in Paycheck
Protection Program loans had been forgiven by July
2022).
116 Barkley & Schweitzer, 17 Int’l J. Cent. Banking
at 35–36 (citing 2018 US Fintech Market Report at
E:\FR\FM\31MYR2.SGM
Continued
31MYR2
35162
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
lotter on DSK11XQN23PROD with RULES2
The CFPB estimates the value of
outstanding balances on credit extended
by nondepository CDFIs to small
business borrowers to be around $1.5
billion. Using reporting by the CDFI
Fund for 2019, the CFPB scales down
the outstanding balances for loan funds
of $13.8 billion and for venture capital
funds of $0.3 billion by the proportion
of all CDFI lending attributable to
business borrowers, which totaled $15.4
billion out of $141.2 billion.117
Categorized here separately so as to
distinguish residential from nonresidential loans, the CFPB estimates
outstanding balances for loans on 5+
unit residential dwellings to total over
$30 billion.118 The CFPB scales up $11
billion in 2019 annual originations on
loans of under $1 million in value at
origination for 5+ unit residential
dwellings to $30 billion in estimated
outstanding balances, using the ratio
between the FFIEC Call Report and the
CRA data discussed above.119
5). This figure annualizes $121 million in estimated
2013 quarterly originations to $484 million in
annual originations and scales up to estimated
outstanding balances using the ratio between the
FFIEC Call Report and the CRA data discussed
above.
117 CDFI Fund, CDFI Annual Certification and
Data Collection Report (ACR): A Snapshot for Fiscal
Year 2019, at 17, 22 (Oct. 2020), https://
www.cdfifund.gov/sites/cdfi/files/2021-01/ACRPublic-Report-Final-10292020-508Compliant.pdf.
To the extent that CDFI loan funds and venture
capital funds extend credit to business customers at
different rates than CDFI banks and credit unions,
this calculation may over- or underestimate the
value of lending to small businesses by
nondepository CDFIs. This figure also assumes that
all CDFI lending is for small businesses.
118 Depository institutions, discussed above,
extend a sizeable proportion of loans for 5+ unit
residential dwellings; both nondepository and
depository institutions are included in the total for
5+ unit outstanding balances.
119 See Mortg. Bankers Ass’n, Annual Report on
Multi-Family Lending—2019, at 5 (2020), https://
www.mba.org/store/products/research/general/
report/2019-annual-report-on-multifamily-lending.
This includes both private loans, estimated at
around $18 billion, and loans extended by Fannie
Mae, Freddie Mac, and the Federal Housing
Administration, estimated at around $13 billion.
The share of 5+ unit residential dwelling loans of
all sizes extended by governmental or governmentsponsored entities was 41 percent. The Bureau
assumes for the purposes of this exercise that the
same share is reflected in loans of under $1 million
in value at origination, although arguably this share
would be higher if government and governmentsponsored entities extended disproportionately
smaller dollar value loans on average. There is also
a substantial market for commercial real estate
besides 5+ unit residential dwellings not captured
here due to a lack of data on loans of small size
or to small businesses. See Mortg. Bankers’ Ass’n,
MBA: Commercial, Multifamily Mortgage Bankers
Originated $683B in 2021; Total Lending Tally
Reaches $891B (Apr. 15, 2022), https://
newslink.mba.org/mba-newslinks/2022/april/mbanewslink-friday-apr-15-2022/mba-commercialmultifamily-mortgage-bankers-originated-683b-in2021-total-lending-tally-reaches-891b/ (estimating
the volume of commercial real estate lending of any
size to be $890.6 billion in 2021, of which
multifamily lending accounted for $376 billion).
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
Also categorized separately from
depository institution totals so as to
distinguish private from government
and government-sponsored loans, the
CFPB estimates that outstanding
balances for loans extended by the SBA
and the Farm Credit System totaled
around $200 billion in 2019.120
The SBA, through its traditional 7(a),
504, and microloan programs as well as
the Economic Impact Disaster Loan
Program and funding for Small Business
Investment Companies, is the largest
governmental lender by value, with
$143.5 billion in outstanding balances at
the end of fiscal 2019.121 As part of the
Federal government’s response to the
COVID–19 pandemic, during 2020 and
2021 SBA lending increased in size by
over $1 trillion due to the Paycheck
Protection Program, which totaled
almost $800 billion, and the Economic
Impact Disaster Loan Program, which
totaled $210 billion.122 However, as
noted above, over $740 billion in
Paycheck Protection Program loans had
been forgiven as of July 2022, bringing
SBA outstanding loan balances back
down.123
The Farm Credit System is another
important government-related part of
the small business credit landscape. The
CFPB estimates that Farm Credit System
lenders had around $55 billion in
outstanding balances of credit extended
to small farms in 2019. Using the same
small loan to farms proxy as is used in
the FFIEC Call Report, the CFPB
estimates credit to farms with an
120 The grand total for lending by government and
government-sponsored entities would be
approximately $210 billion, including 5+ unit
residential dwelling loans extended by Fannie Mae,
Freddie Mac, and the Federal Housing
Administration, which are separately recorded
within the 5+ unit residential dwelling loan
product category.
121 Small Bus. Admin., Small Business
Administration Loan Program Performance
(effective Mar. 31, 2022), https://www.sba.gov/
document/report-small-business-administrationloan-program-performance. SBA guaranteed loans
comprised $134 billion out of this total, which
amount has been deducted from the totals for
depository institutions to avoid double counting.
122 Small Bus. Admin., Paycheck Protection
Program (PPP) Report (approvals through May 31,
2021), https://www.sba.gov/sites/default/files/202106/PPP_Report_Public_210531-508.pdf; Small Bus.
Admin., Disaster Assistance Update—Nationwide
COVID EIDL, Targeted EIDL Advances,
Supplemental Targeted Advances (June 3, 2021),
https://www.sba.gov/sites/default/files/2021-06/
COVID-19%20EIDL%20TA%20STA_6.3.2021_
Public-508.pdf; Small Bus. Admin., Disaster
Assistance Update—Nationwide EIDL Loans (Nov.
23, 2020), https://www.sba.gov/sites/default/files/
2021-02/EIDL%20COVID-19%20Loan%2011.23.20508_0.pdf.
123 Pandemic Response Accountability Comm.,
Paycheck Protection Program: Loan Forgiveness by
the Numbers (July 2022), https://
www.pandemicoversight.gov/media/file/ppp-loanforgiveness-fact-sheet-july-2022-updatepdf.
PO 00000
Frm 00014
Fmt 4701
Sfmt 4700
origination value of less than $500,000.
Based on the Farm Credit System’s 2019
Annual Information Statement of the
Farm Credit System, the CFPB estimates
that outstanding balances of such small
credit to farms totaled $55 billion at the
end of 2019.124 The CFPB notes that, as
with the FFIEC Call Report proxy, this
number may include credit to non-small
farms and may exclude larger credit
transactions extended to small farms.
Considering credit extended with an
origination value of between $500,000
and $5 million would increase the
market size by $86 billion to $141
billion.125
Mostly extended by depository
institutions, the CFPB estimates that the
market for small business credit cards
totaled over $60 billion in outstanding
balances for 2020.126 Using data from
Y–14 Form submissions to the Federal
Reserve Board, the CFPB estimates the
value of outstanding balances for small
business credit card accounts where the
loan is underwritten with the sole
proprietor or primary business owner as
an applicant.127
Equipment and vehicle leasing,
whereby businesses secure the right to
possess and use a piece of equipment or
vehicle for a term in return for
consideration, is another important
product category that is estimated to
value roughly $160 billion in
outstanding balances in 2019. The CFPB
estimates the total size of the equipment
and vehicle leasing market for all sized
businesses in 2019 to be approximately
$900 billion.128 The CFPB further
assumes that small businesses comprise
around 18 percent of the total
124 Fed. Farm Credit Banks Funding Corp., Farm
Credit 2019 Annual Information Statement of the
Farm Credit System, at 54 (Feb. 28, 2020), https://
www.farmcreditfunding.com/ffcb_live/
investorResources/informationStatements.html.
125 Id.
126 See Bd. of Governors of the Fed. Rsrv. Sys.,
Report Forms FR Y-14M, https://
www.federalreserve.gov/apps/reportingforms/
Report/Index/FR_Y-14M (last updated Sept. 12,
2022). The Board’s data are received from bank
holding companies over $50 billion in assets, which
represent 70 percent of outstanding balances for
consumer credit cards; the corresponding percent of
balances captured for small business cards is not
known, so the total small business-purpose credit
card market could be substantially higher or lower.
See CFPB, The Consumer Credit Card Market, at 18
(Aug. 2019), https://files.consumerfinance.gov/f/
documents/cfpb_consumer-credit-card-marketreport_2019.pdf.
127 Off. of Mgmt. & Budget, Instructions for the
Capital Assessments and Stress Testing Information
Collection (Reporting Form FR–Y14M), OMB No.
7100–0341, at 148 (Mar. 2020), https://omb.report/
icr/202101-7100-006/doc/108187801.
128 See Equip. Leasing & Fin. Found., Horizon
Report, https://www.leasefoundation.org/industryresources/horizon-report/ (last updated Apr. 22,
2021).
E:\FR\FM\31MYR2.SGM
31MYR2
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
equipment and vehicle leasing
market.129
Factoring is a similarly significant
product type, estimated at around $100
billion in market size for 2019.130 In a
factoring transaction, factors purchase,
at a discount, a legally enforceable claim
for payment (i.e., accounts receivables
or invoices) for goods already supplied
or services already rendered by a
business for which payment has not yet
been made in full; hence, a factor’s risk
related to repayment lies with the
business’s customer and not the
business itself. In most cases, specific
companies, called factors, provide
factoring products.
The market for merchant cash
advances continues to develop rapidly
and data are even more scarce than for
other segments of the small business
lending market. This limits the
reliability of estimates as to the
merchant cash advance market’s size.
The CFPB estimates the 2019 market
size to be around $20 billion.131 The
merchant cash advance market is also of
lotter on DSK11XQN23PROD with RULES2
129 See
Karen Mills, Harvard Bus. Sch., State of
Small Business Lending, at 29 (July 2014), https://
www.hbs.edu/ris/Supplemental%20Files/15-004
%20HBS%20Working%20Paper%20Chart
%20Deck_47695.pdf (estimating equipment leasing
outstanding balances for small business borrowers
at approximately $160 billion at Dec. 31, 2013);
Monitor Daily, SEFI Report Finds Strong
Performance Despite Challenges (Oct. 21, 2014),
https://www.monitordaily.com/news-posts/sefireport-finds-strong-performance-despite-challenges/
($903 billion market in 2014, commensurate with
an 18 percent market share for small business
borrowers at the time of the Karen Mills report).
130 See Secured Fin. Found., 2019 Secured
Finance: Market Sizing & Impact Study Extract
Report, at 7 (June 2019), https://www.sfnet.com/
docs/default-source/data-files-and-researchdocuments/sfnet_market_sizing___impact_study_
extract_f.pdf?sfvrsn=72eb7333_2. This study
estimated the total volume of the U.S. factoring
market to be $101 billion. To the extent that
factoring volumes differ from outstanding balances,
the value of outstanding balances may be higher or
lower than this estimate. Also, this estimate
captures factoring for business borrowers of all
sizes, not just small business borrowers. The CFPB
assumes that most factoring is provided to small
business customers.
131 Paul Sweeney, Gold Rush: Merchant Cash
Advances are Still Hot, deBanked (Aug. 18, 2019),
https://debanked.com/2019/08/gold-rushmerchant-cash-advances-are-still-hot/. BPC
estimates appear to reference origination volumes
rather than outstanding balances. See Nimayi Dixit,
S&P Glob. Mkt. Intel., Payment Fintechs Leave
Their Mark On Small Business Lending (Aug. 28,
2018), https://www.spglobal.com/
marketintelligence/en/news-insights/research/
payment-fintechs-leave-their-mark-on-smallbusiness-lending. Depending on credit multiplier
effects, the value of annual origination volumes
could be smaller or greater than outstanding
balances. Without information on outstanding
balances and for the purposes of calculating a
market size for small business financing in 2019,
the CFPB assumes in this paper a 1:1 ratio between
annual origination volumes and outstanding
balances for merchant cash advance products. See
above for discussion of credit multiplier effects.
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
particular significance for smaller and
traditionally underserved businesses
that may not qualify for other types of
credit.132 Merchant cash advances are
typically structured to provide a lump
sum payment up front (a cash advance)
in exchange for a share of future
revenue until the advance, plus an
additional amount, is repaid. Unlike the
majority of other small business
financing products, merchant cash
advances typically purport to be for
short durations.133 The CFPB
understands that merchant cash
advances also tend to be relatively highcost products.134 Several States,
including New York and California, are
implementing laws that will require
providers of ‘‘sales-based financing,’’
such as merchant cash advances, as well
as other nondepositories to provide
disclosures (including estimated APR in
some States) similar to those required
under the Truth in Lending Act
(TILA),135 which generally only applies
to consumer credit.136
132 Cf. Barbara Lipman & Ann Marie Wiersch, Bd.
of Governors of the Fed. Rsrv. Sys., Uncertain
Terms: What Small Business Borrowers Find When
Browsing Online Lender websites, at 3 (Dec. 2019),
https://www.federalreserve.gov/publications/files/
what-small-business-borrowers-find-whenbrowsing-online-lender-websites.pdf (observing that
online lenders, including providers of merchant
cash advance products, position themselves as
offering financing to borrowers underserved by
traditional lenders).
133 See id. (stating that merchant cash advances
are generally repaid in three to 18 months).
134 Id. (stating that annual percentage rates on
merchant cash advance products can exceed 80
percent or rise to triple digits). See also Fed. Trade
Comm’n, ‘Strictly Business’ Forum, Staff
Perspective, at 5 (Feb. 2020), https://www.ftc.gov/
system/files/documents/reports/staff-perspectivepaper-ftcs-strictly-business-forum/strictly_business_
forum_staff_perspective.pdf (observing stakeholder
concern about the high-cost of merchant cash
advances that can reach triple digit annual
percentage rates).
135 15 U.S.C. 1601 et seq.
136 New York State law requires that providers of
‘‘sales-based financing’’ provide disclosures to
borrowers that include calculations of an estimated
annual percentage rate in accordance with the
CFPB’s Regulation Z, 12 CFR part 1026. See N.Y.
S.898, section 803(c) (signed Jan. 6, 2021)
(amending S.5470–B), https://legislation.
nysenate.gov/pdf/bills/2021/s898. The New York
Department of Financial Services is currently
developing regulations to implement the law. See
N.Y. Dep’t of Fin. Servs., Proposed Financial
Services Regulations, https://www.dfs.ny.gov/
industry_guidance/regulations/proposed_fsl.
Similarly, California’s Department of Financial
Protection and Innovation has adopted regulations
to implement a California law requiring disclosures
by commercial financing companies, including
those providing sales-based financing. See 10 Cal.
Code Reg. 900(a)(28) (effective Dec. 9, 2022)
(defining sales-based financing as ‘‘a commercial
financing transaction that is repaid by a recipient
to the financer as a percentage of sales or income,
in which the payment amount increases and
decreases according to the volume of sales made or
income received by the recipient’’ and including ‘‘a
true-up mechanism’’); 10 Cal. Code Reg. 914 and
PO 00000
Frm 00015
Fmt 4701
Sfmt 4700
35163
Finally, trade credit is another
significant market, which the Bureau
estimates to total $51 billion in
outstanding balances in 2019. The
Bureau estimates the trade credit market
size by adding the total accounts
payable for businesses under $1 million
in annual revenue.137 Considering the
total value of accounts payable for
businesses between $1 million and $5
million would increase the market size
by $88 billion.138 Trade credit is an
often informal, business-to-business
transaction, usually between nonfinancial firms whereby suppliers allow
their customers to acquire goods and/or
services without requiring immediate
payment.
The CFPB estimates that there were
approximately 8,200 financial
institutions extending small business
financing in 2019, almost 80 percent of
which were depository institutions.139
940 (requiring sales-based financing providers
disclosure estimated annual percentage rate
according to Regulation Z, 12 CFR part 1026).
Under these laws, providers of commercial
financing generally will be required to disclose: (1)
the total amount financed, and the amount
disbursed if it is different from the total amount
financed; (2) the finance charge; (3) the APR (or the
estimated APR for sales-based financing and
factoring transactions), calculated in accordance
with TILA and Regulation Z; (4) the total repayment
amount; (5) the term (or the estimated term for
sales-based financing) of the financing; (6) periodic
payment amounts; (7) prepayment charges; (8) all
other fees and charges not otherwise disclosed; and
(9) any collateral requirements or security interests.
See Cal. S.B. 1235 (Sept. 30, 2018), https://
leginfo.legislature.ca.gov/faces/billTextClient.
xhtml?bill_id=201720180SB1235; N.Y. S.B. S5470B
(July 23, 2020), https://legislation.nysenate.gov/pdf/
bills/2019/S5470B. Other States, including Virginia
and Utah, have passed commercial financing
disclosure laws that do not require disclosure of the
APR. See Virginia H. 1027 (enacted Apr. 11, 2022),
https://lis.virginia.gov/cgi-bin/legp604.exe?221+
ful+CHAP0516; Utah S.B. 183 (enacted Mar. 24,
2022), https://le.utah.gov/∼2022/bills/static/
SB0183.html.
137 See Fundbox/PYMNTS.com, The Trade Credit
Dilemma, at 11 (May 2019), https://
www.pymnts.com/wp-content/uploads/2019/05/
Trade-Credit-Dilemma-Report.pdf (estimating
accounts payable for businesses with revenue of
under $250,000 at $6.7 billion and for businesses
with revenue of $250,000 to $999,000 at $44.6
billion).
138 Id. The trade credit market is estimated to total
$1.6 trillion across all business sizes in the United
States. In the overall $1.4 trillion market size total
for all small business financing products, the CFPB
has included only the trade credit market for
businesses of up to $1 million in revenue for
consistency with its White Paper.
139 This number has increased from 8,100
financial institutions estimated in the NPRM for
two reasons related to the number of nondepository
financial institutions participating in the credit
market for 5+ unit residential dwellings in 2019.
First, the CFPB revised its methodology for
excluding depository institutions from the total
number of participants active in the credit market
for 5+ unit residential dwellings, as detailed below.
Second, the NPRM total for all financial institutions
active in the small business financing market
E:\FR\FM\31MYR2.SGM
Continued
31MYR2
35164
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
lotter on DSK11XQN23PROD with RULES2
Based on FFIEC Call Report data for
December 2019, the CFPB estimates that
about 5,100 banks and savings
associations were active in the small
business lending market, out of a total
of about 5,200 banks and savings
associations.140 The CFPB assumes that
a bank or savings association is ‘‘active’’
in the market if it reports a positive
outstanding balance of small loans, lines
of credit, and credit cards to businesses.
Based on the NCUA Call Report data
for December 2019, the CFPB estimates
that about 1,200 out of 5,300 total credit
unions were active in the small business
lending market.141 The CFPB defines a
credit union as ‘‘active’’ in the market
if it reported a positive number of
originations of loans, lines of credit, and
credit cards to members for commercial
purposes in 2019.
The CFPB estimates that there were
about 1,900 nondepository institutions
active in the small business financing
market in 2019,142 accounting for
included only those nondepository financial
institutions participating in the credit market for 5+
unit residential dwellings estimated to be covered
by the proposed rule rather than all those active in
the market at all.
140 Calculated from FFIEC Call Report data
accessed on October 18, 2022. Although 2019
figures are used here for consistency across types
of lenders, consolidation among depository
institutions has continued since 2019. As of June
30, 2022, 4,692 commercial banks or savings
associations and 1,575 credit unions reported a
positive outstanding balance of small loans, lines of
credit, and credit cards to businesses. Calculated
from FFIEC Call Report data accessed on October
14, 2022.
141 Nat’l Credit Union Admin., 2019 Call Report
Quarterly Data, https://www.ncua.gov/analysis/
credit-union-corporate-call-report-data/quarterlydata (last updated Mar. 8, 2023). (One hundred
twelve credit unions were not federally insured as
of December 2019 but are included here as
depository institutions. Calculated from NCUA Call
Report data accessed on June 8, 2021.) Although
2019 figures are used here for consistency across
types of lenders, consolidation among depository
institutions has continued since 2019. As of June
30, 2022, 1,120 credit unions reported a positive
number of originations of loans, lines of credit, and
credit cards to members for commercial purposes
during the first half of 2022. This number was
calculated from NCUA Call Report data accessed on
October 14, 2022.
142 There may also be cooperative or nonprofit
lenders as well as equipment and vehicle finance
dealers originating in their own name that are not
captured by the CFPB in these figures. For example,
by searching Uniform Commercial Code (UCC)
filings, Manasa Gopal and Philipp Schnabl
identified 19 cooperative lenders that originated at
least 1,500 loans over the period from 2006 to 2016.
Manasa Gopal & Philipp Schnabl, The Rise of
Finance Companies and FinTech Lenders in Small
Business Lending, N.Y.U. Stern Sch. of Bus., at 18
(May 13, 2020), https://ssrn.com/abstract=3600068.
Additionally, these figures do not include trade
creditors, which are non-companies that extend
credit by allowing customers a period of time in
which to pay and which are much greater in
number since the practice is widespread across the
economy. This number has increased from 1,800
financial institutions estimated in the NPRM for
two reasons related to the number of nondepository
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
around $550 billion in outstanding
credit to small businesses. This total
number of nondepository institutions
includes approximately 300 commercial
finance companies, 30 or more online
lenders, 340 nondepository CDFIs, 150
nondepository mortgage lenders in the
multifamily market, 100 merchant cash
advance providers, 700–900 factors, at
least 100 government lenders, and 72
Farm Credit System institutions.
The Bureau estimates that about 300
commercial finance companies were
engaged in small business lending in
2019.143 The Bureau also estimates there
to be about 30 or more online lenders
that were active in the small business
lending market in 2019, not including
merchant cash advance providers.144
The Bureau estimates that 340
nondepository CDFIs were engaged in
small business lending in 2019. Both
depository and nondepository
institutions can be CDFIs. Depository
CDFIs are counted in the numbers of
banks, savings associations, and credit
unions engaged in small business
lending. According to the CDFI Fund,
487 nondepository funds (i.e., loan
financial institutions participating in the credit
market for 5+ unit residential dwellings in 2019.
First, the CFPB revised its methodology for
excluding depository institutions from the total
number of participants active in the credit market
for 5+ unit residential dwellings, as detailed below.
Second, the Notice of Proposed Rulemaking total
for all nondepository financial institutions active in
the small business financing market included only
those nondepository financial institutions
participating in the credit market for 5+ unit
residential dwellings that were estimated to be
covered by the proposed rule rather than all those
active in the market at all.
143 See id. By searching UCC filings, Manasa
Gopal and Philipp Schnabl identified almost 300
commercial finance companies, including both
independent and captive finance companies, with
at least 1,500 small business loans between 2006
and 2016. This figure combines 192 independent
finance companies with 95 captive finance
companies. Since this estimate captures only those
commercial finance companies averaging at least
150 loans per year over the 2006 to 2016 period,
it may exclude smaller volume lenders and should
be considered conservative.
144 Id. Using the same methodology as for
commercial finance companies, Gopal and Schnabl
identified 19 fintech companies. The CFPB
conservatively increases this estimate to 30 to
account for rapid growth in the industry from 2016
to 2019. Since this estimate captures only those
fintechs averaging at least 150 loans per year over
the 2006 to 2016 period, it may exclude smaller
volume lenders and should be considered
conservative. On the other hand, since 2019, the
COVID–19 economic shock may have led to some
fintechs scaling back or exiting the small business
financing market. See, e.g., Ingrid Lunden, Amex
Acquires SoftBank-backed Kabbage After Tough
2020 for the SMB Lender, TechCrunch (Aug. 17,
2020), https://techcrunch.com/2020/08/17/amexacquires-softbank-backed-kabbage-after-tough2020-for-the-smb-lender/ (noting that Kabbage
temporarily shut down credit lines to small
businesses during April 2020 and then spun off its
small business loan portfolio when it was
subsequently acquired by American Express).
PO 00000
Frm 00016
Fmt 4701
Sfmt 4700
funds and venture capital funds)
reported as CDFIs in 2019.145 Of these,
340 institutions reported that business
finance or commercial real estate
finance were a primary or secondary
line of business in 2019.146
The Bureau estimates that about 150
nondepository mortgage lenders
participated in the credit market for 5+
unit residential dwellings in 2019.147 In
its 2019 Multifamily Lending Report, the
Mortgage Bankers Association lists
annual multifamily lending volumes by
institution, including a distinction for
loans of under $1 million in value at
origination.148 Using the same small
loan to business proxy as is used in the
FFIEC Call Report, the Bureau estimates
the number of nondepository mortgage
lenders by counting the number of
institutions that appear on this list that
are not depository institutions and that
extended at least two loans in 2019.149
Data from UCC filings indicates that
about 100 institutions were active in the
market for providing merchant cash
advances to small businesses in 2021.150
145 CDFI Fund, CDFI Annual Certification and
Data Collection Report (ACR): A Snapshot for Fiscal
Year 2019, at 8 (Oct. 2020), https://
www.cdfifund.gov/sites/cdfi/files/2021-01/ACRPublic-Report-Final-10292020-508Compliant.pdf.
146 Id. at 15–16.
147 Nondepository lenders providing financing for
commercial real estate transactions besides 5+ unit
residential dwellings are not separately captured
here but often overlap with those lenders providing
financing for 5+ unit residential dwellings. See
Com. Prop. Exec., Top 20 Commercial Mortgage
Banking and Brokerage Firms of 2022 (Jan. 3, 2022),
https://www.commercialsearch.com/news/top-20commercial-mortgage-banking-and-brokerage-firmsof-2022/ (listing top commercial real estate lenders
and identifying sectors financed by lender).
148 See Mortg. Bankers Ass’n, Annual Report on
Multi-Family Lending—2019, at 9–66 (2020),
https://www.mba.org/store/products/research/
general/report/2019-annual-report-on-multifamilylending. In the Notice of Proposed Rulemaking, the
CFPB had estimated nondepository financial
institutions participating in the credit market for 5+
unit residential dwellings by excluding financial
institutions included in the above-cited report with
the word ‘‘bank’’ or ‘‘credit union’’ in the
institution name and further manually removing
around ten more institutions that appeared to be
depository institutions at first glance. To improve
accuracy, for the Final Rule the CFPB has manually
coded all 2,588 institutions in the above-cited
report to exclude any institutions that are banks,
savings associations, credit unions, or farm credit
associations but which do not have the word
‘‘bank’’ or ‘‘credit union’’ in the institution name as
recorded in the report. As a result, the total number
of nondepository financial institutions active in this
market fell from 270 to 150.
149 The CFPB counts institutions extending at
least two loans of any size in order to estimate
institutions extending at least one small loan, based
on the assumption that some 50 percent of these
loans may have been for values greater than $1
million.
150 deBanked, UCC–1 and UCC–3 Filings by
Merchant Cash Advance Companies & Alternative
Business Lenders, https://debanked.com/merchantcash-advance-resource/merchant-cash-advanceucc/ (last visited Mar. 20, 2023).
E:\FR\FM\31MYR2.SGM
31MYR2
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
The Bureau estimates the number of
factors in 2019 to be between 700–900
and assumes that most factors were
providing financing to small
business.151
Finally, many government agencies
and government-sponsored enterprises
provide or facilitate a significant
proportion of small business credit. As
the flagship government lender, the SBA
managed in 2019 a portfolio of over
$140 billion in loans to small
businesses, to which it added over $1
trillion in loans extended as part of the
COVID–19 emergency lending
programs. (As noted above, over $740
billion in Paycheck Protection Program
loans had been forgiven as of July 2022,
bringing SBA outstanding loan balances
back down.152) Across Federal, State,
and municipal governments, the Bureau
estimates that there are likely over 100
government small business lending
programs.153 Additionally, the Farm
Credit System reports that, as of
December 2019, the Farm Credit System
contained a total of 72 banks and
associations.154 All of these Farm Credit
System institutions were engaged in
lending to small farms in 2019.155
Within the context of small business
financing, women-owned, minorityowned, and LGBTQI+-owned small
businesses often face relatively
challenges than their counterparts to
obtain credit. In line with congressional
purpose, information collected about
these businesses may provide
opportunities for community
development lending, and the
information collected may be
particularly important to support fair
lending analysis and enforcement.
Women-owned, minority-owned, and
LGBTQI+-owned small businesses have
smaller cash reserves on average,
leaving them less able to weather credit
crunches. For example, in February
2021, 39 percent of women-owned
businesses had one month or less in
cash reserves, compared with 29 percent
of men-owned firms.156 And in around
90 percent of majority Black and
Hispanic communities, most businesses
have fewer than 14 days of cash buffer,
while this is true of only 35 percent of
majority white communities.157 As a
result, many small businesses,
especially those owned by women,
minorities, and LGBTQI+ individuals,
may have a greater need for financing in
general and particularly during
economic downturns.
Policy responses to support small
businesses in economic downturns may
struggle to reach small businesses
owned by women, minorities, and
LGBTQI+ individuals. For example,
although LGBTQI+-owned small
businesses were more likely to apply for
Paycheck Protection Program loans,
they were less likely to receive all of the
funds that they applied for, and more
likely to have gotten none of the funding
they applied for.158
Established relationships between
applicants and lenders were often
critical to approvals in the earliest
period of Paycheck Protection Program
underwriting;159 many minority-
151 See Secured Fin. Found., 2019 Secured
Finance: Market Sizing & Impact Study Extract
Report, at 15 (June 2019), https://www.sfnet.com/
docs/default-source/data-files-and-researchdocuments/sfnet_market_sizing___impact_study_
extract_f.pdf?sfvrsn=72eb7333_2 (estimating the
number of factors at between 700 and 900).
152 Pandemic Response Accountability Comm.,
Paycheck Protection Program: Loan Forgiveness by
the Numbers (July 2022), https://
www.pandemicoversight.gov/media/file/ppp-loanforgiveness-fact-sheet-july-2022-updatepdf.
153 In addition to several Federal small business
lending programs, States and major municipalities
also often have one or more programs of their own.
One State and one municipal program in each State
would already total 100 government lending
programs across Federal, State, and municipal
governments.
154 Fed. Farm Credit Banks Funding Corp., Farm
Credit 2019 Annual Information Statement of the
Farm Credit System, at 7 (Feb. 28, 2020), https://
www.farmcreditfunding.com/ffcb_live/serve/public/
pressre/finin/report.pdf?assetId=395570. The CFPB
notes that Farm Credit System banks do not report
FFIEC Call Reports and are thus not counted in the
number of banks and savings associations discussed
above.
155 Calculated from Young, Beginning, and Small
Farmer Report data accessed on June 17, 2022,
https://reports.fca.gov/CRS/search-institution.aspx.
156 Eric Groves, Cash Strapped SMBs, While 75%
Of PPP Is Still Available, Alignable (Feb. 9, 2021),
https://www.alignable.com/forum/alignable-roadto-recovery-report-february-2021.
157 JPMorgan Chase Inst., Place Matters: Small
Business Financial Health in Urban Communities,
at 5 (Sept. 2019), https://www.jpmorganchase.com/
content/dam/jpmc/jpmorgan-chase-and-co/
institute/pdf/institute-place-matters.pdf. See also
Diana Farrell et al., JP Morgan Chase Inst., Small
Business Owner Race, Liquidity, and Survival, at 5
(July 2020), https://www.jpmorganchase.com/
content/dam/jpmc/jpmorgan-chase-and-co/
institute/pdf/institute-small-business-owner-racereport.pdf (finding in a sample of firms founded in
2013 and 2014 that after one year in business whiteowned firms had on average 19 cash buffer days
compared to 14 for Hispanic-owned firms and 12
for Black-owned firms).
158 Spencer Watson et al., LGBTQ-Owned Small
Businesses in 2021, Ctr. for LGBTQ Econ.
Advancement & Rsch. and Movement Advancement
Project, at 8 (July 2022), https://www.lgbtmap.org/
file/LGBTQ-Small-Businesses-in-2021.pdf (using
data from the Federal Reserve’s Small Business
Credit Survey, which began collecting demographic
data on LGBTQ small business ownership in 2021).
159 Sara Savat, Who you know matters, even when
applying for PPP loans, The Source, Newsroom,
Wash. Univ. in St. Louis (Feb. 15, 2021), https://
source.wustl.edu/2021/02/who-you-know-matters-
lotter on DSK11XQN23PROD with RULES2
E. Challenges for Women-Owned,
Minority-Owned, and LGBTQI+-Owned
Small Businesses
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
PO 00000
Frm 00017
Fmt 4701
Sfmt 4700
35165
owned160 and women-owned 161
businesses did not have such
relationships. Minority borrowers with
limited English proficiency may also
have faced difficulties overcoming
language barriers,162 particularly during
the first round of the Paycheck
Protection Program in April 2020 when
application materials had not yet been
translated from English.163 Further,
many minority-owned and womenowned firms are sole proprietorships
and independent contractors, both of
which received delayed access to
Paycheck Protection Program loans.164
even-when-applying-for-ppp-loans/ (previous
lender relationship increased likelihood of
obtaining a Paycheck Protection Program loan by 57
percent). See generally 86 FR 7271, 7280 (Jan. 27,
2021) (noting that many lenders restricted access to
Paycheck Protection Program loans to existing
customers, which may run a risk of violating ECOA
and Regulation B).
160 Claire Kramer Mills, Fed. Rsrv. Bank of N.Y.,
Double Jeopardy: COVID–19’s Concentrated Health
and Wealth Effects in Black Communities, at 6
(Aug. 2020), https://www.newyorkfed.org/
medialibrary/media/smallbusiness/
DoubleJeopardy_
COVID19andBlackOwnedBusinesses (arguing that a
lack of strong banking relationships among Blackowned firms may have led to relatively lower rates
of access to Paycheck Protection Program loans for
such firms); Fed. Rsrv. Banks, Small Business Credit
Survey: 2021 Report on Firms Owned by People of
Color, at ii (Apr. 15, 2021), https://
www.fedsmallbusiness.org/survey/2021/2021report-on-firms-owned-by-people-of-color (Small
Business Credit Survey of Firms Owned by People
of Color) (finding that ‘‘firms owned by people of
color tend to have weaker banking relationships’’).
161 Cf. Mariel Padilla, ‘I feel like I’m drowning’:
Women Business Owners Keep Hitting New Barriers
to Federal Loan Aid, 19th (Apr. 23, 2021), https://
19thnews.org/2021/04/women-small-businessesloan/ (stating that historically higher rates of loan
denials for women of color than for white men
result in less established banking relationships and
thereby reduced access to Federal support
disbursed through banks).
162 See Emily Ryder Perlmeter, Fed. Rsrv. Bank of
Dallas, How PPP Loans Eluded Small Businesses of
Color (Nov. 29, 2021), https://www.dallasfed.org/
cd/communities/2021/1129 (detailing language
barriers among small business owners of color
seeking Paycheck Protection Program loans,
particularly Hispanic and Asian owners who were
not fluent in English).
163 See Press Release, Rep. Judy Chu, House Dems
Urge SBA to Translate Resources into 10 Most
Common Languages (Apr. 9, 2020), https://
chu.house.gov/media-center/press-releases/housedems-urge-sba-translate-resources-10-mostcommon-languages.
164 Greg Iacurci, Coronavirus loan program
delayed for independent contractors and selfemployed workers, CNBC (Apr. 3, 2020), https://
www.cnbc.com/2020/04/03/delays-in-sba-loans-forindependent-contractors-self-employedworkers.html; see also Mariel Padilla, ‘I feel like I’m
drowning’: Women Business Owners Keep Hitting
New Barriers to Federal Loan Aid, 19th (Apr. 23,
2021), https://19thnews.org/2021/04/women-smallbusinesses-loan/ (stating that non-employer
businesses affected by restrictions on sole
proprietor and independent contractor access to
Paycheck Protection Program loans are
disproportionately owned by women and
minorities).
E:\FR\FM\31MYR2.SGM
31MYR2
35166
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
Applicants whose owners belong to
protected categories may have received
different program outcomes when
applying for Paycheck Protection
Program loans, although limitations in
demographic information for Paycheck
Protection Program loans have hindered
fair lending analyses.165 Even for such
firms that did obtaining Paycheck
Protection Program loans, they may
have faced different outcomes with
respect to loan forgiveness.166
As demonstrated by the impact of the
COVID–19 pandemic on small
businesses, small business lending data
are essential to better understand the
small business financing landscape to
maintain and expand support for this
key part of the U.S. economy.
lotter on DSK11XQN23PROD with RULES2
F. The Purposes and Impact of Section
1071
The Dodd-Frank Act sets forth the
Bureau’s purposes and mission. It
provides that a key component of the
Bureau’s fair lending work is to ensure
fair, equitable, and nondiscriminatory
access to credit for both individuals and
their communities.167 And in passing
section 1071, Congress articulated two
purposes for requiring the Bureau to
collect data on small business credit
applications and loans—to ‘‘facilitate
enforcement of fair lending laws’’ and to
‘‘enable communities, governmental
165 Rocio Sanchez-Moyano, Fed. Rsrv. Bank of
S.F., Paycheck Protection Program Lending in the
Twelfth Federal Reserve District (Mar. 3, 2021),
https://www.frbsf.org/community-development/
publications/community-development-researchbriefs/2021/february/ppp-lending-12th-district/
(citing matched-pair audit studies that found
discouragement and provision of incomplete
information for minority business owners seeking
Paycheck Protection Program loans); 86 FR 7271,
7280 (Jan. 27, 2021) (noting that facially neutral
Paycheck Protection Program policies such as
limiting loans to businesses with pre-existing
relationships may run a risk of violating ECOA and
Regulation B due to a disproportionate impact on
a prohibited basis).
166 For example, Black-owned firms applied to
fintechs for Paycheck Protection Program loans at
a high rate and certain fintechs or banks that
partnered with fintechs have also had a high rate
of unforgiven Paycheck Protection Program loans.
See Max Reyes, Bank Behind Fintech’s Rise Reels
in Billions in Pandemic’s Wake, Bloomberg (Aug.
22, 2022), https://www.bloomberg.com/news/
articles/2022-08-21/bank-behind-fintech-s-risereels-in-billions-in-pandemic-s-wake (reporting that,
as of July 2021, the share of unforgiven Paycheck
Protection Program loans at Kabbage, a fintech, and
at Cross River, a bank that partnered with fintechs,
was 34 percent and 16 percent, respectively); Who
Benefited from PPP Loans (showing that Blackowned firms applied to fintechs at higher rates than
other firms).
167 See 12 U.S.C. 5493(c)(2)(A) (directing the
Office of Fair Lending and Equal Opportunity to
provide ‘‘oversight and enforcement of Federal laws
intended to ensure the fair, equitable, and
nondiscriminatory access to credit for both
individuals and communities that are enforced by
the Bureau,’’ including ECOA and the Home
Mortgage Disclosure Act).
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
entities, and creditors to identify
business and community development
needs and opportunities of womenowned, minority-owned, and small
businesses.’’168 Although the DoddFrank Act does not further explain or
clarify these dual statutory purposes,
other Federal laws shed light on both
purposes. That is, a set of existing
Federal laws form the backdrop for the
use of small business lending data
collected and reported pursuant to
section 1071 to facilitate the
enforcement of fair lending laws, and to
identify business and community
development needs and opportunities
across the United States.
1. Facilitating Enforcement of Fair
Lending Laws
Congress intended for section 1071 to
‘‘facilitate enforcement of fair lending
laws,’’169 which include ECOA, the
Home Mortgage Disclosure Act of 1975
(HMDA),170 the Fair Housing Act,171
and other Federal and State antidiscrimination laws.
i. Equal Credit Opportunity Act (ECOA)
ECOA, which is implemented by
Regulation B, applies to all creditors.
Congress first enacted ECOA in 1974 to
require financial institutions and other
firms engaged in the extension of credit
to ‘‘make credit equally available to all
creditworthy customers without regard
to sex or marital status.’’ 172 Two years
later, Congress expanded ECOA’s scope
to include age, race, color, religion,
national origin, receipt of public
assistance benefits, and exercise of
rights under the Federal Consumer
Credit Protection Act.173
ECOA makes it unlawful for any
creditor to discriminate against any
applicant with respect to any aspect of
a credit transaction (1) on the basis of
race, color, religion, national origin, sex
(including sexual orientation, gender
identity, and sex characteristics),174
168 ECOA
section 704B(a).
169 Id.
170 12
U.S.C. 2801 et seq.
U.S.C. 3601 through 3619.
172 Public Law 93–495, tit. V, section 502, 88 Stat.
1500, 1521 (1974).
173 See Equal Credit Opportunity Act
Amendments of 1976, Public Law 94–239, section
701(a), 90 Stat. 251, 251 (1976).
174 In March 2021, the CFPB issued an
interpretive rule clarifying that the scope of ECOA’s
and Regulation B’s prohibition on credit
discrimination on the basis of sex encompasses
discrimination based on sexual orientation and
gender identity, including discrimination based on
actual or perceived nonconformity with sex-based
or gender-based stereotypes and discrimination
based on an applicant’s associations. 86 FR 14363
(Mar. 16, 2021). See also Press Release, CFPB, CFPB
Clarifies That Discrimination by Lenders on the
Basis of Sexual Orientation and Gender Identity Is
171 42
PO 00000
Frm 00018
Fmt 4701
Sfmt 4700
marital status, or age (provided the
applicant has the capacity to contract);
(2) because all or part of the applicant’s
income derives from any public
assistance program; or (3) because the
applicant has in good faith exercised
any right under the Federal Consumer
Credit Protection Act.175
Multiple Federal regulators can
enforce ECOA and Regulation B and
apply various penalties for violations.
The enforcement provisions and
penalties for those who violate ECOA
and Regulation B are set forth in 15
U.S.C. 1691e(b) and 12 CFR 1002.16.
Violations may also result in civil
money penalties, which are governed by
12 U.S.C. 5565(c)(3). The CFPB and
multiple other Federal regulators have
the statutory authority to bring actions
to enforce the requirements of ECOA.176
These regulators have the authority to
engage in research, conduct
investigations, file administrative
complaints, hold hearings, and
adjudicate claims through the
administrative enforcement process
regarding ECOA. Regulators also have
independent litigation authority and can
file cases in Federal court alleging
violations of fair lending laws under
their jurisdiction. Like other Federal
regulators who are assigned
enforcement authority under section
704 of ECOA, the CFPB is required to
refer matters to the Department of
Justice (DOJ) when it has reason to
believe that a creditor has engaged in a
pattern or practice of lending
Illegal (Mar. 9, 2021), https://
www.consumerfinance.gov/about-us/newsroom/
cfpb-clarifies-discrimination-by-lenders-on-basis-ofsexual-orientation-and-gender-identity-is-illegal/.
The interpretive rule states that an example of
discriminatory sex-based or gender-based
stereotyping occurs if a small business lender
discourages a small business owner appearing at its
office from applying for a business loan and tells
the prospective applicant to go home and change
because, in the view of the creditor, the small
business customer’s attire does not accord with the
customer’s gender. 86 FR 14363, 14365 (Mar. 16,
2021). As discussed further in the section-bysection analysis of § 1002.102(k) and (l), regarding
the definitions of LGBTQI+ individual and
LGBTQI+-owned business, respectively, the CFPB
interprets ECOA’s and Regulation B’s prohibitions
on the basis of sex to also include sex
characteristics, including intersex traits.
175 15 U.S.C. 1601 et seq.
176 These regulators include the OCC, the Board,
the FDIC, the NCUA, the Surface Transportation
Board, the Civil Aeronautics Board, the Secretary of
Agriculture, the Farm Credit Administration, the
Securities and Exchange Commission, the SBA, the
Secretary of Transportation, the CFPB, and the FTC.
See 15 U.S.C. 1691c; Regulation B § 1002.16(a).
Motor vehicle dealers are subject to the Board’s
Regulation B (12 CFR part 202); the CFPB’s rules,
including this rule to implement section 1071,
generally do not apply to motor vehicle dealers, as
defined in section 1029(f)(2) of the Dodd-Frank Act,
that are predominantly engaged in the sale and
servicing of motor vehicles, the leasing and
servicing of motor vehicles, or both. 12 U.S.C. 5519.
E:\FR\FM\31MYR2.SGM
31MYR2
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
discrimination.177 Private parties may
also bring claims under the civil
enforcement provisions of ECOA,
including individual and class action
claims against creditors for actual and
punitive damages for any violation of
ECOA.178
ii. Home Mortgage Disclosure Act
(HMDA)
HMDA, implemented by the CFPB’s
Regulation C (12 CFR part 1003),
requires lenders who meet certain
coverage tests to report detailed
information to their Federal supervisory
agencies about mortgage applications
and loans at the transaction level. These
reported data are a valuable resource for
regulators, researchers, economists,
industry, and advocates assessing
housing needs, public investment, and
possible discrimination as well as
studying and analyzing trends in the
mortgage market for a variety of
purposes, including general market and
economic monitoring. There is potential
overlap between what is required to be
reported under HMDA and what is
covered by section 1071 for certain
mortgage applications and loans for
women-owned, minority-owned, and
small businesses.
A violation of HMDA and Regulation
C is subject to administrative sanctions,
including civil money penalties.
Compliance is enforced by the CFPB,
the U.S. Department of Housing and
Urban Development (HUD), the FDIC,
the Board, the National Credit Union
Administration (NCUA), or the Office of
the Comptroller of Currency (OCC).
These regulators have the statutory
authority to bring actions to enforce the
requirements of HMDA and to engage in
research, conduct investigations, file
administrative complaints, hold
hearings, and adjudicate claims through
the administrative enforcement process
regarding HMDA.
iii. Fair Housing Act
Title VIII of the Civil Rights Act of
1968, as amended (Fair Housing Act),
prohibits discrimination in the sale,
rental, or financing of dwellings and in
other housing-related activities because
of race, color, religion, sex (including
sexual orientation and gender
identity),179 disability,180 familial
177 See
15 U.S.C. 1691e(h).
U.S.C. 1691e(a); Regulation B
§ 1002.16(b)(1).
179 See U.S. Dep’t of Hous. & Urban Dev.,
Implementation of Executive Order 13988 on the
Enforcement of the Fair Housing Act (Feb. 11,
2021), https://www.hud.gov/sites/dfiles/PA/
documents/HUD_Memo_EO13988.pdf.
180 The CFPB uses the term ‘‘disability’’ to refer
to what the Fair Housing Act and its implementing
lotter on DSK11XQN23PROD with RULES2
178 15
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
status, or national origin.181 The Fair
Housing Act 182 and its implementing
regulations specifically prohibit
discrimination in the making of
loans,183 the purchasing of loans,184 and
in setting the terms and conditions for
making loans available,185 without
reference to consumers, legal entities, or
the purpose of the loan being made,
although these prohibitions relate
exclusively to dwellings.186
The DOJ and HUD are jointly
responsible for enforcing the Fair
Housing Act. The Fair Housing Act
authorizes the HUD Secretary to issue a
Charge of Discrimination on behalf of
aggrieved persons following an
investigation and a determination that
reasonable cause exists to believe that a
discriminatory housing practice has
occurred.187 The DOJ may bring
lawsuits where there is reason to believe
that a person or entity is engaged in a
‘‘pattern or practice’’ of discrimination
or where a denial of rights to a group of
persons raises an issue of general public
importance,188 or where a housing
discrimination complaint has been
investigated by HUD, HUD has issued a
Charge of Discrimination, and one of the
parties to the case has ‘‘elected’’ to go
to Federal court.189 In Fair Housing Act
cases, HUD and the DOJ can obtain
injunctive relief, including affirmative
requirements for training and policy
changes, monetary damages and, in
pattern or practice cases, civil
penalties.190
Upon receipt of a complaint alleging
facts that may constitute a violation of
the Fair Housing Act or upon receipt of
information from a consumer
compliance examination or other source
suggesting a violation of the Fair
regulations describe as a ‘‘handicap’’ because that
is the preferred term. See, e.g., Hunt v. Aimco
Props., L.P., 814 F.3d 1213, 1218 n.1 (11th Cir.
2016) (noting the term disability is generally
preferred over handicap).
181 42 U.S.C. 3601 through 3619, 3631.
182 42 U.S.C. 3605(b) (noting that for purposes of
3605(a), a ‘‘residential real estate-related
transaction’’ includes the making or purchasing of
loans or providing other financial assistance for
purchasing, constructing, improving, repairing, or
maintaining a dwelling, or transactions secured by
residential real estate).
183 24 CFR 100.120.
184 24 CFR 100.125.
185 24 CFR 100.130.
186 A ‘‘dwelling,’’ as defined by the Fair Housing
Act, is any building, structure, or portion thereof
which is occupied as, or designed or intended for
occupancy as, a residence by one or more families,
and any vacant land which is offered for sale or
lease for the construction or location thereon of any
such building, structure, or portion thereof. 42
U.S.C. 3602(b).
187 42 U.S.C. 3610(g)(1) and (2).
188 See 42 U.S.C. 3614(a).
189 42 U.S.C. 3612(o)(1).
190 See 42 U.S.C. 3612, 3614.
PO 00000
Frm 00019
Fmt 4701
Sfmt 4700
35167
Housing Act, Federal executive agencies
forward such facts or information to
HUD and, where such facts or
information indicate a possible pattern
or practice of discrimination in
violation of the Fair Housing Act, to the
DOJ.191 Private parties may also bring
claims under the civil enforcement
provisions of the Fair Housing Act.192
iv. Other Fair Lending Laws
Several other Federal statutes seek to
promote fair lending. The CRA
affirmatively encourages institutions to
help to meet the credit needs of the
entire community served by each
institution covered by the statute, and
CRA ratings take into account lending
discrimination by those institutions.193
(See part II.F.2.i below for additional
discussion of the CRA.) The Americans
with Disabilities Act of 1990 prohibits
discrimination against persons with
disabilities in the provision of goods
and services, including credit
services.194 Sections 1981 195 and
1982 196 of the Federal Civil Rights Acts
are broad anti-discrimination laws that
have been applied to many aspects of
credit transactions.197
191 59
FR 2939, 2939 (Jan. 17, 1994).
42 U.S.C. 3613.
193 See 12 U.S.C. 2901 et seq.
194 See 42 U.S.C. 12101 et seq.
195 42 U.S.C. 1981(a).
196 42 U.S.C. 1982.
197 See, e.g., Juarez v. Soc. Fin., Inc., No. 20–CV–
03386–HSG, 2021 WL 1375868, at *7 (N.D. Cal.
Apr. 12, 2021) (denying motion to dismiss section
1981 claim and finding that ‘‘the ECOA was not
intended to limit any of the broad protections
afforded by § 1981’’); Perez v. Wells Fargo & Co.,
No. 17–CV–00454–MMC, 2017 WL 3314797, at *3
(N.D. Cal. Aug. 3, 2017) (denying motion to dismiss
for section 1981 claim and rejecting contention that
ECOA superseded section 1981, noting that,
although ECOA was a more specific statute, ECOA
did not conflict with the section 1981 claims
because ‘‘[a] creditor can comply with § 1981 and
the ECOA by not discriminating on the basis of any
of the categories listed in the two statutes’’); Jackson
v. Novastar Mortg., Inc., 645 F. Supp. 2d 636 (W.D.
Tenn. 2007) (motion to dismiss claim that
defendants violated sections 1981 and 1982 by
racial targeting and by offering credit on less
favorable terms on the basis of race denied);
Johnson v. Equicredit Corp., No. 01–CIV–5197, 2002
U.S. Dist. LEXIS 4817 (N.D. Ill. Mar. 22, 2002)
(predatory lending/reverse redlining case brought
pursuant to section 1981); Hargraves v. Cap. City
Mortg. Corp., 140 F. Supp. 2d 7 (D.D.C. 2000)
(predatory lending/reverse redlining case brought
under both sections 1981 and 1982),
reconsideration granted in part, denied in part, 147
F. Supp. 2d 1 (D.D.C. 2001) (section 1981 claim
dismissed for lack of standing, but not section 1982
claim); Doane v. Nat’l Westminster Bank USA, 938
F. Supp. 149 (E.D.N.Y. 1996) (mortgage redlining
case brought under sections 1981 and 1982);
Fairman v. Schaumberg Toyota, Inc., No. 94–CIV–
5745, 1996 U.S. Dist. LEXIS 9669 (N.D. Ill. July 10,
1996) (section 1981 suit over allegedly predatory
credit scheme targeting African Americans and
Hispanics); Steptoe v. Sav. of Am., 800 F. Supp.
1542 (N.D. Ohio 1992) (mortgage redlining case
192 See
E:\FR\FM\31MYR2.SGM
Continued
31MYR2
35168
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
Many States and municipalities have
also enacted fair lending, fair housing,
and/or civil rights laws (often modeled
on their Federal counterparts) that
broadly prohibit credit discrimination,
including protections for business
credit.198
lotter on DSK11XQN23PROD with RULES2
v. Facilitating Enforcement
To achieve the congressionally
mandated purpose of facilitating
enforcement of fair lending laws, the
Bureau must collect and make available
sufficient data to help the public and
regulators identify potentially
discriminatory lending patterns that
could constitute violations of fair
lending laws. Financial regulators and
enforcement agencies need a consistent
and comprehensive dataset for all
financial institutions subject to
reporting in order to also use these data
in their prioritization, peer analysis,
redlining reviews, and screening
processes to select institutions for
monitoring, examination, or
investigation. Data collected pursuant to
section 1071 will facilitate more
efficient fair lending examinations. For
example, regulators will be able to use
pricing and other data to prioritize fair
lending examinations—without such
data, some financial institutions might
face unnecessary examination burden
while others whose practices warrant
closer review may not receive sufficient
scrutiny.
Moreover, as discussed in part V
below, the Bureau believes specific
aspects of the rule offer particular
benefits for the enforcement of fair
brought under sections 1981 and 1982 and the Fair
Housing Act); Evans v. First Fed. Sav. Bank of Ind.,
669 F. Supp. 915 (N.D. Ind. 1987) (section 1982 can
be used in mortgage lending discrimination case);
Assocs. Home Equity Servs. v. Troup, 778 A.2d 529
(N.J. 2001) (predatory lending/reverse redlining
case brought pursuant to section 1981).
198 See, e.g., Cal. Civ. Code 51 and 51.5 and Cal.
Gov’t Code 12955; Colo. Rev. Stat. 24–34–501(3)
and 5–3–210; Conn. Gen. Stat. 46a–81e, 46a–81f,
and 46a–98; Del. Code Ann. tit. 6, 4604; D.C. Code
2–1402.21; Haw. Rev. Stat. 515–3 and 515–5; 775
Ill. Comp. Stat. 5/1–102, 5/1–103, 5/4–102, 5/3–102,
and 5/4–103; Iowa Code 216.8A and 216.10; Me.
Rev. Stat. tit. 5, 4553(5–C) and (9–C), 4595 to 4598,
and 4581 to 4583; Md. Code Ann. State Gov’t 20–
705, 20–707, and 20–1103; Mass. Gen. Laws ch.
151B, 4(3B), (14); Minn. Stat. 363A.03 (Subd. 44),
363A.09(3), 363A.16 (Subds. 1 and 3), and 363A.17;
N.H. Rev. Stat. Ann. 354–A:10; N.J. Stat. Ann. 10:5–
12(i); N.M. Stat. Ann. 28–1–7; N.Y. Civ. Rights Law
40–c(2); N.Y. Exec. Law 296–A; Or. Rev. Stat.
174.100(7) and 659A.421; R.I. Gen. Laws 34–37–4(a)
through (c), 34–37–4.3, and 34–37–5.4; Va. Code
Ann. 6.2–501(B)(1), 15.2–853, and 15.2–965; Vt.
Stat. Ann. tit. 8, 10403 and tit. 9, 2362, 2410, and
4503(a)(6); Wash. Rev. Code 49.60.030, 49.60.040
(14), (26), and (27), 49.60.175, and 49.60.222; Wis.
Stat. 106.50 and 224.77. There are also a number
of municipalities that have enacted credit
discrimination ordinances. See, e.g., Austin City
Code 5–1–1 et seq.; N.Y.C. Admin. Code 8–101 and
8–107 et seq.; S.F. Police Code 3304(a) et seq.
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
lending laws. For example, the
inclusion of pricing data such as interest
rate and fees will provide information
on disparities in pricing outcomes, and
data such as gross annual revenue,
denial reasons, and time in business
will enable a more refined analysis and
understanding of disparities in both
underwriting and pricing outcomes.
While these data alone generally will
not establish compliance with fair
lending laws, regulators, community
groups, researchers, and financial
institutions will be able to use the data
to identify potential disparities in small
business lending based on disaggregated
categories of race and ethnicity. Overall,
the data collected and reported under
the rule will allow, for the first time, for
comprehensive and market-wide fair
lending risk analysis that enables a
better understanding of disparities in
both underwriting and pricing
outcomes.
2. Identifying Business and Community
Development Needs and Opportunities
The second congressionally mandated
purpose of section 1071 is to enable
communities, governmental entities,
and creditors to identify business and
community development needs and
opportunities of women-owned,
minority-owned, and small
businesses.199 While section 1071 does
not expressly define the phrase
‘‘business and community development
needs,’’ other Federal statutes and
regulations, including the CRA and the
Riegle Community Development and
Regulatory Improvement Act of 1994,200
reference or define the phrases
‘‘business development’’ and
‘‘community development’’ and can
help explain what it means to enable
communities, governmental entities,
and creditors to ‘‘identify business and
community development needs and
opportunities.’’
The Bureau believes, based on its
consideration of these other Federal
statutes and regulations, that its rule
implementing section 1071 will provide
more data to the public—including
communities, governmental entities,
and creditors—for analyzing whether
financial institutions are serving the
credit needs of their small business
customers. In addition, with data
provided under this rule, the public will
be better able to understand access to
and sources of credit in particular
communities or industries, such as a
higher concentration of risky loan
199 ECOA
section 704B(a).
Law 103–325, tit. I, section 102, 108
Stat. 2160, 2163 (1994) (12 U.S.C. 4701 through
4719).
200 Public
PO 00000
Frm 00020
Fmt 4701
Sfmt 4700
products in a given community, and to
identify the emergence of new loan
products, participants, or underwriting
practices. The data will not only assist
in identifying potentially discriminatory
practices, but will contribute to a better
understanding of the experiences that
members within certain communities
may share in the small business
financing market.
Increased transparency about
application and lending practices across
different communities will improve
credit outcomes, and thus community
and business development. Lenders will
be able to better understand small
business lending market conditions and
determine how best to provide credit to
borrowers, where currently they cannot
conduct very granular or comprehensive
analyses because the data on small
business lending are limited. As
reduced uncertainty helps lenders to
identify potentially profitable
opportunities to extend responsible and
affordable credit, small businesses stand
to benefit from increased credit
availability. Transparency will also
allow small business owners to more
easily compare credit terms and
evaluate credit alternatives; without
these data, small business owners are
limited in their ability to shop for the
credit product that best suits their needs
at the best price.
i. Community Reinvestment Act (CRA)
The CRA, a part of the Housing and
Community Development Act, was
passed by Congress in 1977, which
found that ‘‘regulated financial
institutions have continuing and
affirmative obligation to help meet the
credit needs of the local communities in
which they are chartered.’’ 201 As such,
one of the statutory purposes of the CRA
is to encourage such institutions to help
meet the credit needs of the local
communities in which they are
chartered consistent with the safe and
sound operation of such institutions.202
The legislative history for the CRA
suggests that the concerns motivating its
passage included certain practices by
banks including redlining (i.e.,
declining to extend credit in
neighborhoods populated by ethnic or
racial minorities) 203 and community
disinvestment (i.e., taking deposits from
lower-income areas, often populated by
ethnic or racial minorities, without
201 12
U.S.C. 2901(a)(3).
U.S.C. 2901(b).
203 See H.R. Rep. No. 561, 94th Cong., 1st Sess.
4 (1975) (‘‘[The practice of redlining] increasingly
has served to polarize elements of our society . . . .
As polarization intensifies, neighborhood decline
accelerates.’’), reprinted in 1975 U.S.C.C.A.N. 2303,
2305–06.
202 12
E:\FR\FM\31MYR2.SGM
31MYR2
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
lotter on DSK11XQN23PROD with RULES2
extending credit or banking services to
residents of those areas).204 The CRA
requires the ‘‘appropriate Federal
financial supervisory agency’’ of a given
depository institution to ‘‘prepare a
written evaluation of the institution’s
record of meeting the credit needs of its
entire community, including low- and
moderate-income neighborhoods.’’ 205
These requirements were first
implemented by a 1978 rulemaking,206
and were amended in 1995 207 and
2005.208 These rulemakings, adopted by
each of the agencies responsible for
ensuring compliance with the CRA,
established specific performance
measures,209 requiring banks to disclose
information about their efforts to meet
community credit needs via small
business, small farm, and community
development lending.210
The agencies tasked with ensuring
compliance—including the OCC,211 the
Board,212 and the FDIC 213—evaluate
each insured depository institution’s
record in helping meet the credit needs
of its entire community.214 Overall, the
CRA and its regulations generate data
that help agencies and the public at
large identify instances of redlining,
community disinvestment, and
geographical areas that are ‘‘banking
deserts.’’ 215 The CRA regulations of the
Board and the FDIC currently have the
same definitions of ‘‘community
development’’ that include banking and
204 Robert C. Art, Social Responsibility in Bank
Credit Decisions: The Community Reinvestment Act
One Decade Later, 18 Pac. L.J. 1071, 1076–77 & n.23
(1987) (citing 123 Cong. Rec. S8958 (daily ed. June
6, 1977), which stated that Sen. Proxmire, the
congressional sponsor of the Act described
redlining as ‘‘the fact that banks and savings and
loans will take their deposits from a community
and instead of reinvesting them in that community,
they will invest them elsewhere, and they will
actually or figuratively draw a red line on a map
around the areas of their city,’’ further noting that
those lines are drawn ‘‘sometimes in the inner city,
sometimes in the older neighborhoods, sometimes
ethnic and sometimes black . . . .’’).
205 12 U.S.C. 2906(a)(1).
206 43 FR 47144 (Oct. 12, 1978).
207 60 FR 22156 (May 4, 1995).
208 70 FR 44256 (Aug. 2, 2005).
209 12 CFR 228.11.
210 See, e.g., 12 CFR 25.42, 228.11.
211 12 CFR part 25.
212 12 CFR part 228.
213 12 CFR parts 345, 195.
214 Most specifically, that record is taken into
account in considering an institution’s application
for deposit facilities, including mergers and
acquisitions with other financial institutions and
the opening of bank branches.
215 OCC regulations define ‘‘CRA desert’’ as an
area that has ‘‘significant unmet community
development or retail lending needs’’ and where:
(1) Few banks have branches or non-branch deposittaking facilities, (2) There is ‘‘less retail or
community development lending than would be
expected based on demographic or other factors,’’
or (3) The area ‘‘lacks community development
organizations or infrastructure.’’ 12 CFR 25.03.
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
credit services that support the
following: (1) affordable housing for
low- and moderate-income
individuals; 216 (2) community services
for low- and moderate-income
individuals; 217 (3) activities that
promote economic development by
financing small business and small
farms; 218 and (4) activities that
revitalize or stabilize low- and
moderate-income geographies, disaster
areas, and certain distressed or
underserved middle-income areas based
on other factors.219
In May 2022, the Board, FDIC and
OCC issued an interagency notice of
proposed rulemaking for amendments to
update and expand the existing CRA
regulations (2022 CRA NPRM).220 In the
2022 CRA NPRM, these three agencies
proposed a number of revisions to the
agencies’ CRA rules, including a
number of key changes relating to how
the agencies defined community
development and how the agencies
intended to measure the community
development activity of depository
institutions.221
In the 2022 CRA NPRM, the agencies
recognized the value of data to be
collected under the Bureau’s small
business lending rule for assessing
efforts at addressing community small
business and small farm credit needs,
proposing to incorporate aspects of the
Bureau’s rule into their CRA rules. First,
the agencies proposed to define the
terms ‘‘small business’’ and ‘‘small
farm’’ consistent with the Bureau’s
proposal under section 1071, i.e., as
those having gross annual revenues of
$5 million or less in the preceding fiscal
year.222
Further, the 2022 CRA NPRM
proposed to eliminate the current CRA
small business and small farm data
collection and reporting
requirements,223 to be replaced in the
long term by the Bureau’s small
business lending data collection and
reporting requirements.224 The agencies
noted that this proposed approach is
responsive to various stakeholders’
requests that the agencies coordinate the
small business and small farm
definitions across the CRA and section
216 12
CFR 228.12(g)(1), 345.12(g)(1).
CFR 228.12(g)(2), 345.12(g)(2).
218 12 CFR 228.12(g)(3), 345.12(g)(3).
219 12 CFR 228.12(g)(4), 345.12(g)(4).
220 Bd. of Governors of the Fed. Rsrv. Sys.; Fed.
Deposit Ins. Corp.; and Off. of the Comptroller of
the Currency, Treasury, Community Reinvestment
Act, Joint Proposed Rule, 87 FR 33884 (June 3,
2022).
221 87 FR 33884, 33885 (June 3, 2022).
222 Id. at 33890.
223 Id. at 33930.
224 Id. at 33997.
217 12
PO 00000
Frm 00021
Fmt 4701
Sfmt 4700
35169
1071 rulemakings. The agencies also
observed that their proposal would
reduce burden related to data collection
and reporting, particularly if institutions
could submit data for CRA purposes
under the format of the Bureau’s small
business lending rule.225 Data collected
pursuant to section 1071 would be used
to measure individual bank performance
in CRA assessments, and to establish the
agencies’ benchmarks against which
bank CRA performance would be
measured for purposes of the small farm
and small business portions of the retail
lending tests.226
Finally, the agencies proposed that if
both the CRA and section 1071
rulemakings were finalized, the agencies
would make the compliance date for the
CRA amendments that hinge upon the
Bureau’s section 1071 rulemaking
similar to the compliance date for the
Bureau’s final rule.227
ii. Community Development Financial
Institution Fund (CDFI Fund)
The Riegle Community Development
and Regulatory Improvement Act of
1994 authorized the CDFI Fund.228 In
passing that statute, Congress found that
many of the Nation’s urban, rural, and
Native American communities face
‘‘critical social and economic problems
arising in part from the lack of economic
growth, people living in poverty, and
the lack of employment and other
opportunities.’’ 229
To address these problems, Congress
created the CDFI Fund to ‘‘promote
economic revitalization and community
development’’ through investment in
and assistance to CDFIs, including
enhancing the liquidity of CDFIs.230
The concept of community
development is central to the operation
of the CDFI Fund. While CDFI Fund
regulations do not directly define that
term, any entity applying for CDFI
certification must have ‘‘promoting
community development’’ as its
‘‘primary mission.’’ 231 In making this
determination, the CDFI Fund considers
whether the activities of the entity are
purposefully directed toward improving
the social and/or economic conditions
of underserved people, which may
include low-income persons or persons
who lack adequate access to capital and
financial services and residents of
225 Id.
at 33928
at 33941.
227 Id. at 33930.
228 12 U.S.C. 4701(b).
229 12 U.S.C. 4701(a)(1).
230 12 U.S.C. 4701(b).
231 12 CFR 1805.201(b)(1).
226 Id.
E:\FR\FM\31MYR2.SGM
31MYR2
35170
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
economically distressed
communities.232
The CDFI Fund collects data from the
recipients of its financial and technical
assistance, shedding some light on the
extent of community development in
the areas where CDFIs operate.233 The
CDFI Fund also publishes the data it
receives with appropriate redactions to
protect privacy interests.234 However,
given that CDFIs comprise a relatively
small share of the overall small business
lending market, 1071 data will
materially enhance understanding of the
broader extent of community
development outside of areas where
CDFIs already operate. These data will
also likely augment the data the CDFI
Fund already receives.
In May 2020, the CDFI Fund issued a
request for comment on several aspects
of its CDFI program, including proposed
changes to the application for
certification, as well as proposed
changes to the data collection and
reporting processes of the CDFI Fund.
The RFI proposed a number of other
revisions to the data collection and
reporting regime in May 2020, including
the automation of key elements of
existing reporting and improvements to
data quality.235
In October and November 2022, the
CDFI Fund announced that based on
public comments, it had revised its
proposed changes to the application for
certification, and data collection and
reporting requirements, subject to
another round of public comment prior
to the anticipated implementation of
changes in April 2023.236 The CDFI
Fund released a preview of changes to
the application requirements.237 One
change to the Primary Mission portion
of the application, which asks whether
an applicant is focused on the mission
of community development, would be
the addition of bright-line questions
related to an organization’s lending and
financing practices.238 Specifically, an
lotter on DSK11XQN23PROD with RULES2
232 Id.
233 12 CFR 1805.803(e) (requiring recipients of
technical and financial assistance to provide to the
CDFI Fund certain information and
documentation).
234 12 CFR 1805.803(e)(4).
235 CDFI Fund, Annual Certification and Data
Collection Report Changes (2020), https://
www.cdfifund.gov/sites/cdfi/files/documents/
annual-certification-report-2020-final.pdf.
236 The CDFI Fund released a preview of the final
certification application, pending OMB approval.
CDFI Fund, CDFI Certification Application Preview
(Oct. 2022), https://www.cdfifund.gov/sites/cdfi/
files/2022-10/CDFI_Certification_Application_
Preview_Final_10322.pdf.
237 CDFI Fund, CDFI Fund Advance Look:
Preview the Revisions to the New CDFI Certification
Application (Oct. 4, 2022), https://
www.cdfifund.gov/news/487.
238 CDFI Fund, Community Development
Financial Institution Certification Application:
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
applicant can be disqualified from CDFI
certification if financial products or
practices it offers are harmful to lowincome and underserved
communities.239 The bright-line
questions the new certification
application would ask include whether,
amongst other things, applicants
consider a small business borrower’s
ability to repay a loan on its terms,240
whether they have accommodative or
concessionary policies or programs for
struggling borrowers, and whether loans
priced above 36 percent APR meet
certain safety and consumer protection
standards.
In October 2022, the CDFI Fund also
published revisions to the Target Market
requirements of the application for CDFI
certification.241 Currently, an applicant
must demonstrate that it serves at least
one eligible Target Market (either an
Investment Area or a Targeted
Population). The revisions, if finalized,
would eliminate the geographical
boundaries and mapping requirements
for most Target Markets, replacing these
requirements with customized
investment areas. In late October 2022,
the CDFI Fund published a proposed
list of pre-approved methodologies to
identify target markets.242 These
methodologies include determining
whether most recipients of a CDFI
applicant’s funds—whether individuals,
for-profit entities, or non-profit
entities—are members of certain
demographic groups (African American,
Hispanic, Native American, Native
Hawaiian, Native Alaskan, Other Pacific
Islanders, people with disabilities,
certified CDFIs, low-income targeted
populations).243 These data are
collected using a variety of overlapping
methods specific to each demographic
status, including self-reporting,244 inperson or photo-identification-based
visual observation,245 surname
Overview of Final Revisions and Modifications (Oct.
5, 2022), https://www.cdfifund.gov/sites/cdfi/files/
2022-10/CDFI_Certification_Application_Overview_
FINAL.pdf.
239 Id. at 23–31.
240 Id. at 27.
241 CDFIs must service either certain investment
areas or targeted populations.
242 CDFI Fund, CDFI Target Market Assessment
Methodologies, Notice and Request for Comment.
87 FR 63852 (Oct. 20, 2022). Comments were due
by December 19, 2022. The notice refers to a
separate document with the target market
methodologies. CDFI Fund, Proposed Pre-Approved
Target Market Assessment Methodologies (Oct. 19,
2022), https://www.cdfifund.gov/sites/cdfi/files/
2022-10/Proposed_PreApproved_TM_Assessment_
Methodologies_FINAL.pdf.
243 Id.
244 See, e.g., id. at 1 (African American), 3
(Hispanic), 10 (non-Hawaiian Pacific Islander), 12
(disability status).
245 See, e.g., id. at 1 (African American), 3
(Hispanic), 12 (disability status).
PO 00000
Frm 00022
Fmt 4701
Sfmt 4700
analysis,246 government-issued or
Tribal-issued identification to
demonstrate affiliation,247 and/or
income and residence or business
location.248
The most recently published
amendments to the application
requirements remain under
consideration by the CDFI Fund.249
3. Impact of Small Business Lending
Data Under Section 1071
The Bureau’s implementation of
section 1071 will provide on an annual
basis application-level data on small
business credit, including certain
protected demographic information.
This will include information on
applications for credit that are
originated, as well as those that are
denied, withdrawn, incomplete, or
approved by the financial institution but
not accepted by the applicant. This
information will enable stakeholders of
all kinds in the small business lending
market to gain insight into trends in
small business lending. It will also
provide insight into the interaction of
supply and demand for small business
credit over time.
In terms of facilitating fair lending
enforcement, interested government
agencies and other stakeholders will be
able to use data collected and reported
under this final rule to identify possible
fair lending risks using statistical
methods.
Regarding the identification of
business and community development
needs, small business lending data
collected and reported under this final
rule will help government entities and
246 See, e.g., id. at 3 (Hispanic); see also List of
Hispanic Surnames for OTP-Hispanic PreApproved Assessment Methodology, https://
www.cdfifund.gov/sites/cdfi/files/2022-10/OTP_
Hisp_HispanicSurnameList_2010Census.xlsx (list of
qualifying Hispanic surnames).
247 See, e.g., CDFI Fund, Proposed Pre-Approved
Target Market Assessment Methodologies, at 1 (Oct.
19, 2022), https://www.cdfifund.gov/sites/cdfi/files/
2022-10/Proposed_PreApproved_TM_Assessment_
Methodologies_FINAL.pdf (reporting for African
American recipients of funds).
248 Id. at 14 (low-income individuals or entities).
249 The CDFI Fund paused acceptance of new
applications for CDFI certification in October 2022
and will reopen for new applications once the
revisions to the application for certification and the
transaction-level data collection and reporting
regimes are finalized. While initially anticipating
that it would finalize changes to the application
process in April 2023 after receiving public
comments, the CDFI Fund issued a statement in
January 2023 that it had received a robust response
to the request for comments on the revised
application and reporting tools, and that
consideration of these comments, while not
requiring a lengthy delay, would require
postponement of the new application and
associated reporting tools beyond April 2023. CDFI
Fund, An Update on the CDFI Fund’s Certification
Application Review Process (Jan. 24, 2023), https://
www.cdfifund.gov/news/501.
E:\FR\FM\31MYR2.SGM
31MYR2
lotter on DSK11XQN23PROD with RULES2
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
public and private lenders identify and
target sub-segments of the market that
remain underserved, facilitating
entrepreneurship and business
development in those communities. By
reducing uncertainty about the
conditions of the small business lending
market, data collected under the final
rule can help creditors identify
potentially profitable opportunities to
extend responsible and affordable
credit, potentially increasing credit
availability to small businesses.
Increased transparency, in turn, will
also help small business borrowers to
understand what credit is available and
on what terms, thereby improving their
ability to access the credit they need
and further serving community and
business development goals.
The Bureau believes that small
business lending data will come to play
an important role for the small business
lending market, as HMDA data have
done for the mortgage market. HMDA
data have provided lenders, community
groups, and others the tools to identify
and address fair lending risks and
strengthen fair lending oversight and
enforcement. In a similar way, these
data will allow diverse stakeholders to
analyze lending patterns that are
potentially discriminatory. By
identifying and addressing
discriminatory small business lending
practices, the Bureau will help to ensure
fair, equitable, and nondiscriminatory
access to credit for both individuals and
their communities.250
HMDA data have also proven effective
in creating transparency in the mortgage
market that improves the understanding
of credit needs, where they may remain
unmet, and the relationship between
mortgage lending and community
development. The Bureau believes that
small business lending data collected
and reported under this final rule will
provide the Bureau and other
stakeholders with critical insights into
the small business lending market. The
COVID–19 pandemic has shown that
transparency is essential at a time of
crisis, when small businesses may be in
urgent need of credit in order to recover
from economic shocks.
The advancement of both statutory
purposes of section 1071—facilitating
fair lending enforcement and identifying
business and community development
needs—in turn will support small
businesses across all sectors of the
economy, which are fundamental to the
economic health of the U.S. and which
have been hard hit by recent economic
and financial crises. Given the critical
importance of small businesses to
250 See
12 U.S.C. 5493(c)(2)(A).
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
economic growth and wealth creation,
that will also help the economy as a
whole.
III. Summary of the Rulemaking
Process
In the years leading up to the release
of the CFPB’s NPRM to implement
section 1071 of the Dodd-Frank Act, the
CFPB held over 100 outreach meetings
regarding the rulemaking with financial
institutions, trade associations,
community groups, researchers,
governmental entities, and other
stakeholders. The CFPB also took a
number of other steps, beyond
individual stakeholder meetings, to
solicit feedback more broadly from the
public on a rule to implement section
1071. Most recently, the CFPB received
public comments on its NPRM. Each of
these efforts are discussed in turn
below.
A. Pre-Proposal Outreach and
Engagement
Request for information, field hearing,
and white paper on small business
lending. On May 10, 2017, the CFPB
published a request for information
regarding the small business lending
market 251 in which it sought public
comment to understand more about the
products that are offered to small
businesses, the financial institutions
that offer such credit, the small business
lending data that currently are used and
may be maintained by financial
institutions, the potential complexity
and cost of small business data
collection and reporting, and privacy
concerns related to the disclosure
purposes of section 1071.252 On the
same date, the CFPB held a field hearing
regarding section 1071 at which the
request for information was announced
and then-Director Richard Cordray
noted the importance of a section 1071
rulemaking given the absence of
systematic data on how small
businesses are faring and whether or
how much they are being held back by
financing constraints.253 Finally, at the
same time, the CFPB also published its
251 82
FR 22318 (May 15, 2017).
response to the request for information, the
CFPB received over 2,000 comments in total, and
over 100 unique comments offering detailed
substantive responses on the topics raised in the
request for information. These comments from the
public helped to inform the CFPB’s approach in its
SBREFA Outline. See CFPB, Request for
Information Regarding the Small Business Lending
Market, Docket ID CFPB–2017–0011, https://
www.regulations.gov/docket/CFPB-2017-0011.
253 See CFPB, Prepared Remarks of CFPB Director
Richard Cordray at the Small Business Lending
Field Hearing (May 10, 2017), https://
www.consumerfinance.gov/about-us/newsroom/
prepared-remarks-cfpb-director-richard-cordraysmall-business-lending-field-hearing/.
252 In
PO 00000
Frm 00023
Fmt 4701
Sfmt 4700
35171
White Paper on small business
lending,254 which reflected the initial
findings of its research providing a
preliminary understanding of the small
business lending environment, with a
particular emphasis on lending to
women-owned and minority-owned
small businesses.
1071 symposium. In November 2019,
the CFPB held a symposium on section
1071 to assist it in its policy
development process and to receive
feedback from experts, including
academic, think tank, consumer
advocate, industry, and government
experts in the small business lending
arena.255 The symposium had two
panels. The first panel focused on the
evolution in the small business lending
marketplace. The second panel included
a discussion surrounding the
implementation of section 1071,
including issues raised in response to
the CFPB’s request for information.
Small Business Advisory Review
Panel. Under the Small Business
Regulatory Enforcement Fairness Act of
1996 (SBREFA),256 which amended the
Regulatory Flexibility Act (RFA), the
CFPB must convene and chair a Small
Business Advisory Review Panel (Panel)
if it is considering a proposed rule that
could have a significant economic
impact on a substantial number of small
entities.257 The Panel considers the
impact of the proposals under
consideration by the CFPB and obtains
feedback from representatives of the
small entities that would likely be
subject to the rule. The Panel is
comprised of a representative from the
CFPB, the Chief Counsel for Advocacy
of the Small Business Administration
(SBA), and a representative from the
Office of Information and Regulatory
Affairs (OIRA) in the Office of
Management and Budget (OMB).
Representatives from 20 small
businesses were selected as small entity
representatives for this SBREFA
process. These individuals represented
small businesses that are financial
institutions—including community
banks, credit unions, community
development financial institutions
(CDFIs), financial technology firms, and
commercial finance companies—that
254 CFPB, Key dimensions of the small business
lending landscape (May 2017), https://
files.consumerfinance.gov/f/documents/201705_
cfpb_Key-Dimensions-Small-Business-LendingLandscape.pdf (White Paper).
255 CFPB, Symposium: Section 1071 of the DoddFrank Act (held Nov. 6, 2019), https://
www.consumerfinance.gov/about-us/events/
archive-past-events/cfpb-symposium-section-1071dodd-frank-act/.
256 Public Law 104–121, 110 Stat. 857 (1996).
257 5 U.S.C. 609(b).
E:\FR\FM\31MYR2.SGM
31MYR2
35172
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
lotter on DSK11XQN23PROD with RULES2
would likely be directly affected by a
rule implementing section 1071.
On September 15, 2020, the CFPB
issued its Outline of Proposals under
Consideration and Alternatives
Considered (SBREFA Outline) for its
rulemaking pursuant to section 1071, a
detailed document that discusses (1) the
relevant law, (2) the regulatory process,
(3) the rule proposals the CFPB was
considering, and (4) an economic
analysis of the potential impacts of
those proposals on directly affected
small entities.258
The CFPB convened the Panel for this
proposed rule on October 15, 2020 and
held a total of four meetings with small
entity representatives during October
19–22, 2020, conducted online via video
conference (Panel Outreach Meetings).
In preparation for the Panel Outreach
Meetings and to facilitate an informed
and detailed discussion of the proposals
under consideration, discussion
questions for the small entity
representatives were included
throughout the SBREFA Outline.259
In advance of the Panel Outreach
Meetings, the CFPB, SBA Office of
Advocacy, and OIRA held a series of
video conferences with the small entity
representatives to describe the Small
Business Review Process, obtain
important background information
about each small entity representative’s
current business practices, and begin
discussions on selected portions of the
proposals under consideration.
All 20 small entity representatives
participated in the Panel Outreach
Meetings. Representatives from the
CFPB, SBA Office of Advocacy, and
OIRA provided introductory remarks.
The meetings were then organized
around discussions led by the CFPB
about each aspect of the proposals
under consideration and the potential
impact on small businesses. The CFPB
258 CFPB, Small Business Advisory Review Panel
for Consumer Financial Protection Bureau Small
Business Lending Data Collection Rulemaking,
Outline of Proposals Under Consideration and
Alternatives Considered (Sept. 15, 2020), https://
files.consumerfinance.gov/f/documents/cfpb_1071sbrefa_outline-of-proposals-under-consideration_
2020-09.pdf (SBREFA Outline). See also CFPB,
Consumer Financial Protection Bureau Releases
Outline of Proposals Under Consideration to
Implement Small Business Lending Data Collection
Requirements (Sept. 15, 2020), https://
www.consumerfinance.gov/about-us/newsroom/
cfpb-releases-outline-proposals-implement-smallbusiness-lending-data-collection-requirements/.
259 These questions also appeared in a shorter
Discussion Guide for Small Entity Representatives.
See CFPB, Small Business Advisory Review Panel
for Consumer Financial Protection Bureau Small
Business Lending Data Collection Rulemaking,
Discussion Guide for Small Entity Representatives
(Sept. 15, 2020), https://files.consumerfinance.gov/
f/documents/cfpb_1071-sbrefa_discussion-guide_
2020-09.pdf.
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
also invited small entity representatives
to submit written feedback by November
9, 2020; most did so.
On December 15, 2020, the CFPB
released the Final Report of the Small
Business Review Panel on the CFPB’s
Proposals Under Consideration for the
Small Business Lending Data Collection
Rulemaking (SBREFA Panel Report).260
This report includes a summary of the
feedback received from small entity
representatives during the panel process
(including oral feedback received during
the pre-Panel video conferences and
Panel Outreach Meetings, as well as
timely submitted written feedback) and
findings and recommendations made by
the Panel.261 As required by the RFA,
the CFPB considered the Panel’s
findings in its initial regulatory
flexibility analysis, as set out in part VIII
of the NPRM.
The CFPB also invited other
stakeholders to submit feedback on the
SBREFA Outline by December 14, 2020.
The CFPB received approximately 60
submissions from a variety of other
stakeholders, including financial
institutions, trade associations,
community groups, a think tank, and a
government agency.262
The CFPB considered the feedback it
received from small entity
representatives, the findings and
recommendations of the Panel, and the
feedback from other stakeholders in
preparing the NPRM. The feedback,
findings, and recommendations were
summarized throughout the NPRM
where relevant.
One-Time Cost Survey. On July 22,
2020, the CFPB released a voluntary
survey to measure the one-time costs of
compliance with an eventual small
260 CFPB, Final Report of the Small Business
Review Panel on the CFPB’s Proposals Under
Consideration for the Small Business Lending Data
Collection Rulemaking (Dec. 14, 2020), https://
files.consumerfinance.gov/f/documents/cfpb_1071sbrefa-report.pdf (SBREFA Panel Report). See also
CFPB, Consumer Financial Protection Bureau
Releases Report on Implementing the Dodd-Frank
Act’s Small Business Lending Data Collection
Requirement (Dec. 15, 2020), https://
www.consumerfinance.gov/about-us/newsroom/
consumer-financial-protection-bureau-releasesreport-on-implementing-the-dodd-frank-acts-smallbusiness-lending-data-collection-requirement/. The
CFPB’s SBREFA Outline and related materials, as
well as the CFPB’s presentation slides framing the
discussion during the Panel Outreach Meetings, are
appended to the SBREFA Panel Report. See
SBREFA Panel Report at app. C through F.
261 The written feedback from small entity
representatives is appended to the SBREFA Panel
Report. See id. at app. A.
262 Feedback received from these stakeholders on
the SBREFA Outline is available on the public
docket for the NPRM. See https://
www.regulations.gov/docket/CFPB-2021-0015/
document?documentTypes=Supporting%20%26
%20Related%20Material.
PO 00000
Frm 00024
Fmt 4701
Sfmt 4700
business lending data collection rule.263
The objective of the survey was to
solicit, from institutions offering small
business credit products that could
potentially be covered by this rule,
information about potential one-time
costs to prepare to collect and report
data. The deadline for responses was
October 16, 2020. The CFPB received
responses from 105 financial
institutions.264 The results of the survey
inform the CFPB’s analyses of the
potential impacts of the rule as set out
in parts IX and X below.
ECOA request for information. On
July 28, 2020, the CFPB issued a request
for information to seek public input on
ECOA and Regulation B.265 In this
request for information, the CFPB
sought public comment on a number of
topics, including small business lending
and the ways that the CFPB, in light of
its authority under ECOA and
Regulation B, might support efforts to
meet the credit needs of small
businesses, particularly those that are
minority-owned and women-owned.266
B. Ongoing Outreach and Engagement
Ongoing outreach. The CFPB
conducts outreach to industry and other
stakeholders to understand their
experiences with the small business
finance market, economic conditions,
and the collection and reporting of data
regarding that market. A particular nearterm priority in the CFPB’s recent
outreach has been the impacts of the
pandemic and the effectiveness of the
Federal government’s response.
Findings from outreach activities inform
the CFPB on matters affecting the small
business sector.
Technical outreach. In the months
before the publication of the NPRM, the
CFPB began conducting technical
outreach with third-party software
providers that serve financial
institutions and software and
technology staff from financial
institutions that are likely to have to
report small business lending data to the
CFPB. With these software vendors and
technical staff, the CFPB has held and,
after publication of this final rule, will
continue to hold discussions concerning
263 CFPB, Survey: Small Business Compliance
Cost Survey (July 22, 2020), https://files.consumer
finance.gov/f/documents/cfpb_1071-survey_202010.pdf.
264 See part VI below for additional details
regarding this survey.
265 CFPB, Consumer Financial Protection Bureau
Requests Information on Ways to Prevent Credit
Discrimination and Build a More Inclusive
Financial System (July 28, 2020), https://
www.consumerfinance.gov/about-us/newsroom/
cfpb-rfi-prevent-credit-discrimination-build-moreinclusive-financial-system/.
266 85 FR 46600, 46602 (Aug. 3, 2020).
E:\FR\FM\31MYR2.SGM
31MYR2
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
lotter on DSK11XQN23PROD with RULES2
the technical systems and procedures
the CFPB will provide for financial
institutions to submit their data. The
CFPB intends to understand the
technology solutions currently provided
by vendors to support the small
business lending activities of financial
institutions, as well as their experience
in providing financial institutions with
technical support for previous data
collection regulations. The CFPB
believes this information will be helpful
in informing the CFPB in its design and
implementation of a platform for intake
and processing of data to help the
platform integrate, to the extent
possible, with existing systems and data
collection procedures. These
discussions also serve to raise
awareness of technology providers as to
their potential future role in supporting
the rule as well as the lead time that
may be necessary for some or all
affected financial institutions to come
into compliance with the requirements
of this final rule. This outreach process
is ongoing and will continue after the
publication of this final rule.
Sample data collection form usability
testing. After the NPRM was released,
the CFPB, after the appropriate notice in
the Federal Register, and a 30-day
comment period, sought and received
OMB approval to conduct several
rounds of message and user testing
research related to the sample form.267
The CFPB conducted qualitative
research to learn about the experience of
filling out the sample data collection
form and to explore design options. The
CFPB engaged a vendor to conduct
interviews with small business
stakeholders and listening sessions with
small business owners to test different
versions of the introductory language on
the sample data collection form. The
CFPB also conducted qualitative user
interviews with small business owners
to test their reactions to different
versions of the sample data collection
form. In addition to comments received
in response to the CFPB’s proposed
sample data collection form as part of
the NPRM, the feedback gathered as part
of these testing efforts was also
considered by the CFPB in finalizing the
sample data collection form issued with
this final rule. The CFPB is releasing a
report, simultaneously with the
issuance of this final rule, summarizing
the findings from all three rounds of
qualitative research testing.268
267 87
FR 37504 (June 23, 2022).
User testing for sample data collection
form for the small business lending final rule (Mar.
2023), https://www.consumerfinance.gov/dataresearch/research-reports/user-testing-for-sampledata-collection-form-for-the-small-businesslending-final-rule/.
268 CFPB,
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
C. Notice of Proposed Rulemaking
On September 1, 2021, the CFPB
issued its proposal to implement section
1071. The NPRM was published in the
Federal Register on October 8, 2021,269
and the public comment period closed
on January 6, 2022.270 The CFPB
received approximately 2,100 comments
on the proposal during the comment
period.271 Approximately 650 of these
comments were unique, detailed
comment letters representing diverse
interests. These commenters included
lenders such as banks and credit unions,
CDFIs, community development
companies, Farm Credit System lenders,
online lenders, and others; national and
regional industry trade associations;
software vendors; business advocacy
groups; community groups; research,
academic, and other advocacy
organizations; members of Congress;
Federal and State government offices/
agencies; small businesses; and
individuals.
The remaining comments included
some duplicate submissions (i.e., letters
with the same content from the same
commenter submitted through multiple
channels, or letters with the same
content submitted by multiple people
on behalf of the same commenting
organization) as well as comments that
were part of several comment
submission campaigns organized by
industry or community groups. Such
comment campaigns typically
advocated for or against particular
provisions in the NPRM and urged
additional changes. These comments
were considered by the CFPB along with
all other comments received, including
any additional remarks included in
otherwise identical comment letters.
In addition, the CFPB also considered
comments received after the comment
period closed via approximately 17 ex
parte submissions and meetings.272
Materials on the record, including all ex
parte submissions and summaries of ex
269 86
FR 56356 (Oct. 8, 2021).
CFPB set the length of the comment
period on the proposal at 90 days from the date on
which it was published in the Federal Register. The
CFPB received several written requests to extend
the comment period. The CFPB believes that the 90day comment period set forth in the NPRM (along
with the 38 days that elapsed between the CFPB’s
issuance of the NPRM on September 1, 2021 and
its publication in the Federal Register on October
8, 2021) gave interested parties sufficient time to
consider the CFPB’s proposal and prepare their
responses, and thus did not extend the comment
period beyond January 6, 2022.
271 See https://www.regulations.gov/docket/CFPB2021-0015/comments.
272 CFPB, Policy on Ex Parte Presentations in
Rulemaking Proceedings, 82 FR 18687 (Apr. 21,
2017).
270 The
PO 00000
Frm 00025
Fmt 4701
Sfmt 4700
35173
parte meetings, are available on the
public docket for this rulemaking.273
The CFPB received comments on all
aspects of the proposed rule, as well as
on the proposed approach to protecting
privacy interests via modification or
deletion of data prior to publication,
and on its analyses of the proposed
rule’s impacts. Relevant information
received via comment letters, as well as
ex parte submissions, is discussed
below in the section-by-section analysis
and subsequent parts of this document,
as applicable. The CFPB considered all
the comments it received regarding the
proposal, made certain modifications,
and is adopting the final rule as
described in part V below. Comments
relevant to the CFPB’s approach to
privacy are discussed in part VIII and
regarding its impact analyses in parts IX
to XI.
IV. Legal Authorities
The Bureau is issuing this final rule
pursuant to its authority under section
1071. Some aspects of this rule are also
adopted under the Bureau’s more
general rulemaking authorities in ECOA.
Congress enacted ECOA to prohibit
discrimination against any applicant,
regarding any aspect of a credit
transaction, on the basis of, amongst
other characteristics, race, color,
religion, national origin, and sex.274 The
Bureau has certain oversight,
enforcement, and supervisory authority
over ECOA requirements and has
rulemaking authority under the statute.
ECOA is implemented in Regulation
B.275 Among other things, Regulation B
generally prohibits creditors from
inquiring about an applicant’s race,
color, religion, national origin, or sex,
with limited exceptions, including if it
is required by law.276
As discussed above, in the DoddFrank Act Congress amended ECOA by
adding section 1071, which directs the
Bureau to adopt regulations governing
the collection and reporting of small
business lending data. Specifically,
section 1071 requires financial
institutions to collect and report to the
Bureau certain data on applications for
credit for women-owned, minorityowned, and small businesses.277
Congress enacted section 1071 for the
purpose of (1) facilitating enforcement
of fair lending laws and (2) enabling
communities, governmental entities,
and creditors to identify business and
273 See https://www.regulations.gov/docket/CFPB2021-0015/comments.
274 15 U.S.C. 1691(a)(1).
275 12 CFR part 1002.
276 Regulation B § 1002.5(a)(2).
277 ECOA section 704B.
E:\FR\FM\31MYR2.SGM
31MYR2
lotter on DSK11XQN23PROD with RULES2
35174
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
community development needs and
opportunities of women-owned,
minority-owned, and small
businesses.278 The Bureau often refers to
these as section 1071’s fair lending
purpose and its business and
community development purpose,
respectively.
To advance these statutory purposes,
section 1071 grants the Bureau general
rulemaking authority for section 1071,
providing that the Bureau shall
prescribe such rules and issue such
guidance as may be necessary to carry
out, enforce, and compile data pursuant
to section 1071.279 ECOA section
704B(g)(2) also permits the Bureau to
adopt exceptions to any requirement of
section 1071 and to conditionally or
unconditionally exempt any financial
institution or class of financial
institutions from the requirements of
section 1071, as the Bureau deems
necessary or appropriate to carry out the
purposes of section 1071. The Bureau
principally relies on its 704B(g)(1)
authority in this proposed rule and
relies on 704B(g)(2) when proposing
specific exceptions or exemptions to
section 1071’s requirements. Section
704B(g)(3) directs the Bureau to issue
guidance designed to facilitate
compliance with the requirements of
section 1071.
In addition, section 703(a) of ECOA
gives the Bureau broad authority to
prescribe regulations to carry out the
purposes of ECOA, including provisions
that in the judgment of the Bureau are
necessary or proper to effectuate the
purposes of ECOA, to prevent
circumvention or evasion thereof, or to
facilitate or substantiate compliance
therewith. That section also states that
the Bureau may provide for such
adjustments and exceptions for any
class of transactions, as in the judgment
of the Bureau are necessary or proper to
effectuate the purposes of ECOA, to
prevent circumvention or evasion
thereof, or to facilitate or substantiate
compliance therewith.
Section 1071 establishes requirements
or obligations for financial institutions
that the Bureau is implementing in this
final rule. These provisions include the
requirement in ECOA section 704B(b)
that a financial institution shall inquire
whether an applicant for credit is a
women-owned, minority-owned, or
small business; that a financial
institution must maintain a record of
responses to such inquiry, separate from
the application; that an applicant may
refuse to provide any information
requested regarding the inquiry under
278 ECOA
279 ECOA
section 704B(a).
section 704B(g)(1).
VerDate Sep<11>2014
18:47 May 30, 2023
704B(b); that a financial institution must
limit access of loan underwriters, or
other officers or employees of the
financial institution or any affiliate, to
applicant responses to inquiries under
704B(b); and that if a financial
institution determines that a loan
underwriter or other officer or employee
should have access to any information
provided by the applicant pursuant to a
request under 704B(b) that the financial
institution shall provide notice to the
applicant of the access of the
underwriter to such information, along
with notice that the financial institution
may not discriminate on the basis of
such information.280
ECOA section 704B(e)(1) directs
financial institutions to compile and
maintain, in accordance with
regulations of the Bureau, records of the
information provided by applicants for
credit pursuant to a request under
704B(b). Section 704B(e)(2) requires that
the information compiled and
maintained under 704B(e)(1) be
itemized in order to clearly and
conspicuously disclose an enumerated
list of data points. Section 704B(e)(2)(H)
requires financial institutions to
compile and maintain any additional
data that the Bureau determines would
aid in fulfilling the purposes of section
1071.
Several provisions of section 1071
expressly refer to regulations to be
promulgated by the Bureau to
implement certain requirements,
including in ECOA section 704B(e)(1)
regarding how financial institutions
must compile and maintain data
pursuant to section 1071, and in
704B(f)(2)(B) and (C) regarding the form
of information made available by
financial institutions to the public and
the form and manner in which the
Bureau itself should make data available
to the public generally.
Two provisions expressly give the
Bureau discretion with respect to public
availability of small business lending
data. Specifically, ECOA section
704B(e)(4) states that the Bureau may, at
its discretion, delete or modify data
before making it available to the public
if the Bureau determines that the
deletion or modification of the data
would advance a privacy interest.
Section 704B(f)(3) gives the Bureau the
discretion to compile and aggregate data
for its own use, as well as to make
public such compilations of aggregate
data.
280 ECOA section 704B(b)(1) and (2), (c), (d)(1)
and (2).
Jkt 259001
PO 00000
Frm 00026
Fmt 4701
Sfmt 4700
V. Section-by-Section Analysis
Overview
In this Overview of part V, the CFPB
first provides some background
regarding section 1071, a discussion of
the Home Mortgage Disclosure Act of
1975 (HMDA), and a brief summary of
the final rule. Each regulatory provision
of the final rule, along with its rationale
and relevant feedback received through
the public comment process, is
discussed in detail in the section-bysection analyses that follow. The CFPB
has made several major, and a number
of minor, adjustments to the rule in
response to comments received on the
proposal. Major changes are noted in the
summary of the final rule below; all
changes are discussed in detail in the
section-by-section analyses that follow.
Next, the CFPB discusses the highlevel and general comments received in
response to the NPRM. The CFPB also
addresses several issues for which there
is no corresponding regulatory text or
commentary. Finally, the CFPB
discusses the conforming amendments
it is making to existing Regulation B.
A. Introduction to Section 1071
As discussed above, section 1071 of
the Dodd-Frank Act requires that
financial institutions collect and report
to the CFPB certain data regarding
applications for credit for womenowned, minority-owned, and small
businesses. Section 1071’s statutory
purposes are to (1) facilitate
enforcement of fair lending laws, and (2)
to enable communities, governmental
entities, and creditors to identify
business and community development
needs and opportunities of womenowned, minority-owned, and small
businesses.
Section 1071 specifies a number of
data points that financial institutions
are required to collect and report, and
also provides authority for the CFPB to
require any additional data that it
determines would aid in fulfilling
section 1071’s statutory purposes.
Section 1071 also contains a number of
other requirements, including those that
address restricting the access of
underwriters and other persons to
certain data and publication of data. In
addition, section 1071 permits the CFPB
to modify or delete data prior to
publication if it determines that such a
deletion or modification would advance
a privacy interest.
Section 1071 directs the CFPB to
prescribe such rules, and issue such
guidance as may be necessary to carry
out, enforce, and compile data pursuant
to section 1071. It also permits the CFPB
to adopt exceptions to any requirement
E:\FR\FM\31MYR2.SGM
31MYR2
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
or to exempt financial institutions from
the requirements of section 1071 as it
deems necessary or appropriate to carry
out the purposes of section 1071.
Section 1071 also directs the CFPB to
issue guidance designed to facilitate
compliance with the requirements of
section 1071. As discussed in part IV
above and throughout the section-bysection analyses in this part V, the
CFPB’s rule implements these statutory
provisions.
lotter on DSK11XQN23PROD with RULES2
B. Section 1071 and HMDA
HMDA is a data collection and
reporting statute that requires certain
depository institutions and for-profit
nondepository institutions to collect,
report, and disclose data about
originations and purchases of mortgage
loans, as well as mortgage loan
applications that do not result in
originations (for example, applications
that are denied or withdrawn).281 The
CFPB’s Regulation C, 12 CFR part 1003,
implements HMDA. In light of certain
similarities between section 1071 and
HMDA as data collection and reporting
statutes with different markets but
similar fair lending enforcement and
community development purposes, the
CFPB’s section-by-section analyses in
this part V sometimes discusses how
similar provisions are addressed in the
context of HMDA. Of course, the
markets to which HMDA and section
1071 apply are also different in
significant respects, and those
differences are reflected between the
present rule and Regulation C, as
discussed further in the section-bysection analyses in this part V.
HMDA and Regulation C’s purposes
are: (1) to help determine whether
financial institutions are serving their
communities’ housing needs; (2) to
assist public officials in distributing
public investment to attract private
investment; and (3) to assist in
identifying potential discriminatory
lending patterns and enforcing
antidiscrimination statutes.
A covered institution for purposes of
HMDA reporting is a depository or
nondepository institution that meets the
relevant coverage criteria set forth in the
regulation. A covered transaction under
HMDA is generally a loan or line of
credit secured (or, for applications,
proposed to be secured) by a lien on a
dwelling, that is not specifically
excluded under Regulation C
§ 1003.3(c). The data points generally
required to be reported about each
covered transaction can be grouped into
281 12
U.S.C. 2801 et seq.
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
four broad categories: 282 information
about the applicants, borrowers, and
underwriting process, information about
the property securing the loan or
proposed to secure the loan, information
about the features of the loan, certain
unique identifiers.
Covered institutions are required to
submit their HMDA data by March 1
following the calendar year for which
data are collected. Covered institutions
with larger volumes of covered loans
and applications are required to submit
their HMDA data for each of the first
three quarters of the year in addition to
their annual submission.
Following the calendar year in which
HMDA data are collected, a covered
institution’s disclosure statement 283
and modified loan/application register
become publicly available on the
FFIEC’s HMDA Platform.284 Aggregate
reports for each Metropolitan Statistical
Area and Metropolitan Division that
show lending patterns by property
location, age of housing stock, and
income level, sex, ethnicity, and race
are also publicly available on the same
platform, which also allows users to
create custom datasets, reports, and
visualizations from the HMDA data.
HMDA data are the primary source of
information for regulators, researchers,
economists, industry, and advocates
analyzing the mortgage market both for
HMDA’s purposes and for general
market monitoring. HMDA data are used
by the Federal supervisory agencies to
support a variety of activities. For
example, Federal supervisory agencies
use HMDA data as part of their fair
282 Under the Economic Growth, Regulatory
Relief, and Consumer Protection Act, Public Law
115–174, 132 Stat. 1296 (2018), as implemented in
Regulation C § 1003.3(d), certain HMDA-covered
institutions may be eligible for partial exemptions
from some of the HMDA reporting requirements
and only certain covered loans and applications are
covered under partial exemptions. If a covered loan
or application is covered under a partial exemption,
the covered institution is not required to collect,
record, and report certain data points.
283 A disclosure statement contains aggregated
data derived from loan-level data.
284 A HMDA loan/application register contains
the record of information required to be collected
and the record submitted annually or quarterly, as
applicable. A modified loan/application register is
a covered institution’s loan/application register
modified by the CFPB, on its website, to protect
applicant and borrower privacy. The CFPB
interprets HMDA, as amended by the Dodd-Frank
Act, to call for the use of a balancing test to
determine whether and how HMDA data should be
modified prior to its disclosure to the public in
order to protect applicant and borrower privacy
while also fulfilling HMDA’s public disclosure
purposes. See 80 FR 66127, 66133–34 (Oct. 28,
2015). In December 2018, the CFPB issued final
policy guidance describing the modifications the
CFPB intends to apply to the loan-level HMDA data
that covered institutions report before the data are
disclosed publicly. See 84 FR 649 (Jan. 31, 2019).
PO 00000
Frm 00027
Fmt 4701
Sfmt 4700
35175
lending 285 examination process, and
also use HMDA data in conducting
CRA 286 performance evaluations.
HMDA data provide the public with
information on the home mortgage
lending activities of particular reporting
entities and on activity in their
communities. These data are used by
local, State, and Federal officials to
evaluate housing trends and issues and
by community organizations to monitor
financial institution lending patterns.
C. Summary of the Final Rule
The CFPB is adding a new subpart B
to Regulation B to implement the
requirements of section 1071. The CFPB
is also making some conforming
amendments to existing Regulation B.
The CFPB’s final rule is summarized
below, in the order of the section-bysection analyses in this part V that
follow.
1. General Provisions (§§ 1002.5(a)(4),
1002.101, and 1002.102)
Changes to existing Regulation B. The
CFPB is amending existing
§ 1002.5(a)(4) to expressly permit
voluntary collection and reporting of
information regarding the ethnicity,
race, and sex of applicants’ principal
owners, or whether the applicant is a
minority-owned, women-owned, or
LGBTQI+-owned business, in certain
circumstances.
The Bureau is also making other
nonsubstantive conforming edits in
existing Regulation B to maintain
consistency and avoid confusion.
Authority, purpose, and scope
(§ 1002.101). Section 1002.101 sets forth
the authority, purpose, and scope for
subpart B. Among other things, this
section states section 1071’s two
statutory purposes of facilitating
enforcement of fair lending laws and
enabling communities, governmental
entities, and creditors to identify
business and community development
needs and opportunities of womenowned, minority-owned, and small
businesses.
Definitions (§ 1002.102). Section
1002.102 includes a number of
definitions for terms used in subpart B,
which generally fall into several
categories. First, some definitions refer
to terms defined elsewhere in subpart
B—specifically, terms of particular
importance including business, covered
application, covered credit transaction,
covered financial institution, financial
institution, and small business. Second,
285 See ECOA (15 U.S.C. 1691 through 1691f),
Regulation B (12 CFR part 1002), and the Fair
Housing Act (42 U.S.C. 3605, 24 CFR part 100).
286 12 U.S.C. 2901 through 2908, and 12 CFR
parts 25, 195, 228, and 345.
E:\FR\FM\31MYR2.SGM
31MYR2
35176
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
lotter on DSK11XQN23PROD with RULES2
some definitions refer to terms defined
elsewhere in existing Regulation B (i.e.,
business credit, credit, and State) or
other regulations (i.e., a portion of the
definitions of small business and
affiliate reference an SBA regulation).
Finally, the remaining terms are defined
in § 1002.102, including applicant,
closed-end credit transaction, LGBTQI+
individual, LGBTQI+-owned business,
minority-owned business, open-end
credit transaction, principal owner,
small business lending application
register, women-owned business, and a
portion of the definition of affiliate.
2. Coverage (§§ 1002.103 Through
1002.106)
Covered applications (§ 1002.103).
Section 1002.103 defines what is, and is
not, a covered application under subpart
B; this definition triggers data collection
and reporting requirements under
subpart B for covered financial
institutions. The CFPB is defining a
covered application in § 1002.103(a) as
an oral or written request for a covered
credit transaction that is made in
accordance with procedures used by a
financial institution for the type of
credit requested. A covered application
does not include (1) reevaluation,
extension, or renewal requests on an
existing business credit account, unless
the request seeks additional credit
amounts; and (2) inquiries and
prequalification requests.
Covered credit transactions and
excluded transactions (§ 1002.104). The
CFPB is requiring that covered financial
institutions collect and report data for
all covered applications from small
businesses for transactions that meet the
definition of business credit under
existing Regulation B, with certain
exceptions. Section 1002.104(a) defines
the term covered credit transaction as an
extension of business credit that is not
an excluded transaction under
§ 1002.104(b). Loans, lines of credit,
credit cards, and merchant cash
advances (including credit transactions
for agricultural purposes) all fall within
the scope of the rule. Section
1002.104(b) excludes from the
requirements of subpart B trade credit,
HMDA-reportable transactions,
insurance premium financing, public
utilities credit, securities credit, and
incidental credit. Factoring, leases,
consumer-designated credit used for
business or agricultural purposes, and
credit transaction purchases, purchases
in a pool of credit transactions, and
purchases of a partial interest in a credit
transaction also are not covered credit
transactions.
Covered financial institutions and
exempt institutions (§ 1002.105). The
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
CFPB is defining in § 1002.105(a) the
term financial institution, consistent
with the definition in section 1071, as
any partnership, company, corporation,
association (incorporated or
unincorporated), trust, estate,
cooperative organization, or other entity
that engages in any financial activity.
Under this definition, subpart B’s
requirements apply to a variety of
entities that engage in small business
lending, including depository
institutions (i.e., banks, savings
associations, and credit unions), online
lenders, platform lenders, CDFIs, Farm
Credit System lenders, lenders involved
in equipment and vehicle financing
(captive financing companies and
independent financing companies),
commercial finance companies,
governmental lending entities, and
nonprofit nondepository lenders.
Subpart B does not cover motor vehicle
dealers.287 Section 1002.105(b) defines
the term covered financial institution as
a financial institution that originated at
least 100 covered credit transactions for
small businesses in each of the two
preceding calendar years. Only financial
institutions that meet this loan-volume
threshold are required to collect and
report small business lending data
under subpart B.
Business and small business
definitions (§ 1002.106). Section
1002.106 adopts the SBA’s definitions
of ‘‘business concern or concern’’ and
‘‘small business concern’’ as set out in
the Small Business Act and SBA
regulations. Notwithstanding the small
business size standards established by
SBA regulations, for purposes of subpart
B, a business is a small business if its
gross annual revenue is $5 million or
less for its preceding fiscal year. The
SBA Administrator has approved the
CFPB’s use of this alternate small
business size standard pursuant to the
Small Business Act. Every five years
after January 1, 2025, the need to adjust
the gross annual revenue threshold for
inflation or deflation will be determined
using the Consumer Price Index for all
Urban Consumers.
3. Compiling, Maintaining, and
Reporting Small Business Lending Data
(§§ 1002.107 Through 1002.111)
Compilation of reportable data
(§ 1002.107). Section 1002.107
addresses several aspects of collecting
data on covered applications from small
businesses. Section 1002.107(a) requires
287 Regulation B does not apply to a person
excluded from coverage by section 1029 of the
Consumer Financial Protection Act of 2010, title X
of the Dodd-Frank Wall Street Reform and
Consumer Protection Act, Public Law 111–203, 124
Stat. 1376, 2004 (2010).
PO 00000
Frm 00028
Fmt 4701
Sfmt 4700
financial institutions to compile and
maintain the data points enumerated in
§ 1002.107(a)(1) through (20). These
data points must be collected and
reported in accordance with the rule
and the Filing Instructions Guide that
the CFPB will provide for the
appropriate filing year. Certain of these
data points are or could be collected
from the applicant (or otherwise
determined based on information from
appropriate third-party sources); other
data points are based on information
within the financial institution’s
control. Appendix E provides a sample
data collection form for requesting
protected demographic information.
Although the form reflects a number of
legal requirements applicable to
collection, use of the form itself is not
mandatory. It is intended as an available
implementation resource for lenders,
who can make use of it if they so
choose.
Section 1002.107(c)(1) provides that
covered financial institutions must not
discourage an applicant from
responding to requests for applicantprovided data and must otherwise
maintain procedures to collect such data
at a time and in a manner that are
reasonably designed to obtain a
response. Where data are collected
directly from the applicant,
§ 1002.107(c)(2) identifies certain
minimum provisions that must be
included within financial institutions’
procedures in order for them to be
considered ‘‘reasonably designed.’’ The
rule also addresses what financial
institutions should do if, despite having
such procedures in place, they are
unable to obtain certain data from an
applicant. Pursuant to § 1002.107(b),
financial institutions are permitted to
rely on information from the applicant
or appropriate third-party sources,
although for most data points if the
financial institution verifies the
information provided it must report the
verified information. Section
1002.107(d) permits financial
institutions to reuse certain previously
collected data in certain circumstances.
Firewall (§ 1002.108). Section
1002.108 implements section 1071’s
requirement that certain data collected
pursuant to section 1071 be shielded
from certain persons if feasible; the
CFPB refers to this as the ‘‘firewall.’’
Pursuant to § 1002.108(b), if an
employee or officer of a covered
financial institution or a covered
financial institution’s affiliate is
involved in making any determination
concerning a covered application from a
small business, that employee or officer
is prohibited from accessing the
applicant’s responses to regarding
E:\FR\FM\31MYR2.SGM
31MYR2
lotter on DSK11XQN23PROD with RULES2
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
protected demographic information
requested under this final rule.
However, pursuant to § 1002.108(c),
this prohibition does not apply to an
employee or officer if the financial
institution determines that employee or
officer should have access to the
applicant’s responses to the financial
institution’s inquiries regarding the
applicant’s protected demographic
information, and the financial
institution provides a notice to the
applicant regarding that access. The
notice must be provided to each
applicant whose information will be
accessed or, alternatively, the financial
institution may also provide the notice
to applicants whose responses will not
or might not be accessed. For example,
a financial institution could provide the
notice to all applicants or all applicants
for a specific type of product. The CFPB
is providing sample language that a
financial institution can, but is not
required to, use for this notice.
Reporting of data to the Bureau
(§ 1002.109). Section 1002.109
addresses several aspects of covered
financial institutions’ obligations to
report small business lending data to the
CFPB. First, § 1002.109(a) provides that
data must be collected on a calendar
year basis and reported to the CFPB on
or before June 1 of the following year.
Section 1002.109(a) also addresses
collection and reporting requirements of
subsidiaries of financial institutions and
reporting requirements of financial
institutions where multiple financial
institutions are involved in a
transaction. Second, the CFPB lists in
§ 1002.109(b) the information that
financial institutions are required to
provide about themselves when
reporting data to the CFPB, including
the financial institution’s name,
headquarters address, contact person,
Federal prudential regulator,
institutional identifiers, parent entity
information, as well as information on
the type of financial institution it is, and
whether it is reporting covered
applications voluntarily. Finally,
§ 1002.109(c) addresses technical
instructions for the submission of data
to the CFPB, including information
about the Filing Instructions Guide,
which the CFPB will provide for the
appropriate year.
Publication of data and other
disclosures (§ 1002.110). Section
1002.110 addresses several issues
regarding the publication of small
business lending data. Section
1002.110(a) provides that the CFPB will
make available to the public, on an
annual basis, the data submitted to it by
financial institutions. These data will be
made available subject to deletions or
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
modifications made by the CFPB, if the
CFPB determines that such deletions or
modifications would advance a privacy
interest. Part VIII below discusses the
CFPB’s preliminary assessment of how
best to determine appropriate prepublication modifications and deletions,
particularly in light of re-identification
risk to small businesses and their
owners. Section 1002.110(b) provides
that the CFPB may compile and
aggregate data submitted by financial
institutions and may publish such
compilations or aggregations.
Section 1002.110(c) requires a
covered financial institution to publish
on its website a statement that its small
business lending data, as modified by
the CFPB, are or will be available from
the CFPB. Section 1002.110(d) sets forth
when a covered financial institution
shall make this statement available and
how long the financial institution shall
maintain the statement on its website.
These requirements satisfy financial
institutions’ statutory obligation to make
data available to the public upon
request.
Finally, § 1002.110(e) prohibits a
financial institution or third party from
disclosing protected demographic
information, except in limited
circumstances. Section 1002.110(e)(1)
prohibits a financial institution from
disclosing or providing to a third party
the protected demographic information
it collects pursuant to the rule, except
to further compliance with ECOA or
Regulation B or as required by law.
Section 1002.110(e)(2) prohibits a third
party that obtains protected
demographic information for the
purpose of furthering compliance with
ECOA and Regulation B from any
further disclosure of such information,
except to further compliance with
ECOA and Regulation B or as required
by law.
Recordkeeping (§ 1002.111). Section
1002.111 addresses several aspects of
the recordkeeping requirements for
small business lending data. First,
§ 1002.111(a) requires a covered
financial institution to retain evidence
of compliance with subpart B, which
includes a copy of its small business
lending application register, for at least
three years after the register is required
to be submitted to the CFPB pursuant to
§ 1002.109. Second, § 1002.111(b)
requires a covered financial institution
to maintain, separately from the rest of
an application for credit and
accompanying information, an
applicant’s responses to a financial
institution’s inquiries regarding the
applicant’s protected demographic
information. Finally, § 1002.111(c)
requires that, in compiling, maintaining,
PO 00000
Frm 00029
Fmt 4701
Sfmt 4700
35177
and reporting its small business lending
application register, as well as the
separately maintained protected
demographic information pursuant to
§ 1002.111(b), a financial institution
may not include any personally
identifiable information concerning any
individual who is, or is connected with,
an applicant.
4. Other Provisions (§§ 1002.112
Through 1002.114)
Enforcement (§ 1002.112). Section
1002.112 addresses several issues
related to the enforcement of subpart B.
First, § 1002.112(a) states that a
violation of section 1071 or subpart B is
subject to administrative sanctions and
civil liability as provided in sections
704 and 706 of ECOA. Second,
§ 1002.112(b) provides that a bona fide
error in compiling, maintaining, or
reporting data with respect to a covered
application is an error that was
unintentional and occurred despite the
maintenance of procedures reasonably
adapted to avoid such an error. Such an
error is presumed not to violate ECOA
or subpart B if the number of such errors
do not exceed the thresholds set forth in
appendix F. Third, § 1002.112(c)
identifies four safe harbors under which
certain errors—specifically those
regarding the application date, census
tract, and NAICS code data point, along
with incorrect determinations of small
business status, covered transaction,
and covered application—do not
constitute violations of ECOA or subpart
B. Relatedly, in part VII below, the
CFPB discusses its intention to
consider, for financial institutions
subject to the CFPB’s jurisdiction, good
faith efforts to comply with the rule and
will not generally assess penalties for
errors in data reporting. The CFPB will
conduct examinations on data during
the grace period to assist institutions in
diagnosing compliance weaknesses.
Severability (§ 1002.113). Section
1002.113 provides that any provision of
subpart B, or any application of a
provision, is stayed or determined to be
invalid, it is the CFPB’s intent that the
remaining provisions shall continue in
effect.
Effective date, compliance date, and
special transitional rules (§ 1002.114).
Section 1002.114 addresses several
issues related to the rule’s effective date,
when covered financial institutions are
required to comply with the rule, and
associated transitional rules. Section
1002.114(a) provides that this final rule
will become effective 90 days after
publication in the Federal Register.
However, pursuant to § 1002.114(b)
compliance with the final rule is based
on a tiered compliance date schedule.
E:\FR\FM\31MYR2.SGM
31MYR2
35178
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
Compliance with the rule beginning
October 1, 2024 is required for covered
financial institutions that originate the
most covered credit transactions for
small businesses. However, institutions
with a moderate transaction volume
have until April 1, 2025 to begin
complying with the rule, and those with
the lowest volume have until January 1,
2026. Next, § 1002.114(c) provides
certain transitional provisions that
permit covered financial institutions to
begin collecting protected applicants’
demographic information beginning 12
months prior to their applicable
compliance dates. Finally, § 1002.114(c)
also permits financial institutions that
do not have ready access to sufficient
information to determine their
compliance tier (or whether they are
covered by the rule at all) to use any
reasonable method to estimate their
volume of originations to small
businesses for this purpose.
D. High-Level and General Comments
1. High-Level and General Comments on
the NPRM
High-level and general comments
received on the NPRM are discussed
here, followed by a discussion of
comments specifically addressing
implementation issues and comments
regarding section 1071’s overlap with
other data reporting regimes. Comments
received on specific aspects of the
Bureau’s proposed rule are discussed in
the section-by-section analyses that
follow in this part V. Comments
regarding the privacy analysis are
addressed in part VIII below, and
regarding the Bureau’s analysis of
impacts in parts IX through XI.
lotter on DSK11XQN23PROD with RULES2
Comments Received
Support for section 1071’s statutory
purposes was nearly universal amongst
commenters, at least at a high level of
generality. (See also the section-bysection analysis of § 1002.101 below.)
The vast majority of industry
commenters praised the purposes of the
rule, and the intentions behind section
1071 and ECOA generally, while
offering criticisms of specific provisions
of the proposed rule.
Broad support. A number of
commenters offered general support for
the rule, including its scope and its
purposes. For example, a trade
association stated its appreciation for
the comprehensive nature of the
proposed rule, noting that the Bureau
conducted extensive outreach and
worked at ensuring proper and effective
rulemaking consistent with legislative
intent while allowing for technical
improvements and practical
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
considerations. A community group
stated that to achieve the community
development and fair lending purposes
of the statute, the data collected and
reported under the rule needs to be
comprehensive in its coverage of
lenders and must capture key credit
underwriting factors as controls for
analyses of gender and racial disparities
in lending. The commenter also stated
that the Bureau recognized that annual
disclosure of lending data by the vast
majority of small business lenders is a
prerequisite for adequate oversight,
given that existing data are insufficient.
The commenter further explained that
existing data consist of periodic surveys
that are not usually lender specific and
that are inconsistent in the amount of
detail provided on key underwriting
variables needed for analyses of
community needs and fair lending
compliance.
A number of commenters offered
more specific support for the rule’s
purposes. One trade association noted
that its members have been active in the
development of policy supporting
section 1071, including participation as
small entity representatives during the
SBREFA process. A number of banks, a
credit union, and several trade
associations expressed support for the
statutory purposes of section 1071 and
the Bureau’s proposed rule. One trade
association stated that the NPRM was a
key opportunity to explore lending data
and expand responsible small business
lending, which was important to the
financial well-being in the communities
served by its members, as well as
stability of the overall financial system.
A cross-sector group of lenders,
community groups, and small business
advocates stated that it is critical to
require lenders to collect and report
applicant data for as many small
minority-owned and small womenowned businesses as possible, to uphold
congressional intent and establish a
comprehensive database.
Several commenters focused on the
importance of the fair lending purpose
of section 1071. One trade association
stated its unequivocal agreement with
the purpose of preventing
discrimination on the basis of ethnicity,
race, and sex, and noted that CDFI
lenders share the Bureau’s core value of
protecting consumers by providing fair
and transparent financial products and
services to all customers.
A number of commenters, including
community banks, credit unions, and
trade associations, offered their
appreciation for the stated intentions of
the rule in the NPRM—to support fair
lending and business and community
development—but expressed concern
PO 00000
Frm 00030
Fmt 4701
Sfmt 4700
about the effect of the rule as proposed
on lending and compliance costs. A
bank stated that, while it supported the
statutory goals of section 1071, the
proposed rule would result in restricted,
higher-priced credit for the groups the
proposal is meant to benefit. A trade
association for community banks
likewise supported the proposed rule
and the congressional intent behind
section 1071, but asserted it was
necessary to fine-tune specific proposed
provisions to mitigate costs and ensure
small business lenders remain active,
particularly those serving the most
underserved markets. Another trade
association supported the goals of the
NPRM, but worried that the proposed
would unduly burden credit unions and
would discourage them from offering
business credit.
Broad criticisms. Some industry
commenters expressed disagreement
with the enactment of section 1071 and
therefore opposed the rule in its
entirety. One lender opposed the rule on
the grounds that it already complies
with fair lending laws, and that the rule
would force a choice between
compliance and market exit. Another
argued that the Dodd-Frank Act may
have intended that section 1071 create
a HMDA-like data reporting mechanism,
but warned that small business lending
is not ‘‘cookie-cutter,’’ is not automated,
and is highly relationship driven.
Another commenter claimed that it
would be impossible to derive any
meaningful or statistically valid
conclusions from a comparison of small
business loans.
A credit union stated that the
publication of data collected and
reported pursuant to section 1071
would not permit it to better identify its
members’ unmet small business lending
needs aside from confirming if there is
a significant difference in the number of
business borrowers that are female or of
a specific race.
One trade association noted that
credit unions may only serve their
members and are limited by Federal
statute in their ability to offer business
loans; as a result, data collected from
them would not be comparable to data
collected from lenders without similar
limitations in who they may serve.
Other commenters, without
specifically opposing the enactment of
section 1071, expressed more general
concerns about the NPRM. Trade
associations for online lenders
supported the policy goals of the NPRM
and also believed that modifications
should be made to support responsible
innovation in banking without
unintentionally stifling the efficiency
and innovation that digital lending
E:\FR\FM\31MYR2.SGM
31MYR2
lotter on DSK11XQN23PROD with RULES2
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
platforms can provide. A bank
supported the enforcement of fair
lending laws and appreciated the
Bureau’s dedication to better supporting
small businesses, but was concerned
about aspects of the NPRM. A One
commenter inquired as to why the
Bureau, in charge of consumer financial
protection, was concerned with
business loans, and claimed that the
Bureau was engaged in overreach.
The role of online lenders. Two trade
associations suggested that online and
‘‘fintech’’ lenders were important to
expanding access to financing,
particularly for Black- and Hispanicowned businesses. These commenters
expressed their support for greater
transparency and expanding access to
sustainable and fair credit in small
business lending. They also asserted
that women-owned and minority-owned
small businesses were disadvantaged in
applying for small business lending at
traditional banks, and that
nontraditional online lenders play a
crucial role in modernizing financial
services and improving access and
outcomes for small businesses. One of
the commenters noted that, in
particular, the use of artificial
intelligence, machine learning, and
alternative data would expand lending
to minority-owned small businesses.
Uniqueness of small business lending.
One bank stated that it was hard to
perform comparative analysis on small
business loans because they are unique
and manually unwritten. Further, the
commenter stated that the absence of
certain credit criteria or metrics—such
as collateral, loan-to-value, debt-toincome, debt service coverage ratio and
the like—in the data points to be
collected by the rule could cause
reviewers of published data, such as
consumer groups and agency examiners,
to draw incorrect conclusions on
variances in rates and terms of loans.
Data accuracy. A bank and a trade
association asserted that the Bureau’s
final rule should focus on ensuring the
collection and reporting of high-quality
data that maximizes data accuracy and
reliability. These commenters noted that
inaccurate, unreliable, and poor-quality
data could undermine the statutory
purposes of section 1071, which the
commenters said were to promote
access to credit for minority-owned and
women-owned small businesses. They
further stated that poor data quality
could also lead to misguided and
factually unsupported fair lending
allegations, which could damage the
reputations of responsible lenders and
subject them to unnecessary
investigative burdens and lawsuits, all
of which could undermine the Bureau’s
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
credibility and waste the Bureau’s time
and resources. Based on these premises,
the commenters sought the elimination
of certain provisions which they
believed would undermine the
collection of accurate, reliable, highquality data (discussed in the applicable
section-by-section analyses that
follows).
Specific uses of small business
lending data. Two trade associations
urged the Bureau to explain how it
would use the data collected under this
rule, including how it would analyze
data collected by the rule. One claimed
that the NPRM did not outline potential
uses for small business lending data,
and asserted that the Bureau should
provide notice and comment on
potential uses of the rule, even after the
issuance of the final rule. The
commenter stated that it is important for
the Bureau to issue guidance on how it
plans to analyze data reported under the
rule, including how it will assess
whether lenders appropriately serve
relevant markets, which can vary
significantly by lending product.
The other commenter stated that the
Bureau should clearly indicate how
implementing the proposed framework
will advance fairness and understanding
of small business credit needs, that
requirements should tie to satisfying
stated objectives and designed no more
broadly than necessary to reduce
unnecessary costs to small business
lenders. The commenter stated its belief
that by clearly indicating how it will use
data it collects, including whether and
how it will make such information
public, the Bureau will allow
stakeholders to assess better the costs
and benefits of the overall framework.
Additionally, the Bureau should
carefully consider potential unintended
consequences—especially related to
data publication—that could reduce
small business credit access and chill
further innovation aimed at better
serving small businesses.
Responses to Comments Received
The Bureau agrees with the general
comments made in favor of keeping the
scope of the proposed rule broad. In
general, the Bureau believes that broad
coverage of institutions and products as
requested by a number of commenters is
consistent with the statutory purposes
of section 1071. The Bureau does not
believe that a more limited approach to
scope—including the various
limitations on the coverage of certain
types of financial institutions and
products—would be consistent with the
statutory purposes of section 1071. The
Bureau addresses these issues directly
in the section-by-section analyses of
PO 00000
Frm 00031
Fmt 4701
Sfmt 4700
35179
proposed §§ 1002.104 and 1002.105
below.
Broad support. Regarding the
comment on the scope of the rule, that
the Bureau should continue to monitor
U.S. Census data to ensure that its
definition of small business in this rule
continues in the future to be inclusive
enough such that the proportion of nonsmall minority-owned businesses do not
exceed 1 percent of all businesses, the
Bureau believes that its adoption of an
inflation-adjustment for the gross
annual revenue threshold in the
definition of small business under
§ 1002.106(b) should help ensure that,
over time, the proportion of businesses
covered by the rule does not decline. In
any case, the Bureau will monitor data
concerning the prevalence of small
businesses in the context of the
economy at large.
Broad criticism. Regarding the
comment of a lender that it already
complies with fair lending laws, the
Bureau notes that continuing
enforcement of fair lending laws, and
tools such as this data collection rule
that facilitate such enforcement,
remains necessary because while the
commenter may comply with fair
lending laws, some lenders may not and
a subset of those may repeatedly violate
fair lending laws. Additionally, enabling
identification of business and
community development needs and
opportunities is an independent
purpose of the statute. Compliance with
fair lending laws does not necessarily
permit creditors, communities, and
governmental entities to identify
business and community development
needs and opportunities. As to the
assertion that the rule would force a
choice between compliance and market
exit, the Bureau’s decision to increase
the originations threshold from 25 to
100 transactions will mitigate any risk
of such disruptions, even if slight or
speculative. Regarding the comment
that small business lending is more
individualized and highly relationship
driven, the Bureau agrees this is true for
much small business lending and the
final rule is crafted to acknowledge this,
as discussed in the section-by-section
analyses that follow. But that does not
prevent small business lending data
from facilitating fair lending
enforcement and identifying business
and community development needs and
opportunities.
As to comments that quarrel with the
statutory mandate and question the
utility of the data in general terms, the
Bureau is bound by the statute and
congressional intent. Additionally,
many described potentially helpful uses
of the data.
E:\FR\FM\31MYR2.SGM
31MYR2
lotter on DSK11XQN23PROD with RULES2
35180
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
Regarding the assertion that the DoddFrank Act was only intended to regulate
larger institutions, and that smaller
lenders should be exempted from the
rule to avoid harming those the Act was
intended to protect, the Bureau notes
that while much of the Dodd-Frank Act
explicitly addresses larger entities,
section 1071 does not contain such
limitations. Nonetheless, Bureau has
made changes in the final rule in
response to public comment that will
have the effect of reducing compliance
burden on small lenders. For example,
the Bureau has raised the coverage
threshold from 25 to 100 originations for
purposes of determining which
financial institutions must comply with
the rule, provided longer compliance
periods for lenders with lower volumes
of small business lending, and provided
for a variety of safe harbors and a good
faith error provision which will provide
some leeway to smaller-volume lenders.
The Bureau implemented these changes
in the final rule to limit its impact on
institutions with lower volumes of
lending to small businesses. The Bureau
has also complied with the Dodd-Frank
Act requirements under SBREFA and
the RFA to assess and mitigate any
impact on smaller financial institutions.
The Bureau addresses the effect of the
rule on lending and compliance costs,
in its impact analyses in parts IX and X
below. Regarding the commenter that
stated that the rule would not meet its
purposes and would result in restricted,
higher-priced credit to the very groups
the proposal is meant to benefit, the
Bureau’s analysis suggests that any
changes in the cost of credit would be
small and unlikely to lead to a
significant change in the per-unit cost of
loans to individual applicants even from
the smallest lenders. The Bureau has
made various changes from the proposal
in finalizing this rule intended to
mitigate costs for smaller-volume
lenders serving small businesses in
response to comments expressing
concern that credit unions and other
financial institutions remain active
small business lenders.
Regarding the concern that data from
credit unions would not be comparable
to data collected from other kinds of
lenders, the Bureau observes that, under
§ 1002.109(b), lenders must provide
information on financial institution
type. Credit unions thus must selfidentify themselves in submitting data
to the Bureau, and the various
limitations on lending by credit unions
can be taken into account in analyses of
data collected and reported under this
rule.
Regarding the comment that the rule
should be modified to support
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
responsible innovation in banking
without unintentionally stifling the
efficiency and innovation that online
lenders may provide, the Bureau agrees
that it does not wish to stifle responsible
innovation. The Bureau has endeavored
to be responsive to these concerns in the
final rule; to the extent that specific
concerns were raised, they are
addressed in other provisions of this
preamble. Regarding the comment that
the rule as proposed was too complex
even for most forward-leaning,
technologically adept financial
institutions, the Bureau disagrees,
noting that while this rule is new, it is
not dissimilar to other similar data
collection regulations in complexity,
such as those for HMDA, CRA, and the
CDFI Fund. Further, the Bureau has
made a number of changes to this final
rule to make compliance easier for
smaller-volume lenders, or to exclude
them from reporting requirements
entirely.
Regarding the comment asserting that
the Bureau was overreaching by
regulating business loans, the Bureau
notes that section 1071 explicitly
requires the Bureau promulgate a rule to
collect data on applications for business
credit.
The role of online lenders. Regarding
assertions made that nonbank online
lenders were important to expanding
access to financing for Black- and
Hispanic-owned businesses in
particular, that traditional lenders
provided fewer loans to women-owned
and minority-owned small businesses,
and that technology improved access
and outcomes for small businesses, the
Bureau believes that the broader
conclusion to draw from these
assertions is that the data that will be
collected under this rule is needed to
assess and further analyze such claims.
Uniqueness of small business lending.
Regarding the comment that it is not
possible to perform comparative
analysis on small business loans
because they are unique and manually
unwritten, the Bureau disagrees. Other
commenters, as set out in the sectionby-section analysis of § 1002.101, stated
that the data points proposed in the
NPRM are fulsome and can contribute to
sophisticated analysis and comparison
of small business loans. Regarding the
comment that the Bureau cannot make
comparisons absent additional credit
metrics beyond those it proposed to
collect and that other reviewers of
published data could draw incorrect
conclusions, the Bureau does not agree
that additional credit metrics are
necessary in order to draw meaningful
analyses from the data. While the
Bureau believes, all things equal, that
PO 00000
Frm 00032
Fmt 4701
Sfmt 4700
additional data points would enrich the
analysis for users of the data, the Bureau
also believes that certain of these
metrics can be derived, at least in part,
from other data points, and it notes that
other commenters varyingly opposed
any data points proposed pursuant to
ECOA section 704B9(e)(2)(H) or
requested that the Bureau collect as few
data points as possible. Industry
comments were also contradictory on
this point; while many commenters
suggested the Bureau had proposed too
many data points, commenters also
asserted that the Bureau was not
collecting enough data to draw proper
conclusions. The Bureau believes its
final rule strikes an appropriate balance
between comprehensiveness and
minimizing burden and complexity to
financial institutions.
Data accuracy. Regarding comments
that the final rule should focus on
ensuring the collection and reporting of
high-quality data, the Bureau agrees. To
this end, it has adjusted various
provisions in the final rule in response
to comments received. In addition, other
changes, while made for other reasons,
render moot certain comments on
accuracy concerns. For example, the
decision not to finalize the proposed
visual observation and surname
requirement, discussed in the sectionby-section analysis of § 1002.107(a)(19)),
moots the relevance of comments about
the accuracy of visual observation.
Specific uses of small business
lending data. Regarding the comment
that the Bureau should have explained
and provided an opportunity for notice
and comment for its intended uses of
the data collected under this rule, the
Bureau disagrees, both that it did not
explain what the data would be used
for, and that it is obligated to identify
specific uses of the data or to provide
the public an opportunity to comment
on proposed specific uses of the data.
Initially, section 1071 itself establishes
the intended purposes and uses of the
collection and publication of the data—
namely, the facilitation of fair lending
enforcement and the identification of
business and community development
needs and opportunities. Next, while
section 1071 requires the Bureau to
collect and publish data on small
business lending applications, it does
not require the Bureau to identify its
intended uses of the data. Moreover,
even if the Bureau articulates specific
uses of the data, as the statute explicitly
provides, the Bureau is not the only
intended user of the data. Enforcement
of fair lending laws includes ECOA,
which is enforced not only by the
Bureau but by many other Federal
E:\FR\FM\31MYR2.SGM
31MYR2
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
agencies.288 Further, for purposes of
identifying business and community
development needs and opportunities,
the statute specifically names
communities, governmental entities,
and creditors as potential users of the
data collected under this rule. Thus,
even if the Bureau disclosed its
intended uses—which could change
over time depending on the data
received and the needs identified—
other stakeholders could make different
use of the data.
Regarding comments about how the
Bureau intends to make the data public,
including whether and how it will make
such information public, and that the
Bureau should carefully consider
potential unintended consequences
especially related to data publication,
the Bureau describes its intended
privacy analysis in part VIII below.
Regarding concerns that the Bureau
might reduce small business credit
access and chill further innovation
aimed at better serving small businesses,
the Bureau has considered various
comments concerning access to credit
and innovation, which it addresses
throughout the section-by-section
analyses below.
lotter on DSK11XQN23PROD with RULES2
2. Comments Regarding Implementation
Comments Received
Several commenters said that the
Bureau should provide additional
implementation or guidance resources
about the final rule, specific parts of the
rule, or regarding how the rule applies
in specific situations. Some of these
commenters requested specific forms of
guidance or specific resources, such as
frequently asked questions, guides, or
templates. One commenter said that the
final rule should have a table of
contents. Some commenters said that
the Bureau should provide training on
collecting and reporting data or training
on how to comply with the rule
generally. One commenter said the
Bureau should develop a data literacy
program. Another commenter said that
the Bureau should use all of its available
tools to educate and support lenders
and their vendors, including no-action
letters, advisory opinions, webinars,
guides, and other materials.
Some commenters requested specific
content in implementation and
guidance resources. Many commenters
requested additional guidance on
specific requirements or data points,
and those comments generally are
288 See 15 U.S.C. 1691c (listing Federal agencies
with authority to enforce ECOA), 1691e (providing
private attorneys, the Department of Justice, and the
Department of Housing and Urban Development the
authority to bring civil suits to enforce ECOA).
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
addressed in the relevant section-bysection analyses later in this part V.
Additionally, one commenter said that
the Bureau should develop materials
showing how to do the research needed
to find appropriate regulation sections
and related commentary. The same
commenter said that implementation
and guidance resources should provide
examples. Another commenter said that
implementation resources should
address matters not typically addressed
in supervision guides. A few other
commenters said that implementation
materials should be detailed and/or
comprehensive.
A few commenters said that
implementation materials and guidance
should be provided at specific points in
time. Two commenters requested that
the Filing Instructions Guide be
provided at least six months before data
collection is required, and another
commenter said that the Filing
Instructions Guide should be provided
early in the implementation process.
This commenter also said that the
compliance date should take into
account the delayed availability of the
Filing Instructions Guide. A different
commenter said that guidance should be
provided before, during, and after the
compliance date.
A few commenters said that the
Bureau should develop outreach
programs or provide additional access to
Bureau staff to address questions or
issues that arise during implementation
of the rule. One commenter said that the
Bureau should commit to a formal
request for comments on all facets of
implementation and compliance with
the rule. This commenter also said that
the Bureau should dedicate staff to
provide definitive answers to industry
members that contact the Bureau and
that it should not be possible for
community banks to be criticized or
penalized for following the instructions
or answers obtained from Bureau staff.
Another commenter said that, during
the implementation period, the Bureau
should regularly communicate with
vendors and covered financial
institutions and consider reasonable
extensions of the rule’s compliance date
if issues that could affect industry
preparedness arise.
Another commenter said that the
Bureau should create a compliance
liaison office that has the primary goal
of supporting industry in their
regulatory submissions and fair lending
analyses. This commenter said that this
liaison office would require multiple
types of specialists in order to function
properly and would need ties to other
teams so that feedback loops work
properly. This commenter further said
PO 00000
Frm 00033
Fmt 4701
Sfmt 4700
35181
that questions on specific data entry
topics should be saved and
communicated to the Office of
Regulations and others at the Bureau.
The commenter said that Bureau
guidance provided to individual
industry members should be converted
into frequently asked questions and
tagged for purposes of amending
existing regulations. The commenter
further said providing verbal guidance
is helpful, but slow, and potentially
inconsistent. This commenter also
alleged that the Bureau does not track
data related to questions received and
asserted that such lack of tracking limits
the responsiveness of the Bureau in
adapting regulations to properly include
current industry practices. A different
commenter said that the Bureau should
consider holding a series of public
meetings or hearings to take testimony
from small businesses, lenders, and
trade associations regarding the impact
that implementation of the proposed
rule will have on each group as well as
on the privacy risks inherent in the
proposed data collection and public
reporting by the Bureau.
Finally, there were two comments on
supervision and enforcement related
issues. These commenters said that the
Bureau should coordinate with other
Federal agencies to develop model
examination procedures in advance of
the Bureau publishing a final rule. One
of these commenters further predicted
that, absent a clear description of the
methodologies that might be employed
to perform fair lending analysis, there
would likely be a period where
prudential regulators’ examination
expectations are in flux and, perhaps,
materially inconsistent.
Responses to Comments Received
The CFPB aims to provide a wide
variety of guidance about the legislative
rules it issues pursuant to the
Administrative Procedure Act. Although
this guidance may include materials
such as advisory opinions, interpretive
rules, and general statements of policy,
the CFPB’s guidance more often
includes other materials and activities
that generally reiterate requirements or
positions that previously have been
announced in a legislative rule or
elsewhere (hereinafter ‘‘implementation
resources’’). These implementation
resources include such documents and
materials as rule summaries,
compliance guides, checklists,
factsheets, frequently asked questions,
institutional and transactional coverage
charts, webinars, and other compliance
aids directed to regulated entities, the
general public, or agency staff (e.g., staff
manuals). In recent years, the CFPB has
E:\FR\FM\31MYR2.SGM
31MYR2
lotter on DSK11XQN23PROD with RULES2
35182
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
developed a process for preparing and
releasing these implementation
resources. For rules such as this one, the
CFPB generally engages in a phased
approach and attempts to provide
various implementation resources
throughout the implementation period
and for some period after the
compliance date.
The CFPB has provided,
simultaneously with this rule’s release,
a Filing Instructions Guide, an executive
summary, and other resources to help
financial institutions understand and
comply with the final rule. These
materials are available on the CFPB’s
website.289
Additionally, the CFPB is planning to
release a Small Entity Compliance
Guide. This Small Entity Compliance
Guide will provide a detailed and
comprehensive summary of the rule’s
requirements, will include examples,
and will be separate from and different
than any examination manuals or other
supervisory materials. The CFPB also
anticipates providing other written
implementation resources to assist
industry, vendors, and others. When
providing implementation resources,
the CFPB will consider all of its
available tools and select the tool that it
believes is best suited to the content that
the CFPB is addressing in the guidance
as well as the timing of the guidance.
Individuals who would like to be
notified when the CFPB releases
additional implementation resources or
other guidance can sign up to receive
notifications. However, with regard to
one commenter’s request, the CFPB does
not anticipate developing materials
attempting to show members of industry
how to conduct research. The CFPB
believes that such materials are outside
the scope of the CFPB’s implementation
and guidance function and are regularly
provided by other sources.
With regard to the comments
addressing outreach, the CFPB notes
that it has and anticipates that it will
continue to engage in ongoing outreach
related to this rulemaking. As discussed
in part III above, the CFPB engaged in
considerable outreach to industry and
other stakeholders in the years leading
up to issuing this final rule, and intends
to continue to engage with industry,
along with vendors and other
stakeholders, as they prepare to comply
with the rule. With regard to one
commenter’s request that the CFPB hold
a series of public meetings or hearings
to take testimony from small businesses,
289 See https://www.consumerfinance.gov/
compliance/compliance-resources/small-businesslending-resources/small-business-lendingcollection-and-reporting-requirements.
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
lenders, and trade associations
regarding the impact that
implementation of the proposed rule
will have on each group prior to
issuance of the final rule, the CFPB did
not believe this was needed given the
number of substantive comment letters
it received and the opportunity
provided to stakeholders to submit
comments on the proposed rule and its
potential impact. Nonetheless, as
described in part III.B above, the CFPB
has been conducting technical outreach
with third-party software providers that
serve financial institutions and software
and technology staff from financial
institutions that are likely to have to
report small business lending data to the
CFPB. With these software vendors and
technical staff, the CFPB has held and,
after publication of this final rule, will
continue to hold discussions concerning
the technical systems and procedures
the CFPB will provide for financial
institutions to submit data. The CFPB
expects that its outreach efforts will
provide a channel of communication for
industry, vendors, and other parties to
constructively provide feedback on the
CFPB’s existing implementation
resources as well as provide direction
for future implementation resources.
As set out in more detail above, some
commenters said that the CFPB should
provide staff to address questions or
issues that arise during implementation
of the rule. One commenter suggested
that the CFPB develop a compliance
liaison office. Similar to what it has
done with inquiries about HMDA/
Regulation C, the CFPB anticipates that
it will use its regulatory inquiries
function to assist individual inquirers
who have specific questions about the
rule or how to submit data pursuant to
the rule. This function is designed to
provide inquirers with brief, informal
assistance on regulatory or technical
issues. However, in part because of
Administrative Procedure Act
constraints, the CFPB cannot provide
binding or official interpretations
through this informal function. In
addition, there are other limits on the
regulatory inquiries function and on the
CFPB’s other implementation resources.
For example, the CFPB does not provide
legal advice through the regulatory
inquiries function.
In addition, the CFPB already reviews
the inquiries it receives and uses
information gleaned from those reviews
to help the CFPB prioritize provision of
various other types of guidance. Thus,
when the CFPB receives multiple
individual inquiries about the same
topic, the CFPB often prioritizes that
topic for webinars and various forms of
written guidance, potentially
PO 00000
Frm 00034
Fmt 4701
Sfmt 4700
culminating in revisions to the Official
Interpretations or the regulatory text
after a notice-and-comment process.
Thus, as requested by one commenter,
the CFPB already tracks data regarding
the inquiries it receives and, as
appropriate given the nature of the
inquiries and the CFPB’s resources, uses
them as a basis for frequently asked
questions, other implementation
resources, or other action. The CFPB
anticipates doing the same with
inquiries received about this rule.
With regard to the comments related
to supervision, the CFPB notes that it
will coordinate with other Federal
agencies to develop examination
procedures in connection with the rule,
and anticipates publishing such
procedures in advance of the rule’s first
compliance date.
3. Comments Regarding Overlaps With
Other Data Reporting Regimes
Comments Received
General comments. Several
commenters cast the overlap between
this rule and other Federal data
collection rules in a positive light. A
community group and a CDFI lender
observed that small business lending
data are collected piecemeal and
haphazardly across multiple agencies—
including the Federal bank agencies, the
SBA, and the CDFI Fund—and that this
rule could be used to consolidate small
business lending data reporting across
agencies to reduce administrative
burden by satisfying requirements
across programs for various CRA and
fair lending uses.
Two commenters noted that the
existence of other data collection
regimes, including Federal reporting
requirements and private-sector
reporting (such as HMDA; the SBA 7(a),
504, and Community Advantage Loan
programs; CDFI Fund reporting; the
Wells Fargo Diverse Community Capital
Program; and the Paycheck Protection
Program) suggested that compliance
with this rule is feasible because these
other data collections make this rule
well-understood in conceptual,
technological, and procedural terms.
One commenter noted that these other
data collections cover all but three of
the data points in the NPRM
(application method, application
recipient, and denial reasons).
Several commenters stated their
appreciation for the Bureau’s attempts
to harmonize this rule with others and
avoid duplicative data reporting. One
bank noted that avoiding duplicative
reporting was critical for community
banks, for which even slight differences
in reporting rules would be
E:\FR\FM\31MYR2.SGM
31MYR2
lotter on DSK11XQN23PROD with RULES2
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
burdensome, taking away from time that
could be spent with customers.
Many other commenters, including
lenders, trade associations, a business
advocacy group, and a group of State
banking regulators, noted the overlap
between this rule and other data
collection regimes, and requested that
the Bureau harmonize this rule with
other similar data reporting regulations,
with which lenders were familiar, to
minimize challenges, complexity,
duplication, potential burden on
lenders, and potential errors in the data.
These commenters named HMDA/
Regulation C, CRA, FFIEC Call Reports,
Regulation B/ECOA, and FinCEN’s
Beneficial Ownership Rule as specific
examples of other rules that the required
harmonization with this rule and that,
in many cases, the Bureau itself
identified as overlapping.
Commenters argued that, by
borrowing from existing frameworks or
systems, the Bureau could reduce
complexity and facilitate industry
compliance, allowing financial
institutions to leverage existing
processes, training and institutional
knowledge. For instance, some
commenters suggested that the
thresholds in this rule be aligned with
those of HMDA and CRA. Other
commenters suggested that the Bureau
could adopt the framework in FinCEN’s
beneficial ownership rule for this rule’s
method of determining minority-owned
and women-owned status, rather than
layering on a new definition of ‘‘primary
owners,’’ which they suggested would
add unneeded complexity to the loan
origination process.
Industry commenters also asserted
that by aligning this rule with existing
rules, such as HMDA and CRA, the
Bureau could avoid imposing
inconsistent or duplicative reporting
requirements to avoid errors from
regulatory confusion and urged the
Bureau to avoid requiring lenders to
report different data for the same
transaction.
Several other commenters identified
other concerns with overlapping
reporting. One bank noted that, while
the Bureau tried to harmonize its
requirements with other rules, even
slight deviations between rules cause
problems, which may confuse
customers and make them more likely to
refuse to provide data. Another bank
noted that some HMDA and CRA data
aggregation and submission systems rely
upon identifiers to separate and process
these different datasets, which the bank
suggested was another reason to keep
loans reportable under this rule separate
from those reportable under HMDA.
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
A number of industry commenters
and a group of State banking regulators
requested that the Bureau not require
financial institutions that already report
data to duplicate their work. One stated
that banks already report a significant
amount of data to prudential regulators,
and that the Bureau should eliminate
duplicative reporting. Other
commenters asked that the Bureau work
with Federal agencies to align this rule
with the FFIEC Call Report, and CRA
and HMDA regulations to avoid
duplication, reduce compliance burden,
and reduce the potential for data errors.
Two banks urged the Bureau to exempt
loans reportable under other data
reporting regimes, such as HMDA- and
CRA-reportable loans. Another noted
that its staff is trained on the established
requirements of HMDA and CRA, and
that removing duplicative or
inconsistent requirements would reduce
compliance costs, providing savings that
could be passed on to the borrowers.
Two community-oriented lenders
suggested that the Bureau exempt all
credit applications under Federal
agency programs, as the data points
proposed in this rule are already
collected by that loan program’s
oversight agency (i.e., SBA, USDA, etc.).
Two industry commenters suggested
that the Bureau should first use existing
small business lending data published
by the government and private sector
before collecting additional data,
thereby assessing the small business
finance market without negatively
impacting providers of capital to
entrepreneurs. One bank asserted that
the Bureau itself admitted it had enough
data to analyze the small business
lending market, and that the rule should
focus on collecting data from nondepository institutions, as it would be
duplicative to collect data from
depositories, which provide data via the
FFIEC and NCUA Call Reports and
already have a history of being
regulated.
Some industry commenters generally
requested that the Bureau work out
inconsistencies between this rule and
other data collection regimes. Some
offered more specific requests for
harmonization. One suggested more
alignment in terms of scope, coverage
and exemptions between this rule,
HMDA and CRA. Another commenter
identified inconsistencies with existing
Regulation B, citing the difference
between its small business definition
($1 million or less in revenue) and the
NPRM’s proposed definition ($5 million
or less). A CDFI lender observed that
CDFIs report lending activity to the
CDFI Fund, SBA, CRA, Opportunity
Finance Network’s annual member
PO 00000
Frm 00035
Fmt 4701
Sfmt 4700
35183
survey, and credit reporting agencies,
and requested that the Bureau
standardize data formats to match those
used in CDFI Fund reporting to
streamline data collection and minimize
burden on CDFIs.
HMDA. A number of commenters
identified overlap between this rule and
HMDA/Regulation C, and noted that
duplicative data would published in
two places. Some industry commenters
requested that the Bureau avoid
inconsistent and duplicative reporting
by excluding from HMDA reporting
transactions reportable under this rule.
Two trade association suggested a
parallel rulemaking to amend
Regulation C, timed with the release of
this final rule.
On the other hand, other commenters
suggested that HMDA-reportable loans
should be excluded from this rule to
avoid duplicative reporting, undue
compliance burden, and regulatory
confusion. A business advocacy group
noted that the Bureau itself identified
the overlap between HMDA-reportable
loans and loans covered by this rule. A
trade association suggested the Bureau
could narrowly tailor an exemption by
apply the rule only to financial
institutions that report data under
HMDA, without an exclusion for
HMDA-reportable loans by lenders that
are not HMDA reporters, arguing that a
narrowly tailored exclusion would serve
the statutory purposes of the rule
because commercial mortgage loans for
small businesses would be captured
under HMDA or this rule. A bank
believed that duplicative reporting of
HMDA-reportable applications did not
serve the statutory purposes of the rule.
A large bank disagreed with the
Bureau’s assertion that excluding
HMDA-reportable transactions from this
rule would add complexity to the
analysis of data by requiring lenders to
find and delete HMDA-reportable
transactions from its submission to the
Bureau; the bank argued that
duplicative reporting was more
complex. One lender stated that farm
credit data are already collected from
Farm Credit System lenders subject to
HMDA.
A number of commenters identified,
generally, inconsistencies between the
proposed requirements for this rule and
those of HMDA/Regulation C. Many
industry commenters pointed out that
many proposed data points in the
NPRM would be similar to data points
in Regulation C, and expressed concern
that any differences in reporting
requirements for these data points
would lead to confusion and data errors.
Two trade associations asserted that the
overlap in data would create significant
E:\FR\FM\31MYR2.SGM
31MYR2
lotter on DSK11XQN23PROD with RULES2
35184
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
and needless complexities for covered
lenders, and noted that there were
inconsistencies between the rules
despite the Bureau’s attempts to limit
them.
Several lenders requested that the
Bureau harmonize this rule with
Regulation C to the extent possible if no
exemptions were possible. A large bank
asked that the Bureau harmonize several
data points—action taken, application
date, and ethnicity, race, and sex of
principal owners—because lenders
would be able to collect these data just
once for each small business applicant,
increasing efficiency in the application
process and facilitating compliance.
Some commenters addressed overlap
between specific data points proposed
in the NPRM and existing data point
requirements under Regulation C. A
number of industry commenters noted
that for census tract, HMDA uses the
tract where collateral is located while
the Bureau proposed to use a waterfall
approach of several addresses. Two
lenders pointed out that HMDA does
not have the firewall requirement
proposed for this rule in the NPRM; one
of these commenters suggested that the
final rule follow the HMDA approach
(no firewall) for HMDA-reportable
loans.
On the reporting of ethnicity, race,
and sex of principal owners, two
lenders noted that this rule and HMDA
offer different answer choices. One of
the commenters noted that lenders
would provide two separate
questionnaires regarding ethnicity, race,
and sex for a single loan application,
which could confuse applicants and
make them decline to answer either one.
Several lenders noted that the
proposed visual observation and
surname provision, which does not
require its use to determine the sex of
a principal owner, was not aligned with
the visual observation and surname
requirement under Regulation C, which
does require its use to determine the sex
of a mortgage applicant. One stated that
this disparity would cause confusion
and errors in data collection. Another
stated that for a loan application
covered by both rules, the disparity
would mean complying with one rule
and violating the other.
Regarding credit purpose, a bank
noted that a loan to a small business to
purchase, improve, or refinance an
apartment building would require
different information to be collected and
reported under both rules.
On action taken, one bank noted a
disparity between the approaches of the
proposed rule (one option for
‘‘incomplete’’ as an action taken) and of
Regulation C (two different
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
incompleteness options—one for a loan
denial and the other for file closure) that
it believed would cause difficulty,
despite agreeing with the proposed
rule’s approach. Another bank noted
that the proposed rule would require
collection of gross annual revenue for
the past fiscal year, while Regulation C
requires the income used for the credit
decision.
Community Reinvestment Act. A
number of commenters noted the
similarities between the small business
and small farm data collected under
CRA and this rule and suggested
eliminating duplication. One
community group stated that the data
for this rule should replace CRA data,
noting that this rule could replace the
inconsistent, duplicative and inefficient
collection of small business lending
data with a comprehensive database.
The commenter stated that lenders and
community groups both would prefer to
consult with one database than to
contend with two or more that are
collected annually, and that this rule is
likely to capture more data than the
current CRA system. A bank suggested
eliminating CRA reporting requirement
as data collected under this rule would
duplicate and surpass the CRA data
points, but would not be interoperable
as each rule would require different
formatting, rounding, or coding. A
minority business advocacy group and a
joint letter from community and
business advocacy groups requested that
1071 data be used for CRA
examinations, just as HMDA data are.
These commenters noted that current
small business small farm data for CRA
examinations is limited and not a good
indication of whether lenders serve the
most vulnerable businesses, and that the
more robust dataset to be collected
under this rule would be a better
indicator.
One bank asked that the Bureau work
with other Federal regulators to
eliminate duplication with CRA data
reporting, noting that CRA data already
provides a good picture of lending to
small business including agriculture.
Another bank suggested that the Bureau,
rather than create a new data collection
requirement, exempt federally insured
depositories and work with other
Federal regulators to enrich existing
CRA reporting to include the data the
Bureau wants to collect under section
1071. The commenter noted that
insured depositories already have robust
CRA reporting systems, and generally
already collect and report data required
by the NPRM to meet CRA obligations.
The bank stated that the use of CRA
systems to report 1071 data would result
in the faster delivery of information the
PO 00000
Frm 00036
Fmt 4701
Sfmt 4700
Bureau needs at lower cost to reporters.
The bank also suggested that the CFPB
should focus this rule on nondepository institutions that do not now
have robust reporting requirements. The
commenter also stated that institutions
are already comfortable with CRA
reporting and understand how
regulators use such information, but
noted that they did not understand how
data collected pursuant to section 1071
would be used and was concerned the
Bureau would use it to retaliate and
micromanage lenders, as it did in the
consumer lending space.
A number of lenders asked that the
Bureau work collaboratively with the
prudential regulators to eliminate
inconsistencies and duplication with
CRA data reporting. A CDFI lender
asserted that successful implementation
of this rule would necessitate
coordination of data requirements and
encouraged the Bureau to coordinate
with the CRA agencies to align rules to
ensure that lenders covered by CRA
continue to meet credit and community
development needs of small businesses,
particularly those owned by women and
minorities. One bank noted that
duplicate and inconsistent requirements
would increase the compliance burden
on lenders as well as data errors, and
that inconsistent data reporting would
require more resources without adding
value. A bank stated that inconsistent
definitions could cause community
stakeholders to misinterpret data and
draw incorrect conclusions regarding a
lender’s performance.
One bank supported a more
streamlined approach taking advantage
of existing CRA processes and
definitions to reduce costs and burdens
related to this rule, which in turn would
ease burdens on lenders and reduce
costs that would ultimately be passed
on to the borrower. Another commenter
suggested that the Bureau work closely
with the agencies working on the
modernization of CRA rules to reduce
duplication and the friction caused by
differences between the rules.
A number of commenters identified
specific areas of inconsistency between
the CRA and this rule. Several banks
and a trade association noted that the
small business definition proposed in
the NPRM, businesses with gross annual
revenue greater than $5 million, was
inconsistent with the CRA definition,
which included an asset threshold and
originated loans less than $1 million.
One bank stated that this discrepancy
was likely to cause staff confusion and
possible data integrity issues. A trade
association requested that the Bureau
adopt the CRA’s small business
definition using a loan size of $1 million
E:\FR\FM\31MYR2.SGM
31MYR2
lotter on DSK11XQN23PROD with RULES2
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
and other Federal laws to create
alignment for those lenders that already
comply with existing regulations, and
that a focus on businesses with $1
million in revenues would support the
Bureau’s goal of promoting small
business lending in underserved areas
to underserved small businesses, that
are more likely to be closer to $1 million
rather than $5 million in revenue. Two
banks stated that banks may receive
more CRA credit for small business
loans originated to businesses with $1
million or less in gross annual revenues.
Several commenters noted that the
rule proposed a waterfall approach to
using addresses to determine census
tract, while CRA regulations inquire
only about where loan funds are used.
One bank commented that this meant
that a single loan could result in the
reporting of different census tracts for
purposes of the two rules. Another bank
suggested that a better way to achieve
consistency with CRA was to allow
lenders reporting under this rule to
choose which of the three addresses to
use and require the institution to report
which address type it used.
Some industry commenters noted that
the Bureau reduce its gross annual
revenue threshold for its small business
definition under this rule from $5
million to $1 million to align with CRA.
A trade association noted that the $1
million threshold would align with the
threshold for FFIEC Call Reports and for
existing Regulation B, which requires
tracking of loans to businesses with $1
million or less in revenue for purposes
of sending adverse action notices under
§ 1002.9(a)(3). The commenter also
stated that using this threshold would
also mean that other data from this rule
could be compared with CRA data,
leading to a better evaluation of a bank’s
small business lending performance.
One bank stated that a discrepancy
between this rule and CRA on the
revenue threshold could lead to errors,
given the many manual processes still
used. Another bank asserted that a $5
million threshold would capture
applications from businesses it did not
consider small.
Several trade associations claimed
that the proposed rule did not treat
renewals and extensions the way CRA
regulations do.
SBA. Several commenters stated that
SBA-reportable loans should be exempt
from the rule, including loans under the
SBA 7(a) and 504 programs. One
commenter stated that the Bureau
should work with SBA to select
reportable data elements and then
obtain them from the SBA on loans and
application denials to ease the reporting
burden of SBA lenders, and that the
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
majority of applications are already
captured by third-party lending partners
in the 504 program.
One bank stated that the Bureau’s
proposed small business definition is
too broad and may capture entities that
are not true small businesses. The
commenter originated many multifamily loans to entities formed for the
sole purpose of investing in real estate,
not to run a small business, and asserted
that the proposed definition would
capture entities not consistent with
SBA’s definition of small business based
on number of employees by industry
and would be consistent with the spirit
of section 1071, and that this would
skew data.
FinCEN. One bank stated that data
reported under this rule would be better
provided through other means, such as
FinCEN’s recent business database and
registry.
CDFI Fund. Some commenters,
including a number of communityoriented lenders and community
groups, stated that the Bureau should
work with the CDFI Fund to streamline
integrating the data from this rule with
that of the CDFI Fund. Several
commenters stated that new
requirements from the CDFI Fund will
likely expand transaction level reporting
requirements to all certified CDFIs. One
CDFI lender noted that the CDFI Fund’s
review and improvement to its current
annual reporting process could create an
opportunity to harmonize its definition,
types of data collection, and timing of
reporting with the Bureau. Another
CDFI lender stated that the Bureau
should work with the CDFI Fund to
ensure that reporting requirements are
aligned; CDFIs are currently required by
Federal law to collect, maintain, and
report specific demographic data about
small businesses and consumers to
ensure they serve their target
communities. Several others stated that
the Bureau should work with the CDFI
Fund and loan software providers to
streamline the process of integrating
new data collection processes into
existing systems. Some commenters
noted that certain CDFIs must report
data points such as interest rate,
origination, points and fees,
amortization type, loan term, and
payment dates to the CDFI Fund.
Several also pointed out that some
CDFIs also report on loans to the SBA,
to Federal prudential banking regulators
pursuant to the CRA, and to a nonprofit’s annual member survey.
One lender stated that CDFIs have
long sought guidance from the Bureau
on compliance with overlapping
statutory requirements from the CDFI
Fund, ECOA, and Regulation B, and
PO 00000
Frm 00037
Fmt 4701
Sfmt 4700
35185
recommended that the Bureau use this
rulemaking process to clarify data
collection requirements in coordination
with the CDFI Fund to avoid potential
conflicts.
Several commenters said that some
CDFIs will have to adjust processes and
systems to comply with this rule, that
the CDFI industry uses several different
loan software products, and providers
continually modify systems to comply
with the CDFI Fund’s reporting
requirements.
One commenter stated that the Bureau
should collect credit score, as CDFI
Fund does, because it permits an
‘‘apples-to-apples’’ comparison of loans
to help determine if small businesses
that have historically struggled to access
responsible loans receive credit on
identical terms as white-owned
businesses. The commenter also said
that the burden to collect this would be
minimal, as many CDFIs already report
it to the CDFI Fund.
Farm Credit. An agricultural lender
stated that a lack of understanding of
the Farm Credit System by the Bureau
would have unintended and detrimental
consequences for those lenders’
customers. The lender noted that these
lenders institutions already report
lending on Young, Beginning and Small
lending efforts and volume (12 CFR
614.4165) to the Farm Credit
Administration.
Agency cooperation. One bank
suggested that the Bureau work with
SBA to create more women-owned and
minority-owned business programs,
such as diversity loan programs to help
the underserved, noting that the DoddFrank Act was passed as a reaction to
the practices of larger lenders but would
affect smaller lenders
disproportionately.
A State financial regulator requested
that the Bureau work with State
regulators to provide them data. The
commenter noted that the NPRM
proposed modifications or deletions to
protect privacy interests but was silent
on whether the Bureau would share
unredacted data with State regulators,
and urged the Bureau to include in the
final rule express language permitting
the Bureau to share data collected under
this rule with State regulators in
accordance with information sharing
agreements. The commenter noted that
such data will help State regulators
identify fair lending violations and
enforce anti-discrimination laws.
Responses to Comments Received
General comments on overlap. The
CFPB acknowledges the general
comments concerning the overlap
between this rule and other data
E:\FR\FM\31MYR2.SGM
31MYR2
lotter on DSK11XQN23PROD with RULES2
35186
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
collection regimes, and general requests
that the Bureau harmonize this rule
with other similar data reporting
regulations. The CFPB recognizes the
overlap with other rules and in this final
rule has made attempts to minimize the
challenges, complexity, and duplication
of effort, as well as potential errors in
the data. In some instances, duplicate
reporting will be eliminated—this rule
will not require the reporting of any
HMDA-reportable applications, and
proposed amendments to CRA
regulations would eliminate reporting
on small business and small farm
reporting to be replaced exclusively by
data from this rule. In addition, the
CFPB attempted wherever possible (i.e.,
consistent with its statutory authorities
under this rule) to borrow concepts or
structures from other rules, such as
FinCEN’s customer due diligence rule.
The CFPB also intends to continue to
coordinate with other agencies to
further harmonize this final rule with
other similar regulations.
Regarding the requests that the
Bureau not require financial institutions
that already report data to duplicate
their work, or that the Bureau exempt
all loan applications under Federal
agency programs, the CFPB has made
certain adjustments in the final rule. As
noted above, duplicate reporting will be
eliminated for HMDA-reportable loans
and, pursuant to proposed amendments
to CRA regulations, under the CRA.
However, other data reporting
regulations have purposes sufficiently
different from those of this rule such
that the regulations are not completely
overlapping, and that the simple
elimination of one of the two reporting
requirements would not advance both
regulations. For instance, data reported
via FFIEC Call Reports are not
motivated only by considerations of fair
lending and community development.
In addition, such other reporting
requirements address only originations,
while section 1071 requires reporting on
applications.
Regarding the comment that the
Bureau should first use existing small
business lending data generated by the
government and private sector before
collecting additional data, Congress
disagreed when it passed section 1071
calling for data on small business
lending applications. Existing data
capture only limited application-level
data on lending to small businesses by
depository institutions, and hardly any
application-level data on lending to
small businesses by non-depository
institutions.
Regarding requests that the CFPB
work out inconsistencies between this
rule and other data collection regimes,
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
and that the Bureau standardize data
formats to match those used in other
data reporting, especially for CDFIs, the
CFPB has attempted to do so in this
final rule where consistent with section
1071’s statutory purposes. In addition,
the CFPB intends to work with agencies
and other sources of small business
lending data to explore other possible
avenues for additional standardization.
HMDA. Regarding the identification
of overlap between this rule and
HMDA/Regulation C, and the requests
to avoid duplicative reporting, the CFPB
is exempting HMDA-reportable
transactions from the requirements of
this rule. This new provision would
have the effect of eliminating
inconsistencies between the two rules,
the duplication of data collection and
reporting, and potential data errors.
However, the Bureau is not adopting a
more narrowly tailored exclusion that
would not apply to HMDA-reportable
loans by financial institutions that are
not HMDA reporters. For the reasons set
out in the section-by-section analysis of
§ 1002.104(b)(2), the CFPB has
determined that trying to close all
potential data gaps would defeat the
purpose of trying to alleviate concerns
from commenters about having to
implement and maintain two separate
reporting systems. The CFPB’s decision
to exempt HMDA-reportable
transactions also renders moot
comments concerning inconsistencies
between specific data points in
Regulation C and those proposed for
this rule, along with the firewall
requirement.
Community Reinvestment Act.
Regarding the comments identifying the
similarities between the data required
by this rule and the requirements of the
CRA, and the request that the data of
this rule replace the data for the CRA,
the CFPB notes that, as stated in part
II.F.2.i above, the CRA agencies have
issued a proposed rule that, amongst
other things, would exclusively rely on
1071 data for its assessment of the small
business and small farm lending
activities of banks, replacing the
existing CRA data requirements based
on Call Reports and other sources. The
CFPB believes that when the final rule
amending the CRA requirements is
issued, duplication between the CRA
and this rule will be eliminated, as
requested by numerous commenters,
including industry and community
groups. As some community groups
suggested, the CRA proposal
contemplates using 1071 data for CRA
examinations in the manner that HMDA
data are currently used in CRA
examinations. The CFPB agrees with
these commenters that 1071 data would
PO 00000
Frm 00038
Fmt 4701
Sfmt 4700
be more robust than the data currently
collected under existing CRA rules.
Regarding the various request that the
Bureau work with other Federal
regulators to eliminate duplication, the
CFPB observes that the CRA agencies
appear to intend with their proposed
rule to eliminate duplicative reporting
by both relying on the Bureau’s small
business lending data and eliminating
any independent data collection
requirement. The CFPB intends to
continue cooperating with the CRA
agencies to ensure coordination between
this rule and amendments to the CRA
regulations, especially those concerning
potentially duplicative reporting.
Regarding the comments that the
Bureau should exempt lenders that
report under the CRA, the CFPB does
not believe such an exemption would be
appropriate. In addition, in light of the
CRA’s proposal to use data collected
and reported pursuant to section 1071,
the result of such an exemption might
be that no small business lending data
would be collected for such institutions.
Regarding the comments that
identified specific inconsistencies
between the CRA and this rule, the
CFPB does not disagree that the
inconsistencies identified exist but
notes that the CRA’s proposal that the
CRA agencies rely exclusively on 1071
data for their analysis of small business
and small farm lending would render
these inconsistencies moot because only
1071 data would exist. Regarding the
comment that the Bureau should reduce
its gross annual revenue threshold for
its small business definition under this
rule from $5 million to $1 million to
align with FFIEC Call Reports and for
Regulation B, the CFPB is not doing so
for the reasons set out in the section-bysection analysis of § 1002.106(b). The
CFPB believes that a small business
definition with a lower threshold would
not further the statutory purposes of the
rule because it would reduce the
amount of data collected concerning
lending to many businesses that,
according to other metrics would still be
considered small though above $1
million in revenue. In addition, the
Bureau believes that analyses seeking to
match or compare data from this rule
that are interoperable with small
business lending data from FFIEC need
only screen this rule’s data for gross
annual revenue of less than $1 million,
which this rule requires as a data point.
For instance, the CRA NPRM proposes
screening the 1071 data for loans to
small businesses and small farms under
$1 million revenue for purposes of
certain parts of CRA examinations.
SBA. The CFPB is not exempting
SBA-guaranteed loans from reporting
E:\FR\FM\31MYR2.SGM
31MYR2
lotter on DSK11XQN23PROD with RULES2
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
under this rule. For its 7(a) and 504
programs, the SBA only collects and
publishes a subset of the data required
by this rule for originations. Still, the
CFPB intends to coordinate with SBA to
try to reduce duplicative reporting.
FinCEN. Regarding the comment that
the data reported under this rule would
be better provided through other means,
such as via FinCEN’s recent business
database and registry, the CFPB
understands that database is not set up
to receive small business lending data.
CDFI Fund. Regarding comments that
the Bureau should work with the CDFI
Fund to harmonize reporting under the
CDFI Fund’s Transaction Level Report
requirements with this rule, the CFPB
agrees to coordinate with the CDFI Fund
to determine where it is possible to
avoid duplicative or inconsistent
reporting of data and how to resolve any
overlapping statutory requirements. The
CFPB observes that it may not be
possible to simply eliminate duplicate
reporting, as with HMDA or CRA
reporting, given the differences in
purposes and the requirements of the
CDFI Fund compared to those of this
rule. Regarding comments that the
Bureau should work with loan software
providers, the CFPB agrees and intends
to meet with software providers as it
develops the small business lending
data submission platform to determine
how reporting can be streamlined for
CDFIs that must report small business
lending data to various agencies, such as
the CFPB under this rule, the SBA, and
the CDFI Fund.
Regarding the comment that the
Bureau should collect credit score, as
CDFI Fund does, the CFPB notes that, as
stated in the section-by-section analysis
of § 1002.107(a), the CFPB believes that
this data point—which the CFPB would
also have to collect from other financial
institutions that may have operations
quite different from CDFIs—could be
quite complicated and involve complex
sub-fields, which could pose
operational difficulties for financial
institutions in collecting and reporting
this information.
Farm Credit. Regarding the comments
that the Bureau’s lack of understanding
of the Farm Credit System would have
unintended and detrimental
consequences for FCS customers, and
that the FCS lenders already report data
to the Farm Credit Administration, the
CFPB has consulted with FCS lenders,
and believes that its approach will
result in consistency across the data
collected under this rule, more robust
fair lending analyses and transparency
into opportunities for small farms, and
a more even playing field for
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
compliance across all financial
institutions.
Agency cooperation. Regarding the
comment that the Bureau work with
SBA to create more women-owned and
minority-owned business programs, the
CFPB regularly engages with other
Federal regulators on a range of work
that implicates its statutory mission;
that includes, as appropriate, the SBA.
Regarding the request that the Bureau
provide small business lending data to
State regulators, the CFPB agrees that
doing so would likely be consistent with
the statutory purposes of the rule. The
CFPB will engage with State and
Federal regulators regarding their access
to small business lending data collected
under this final rule, while ensuring
that data security and data privacy are
appropriately protected.
E. Cross-Cutting Interpretive Issues
1. The Bureau’s Approach to Non-Small
Women-Owned and Minority-Owned
Businesses in This Rulemaking
ECOA section 704B(b) states that ‘‘in
the case of any application to a financial
institution for credit for [a] womenowned, minority-owned, or small
business,’’ the financial institution must
‘‘inquire whether the business is a
women-owned, minority-owned or
small business. . . .’’ As explained
below, the Bureau proposed to require
financial institutions to collect and
report data regarding applications for
credit for small businesses; the Bureau
did not, however, propose to require
financial institutions to collect and
report data with respect to applicants
that are not small businesses.
The Bureau believed that section 1071
was ambiguous with respect to its
coverage of applications for credit for
non-small women- or minority-owned
businesses, and the Bureau therefore
proposed to interpret this ambiguity
pursuant to ECOA section 704B(g)(1).
The Bureau acknowledged that the plain
language of 704B(b) could be read to
require financial institutions to collect
information from all women-owned and
minority-owned businesses, including
those that are not small businesses. But
based on a close consideration of the
text, structure, and purpose of the
statute, and the interactions between
section 1071 and other provisions of
ECOA and Regulation B, the Bureau
believed that the statute’s coverage of,
and Congress’s intent with respect to,
data regarding non-small businesses was
ambiguous. The Bureau proposed this
approach as an interpretation of the
statute pursuant to its authority under
704B(g)(1), and, in the alternative,
pursuant to both its authority under
PO 00000
Frm 00039
Fmt 4701
Sfmt 4700
35187
704B(g)(2) to adopt exceptions to any
requirement of section 1071 as the
Bureau deems necessary or appropriate
to carry out the purposes of section 1071
and its implied de minimis authority.
The Bureau sought comment on its
proposed approach to limiting the scope
of data collection pursuant to subpart B
to covered applications for small
businesses, but not women- or minorityowned businesses that are not small.
Several commenters, including
industry and community groups,
supported limiting the scope of data
collection as the Bureau proposed. In
particular, a cross-sector group of
lenders, community groups, and small
business advocates stated that the
Bureau had taken a reasonable and
adequately comprehensive approach in
proposing to include only minority- and
women-owned businesses that are
‘‘small,’’ as this would cover 99.9
percent of all minority- and womenowned businesses. The group further
noted that the Bureau should continue
to monitor the U.S. Census Bureau’s
Annual Business Survey and adjust this
requirement if minority- or womenowned businesses that are not
considered ‘‘small’’ exceed 1 percent. In
contrast, a State financial regulator
commented that data collection on nonsmall women- or minority-owned
businesses was important for fair
lending enforcement purposes and
would provide for better consistency
with States pursuing similar
information collection requirements. In
response to the latter comment, the
Bureau notes that such data collection
would be of limited utility in light of
section 1071’s statutory purposes
because, as discussed below, the lack of
a control group (i.e., data on non-small
businesses that are neither womenowned nor minority-owned) would
limit such data’s utility for fair lending
enforcement purposes. For the reasons
set forth herein, the Bureau is finalizing
the approach to non-small womenowned and minority-owned businesses
as proposed.
The Bureau interprets ECOA section
704B(b) and (b)(1) to require that
financial institutions first determine
whether an applicant is a small business
within the scope of the rule’s data
collection before making the required
inquiries that would otherwise be
prohibited by existing Regulation B.
There is a general prohibition in
existing Regulation B (in § 1002.5(b))
which states that a ‘‘creditor shall not
inquire about the race, color, religion,
national origin, or sex of an applicant or
any other person in connection with a
credit transaction, except if expressly
permitted to do so by law or regulation.
E:\FR\FM\31MYR2.SGM
31MYR2
35188
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
lotter on DSK11XQN23PROD with RULES2
In the introductory language to ECOA
section 704B(b), Congress instructed
that section 1071’s data collection
regime applies only ‘‘in the case of any
application to a financial institution for
credit for women-owned, minorityowned, or small business’’ (emphasis
added). The Bureau believes that ‘‘in the
case of’’ indicates Congress’s intent to
limit application of section 1071 to
these types of businesses, rather than
requiring financial institutions to make
1071-related inquiries of all business
applicants for credit.290 The next
paragraph (704B(b)(1)) does not use the
conditional phrase ‘‘in the case of’’ used
in 704B(b); rather, it instructs a financial
institution to ‘‘inquire.’’ The Bureau
believes that the instruction to
‘‘inquire’’ in 704B(b)(1) is intended to
provide the necessary exception to
Regulation B’s general prohibition
against ‘‘inquir[ing]’’ as to protected
demographic information in connection
with a credit transaction.291 Indeed,
absent section 1071’s lifting of the
prohibition, generally, a financial
institution could not determine, or even
ask about, an applicant’s women- or
minority-owned business status,
because doing so would necessarily
constitute ‘‘inquir[ing] about the race,
color, religion, national origin, or sex of
an applicant’’ in violation of existing
§ 1002.5(b). The Bureau believes that
Congress likely intended to ensure that
financial institutions could determine
whether section 1071’s data collection
and reporting requirements apply to an
applicant without risking a violation of
other provisions of ECOA and
Regulation B.
However, unlike with women- and
minority-owned business status, there is
no legal impediment to a financial
institution determining whether an
applicant is a small business, and
financial institutions can make that
290 Merriam-Webster defines ‘‘case’’ as meaning
‘‘a set of circumstances or conditions,’’ ‘‘a situation
requiring investigation or action (as by the police),’’
or ‘‘the object of investigation or consideration,’’
https://www.merriam-webster.com/dictionary/case
(last visited Mar. 20, 2023).
291 As discussed in greater detail in the next
section, the fact that the language of ECOA section
704B(b)(1) is designed to expressly permit inquiry
into protected demographic information, which
would otherwise be prohibited by existing
§ 1002.5(b), is also evidenced by the statute’s three
provisions creating special protections for
responses to the inquiry: 704B(b)(2) requires that
responses to inquiries about protected demographic
information remain separate from the application
and accompanying information; 704B(c) requires
that applicants have a right to refuse to answer the
inquiry about protected demographic information;
and 704B(d) requires that certain underwriters or
other employees involved in making determinations
on an application not have access to the responses
to inquiries about protected demographic
information.
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
determination as a threshold matter
without risking running afoul of ECOA
and Regulation B. Therefore, the Bureau
believes that the scope of the
introductory ‘‘in the case of’’ language
in ECOA section 704(b) is ambiguous as
to coverage of non-small women- and
minority-owned businesses. To resolve
this ambiguity, the Bureau applies its
expertise to interpreting the language
and structure of section 1071 within the
context of the general prohibition on
inquiring into protected demographic
information in existing § 1002.5(b), and
concludes that ECOA section 704B(b)(1)
is best read as only referring to
questions about applicants’ protected
demographic information (i.e., womenand minority-owned business status as
well as the ethnicity, race, and sex of
the principal owners of the business).
The Bureau believes 704B(b)’s more
general ‘‘in the case of’’ language should
be understood to indicate the conditions
under which data collection should take
place, and requires financial institutions
to make a threshold determination that
an applicant is a small business before
proceeding with an inquiry into the
applicant’s protected demographic
information.
A requirement to collect and report
data on applications for women-owned
and minority-owned businesses that are
not small businesses could affect all
aspects of financial institutions’
commercial lending operations while
resulting in limited information beyond
what would already be collected and
reported about women-owned and
minority-owned small businesses.
Indeed, as a cross-sector group of
lenders, community groups, and small
business advocates highlighted,
approximately 99.9 percent of womenand minority-owned business are
small.292 In addition, financing for large
businesses can be much more varied
and complex than are the products used
for small business lending The Bureau
will continue to observe the market on
this issue.
The Bureau also notes that the
collection of data on applications for
non-small women- or minority-owned
businesses would not carry out either of
section 1071’s statutory purposes
because the data would be of only
292 In
the U.S. Census Bureau’s 2018 Annual
Business Survey, 5.7 million firms (99.6 percent of
all employer firms) are small, as defined within that
survey as having fewer than 500 employees. That
same definition covers one million minority-owned
employer firms (99.9 percent of all minority-owned
firms) and 1.1 million women-owned employer
firms (99.9 percent of all women-owned firms). See
U.S. Census Bureau, 2018 Annual Business Survey
(ABS)—Company Summary (2018), https://
www.census.gov/data/tables/2018/econ/abs/2018abs-company-summary.html.
PO 00000
Frm 00040
Fmt 4701
Sfmt 4700
limited usefulness for conducting the
relevant analyses of non-small
businesses. Such analyses would
necessitate comparing data regarding
non-small women-owned and minorityowned business applicants to data
regarding non-small non-women-owned
and non-minority-owned business
applicants, in order to control for
lending outcomes that result from
differences in applicant size. But section
1071 does not require or otherwise
address the collection of data for nonsmall business applicants that are not
women- or minority-owned. Therefore,
the resulting dataset will lack a control
group, arguably the most meaningful
comparator for any data on non-small
women- or minority-owned businesses.
It is unlikely that Congress intended,
and the statute is reasonably read not to
require, the collection of data that
would be of limited utility.293
Finally, the Bureau notes that the title
of section 1071 is ‘‘Small Business Data
Collection,’’ and section 1071 amends
ECOA to add a new section titled
‘‘Small Business Loan Data Collection.’’
In the presence of ambiguity, these titles
provide some additional evidence that
Congress did not intend the statute to
authorize the collection of data on
businesses that are not small.294
For these reasons, the Bureau
interprets ECOA section 704B(b) to
cover the collection only of data with
respect to small businesses, including
those that are women- and minorityowned. Likewise, as discussed
immediately below in E.2 of this
Overview to part V, the Bureau is
clarifying that the 704B(b)(1) inquiry,
when applicable, pertains to an
applicant’s minority-owned business
status and women-owned business
status, as well as an applicant’s
LGBTQI+-owned business status, along
with the ethnicity, race, and sex of its
principal owners. For the same reasons,
the Bureau believes that not requiring
the collection of data with respect to
applications for non-small businesses
would be necessary or appropriate to
carry out the purposes of section 1071;
in the alternative, the Bureau exercises
its exception authority in 704B(g)(2) to
effectuate this outcome. Finally, because
293 See, e.g., Pub. Citizen v. U.S. Dep’t of Just., 491
U.S. 440, 454 (1989) (‘‘Where the literal reading of
a statutory term would ‘compel an odd result,’
Green v. Bock Laundry Machine Co., 490 U.S. 504,
509 (1989), we must search for other evidence of
congressional intent to lend the term its proper
scope.’’).
294 Almendarez-Torres v. United States, 523 U.S.
224, 234 (1998) (‘‘ ‘[T]he title of a statute and the
heading of a section’ are ‘tools available for the
resolution of a doubt’ about the meaning of a
statute.’’) (quoting Bhd. of R.R. Trainmen v. Balt. &
Ohio R.R., 331 U.S. 519, 529 (1947)).
E:\FR\FM\31MYR2.SGM
31MYR2
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
the Bureau believes that the collection
of data on non-small women- and
minority-owned businesses would
‘‘yield a gain of trivial or no value,’’ in
the alternative the Bureau exercises its
implied de minimis authority to create
this exception.295
lotter on DSK11XQN23PROD with RULES2
2. The Meaning of ‘‘Information
Requested Pursuant to Subsection (b)’’
Four different provisions of section
1071 refer to or rely on ‘‘information
requested pursuant to subsection (b)’’ or
similar language. First, ECOA section
704B(b)(2) provides that financial
institutions must ‘‘maintain a record of
the responses to such inquiry’’ and keep
those records separate from the
application and information that
accompanies it. Second, 704B(c) states
that applicants for credit ‘‘may refuse to
provide any information requested
pursuant to subsection (b).’’ Third,
704B(d) requires financial institutions to
limit the access of certain employees to
‘‘information provided by the applicant
pursuant to a request under subsection
(b),’’ with certain exceptions. Fourth,
704B(e) instructs financial institutions
that ‘‘information provided by any loan
applicant pursuant to a request under
subsection (b) . . . shall be itemized in
order to clearly and conspicuously
disclose’’ data including the loan type
and purpose, amount of credit applied
for and approved, and gross annual
revenue.
In light of these four disparate
provisions, the Bureau believes that
section 1071 is ambiguous with respect
to the meaning of ‘‘any information
provided by the applicant pursuant to a
request under subsection (b).’’ 296 On the
one hand, ECOA section 704B(b)(1)
directs financial institutions to inquire
whether a business is ‘‘a women-owned,
minority-owned, or small business,’’ so
the phrase could be interpreted as
referring only to those three data points.
Section 704B(e), however, indicates that
the scope of 704B(b) could be much
broader; it suggests that all of the
information that financial institutions
are required to compile and maintain—
not simply an applicant’s status as a
women-owned, minority-owned, or
small business—constitutes information
provided by an applicant ‘‘pursuant to
a request under subsection (b).’’ But as
noted above, information deemed
provided pursuant to subsection (b) is
295 Waterkeeper All. v. EPA, 853 F.3d 527, 530
(D.C. Cir. 2017) (quoting Pub. Citizen v. FTC, 869
F.2d 1541, 1556 (D.C. Cir. 1989)); see Alabama
Power Co. v. Costle, 636 F.2d 323, 360–61 (D.C. Cir.
1979).
296 The Bureau does not believe that the minor
linguistic variations in these four provisions
themselves have significance.
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
subject to the notable protections of
separate recordkeeping under
704B(b)(2), a right to refuse under
704B(c), and the firewall under 704B(d).
Applying these special protections to
many of the data points in 704B(e), such
as gross annual revenue or amount
applied for, would be extremely
difficult to implement, because this
information is critical to financial
institutions’ ordinary operations in
making credit decisions. Additionally,
704B(e) describes as ‘‘provided by any
loan applicant’’ under 704B(b) data
points that plainly must come from the
financial institution itself, such as
application number and action taken,
further suggesting that Congress viewed
this term as encompassing more
information than lies within the four
corners of 704B(b)(1). Finally, as noted
above, the circular structure of 704B(b)
complicates the question of what
constitutes information provided
‘‘pursuant to a request under subsection
(b).’’ Read together, the introductory
language in 704B(b) and (b)(1) direct
financial institutions, ‘‘in the case of’’ a
credit application ‘‘for [1] womenowned, [2] minority-owned, or [3] small
business,’’ to ‘‘inquire whether the
business is a [1] women-owned, [2]
minority-owned, or [3] small business.’’
The Bureau believes that this circularity
further demonstrates the ambiguity of
the phrase ‘‘pursuant to a request under
subsection (b).’’
The Bureau believes that it is
reasonable to resolve these ambiguities
by giving different meanings to the
phrase ‘‘any information provided by
the applicant pursuant to a request
under subsection (b)’’ (or similar) with
respect to ECOA section 704B(e) as
opposed to 704B(b)(2), (c), and (d).297
With respect to 704B(e), the Bureau
interprets the phrase to refer to all the
data points now articulated in proposed
§ 1002.107(a). Section 704B(e) is the
source of financial institutions’
obligation to ‘‘compile and maintain’’
data that they must then submit to the
Bureau, so it would be reasonable to
interpret this paragraph as referring to
297 While there is a presumption that a phrase
appearing in multiple parts of a statute has the same
meaning in each, ‘‘this is no more than a
presumption. It can be rebutted by evidence that
Congress intended the words to be interpreted
differently in each section, or to leave a gap for the
agency to fill.’’ Catskill Mountains Chapter of Trout
Unlimited, Inc. v. EPA, 846 F.3d 492, 532 (2d Cir.
2017) (citing Env’t Def. v. Duke Energy Corp., 549
U.S. 561, 575 (2007)). Here, the Bureau believes
Congress indicated such an intention by using the
same phrase in the substantially different contexts
of providing special protections for protected
demographic information on the one hand and
‘‘itemiz[ing]’’ all collected data on the other.
PO 00000
Frm 00041
Fmt 4701
Sfmt 4700
35189
the complete data collection Congress
devised in enacting section 1071.
But with respect to the three statutory
provisions creating special protections
for certain information—the firewall in
ECOA section 704B(d), separate
recordkeeping in 704B(b)(2), and the
right to refuse in 704B(c)—the Bureau
interprets the phrase to refer to the data
points in § 1002.107(a)(18) (womenowned and minority-owned business
statuses, along with the new LGBTQI+owned business status), and (a)(19)
(ethnicity, race, and sex of principal
owners).298 Each of these data points
requests protected demographic
information that has no bearing on the
creditworthiness of the applicant, about
which existing § 1002.5(b) would
generally prohibit the financial
institution from inquiring absent section
1071’s mandate to collect and report
that information, and with respect to
which applicants are protected from
discrimination. The Bureau accordingly
believes that it is reasonable to apply
section 1071’s special-protection
provisions only to this information,
regardless of whether the statutory
authority to collect it originates in
704B(b)(1) (women-owned and
minority-owned business statuses),
704B(e)(2)(H) (LGBTQI+-owned
business status), or 704B(e)(2)(G)
(ethnicity, race, and sex of principal
owners). The Bureau similarly believes
that it would have been unreasonable
for Congress to have intended that these
special protections would apply to any
of the other data points now proposed
in § 1002.107(a), which the financial
institution is permitted to request
regardless of coverage under section
1071 which are not the subject of
Federal antidiscrimination law, and
many of which financial institutions
currently use for underwriting and other
purposes.
The Bureau implements these
interpretations of ‘‘information
requested pursuant to subsection (b),’’
and any relevant comments received, in
several different section-by-section
analyses. With respect to ECOA section
704B(e), the Bureau discusses its
interpretation of the phrase in the
section-by-section analysis of
§ 1002.107(a). The Bureau’s
interpretation of 704B(d)’s firewall
requirement is addressed at greater
length in the section-by-section analysis
of § 1002.108, and the Bureau’s
interpretation of the separate
recordkeeping requirement in
704B(b)(2) is addressed in the section298 The Bureau’s interpretations with respect to a
separate data point for small business status are
discussed in the next section.
E:\FR\FM\31MYR2.SGM
31MYR2
35190
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
by-section analysis of § 1002.111(b). The
right to refuse in 704B(c) is discussed in
the section-by-section analyses of the
data points that the Bureau deems
subject to the right to refuse:
§ 1002.107(a)(18) (women-owned,
minority-owned, and LGBTQI+-owned
business statuses) and (19) (ethnicity,
race, and sex of principal owners).
lotter on DSK11XQN23PROD with RULES2
3. No Collection of Small Business
Status as a Data Point
The Bureau notes that neither of its
interpretations of ‘‘information
requested pursuant to subsection (b)’’
reference a specific data point for an
applicant’s status as a small business,
nor did the Bureau otherwise include in
proposed § 1002.107(a) that financial
institutions collect, maintain, or submit
a data point whose sole function is to
state whether the applicant is or is not
a small business.
The Bureau’s definition of small
business in final § 1002.106, which is
based on an applicant’s gross annual
revenue, renders redundant any
requirement that financial institutions
collect a standalone data point whose
sole purpose is to state whether an
applicant is a small business. Indeed,
under the definition of small business,
when a financial institution asks an
applicant its gross annual revenue, that
question is functionally identical to
asking, ‘‘are you a small business?’’ The
Bureau believes that it is a reasonable
interpretation of ECOA section
704B(b)’s query as to small business
status for that question to take the form
of, ‘‘what is your gross annual
revenue?’’ 299 Furthermore, as discussed
above with respect to the Bureau’s
approach to non-small women- and
minority-owned businesses, the Bureau
interprets financial institutions’ data
collection obligations as attaching only
in the case of applications from small
businesses; if a financial institution
determines that an applicant is not a
small business, none of the obligations
under this rule would apply. As such,
a standalone data point that serves only
to designate whether a business
qualifies as small for purposes of the
rule would be redundant with the mere
fact that the data collection occurs at all,
as well as with the collection of gross
annual revenue.
The Bureau sought comment on
whether a standalone data point solely
299 The financial institution could ask, in order to
make an initial determination as to whether the rule
applies, whether the applicant’s gross annual
revenue in its last full fiscal year was $5 million
or less. If it was, the financial institution would
need to request the specific revenue amount to
comply with final § 1002.107(a)(14), along with the
other applicant-provided data points specified in
final § 1002.107(a).
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
dedicated to small business status might
nonetheless be useful and, if so, how it
might be implemented. The Bureau
received no comments on this issue.
The Bureau acknowledges that the
plain language of ECOA section 704B(b)
could be read to require financial
institutions to ask applicants subject to
the data collection the precise question,
‘‘are you a small business?’’ Upon
further analysis, however, the Bureau
believes that Congress’s intended
treatment of small business status as a
standalone data point is ambiguous. As
described in more detail above with
respect to the rulemaking’s coverage of
women- and minority-owned businesses
that are not small, 704B(b)’s
introductory language and 704B(b)(1)
appear to require financial institutions
to know the answer to whether an
applicant is women-owned, minorityowned, or small before they make their
inquiry; to resolve this ambiguity, the
Bureau interprets 704B(b)’s introductory
language and 704B(b)(1) to require that
financial institutions first
straightforwardly assess whether an
applicant is a small business before
proceeding to inquire into the
applicant’s protected demographic
information that would otherwise be
prohibited by existing § 1002.5(b).
Pursuant to its authority under ECOA
section 704B(g)(1) to prescribe such
rules as may be necessary to carry out,
enforce, and compile data pursuant to
section 1071, the Bureau interprets
704B(b) and (b)(1) to obviate the need
for financial institutions to collect a
standalone data point whose sole
purpose is to note an applicant’s small
business status. For the same reasons,
the Bureau believes that not requiring
the collection of a separate data point on
small business status would be
necessary or appropriate to carry out the
purposes of section 1071; therefore, in
the alternative, the Bureau is exercising
its exception authority in 704B(g)(2) to
effectuate this outcome. Finally, because
the Bureau believes that the collection
of a standalone data point on small
business status would ‘‘yield a gain of
trivial or no value,’’ in the alternative,
the Bureau exercises its implied de
minimis authority to create this
exception.300
F. Conforming Amendments to Existing
Regulation B
As discussed above, the Bureau is
implementing section 1071 in a new
subpart B of Regulation B. The content
of existing Regulation B is becoming
300 Waterkeeper All., 853 F.3d at 530 (quoting
Pub. Citizen, 869 F.2d at 1556); see Alabama Power,
636 F.2d at 360–61.
PO 00000
Frm 00042
Fmt 4701
Sfmt 4700
subpart A of Regulation B. This change
does not affect the current section
numbering in Regulation B. The Bureau
believes it is appropriate to make this
rule a part of Regulation B, as section
1071 is a part of ECOA.
The Bureau sought comment on
whether it should instead codify its rule
to implement section 1071 as a freestanding regulation with its own CFR
part and, if so, why. A bank commenter
supported the location of this rule
within a new subpart B to Regulation B,
noting that lenders often overlook that
Regulation B applies to business as well
as consumer credit. The commenter also
noted that the intent of section 1071, to
provide all credit applicants fair and
equitable treatment and credit, makes
Regulation B the natural place for this
rule, rather than a free-standing
regulation, which would generate
unnecessary confusion.
As noted above and as discussed in
more detail below, the Bureau is
amending existing § 1002.5(a)(4) and
commentary for existing § 1002.5(a)(2)
and (4) to expressly permit under
certain circumstances voluntary
collection of minority-owned, womenowned, and LGBTQI+-owned business
status, and the ethnicity, race, and sex
of applicants’ principal owners in
accordance with the requirements of
subpart B.
In addition, the Bureau is revising
certain references to the entire
regulation (which use the terms
‘‘regulation’’ or ‘‘part’’) in existing
Regulation B to instead refer specifically
to subpart A. The Bureau is likewise
adding additional specificity in certain
provisions in existing Regulation B to
avoid confusion. The Bureau does not
intend to make any substantive changes
with these revisions, but rather intends
to maintain the status quo. The Bureau
is making the following changes:
In § 1002.1(a), regarding authority and
scope, the Bureau is changing two
references to ‘‘part’’ to instead refer to
‘‘subpart,’’ regarding the application of
what is now subpart A to creditors.
In § 1002.2, regarding definitions, the
introductory text states that definitions
contained therein apply to Regulation B,
unless the context indicates otherwise.
The Bureau is adding ‘‘or as otherwise
defined in subpart B’’ for clarity.
In § 1002.12(b)(1) introductory text,
(b)(2) introductory text, (b)(3) through
(5) and (7), regarding record retention,
the Bureau is adding ‘‘or as otherwise
provided in subpart B’’ to indicate that
subpart B may provide different record
retention requirements than what is set
forth in those paragraphs for business
credit. The Bureau is also changing a
reference to ‘‘this rule’’ in comment
E:\FR\FM\31MYR2.SGM
31MYR2
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
12(b)(7)–1 to instead refer to existing
§ 1002.12(b)(7) regarding retention of
prescreened credit solicitations, to avoid
confusion with subpart B’s treatment of
solicitations.
Finally, § 1002.13 addresses
information for monitoring purposes for
credit secured by an applicant’s
dwelling. The Bureau is revising
comment 13(b)–5, which addresses
applications made through unaffiliated
loan shopping services, to refer to
subpart A of Regulation B instead of the
entirety of Regulation B, for clarity. The
existing comment also refers to
applications received by creditors
subject to HMDA and associated data
collection requirements; the Bureau is
also adding to the end of the comment
an additional sentence noting that
creditors that are covered financial
institutions under subpart B of this
regulation may also be required to
collect, report, and maintain certain
data, as set forth in subpart B of
Regulation B.
Subpart A—General
Section 1002.5 Rules Concerning
Requests for Information
5(a) General Rules
lotter on DSK11XQN23PROD with RULES2
5(a)(4) Other Permissible Collection of
Information
Background
ECOA prohibits creditors from
discriminating against applicants, with
respect to any aspect of a credit
transaction, on the basis of—among
other characteristics—race, color,
religion, national origin, sex, marital
status, or age.301 It also states that
making an inquiry under 15 U.S.C.
1691c–2 (that is, section 1071), in
accordance with the requirements of
that section, shall not constitute
discrimination for purposes of ECOA.302
Regulation B, in existing § 1002.5(b),
generally prohibits a creditor from
inquiring about certain protected
demographic information in connection
with a credit transaction. Existing
§ 1002.5(a)(2), however, expressly
permits collection of such otherwise
prohibited information if required by a
regulation, order, or agreement to
monitor or enforce compliance with
Regulation B, ECOA, or other Federal or
State law or regulation.
In 2017, the Bureau amended
Regulation B, adding § 1002.5(a)(4) to
expressly permit creditors to collect
ethnicity, race, and sex from mortgage
applicants in certain cases where the
creditor is not required to report under
U.S.C. 1691(a).
302 15 U.S.C. 1691(b)(5).
18:47 May 30, 2023
Proposed Rule
The Bureau proposed to amend
existing § 1002.5(a)(4) to add three
provisions (in proposed
§ 1002.5(a)(4)(vii), (viii), and (ix)) that
would permit certain creditors that are
not covered financial institutions under
the rule to collect small business
applicants’ protected demographic
information under certain
circumstances. The Bureau also
proposed to add comment 5(a)(2)–4 and
to revise existing comment 5(a)(4)–1 to
provide guidance on these proposed
exemptions.
Proposed § 1002.5(a)(4)(vii) would
have permitted a previously covered
financial institution to collect
demographic information pursuant to
subpart B for covered applications for
up to five years after it fell below the
loan-volume threshold of proposed
§ 1002.105(b), provided that it does so
in accordance with the relevant
requirements of proposed subpart B.
Proposed § 1002.5(a)(4)(viii) would
have provided that a creditor in its first
year of exceeding the covered financial
institution loan-threshold in
§ 1002.105(b) may, in the second year
collect demographic information
pursuant to subpart B for covered
applications, provided that it does so in
accordance with the relevant
requirements of proposed subpart B.
Proposed § 1002.5(a)(4)(ix) would
have permitted a financial institution
not covered by the rule that wishes to
voluntarily report small business
303 Equal Credit Opportunity Act (Regulation B)
Ethnicity and Race Information Collection, 82 FR
45680, 45684 (Oct. 2, 2017).
301 15
VerDate Sep<11>2014
HMDA and Regulation C.303 For
example, existing § 1002.5(a)(4)
expressly permits the collection of
ethnicity, race, and sex information for
certain transactions for which
Regulation C permits optional reporting.
However, nothing in existing Regulation
B (or in ECOA) expressly permits
collection and reporting of protected
demographic data for financial
institutions that are not required to
report certain data under section 1071.
During the SBREFA process, some
small entity representatives, primarily
small CDFIs and mission-oriented
community banks, stated that they
would be inclined to collect and report
small business lending data to the
Bureau even if not required to do so,
such as if they fell under loan-volume
thresholds. These small entity
representatives expressed an intent to
report data even if not required to out
of a belief in the importance and utility
of these data.
Jkt 259001
PO 00000
Frm 00043
Fmt 4701
Sfmt 4700
35191
lending data to collect applicants’
protected demographic information
without violating Regulation B. Unlike
creditors subject to proposed
§ 1002.5(a)(4)(vii) or (viii), a creditor
seeking to voluntarily collect applicant’s
protected demographic information
under proposed § 1002.5(a)(4)(ix) would
also be required to report it to the
Bureau.
Existing comment 5(a)(4)–1 addresses
recordkeeping requirements for
ethnicity, race, and sex information that
is voluntarily collected for HMDA under
the existing provisions of § 1002.5(a)(4).
The Bureau proposed revising this
comment by adding to it a parallel
reference to proposed subpart B, along
with a statement that the information
collected pursuant to proposed subpart
B must be retained pursuant to the
requirements set forth in proposed
§ 1002.111.
Proposed comment 5(a)(2)–4 would
have explained that proposed subpart B
of Regulation B generally requires
creditors that are covered financial
institutions as defined in proposed
§ 1002.105(a) to collect and report
information about the ethnicity, race,
and sex of the principal owners of
applicants for certain small business
credit, as well as whether the applicant
is a minority-owned business or a
women-owned business as defined in
proposed § 1002.102(m) and (s),
respectively. The Bureau proposed this
comment for parity with existing
comment 5(a)(2)–2, which addresses the
requirement to collect and report
information about the ethnicity, race,
and sex of applicants under HMDA.
Existing comment 5(a)(2)–3 explains
that persons such as loan brokers and
correspondents do not violate ECOA or
Regulation B if they collect information
that they are otherwise prohibited from
collecting, where the purpose of
collecting the information is to provide
it to a creditor that is subject to HMDA
or another Federal or State statute or
regulation requiring data collection.
The Bureau sought comment on its
three proposed provisions to be added
to existing § 1002.5(a)(4), and associated
commentary, including whether there
were other specific situations to add to
the list of provisions in § 1002.5(a)(4) to
permit the collection of applicants’
protected demographic information
pursuant to section 1071, and whether
any similar modifications to other
provisions were necessary. In particular,
the Bureau sought comment on whether
it should add another provision to
§ 1002.5(a)(4) relating to proposed
§ 1002.114(c)(1), wherein the Bureau
proposed to permit financial institutions
to collect, but would not require them
E:\FR\FM\31MYR2.SGM
31MYR2
35192
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
to report, applicants’ protected
demographic information prior to the
compliance date.
Comments Received
The Bureau received comments on
this provision from several industry
commenters, a business advocacy group,
and a community group. The
community group supported the
reasoning and approach of the proposed
provisions. The commenter inquired
whether the provisions would allow for
voluntary reporting of only the
protected demographic data, or all data
points, noting that if the Bureau
intended only to permit voluntary data
collection of demographic information
that it would not make sense to permit
publication of these data points, and
that the usefulness of such incomplete
data would be limited. A business
advocacy group applauded the Bureau
for the proposed provisions and
recommended that the Bureau add
incentives for voluntary disclosure of
data for those financial institutions, but
asked that the incentives not distort the
purposes of the regulation by
encouraging lenders to report inaccurate
or untrue data to reap the benefits of the
incentive to report.
A community group commented that
the Bureau should permit voluntary
collection not only by financial
institutions not covered by the rule, but
also should permit covered financial
institutions to collect data on consumer
credit used to fund small businesses.304
Two agricultural lenders requested
that the Bureau exempt Farm Credit
System (FCS) lenders entirely from
coverage under the rule while also
adding a provision to the proposed
voluntary reporting provisions stating
that FCS lenders may submit a
supplemental voluntary collection of
data that is not otherwise already being
provided to the public.
lotter on DSK11XQN23PROD with RULES2
Final Rule
For the reasons set forth herein, the
Bureau is finalizing amendments to
existing § 1002.5(a)(4) introductory text
and three provisions (in final
§ 1002.5(a)(4)(vii), (viii), and (ix)) that
permit certain creditors that are not
covered financial institutions under the
rule to collect small business applicants’
protected demographic information
under certain circumstances. The
304 The Bureau addresses comments regarding the
reporting of non-covered products in the section-bysection analysis of § 1002.104(b), under the heading
Voluntary Reporting. While the final rule does not
permit the voluntary reporting of non-covered
products, the Bureau has implemented a safe harbor
in § 1002.112(c)(4) for financial institutions that
collect data on applications for products that turn
out not to be covered credit transactions.
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
Bureau is also adopting new
§ 1002.5(a)(4)(x) to similarly address
information collected about multiple coapplicants. The Bureau is finalizing
comment 5(a)(2)–4 along with its
revision to existing comment 5(a)(4)–1
providing guidance on these new
exemptions. The Bureau is additionally
revising existing comment 5(a)(2)–3, as
discussed below. These provisions
contain updated cross-references to
other sections in the final regulatory text
and commentary, as well as addition of
LGBTQI+-owned business status to
accompany references to women- and
minority-owned business statuses.
Final § 1002.5(a)(4)(vii) provides that
a creditor that was required to report
small business lending data pursuant to
final § 1002.109 for any of the preceding
five calendar years but is not currently
a covered financial institution under
final § 1002.105(b) may collect protected
demographic information pursuant to
subpart B for covered applications from
small businesses as defined in final
§§ 1002.103 and 1002.106(b) if it
complies with the requirements of
subpart B as otherwise required for
covered financial institutions pursuant
to final §§ 1002.107(a)(18) and (19),
1002.108, 1002.111, and 1002.112 for
those applications. Final
§ 1002.5(a)(4)(vii) also states that such a
creditor is permitted, but not required,
to report data to the Bureau collected
pursuant to subpart B if it complies with
the requirements of subpart B as
otherwise required for covered financial
institutions pursuant to §§ 1002.109 and
1002.110.
The Bureau anticipates that some
creditors that are no longer covered
financial institutions and thus no longer
required to report data in a given
reporting year may prefer to continue to
collect applicants’ protected
demographic information in the event
they become a covered financial
institution again, in order to maintain
consistent compliance standards from
year to year. As it did in a similar
context for HMDA reporting, the Bureau
believes that permitting such collection
for five years provides an appropriate
time frame under which a financial
institution should be permitted to
continue collecting the information
without having to change its compliance
processes. The Bureau believes that a
five-year period is sufficient to help an
institution discern whether it is likely to
have to report small business lending
data in the near future but not so long
as to permit it to collect such
information in a period too attenuated
from previous reporting.
Final § 1002.5(a)(4)(viii) provides a
creditor that exceeded the loan-volume
PO 00000
Frm 00044
Fmt 4701
Sfmt 4700
threshold in the first year of the twoyear threshold period provided in final
§ 1002.105(b) may, in the second year,
collect protected demographic
information pursuant to subpart B for
covered applications from small
businesses as defined in final
§§ 1002.103 and 1002.106(b) if it
complies with the requirements of
subpart B as otherwise required for
covered financial institutions pursuant
to final §§ 1002.107(a)(18) and (19),
1002.108, 1002.111, and 1002.112 for
that application. Final
§ 1002.5(a)(4)(viii) also states that such
a creditor is permitted, but not required,
to report data to the Bureau collected
pursuant to subpart B if it complies with
the requirements of subpart B as
otherwise required for covered financial
institutions pursuant to §§ 1002.109 and
1002.110. The Bureau believes that this
provision will benefit creditors when
the creditor has not previously reported
small business lending data but expects
to be covered in the following year and
wishes to prepare for that future
reporting obligation. For example,
where a creditor surpasses the loanvolume threshold of final § 1002.105(b)
for the first time in a given calendar
year, it may wish to begin collecting
applicants’ protected demographic
information for covered applications
received in the next calendar year
(second calendar year) so as to ensure
its compliance systems are fully
functional before it is required to collect
and report information pursuant to
subpart B in the following calendar year
(third calendar year).
Final § 1002.5(a)(4)(ix) provides that a
creditor that is not currently a covered
financial institution under final
§ 1002.105(b), and is not otherwise a
creditor to which final § 1002.5(a)(4)(vii)
or (viii) applies, may collect protected
demographic information pursuant to
subpart B for covered applications from
small businesses as defined in final
§§ 1002.103 and 1002.106(b) for a
transaction if it complies with the
requirements of subpart B as otherwise
required for covered financial
institutions pursuant to final
§§ 1002.107 through 1002.112 for that
application. Voluntarily reported data
pursuant to final § 1002.5(a)(4)(ix) may
add some information that otherwise
would not be collected and reported,
and which would further both the
statutory purposes of section 1071
without requiring reporting from very
low-volume financial institutions that
may find it difficult or costly to report
data.
The Bureau is finalizing
§ 1002.5(a)(4)(ix) in response to
feedback from some small entity
E:\FR\FM\31MYR2.SGM
31MYR2
lotter on DSK11XQN23PROD with RULES2
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
representatives and other stakeholders
at SBREFA, as well as several NPRM
commenters, that indicated lenders
might want to collect and report small
business lending data even if they were
not required to do so.
New § 1002.5(a)(4)(x) provides that a
creditor that is collecting information
pursuant to subpart B or as described in
§§ 1002.5(a)(4)(vii) through (ix) for
covered applications from small
businesses as defined in §§ 1002.103
and 1002.106(b) regarding whether an
applicant for a covered credit
transaction is a minority-owned
business, a women-owned business, or
an LGBTQI+-owned business, and the
ethnicity, race, and sex of the
applicant’s principal owners may also
collect that same information for any coapplicants provided that it also
complies with the relevant requirements
of subpart B of this part or as described
in paragraphs (a)(4)(vii) through (ix) of
this section with respect to those coapplicants.
The Bureau is adding § 1002.5(a)(4)(x)
to permit creditors to collect
information pursuant to subpart B
regarding co-applicants for a covered
application for a small business.
Existing § 1002.5(a)(4) does not
explicitly address whether creditors
have permission to collect demographic
information for co-applicants for a
covered application for a small
business, and the Bureau implements
new § 1002.5(a)(4)(x) to remove any
doubt that creditors that are permitted
to collection information pursuant to
subpart B on an applicant for covered
applications for a small business
pursuant to §§ 1002.5(a)(4)(vii) through
(ix) is also permitted to collect such
information for co-applicants as well,
even if the financial institution will
only report information regarding a
single designated applicant per new
comment 103(a)–10. As described
below, final comment 103(a)–10
provides that if a covered financial
institution receives a covered
application from multiple businesses
that are not affiliates, it shall compile,
maintain, and report data for only a
single applicant that is a small business.
The Bureau believes that it may be
easier and more efficient for financial
institutions to request the same
information of all co-applicants—new
§ 1002.5(a)(4)(x) will enable financial
institutions to collect small business
lending data from unreported coapplicants without violating ECOA and
Regulation B’s general prohibition
against collecting protected
demographic information.
The Bureau believes that it is an
appropriate use of its statutory authority
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
under sections 703(a) and 704B(g)(1) of
ECOA to permit creditors to collect, and
for § 1002.5(a)(4)(ix) report, protected
demographic information in the manner
set out in § 1002.5(a)(4)(vii) through (x).
These provisions will effectuate the
purposes of and facilitate compliance
with ECOA and is necessary to carry
out, enforce, and compile data pursuant
to section 1071. Section 1002.5(a)(4)(vii)
will permit creditors to collect
information without interruption from
year to year, thereby facilitating
compliance with the rule’s data
collection requirements and improving
the quality and reliability of the data
collected. Section 1002.5(a)(4)(viii)
improves the quality and reliability of
the data collected by financial
institutions that may be transitioning
into being required to collect and report
1071 data, and will provide a creditor
assurance of compliance with existing
§ 1002.5 regardless of whether it
actually becomes subject to subpart B
reporting at the end of the two-year
threshold period. Section
1002.5(a)(4)(ix) will potentially increase
the collection of additional information
and amount of data available for
analysis, thereby advancing the
purposes of section 1071. Finally,
§ 1002.5(a)(4)(x) will permit collection
of demographic information for coapplicants, thereby reducing operational
complexity to allow creditors to focus
on data quality and reliability. The
Bureau also believes that these
provisions are narrowly tailored and
preserves and respects the general
limitations in existing § 1002.5(b)
through (d).
The Bureau is also revising existing
comment 5(a)(2)–3, which explains that
persons such as loan brokers and
correspondents do not violate ECOA or
Regulation B if they collect information
that they are otherwise prohibited from
collecting, where the purpose of
collecting the information is to provide
it to a creditor that is subject to HMDA
or another Federal or State statute or
regulation requiring data collection. The
Bureau stated its belief in the NPRM
that the reference to ‘‘another Federal
statute or regulation’’ adequately
encompassed section 1071 and subpart
B, and thus did not propose to amend
this existing comment. However, upon
further reflection, the Bureau has
determined to revise the provision
specifically to reference subpart B for
the sake of further clarity and the
avoidance of doubt that loan brokers
and other persons collecting applicants’
protected demographic information on
behalf of covered financial institutions
pursuant to this final rule are not
PO 00000
Frm 00045
Fmt 4701
Sfmt 4700
35193
violating ECOA or Regulation B by
doing so. The Bureau believes that it is
an appropriate use of its general
authority under ECOA sections 703(a)
and 704B(g)(1) to permit such persons to
collect protected demographic
information on behalf of covered
financial institutions, as such collection
will effectuate the purposes of and
facilitate compliance with ECOA and is
necessary to carry out, enforce, and
compile data pursuant to section 1071.
The Bureau is finalizing comment
5(a)(2)–4, which defines the phrase
‘‘information required by subpart B,’’
with revisions to add cross-references to
LGBTQI+-owned businesses, as defined
in § 1002.102(l). Final comment 5(a)(2)–
4 addresses the requirement under this
final rule that creditors that are covered
financial institutions as defined in
§ 1002.105(a) collect and report
information about the ethnicity, race,
and sex of the principal owners of
applicants for certain small business
credit, as well as whether the applicant
is a minority-owned business, a womenowned business, or an LGBTQI+-owned
business, as defined in § 1002.102(m),
(s), and (l), respectively. The Bureau is
finalizing this comment for parity with
existing comment 5(a)(2)–2, which
addresses the requirement to collect and
report information about the ethnicity,
race, and sex of applicants under
HMDA. The Bureau believes that it is an
appropriate use of its general authority
under ECOA sections 703(a) and
704B(g)(1) to specify the meaning of
‘‘information required by subpart B,’’ by
adding comment 5(a)(2)–4 and that the
clarity and certainty this provision adds
will effectuate the purposes of and
facilitates compliance with ECOA and is
necessary to carry out, enforce, and
compile data pursuant to section 1071.
Finally, the Bureau is finalizing its
revisions to existing comment 5(a)(4)–1
as proposed. The existing comment
establishes recordkeeping requirements
for ethnicity, race, and sex information
that is voluntarily collected for HMDA
under the existing provisions of
§ 1002.5(a)(4). The revisions to comment
5(a)(4)–1 likewise provide that protected
demographic information that is not
required to be collected pursuant to
subpart B may nevertheless be collected
under the circumstances set forth in
§ 1002.5(a)(4) without violating existing
§ 1002.5(b), and that the information
collected pursuant to this final rule
must be retained pursuant to the
requirements set forth in final
§ 1002.111. The Bureau is revising this
comment to provide for parity between
this final rule and existing references to
voluntary collection of data pursuant to
HMDA. The Bureau believes that these
E:\FR\FM\31MYR2.SGM
31MYR2
lotter on DSK11XQN23PROD with RULES2
35194
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
revisions are an appropriate use of its
general authority under ECOA sections
703(a) and 704B(g)(1) as these revisions
provide clarity and certainty to financial
institutions in their voluntary collection
of applicants’ protected demographic
information. Such clarity and certainty
effectuate the purposes of and facilitates
compliance with ECOA and these
revisions are necessary to carry out,
enforce, and compile data pursuant to
section 1071.
Regarding a commenter’s request to
clarify whether these amendments
permit voluntary reporting only as to
data points concerning protected
demographic data, the Bureau observes
that nothing prohibits creditors from
collecting any of the information set
forth in final § 1002.107, other than the
protected demographic information in
§ 1002.107(a)(18) and (19). Creditors
that choose to collect protected
demographic information pursuant to
final § 1002.5(a)(4)(ix) must comply
with § 1002.109 (along with other
specified provisions), which means that
they must collect and report all the
required data specified in final
§ 1002.107.
The Bureau is not adding incentives
for voluntary disclosure of data for
creditors that are not covered financial
institutions, as suggested by one
commenter. It appears, based on
SBREFA and NPRM comments, that
some creditors already have an
incentive to collect and report small
business lending data pursuant to
section 1071 even if they are not
covered financial institutions under the
rule; it is unclear what additional
incentives the Bureau could offer to
encourage other creditors to do the
same. Regarding ensuring that reported
data are not distorted, however, the
Bureau notes that voluntary reporters
must identify themselves as such
pursuant to final § 1002.109(b)(10) and,
a creditor voluntarily collecting and
reporting data pursuant to final
§ 1002.5(a)(4)(ix) must do so in
compliance with §§ 1002.107 through
1002.112 and 1002.114.
Regarding the comment that the
visual observation and surname
requirement would cause certain
covered institutions to violate the
prohibition in 12 CFR 202.5(b) from
inquiring about the race, color, religion,
national origin, or sex of an applicant or
any other person in connection with a
credit transaction, the Bureau notes that
the concern is moot because the Bureau
is not finalizing its proposed provisions
for collecting principal owners’
ethnicity and race via visual observation
or surname in certain circumstances.
(See the section-by-section analysis of
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
§ 1002.107(a)(19) for a detailed
discussion of this change.) In any case,
a creditor is permitted to make such
inquiries under existing § 1002.5(a)(2),
given that the provision permits the
collection of demographic information
when required to do so by another law
or regulation (which includes this rule).
The Bureau addresses potential
voluntary collection and reporting of
data regarding non-covered products,
including consumer-designated credit
used for small business purposes, in the
section-by-section analysis of
§ 1002.104(b) below. Based on its
determination not to permit voluntary
collection of data for such non-covered
products, the Bureau is not adding an
additional provision to § 1002.5(a)(4) to
address such collection.
As discussed in the section-by-section
analyses of §§ 1002.104(a) and
1002.105(b), the Bureau is not excluding
agricultural lending or FCS lenders from
coverage under this final rule. The
commenter’s request to permit
supplemental voluntary collection and
reporting of data by exempt FCS lenders
if such data are not otherwise already
being provided to the public is thus
moot. Of course, any FCS lenders that
are not covered financial institutions
could nonetheless voluntarily collect
and report data pursuant to final
§ 1002.5(a)(4)(ix).
Subpart B—Small Business Lending
Data Collection
Section 1002.101
and Scope
Authority, Purpose,
Proposed § 1002.101 would have set
forth the authority, purpose, and scope
for proposed subpart B. The Bureau
sought comment on its proposed
approach to this section, including
whether any other information on the
rule’s authority, purpose, or scope
should be addressed herein.
The Bureau did not receive any
comments specifically regarding its
recitation of the authority, purpose, and
scope of subpart B. Comments
addressing the authority, purpose, and
scope of section 1071 and this final rule
as a general matter are addressed in D.1
in the Overview to this part V above.
The Bureau is finalizing § 1002.101 as
proposed. Final § 1002.101(a) provides
that subpart B is issued by the Bureau
pursuant to section 704B of ECOA (15
U.S.C. 1691c–2), and states that, except
as otherwise provided therein, subpart B
applies to covered financial institutions,
as defined in § 1002.105(b), other than
a person excluded from coverage of this
part by section 1029 of the Dodd-Frank
Act. Final § 1002.101(b) sets out section
1071’s two statutory purposes of
PO 00000
Frm 00046
Fmt 4701
Sfmt 4700
facilitating fair lending enforcement and
enabling the identification of business
and community development needs and
opportunities for women-owned,
minority-owned, and small businesses.
Section 1002.102 Definitions
The Bureau is finalizing a number of
definitions for terms used in subpart B,
in § 1002.102.305 These definitions
generally fall into several categories.
First, some definitions in final
§ 1002.102 refer to terms defined
elsewhere in subpart B—specifically,
the terms business, covered application,
covered credit transaction, covered
financial institution, financial
institution, and small business are
defined in final §§ 1002.106(a),
1002.103, 1002.104, 1002.105(b),
1002.105(a), and 1002.106(b),
respectively. These terms are of
particular importance in subpart B, and
the Bureau is defining them in separate
sections, rather than in § 1002.102, for
ease of reading.
Second, some terms in final
§ 1002.102 are defined by crossreferencing the definitions of terms
defined in existing Regulation B—
specifically, business credit, credit, and
State are defined by reference to existing
§ 1002.2(g), (j), and (aa), respectively.
Similarly, a portion of the small
business and affiliate definitions refer to
the SBA’s regulation at 13 CFR 121.103.
These terms are each used in subpart B,
and the Bureau believes it is appropriate
to incorporate them into the subpart B
definitions in this manner.
Finally, the remaining terms are
defined directly in final § 1002.102.
These include applicant, closed-end
credit transaction, LGBTQI+ individual,
LGBTQI+-owned business, minorityowned business, open-end credit
transaction, principal owner, small
business lending application register,
and women-owned business, as well as
a portion of the definition of affiliate.
Some of these definitions draw on
definitions in existing Regulation B or
elsewhere in Federal laws or
regulations.
The Bureau believes that basing this
rule’s definitions on previously defined
terms (whether in Regulation B or
regulations promulgated by another
agency), to the extent possible, will
305 The Bureau notes that there are certain terms
defined in subpart B outside of final § 1002.102.
This occurs where a definition is relevant only to
a particular section. For example, the firewall
provisions in final § 1002.108 use the phrases
‘‘involved in making any determination concerning
a covered application’’ and ‘‘should have access.’’
Those phrases are defined in § 1002.108(a). Such
definitions are discussed in detail in the section-bysection analyses of the provisions in which they
appear.
E:\FR\FM\31MYR2.SGM
31MYR2
lotter on DSK11XQN23PROD with RULES2
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
minimize regulatory uncertainty and
facilitate compliance, particularly where
the other regulations are likely to apply
to the same transactions. As discussed
further below, in certain instances, the
Bureau is deviating from the existing
definitions for purposes of this rule.
These definitions are each discussed
in detail below. The Bureau is finalizing
these definitions pursuant to its
authority under ECOA section
704B(g)(1) to prescribe such rules and
issue such guidance as may be
necessary to carry out, enforce, and
compile data pursuant to section 1071.
In addition, the Bureau is finalizing
certain of these definitions to
implement particular definitions in
section 1071 including the statutory
definitions set out in 704B(h). Any other
authorities that the Bureau is relying on
to finalize certain definitions are
discussed in the section-by-section
analyses of those specific definitions.
The Bureau sought comment on its
proposed approach to this definition.
102(a) Affiliate
For the reasons set forth herein, the
Bureau is finalizing § 1002.102(a) as
proposed. The Bureau believes it is
appropriate to define ‘‘affiliate’’ with
respect to financial institutions to be
consistent with the approach in the
Bureau’s Regulation C, and received no
comments suggesting it should do
otherwise. The consistency with an
existing regulatory definition may help
provide clarity for financial institutions
when determining their responsibilities
under this final rule.
Regarding commenters’ suggestions to
simplify the definition of ‘‘affiliate,’’ the
Bureau does not believe it would be
appropriate to deviate from the SBA’s
definition for determining who is an
affiliate with respect to a business or an
applicant. ECOA section 704B(h)(2)
defines the term ‘‘small business’’ as
having the same meaning as ‘‘small
business concern’’ in section 3 of the
Small Business Act.308 Consistent with
the statute, the Bureau’s definitions of
business and small business in final
§ 1002.106 refer to definitions in the
SBA’s regulations, of which the SBA’s
definition of affiliate in 13 CFR 121.103
is a part. The Bureau believes that
defining ‘‘affiliate’’ in this manner is
appropriate and necessary to maintain
consistency with the SBA’s definitions.
In addition, the Bureau believes that
using a commonly known existing
regulatory definition will facilitate
compliance with reporting obligations
under this final rule. Finally, the Bureau
believes the SBA’s definition of affiliate
is sufficiently broad to afford financial
institutions flexibility in the small
business size determination process, as
Proposed Rule
The Bureau proposed § 1002.102(a) to
define ‘‘affiliate’’ based on whether the
term is used to refer to a financial
institution or to an applicant.
Proposed § 1002.102(a) would have
defined ‘‘affiliate’’ with respect to a
financial institution as any company
that controls, is controlled by, or is
under common control with, another
company, as set forth in the Bank
Holding Company Act of 1956.306
Existing Regulation B does not define
affiliate. This proposed definition
would have provided a consistent
approach with the Bureau’s Regulation
C, which applies the term to financial
institutions, as defined in Regulation C,
for certain reporting obligations.307
Proposed § 1002.102(a) would have
defined ‘‘affiliate’’ with respect to a
business or an applicant as having the
same meaning as described in 13 CFR
121.103, which is an SBA regulation
titled ‘‘How does SBA determine
affiliation?’’ The proposed definition
would have provided consistency with
the Bureau’s proposed approach to what
constitutes a small business for
purposes of section 1071 in proposed
§ 1002.106(b). Proposed
§ 1002.107(a)(14) would have permitted,
but not required, a financial institution
to report the gross annual revenue for
the applicant in a manner that includes
the revenue of affiliates as well. In
proposed § 1002.107(a)(16), workers for
affiliates of the applicant would be
counted in certain circumstances for the
number of workers data point.
306 12
U.S.C. 1841 et seq.
Regulation C comment 4(a)(11)–3.
307 See
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
Comments Received
Several industry commenters
provided feedback on the Bureau’s
proposed definition of ‘‘affiliate.’’ A
joint letter from several trade
associations asked the Bureau to
provide clarification on how the
definition of ‘‘affiliate’’ applies in the
context of commercial real estate
lending. Two other commenters
objected to the Bureau’s proposed
reference to the SBA definition to
determine affiliate of a small business
because it can be changed by the SBA
and the commenters recommended that
the Bureau simplify the definition.
The Bureau did not receive comments
on the proposed definition of ‘‘affiliate’’
with respect to a financial institution.
Final Rule
308 15
PO 00000
U.S.C. 632.
Frm 00047
Fmt 4701
Sfmt 4700
35195
discussed below in the section-bysection analysis of § 1002.106(b).
The Bureau addresses the comment
regarding how the definition of
‘‘affiliate’’ applies in the context of
commercial real estate lending in the
section-by-section analysis of
§ 1002.106(b)(1) below.
102(b) Applicant
Proposed § 1002.102(b) would have
defined ‘‘applicant’’ to mean any person
who requests or who has received an
extension of business credit from a
financial institution. The term
‘‘applicant’’ is undefined in section
1071. Proposed § 1002.102(b) was based
on the definition of applicant in existing
Regulation B, though for consistency
with other parts of the proposed rule, it
added a limitation that the credit be
business credit and uses the term
financial institution instead of creditor.
It also omitted the references to other
persons who are or may become
contractually liable regarding an
extension of credit such as guarantors,
sureties, endorsers, and similar parties.
The Bureau acknowledged that
including other such persons could
exceed the scope of the data collection
anticipated by section 1071. Including
them could also make the data
collection more difficult as financial
institutions might need to report data
points (such as gross annual revenue,
NAICS code, time in business, and
others) regarding multiple persons in
connection with a single application.
The Bureau believed that collecting
such information on guarantors,
sureties, endorsers, and similar parties
would likely not support section 1071’s
business and community development
purpose.
The Bureau sought comment on its
proposed approach to this definition
and received one comment in response.
The commenter requested that the
Bureau clarify that loans jointly made to
multiple borrowers, where one or more
of the borrowers may qualify as a small
business under the rule but are not the
primary business(es) seeking the
funding, are not subject to the reporting
requirements.
For the reasons discussed herein, the
Bureau is finalizing § 1002.102(b) as
proposed. The Bureau believes it is
appropriate to base the definition of
applicant for purposes of new subpart B
on the definition of applicant in existing
Regulation B, with the limitation that
the credit be business credit and using
the term financial institution instead of
creditor. The Bureau likewise believes
that it is appropriate to limit the
definition of applicant in subpart B to
only those persons who request, or have
E:\FR\FM\31MYR2.SGM
31MYR2
35196
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
received, an extension of business credit
from a financial institution. As such, the
definition of applicant in final
§ 1002.102(b) does not include other
persons who are or may become
contractually liable regarding an
extension of business credit such as
guarantors, sureties, endorsers, and
similar parties. As stated in final
comment 102(b)–1, in no way are the
limitations to the term applicant in
§ 1002.102(b) intended to repeal,
abrogate, annul, impair, change, or
interfere with the scope of the term
applicant in existing § 1002.2(e) as
applicable to existing Regulation B.
In response to the comment regarding
loans jointly made to multiple
borrowers, the Bureau does not believe
that a modification to the definition of
applicant is necessary. Rather, the
Bureau is adding comment 103(a)–10 to
address data collection and reporting if
a covered financial institution receives
a covered application from co-applicant
businesses that are not affiliates, as
defined in final § 1002.102(a). Final
comment 103(a)–10 provides that if a
covered financial institution receives a
covered application from multiple
businesses that are not affiliates, as
defined by final § 1002.102(a), it shall
compile, maintain, and report data
pursuant to final §§ 1002.107 through
1002.109 for only a single applicant that
is a small business, as defined in final
§ 1002.106(b). A covered financial
institution shall establish consistent
procedures for designating a single
small business for purposes of collecting
and reporting data under subpart B in
situations where there is more than one
small business co-applicant, such as
reporting on the first small business
listed on an application form. In
addition, the Bureau notes that—if the
applicants are affiliated entities—the
rule already permits consideration of
affiliates’ revenues in determining
whether a business qualifies as small.
See the section-by-section analyses of
§§ 1002.106(b) and 1002.107(a)(14) for
additional discussion of affiliate
revenue.
lotter on DSK11XQN23PROD with RULES2
102(c) Business
Final § 1002.102(c) refers to
§ 1002.106(a) for a definition of the term
‘‘business.’’ See the section-by-section
analysis of § 1002.106(a) for a detailed
discussion of that definition.
102(d) Business Credit
Proposed § 1002.102(d) would have
referred to existing § 1002.2(g) for a
definition of the term ‘‘business credit.’’
The term ‘‘credit’’ is undefined in
section 1071. Section 1071 does not use
the term ‘‘business credit,’’ though it
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
does define ‘‘small business loan’’ as a
loan made to a small business. Existing
§ 1002.2(g) defines ‘‘business credit’’ as
‘‘refer[ring] to extensions of credit
primarily for business or commercial
(including agricultural) purposes, but
excluding extensions of credit of the
types described in § 1002.3(a)–(d),’’ i.e.,
public utilities credit, securities credit,
incidental credit, and government
credit.
The Bureau received two comments
specific to its proposed definition of
business credit. These two commenters,
both credit union trade associations,
expressed support for the proposed
definition, stating that it was familiar to
credit unions and encompasses the most
common business credit products aimed
at small business borrowers. The Bureau
also received numerous comments
related to its proposed coverage of
agricultural credit, parts of which also
touched on the proposed definition of
‘‘business credit’’; these comments are
discussed below in the section-bysection analysis of § 1002.104(a).
The Bureau is finalizing § 1002.102(d)
as proposed. Final § 1002.102(d) points
to existing § 1002.2(g) in defining the
term ‘‘business credit.’’ The Bureau
believes it is appropriate to define
business credit by reference to the
existing definition in Regulation B,
which incorporates by reference the
meaning of ‘‘credit,’’ as defined in
existing § 1002.2(j). For clarity and
completeness, as discussed below, the
Bureau is also adopting existing
Regulation B’s definition of credit. The
Bureau’s final rule uses the term
business credit principally in defining a
covered credit transaction in
§ 1002.104(a).
The Bureau notes that existing
§ 1002.2(g) excludes public utilities
credit, securities credit, incidental
credit, and government credit (that is,
extensions of credit made to
governments or governmental
subdivisions, agencies, or
instrumentalities—not extensions of
credit made by governments), as defined
in existing § 1002.3(a) through (d), from
certain aspects of existing Regulation
B.309 For the purpose of subpart B, the
Bureau is both incorporating existing
§ 1002.2(g)—which already includes
partial carveouts for public utilities
credit, securities credit, and incidental
credit—and also finalizing complete
309 As explained in existing comment 3–1, under
§ 1002.3, procedural requirements of Regulation B
do not apply to certain types of credit. The
comment further states that all classes of
transactions remain subject to § 1002.4(a) (the
general rule barring discrimination on a prohibited
basis) and to any other provision not specifically
excepted.
PO 00000
Frm 00048
Fmt 4701
Sfmt 4700
exclusions for these types of credit from
the definition of a covered credit
transaction in § 1002.104(b). For clarity,
the Bureau is separately defining these
terms in § 1002.104(b) and explains the
rationales for excluding each of them in
the section-by-section analysis of
§ 1002.104(b) below. The Bureau is not
adopting an exclusion for extensions of
credit made to governments or
governmental subdivisions, agencies, or
instrumentalities, because governmental
entities do not constitute small
businesses under the final rule.310
102(e) Closed-End Credit Transaction
Proposed § 1002.102(e) would have
stated that a closed-end credit
transaction means an extension of credit
that is not an open-end credit
transaction under proposed
§ 1002.102(n). The term ‘‘closed-end
credit transaction’’ is undefined in
section 1071. The Bureau’s proposal
would have specified different
requirements for collecting and
reporting certain data points based on
whether the application is for a closedend credit transaction or an open-end
credit transaction. The definition of
open-end credit transaction was
addressed in proposed § 1002.102(n).
The Bureau sought comment on its
proposed approach to the definition of
a closed-end credit transaction. The
Bureau received no comments and is
finalizing § 1002.102(e) with one
revision for clarity. The Bureau is
revising the definition of a closed-end
credit transaction to mean an extension
of business credit that is not an openend credit transaction under
§ 1002.102(n). The Bureau believes this
definition is reasonable as it aligns with
the definition of ‘‘open-end credit
transaction’’ in final § 1002.102(o), and
that such alignment will minimize
confusion and facilitate compliance.
102(f) Covered Application
Final § 1002.102(f) refers to
§ 1002.103 for a definition of the term
‘‘covered application.’’ See the sectionby-section analysis of § 1002.103 for a
detailed discussion of that definition.
102(g) Covered Credit Transaction
Final § 1002.102(g) refers to
§ 1002.104 for a definition of the term
‘‘covered credit transaction.’’ See the
section-by-section analysis of § 1002.104
for a detailed discussion of that
definition.
310 Government entities are not ‘‘organized for
profit’’ and thus are not a ‘‘business concern’’ under
final § 1002.106(a).
E:\FR\FM\31MYR2.SGM
31MYR2
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
102(h) Covered Financial Institution
Final § 1002.102(h) refers to
§ 1002.105(b) for a definition of the term
‘‘covered financial institution.’’ See the
section-by-section analysis of
§ 1002.105(b) for a detailed discussion
of that definition.
lotter on DSK11XQN23PROD with RULES2
102(i) Credit
Proposed § 1002.102(i) would have
referred to existing § 1002.2(j) for a
definition of the term ‘‘credit.’’ The term
‘‘credit’’ is undefined in section 1071.
Existing § 1002.2(j), which largely
follows the definition of credit in
ECOA,311 defines ‘‘credit’’ to mean the
right granted by a creditor to an
applicant to defer payment of a debt,
incur debt and defer its payment, or
purchase property or services and defer
payment therefor. The Bureau sought
comment on its proposed approach to
this definition.
The Bureau received several
comments regarding its proposed
definition of ‘‘credit.’’ A few community
groups expressed general support for a
broad definition of credit. To ensure
adequate coverage for future products,
one commenter suggested defining
credit to also cover situations where
money is transmitted to a recipient but
the money still effectively belongs to the
transmitter and is to be repaid according
to certain terms. Another commenter
advocated for a credit definition that
included as many lenders (and
financing companies that are not
technically lenders) as possible within
the scope of this rulemaking, even when
such companies are providing financing
in a format that, according to the
commenter, is not technically credit (the
commenter offered cash advance and
factoring companies as examples).
For the reasons set forth herein, the
Bureau is finalizing § 1002.102(i) as
proposed. Section 1002.102(i) refers to
existing § 1002.2(j) for a definition of the
term ‘‘credit.’’ The Bureau believes that
aligning to the implemented definition
of credit in ECOA312 for purposes of
subpart B will help to foster consistency
with existing Regulation B. The term
credit in subpart B is used in the context
of what constitutes a covered credit
transaction—that is, whether the
application is reportable under this final
rule. See the section-by-section analysis
of § 1002.104 below for a detailed
discussion of what does, and does not,
constitute a covered credit transaction
for purposes of this final rule.
102(j) Financial Institution
Final § 1002.102(j) refers to
§ 1002.105(a) for a definition of the term
‘‘financial institution.’’ See the sectionby-section analysis of § 1002.105(a) for a
detailed discussion of that definition.
102(k) LGBTQI+ Individual and 102(l)
LGBTQI+-Owned Business
Proposed Rule
ECOA section 704B(e)(2)(H)
authorizes the Bureau to require
financial institutions to compile and
maintain ‘‘any additional data that the
Bureau determines would aid in
fulfilling the purposes of this section.’’
In the NPRM, the Bureau sought
comment on whether it should adopt a
data point to collect an applicant’s
lesbian, gay, bisexual, transgender, or
queer plus (LGBTQ+)-owned business
status, similar to its proposal for
collecting minority-owned business
status and women-owned business
status under proposed § 1002.107(a)(18)
and (19). The Bureau also sought
comment on whether including this
question, along with others, would
improve data collection or otherwise
further section 1071’s purposes, as well
as whether it would pose any particular
burdens or challenges for industry.313
This section-by-section analysis of
§ 1002.102(k) and (l) discusses the
Bureau’s definition of LGBTQI+
individual and the related definition of
LGBTQI+-owned business, respectively.
Collection of LGBTQI+-owned business
status is addressed in the section-bysection analysis of § 1002.107(a)(18).
Comments Received
The Bureau received comments from
several lenders, individual commenters,
and community and advocacy groups as
to whether the Bureau should adopt a
data point to collect an applicant’s
‘‘LGBTQ+-owned business’’ status.314
As explained further in the section-bysection analysis of § 1002.107(a)(18),
some of these commenters did not
support including such a data point in
the final rule (and thus did not make
any suggestions for how an LGBTQ+owned business should be defined). One
commenter opposed collecting LGBTQ+
data without a corresponding proposal
313 86
311 See 15 U.S.C. 1691a. Existing Regulation B
uses the term ‘‘applicant’’ instead of ‘‘debtor.’’
312 See id. Existing Regulation B closely aligns
with the definition of credit in ECOA, with some
technical revisions and use of the term ‘‘applicant’’
instead of ‘‘debtor.’’
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
FR 56356, 56482 (Oct. 8, 2021).
314 The terms ‘‘LGBT,’’ ‘‘LGBTQ,’’ ‘‘LGBTQ+,’’
and ‘‘LGBTQIA+’’ are used in this preamble to
reflect the specific terms used by commenters, the
conditions or titles of any cited research, or
(particularly for ‘‘LGBTQ+’’) the Bureau’s request
for comment in the NPRM.
PO 00000
Frm 00049
Fmt 4701
Sfmt 4700
35197
to modify the definition of minorityowned business.
In contrast, other commenters
supported requiring the collection and
reporting of applicants’ LGBTQ+-owned
business status information. As
discussed further in the section-bysection analysis of § 1002.107(a)(18),
commenters generally explained that
collecting such data would enhance fair
lending enforcement and identify credit
needs for these small businesses.
Most of these commenters generally
echoed the Bureau’s use of the term
‘‘LGBTQ+-owned business’’ status in
expressing their support for the data
point. Several recommended that the
Bureau require financial institutions’
inquiries about such status to include a
definition of the status and give
applicants response options specifically
indicating that they are or are not such
a business, similar to the Bureau’s
proposed approach for requesting
information about applicants’ minorityowned and women-owned business
status.
One commenter suggested that the
Bureau use the phrase ‘‘LGBTQI+owned business’’ and include a
definition in the final rule. The
commenter recommended that the
Bureau define the term as a business
where (1) more than 50 percent of the
ownership or control of which is held
by one or more individuals selfidentifying as lesbian, gay, bisexual,
transgender, queer, or intersex and (2)
more than 50 percent of the net profit
or loss accrues to one or more
individuals self-identifying as lesbian,
gay, bisexual, transgender, queer, or
intersex. The commenter stated that this
definition is similar to the definitions of
minority-owned and women-owned
businesses and consistent with other
Federal government and expert practice
and recommendations as well as the
definition of ‘‘LGBTQ-owned business’’
in Federal legislation that was pending
at that time.315
Final Rule
As discussed further in part II above
and the section-by-section analysis of
§ 1002.107(a)(18) below, the Bureau
believes that the collection of an
applicant’s LGBTQI+-owned business
status will aid in fulfilling the purposes
of section 1071, by facilitating
evaluations of potential discriminatory
315 The commenter cited the LGBTQ Business
Equal Credit Enforcement and Investment Act, H.R.
1443, 117th Cong. (2021), https://
www.congress.gov/bill/117th-congress/house-bill/
1443/text (which would have amended ECOA
section 704B to, among other things, require
financial institutions to inquire whether a business
is a ‘‘LGBTQ-owned’’ business).
E:\FR\FM\31MYR2.SGM
31MYR2
lotter on DSK11XQN23PROD with RULES2
35198
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
lending practices on the basis of sex in
violation of fair lending laws and
helping communities, governmental
entities, and creditors identify needs
and opportunities of small businesses.
Thus, the Bureau is adopting
§ 1002.102(k) and (l) pursuant to its
authority under ECOA section
704B(e)(2)(H) to require financial
institutions to compile and maintain
any additional data that the Bureau
determines would aid in fulfilling the
purposes of section 1071 and its
authority under ECOA section
704B(g)(1) to prescribe such rules and
issue such guidance as may be
necessary to carry out, enforce, and
compile data pursuant to the statute.
The Bureau is not, as suggested by one
commenter, including LGBTQI+ status
in the definition of minority-owned
business, but is, as requested by
multiple commenters, adopting a
definition of LGBTQI+ owned business
that largely parallels the definition of a
minority-owned business.
For the reasons set forth herein, the
Bureau is defining ‘‘LGBTQI+
individual’’ in final § 1002.102(k) as
including an individual who identifies
as lesbian, gay, bisexual, transgender,
queer, or intersex. The Bureau is
defining the term ‘‘LGBTQI+-owned
business’’ in final § 1002.102(l) as ‘‘a
business for which one or more
LGBTQI+ individuals hold more than 50
percent of its ownership or control, and
for which more than 50 percent of the
net profits or losses accrue to one or
more such individuals.’’ Both
definitions are being included to
facilitate the requirement in final
§ 1002.107(a)(18) that financial
institutions collect an applicant’s
minority-owned, women-owned, and
LGBTQI+-owned business statuses.
The Bureau agrees with a
commenter’s suggestion to use the term
‘‘LGBTQI+-owned business’’—including
an ‘‘I’’ to capture intersex individuals—
instead of ‘‘LGBTQ+-owned
business.’’ 316 The Bureau believes that
the term ‘‘LGBTQI+-owned business’’
better reflects the Bureau’s intent to be
broadly inclusive.
The Bureau notes that in user testing
it conducted to assist its understanding
of small business applicants’ potential
experience using the sample data
collection form in the summer and fall
of 2022, a few users were confused by
the term ‘‘LGBTQI+-owned
business.’’ 317 Therefore, and consistent
with commenters’ suggestions, final
comments 102(l)–2 and 107(a)(18)–2
explain that a financial institution must
provide the definition of LGBTQI+owned business when inquiring as to
the applicant’s business ownership
status pursuant to final
§ 1002.107(a)(18). A financial institution
may use the definition as set forth on
the sample data collection form at
appendix E. Final comment 102(l)–2
also clarifies that a financial institution
must provide the definition of LGBTQI+
individual under final § 1002.102(k) if
asked by the applicant, but does not
need to do so unless asked.
Final comment 102(l)–2 clarifies that
the definition of LGBTQI+-owned
business is used only when an applicant
determines if it is such a business for
purposes of final § 1002.107(a)(18). The
financial institution is not permitted or
required to make its own determination
as to whether an applicant is a
LGBTQI+-owned business.
In line with commenters’ suggestions,
the definition for LGBTQI+-owned
business in final § 1002.102(l) parallels
concepts in the Bureau’s definitions for
minority-owned business and womenowned business in final § 1002.102(m)
and (s), respectively. The final rule’s
LGBTQI+-owned business definition
incorporates the same two-prong
approach as the other business status
definitions, with more than 50 percent
ownership or control as the first prong
and more than 50 percent of net profits
or losses as the second prong.
The commentary for final
§ 1002.102(l) generally mirrors the
commentary for the minority-owned
business and women-owned business
definitions in the final rule.318 Final
comment 102(l)–1 explains that a
business must satisfy both prongs of the
definition to be a LGBTQI+-owned
business—that is, (A) more than 50
percent of the ownership or control is
held by one or more LGBTQI+
individuals, and (B) more than 50
316 Explicit inclusion of intersex individuals
within the scope of the definitions for LGBTQI+
individual and LGBTQI+-owned business is
consistent with the prohibitions against
discrimination on the basis of ‘‘sex’’ under ECOA
and Regulation B. Sex characteristics including
intersex traits are ‘‘inextricably bound up with’’
sex,’’ Bostock v. Clayton Cty., 140 S. Ct. 1731, 1742
(2020), and ‘‘cannot be stated without referencing
sex,’’ Grimm v. Gloucester Cty. Sch. Bd., 972 F.3d
586, 608 (4th Cir. 2020) (quoting Whitaker v.
Kenosha Unified Sch. Dist. No. 1 Bd. of Educ., 858
F.3d 1034, 1051 (7th Cir. 2017)).
317 CFPB, User testing for sample data collection
form for the small business lending final rule at
app. C, at 3, 8 (Mar. 2023), https://
www.consumerfinance.gov/data-research/researchreports/user-testing-for-sample-data-collectionform-for-the-small-business-lending-final-rule/.
318 For discussion of comments as to the concepts
of ownership and control in the LGBTQI+-owned
business definition, the Bureau refers to discussion
of these concepts in the section-by-section analyses
of § 1002.102(m) and (s) regarding the definitions
for minority-owned business and women-owned
business.
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
PO 00000
Frm 00050
Fmt 4701
Sfmt 4700
percent of the net profits or losses
accrue to one or more LGBTQI+
individuals. Final comment 102(l)–1
clarifies that the first prong of the
definition can be met through either the
control or ownership requirements (as
do final comments 102(m)–1 and
102(s)–1).
Final comments 102(l)–3 through –6
mirror the corresponding commentary
for the definitions of minority-owned
business and women-owned business
and provide clarifications of terms used
and the concepts of ownership, control,
and accrual of net profits or losses.
102(m) Minority-Owned Business
Proposed Rule
As discussed further herein, the final
rule combines proposed § 1002.102(l)
(minority individual) into final
§ 1002.102(m) to streamline the rule and
facilitate compliance.
ECOA section 704B(b)(1) requires
financial institutions to inquire whether
applicants for credit are minority-owned
businesses. For purposes of the financial
institution’s inquiry under 704B(b),
704B(h)(5) defines a business as a
minority-owned business if (A) more
than 50 percent of the ownership or
control is held by one or more minority
individuals, and (B) more than 50
percent of the net profit or loss accrues
to one or more minority individuals.
Section 1071 does not expressly define
the related terms of ‘‘ownership’’ or
‘‘control,’’ nor does it describe what it
means for net profits or losses to accrue
to an individual. Section 704B(h)(4)
defines the term ‘‘minority’’ as having
the same meaning as in section
1204(c)(3) of the Financial Institutions
Reform, Recovery, and Enforcement Act
of 1989 (FIRREA).319 That statute
defines ‘‘minority’’ to mean any Black
American, Native American, Hispanic
American, or Asian American.320 While
section 1071 uses the term ‘‘minority
individual’’ in 704B(h)(5), it does not
define that term.
Proposed § 1002.102(l)—definition of
minority individual. Proposed
§ 1002.102(l) would have clarified that
the term ‘‘minority individual’’ means a
natural person who is American Indian
or Alaska Native, Asian, Black or
African American, Native Hawaiian or
Other Pacific Islander, and/or Hispanic
or Latino. As explained in the NPRM,
the Bureau believed that these
categories represent contemporary, more
specific delineations of the categories
described in section 1204(c)(3) of
FIRREA. Proposed comment 102(1)–2
319 Public Law 101–73, section 1204(c)(3), 103
Stat. 183, 521 (1989) (12 U.S.C. 1811 note).
320 Id.
E:\FR\FM\31MYR2.SGM
31MYR2
lotter on DSK11XQN23PROD with RULES2
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
would have clarified that a multi-racial
or multi-ethnic person is a minority
individual. Proposed comment 102(1)–1
would have clarified that this definition
would be used only when an applicant
determines whether it is a minorityowned business pursuant to proposed
§§ 1002.102(m) (definition of minorityowned business) and 1002.107(a)(18)
(data point for minority-owned business
status). Proposed comment 102(1)–3
would have clarified the relationship of
the definition of minority individual to
the disaggregated subcategories used to
determine a principal owner’s ethnicity
and race.
The Bureau sought comment on its
proposed approach to this definition,
including its proposed clarification of
the definition of minority individual,
and requested comment on whether
additional clarification was needed. The
Bureau also sought comment on
whether the definition of minority
individual should include a natural
person who is Middle Eastern or North
African, and whether doing so should
be dependent on whether Middle
Eastern or North African is added as an
aggregate category for purposes of
proposed § 1002.107(a)(20).321
Proposed § 1002.102(m)—definition of
minority-owned business. Proposed
§ 1002.102(m) would have defined a
minority-owned business as a business
for which more than 50 percent of its
ownership or control is held by one or
more minority individuals, and more
than 50 percent of its net profits or
losses accrue to one or more minority
individuals. Proposed comment
102(m)–1 would have explained that a
business must satisfy both prongs of the
definition to be a minority-owned
business—that is, (A) more than 50
percent of the ownership or control is
held by one or more minority
individuals, and (B) more than 50
percent of the net profits or losses
accrue to one or more minority
individuals.
Proposed comment 102(m)–2 would
have clarified that the definition of
minority-owned business is used only
when an applicant determines if it is a
minority-owned business for purposes
of proposed § 1002.107(a)(18). A
financial institution would provide the
definition of minority-owned business
when asking the applicant to provide
minority-owned business status
pursuant to proposed § 1002.107(a)(18),
but a financial institution would not be
permitted or required to make its own
321 The Bureau received a number of comments
regarding whether Middle Eastern or North African
should be added as an aggregate category. Those
comments are discussed in the section-by-section
analysis of § 1002.107(a)(19).
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
determination regarding whether an
applicant is a minority-owned business
for this purpose.
Proposed comment 102(m)–3 would
have further noted that a financial
institution would be permitted to assist
an applicant when determining whether
it is a minority-owned business but
would not be required to do so, and
could provide the applicant with the
definitions of ownership, control, and
accrual of net profits or losses set forth
in proposed comments 102(m)–4
through –6. Additionally, for purposes
of reporting an applicant’s minorityowned business status, a financial
institution would rely on the applicant’s
determinations of its ownership,
control, and accrual of net profits and
losses.
The Bureau proposed to clarify
‘‘ownership’’ and ‘‘control’’ using
concepts from the beneficial ownership
requirements in FinCEN’s customer due
diligence rule.322 Proposed comment
102(m)–4 would have clarified that a
natural person owns a business if that
natural person directly or indirectly,
through any contract, arrangement,
understanding, relationship or
otherwise, has an equity interest in the
business. Proposed comment 102(m)–4
would have also provided examples of
ownership and clarified that, where
applicable, ownership would need to be
traced or followed through corporate or
other indirect ownership structures for
purposes of proposed §§ 1002.102(m)
and 1002.107(a)(18). Proposed comment
102(m)–5 would have clarified that a
natural person controls a business if that
natural person has significant
responsibility to manage or direct the
business, and would have provided
examples of natural persons who
control a business. Proposed comment
102(m)–6 would have clarified that a
business’s net profits and losses accrue
to a natural person if that natural person
receives the net profits or losses, is
legally entitled or required to receive
the net profits or losses, or is legally
322 See 31 CFR 1010.230 (describing the beneficial
ownership requirements for legal entity customers).
The Department of the Treasury’s Financial Crimes
Enforcement Unit (FinCEN) recently issued a final
rule to implement requirements regarding reporting
of beneficial ownership information pursuant to the
Corporate Transparency Act, 31 U.S.C. 5336. See 87
FR 59498 (Sept. 30, 2022). While FinCEN’s final
rule does not include changes to the current
customer due diligence rule, FinCEN has indicated
its intent to revise the customer due diligence rule
in a future rulemaking. See id. at 59507. FinCEN’s
final rule includes definitions for beneficial owner
that will be different from what currently exists in
the customer due diligence rule, as to both control
and ownership, when the rule goes into effect on
January 1, 2024. See id. at 59594. However, the final
rule does not change the 25 percent threshold for
determining ownership. See id.
PO 00000
Frm 00051
Fmt 4701
Sfmt 4700
35199
entitled or required to recognize the net
profits or losses for tax purposes.
The Bureau sought comment on the
proposed definition of minority-owned
business and possible alternatives that
may clarify the term in order to help
ensure that small business applicants
can determine whether they are
minority-owned businesses for purposes
of data collection pursuant to section
1071.
Comments Received
Proposed § 1002.102(l)—definition of
minority individual. The Bureau
received comments regarding the
definition of minority individual from
several industry commenters and
community groups.
One community group stated that the
Bureau’s proposal to mirror HMDA with
respect to the definition of minority
individual is desirable because HMDA’s
racial and ethnic categories are
reasonably comprehensive, and using
the same categories eases reporting
requirements and creates consistency
for applicants. A group of trade
associations and a bank supported the
Bureau’s proposal to define a minority
individual using only aggregate
ethnicity and race categories, stating
that doing so will help lessen confusion.
Another bank requested clarification on
who is considered multi-racial or multiethnic for purposes of the rule.
Proposed § 1002.102(m)—definition of
minority-owned business. The Bureau
received comments regarding the
definition of minority-owned business
from lenders, trade associations, and
community groups.
One community group stated that the
collection of data on minority-owned
businesses, along with the collection of
data on women-owned businesses, will
help illustrate the experience of firms
owned by women of color who likely
face even higher barriers to accessing
small business credit than those firms
not owned by women of color. The
commenter noted that these firms
comprise a significant portion of small
businesses and there are a greater
proportion of women of color who own
businesses than the share of whiteowned businesses owned by women.
Another requested that the Bureau add
an ‘‘I don’t know’’ response to the list
of possible responses, as there may be
applicants who cannot make a legal
conclusion as to whether the small
business is minority-owned. A trade
association asserted that inquiring about
the ethnicity (or gender) of business
owners is contrary to the expectations of
financial institutions and applicants
alike.
E:\FR\FM\31MYR2.SGM
31MYR2
35200
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
Regarding the proposed requirement
that in order to be considered a
minority-owned business, one or more
minority individuals must hold more
than 50 percent of the ownership or
control of the business, the Bureau
received comments from several
community groups and lenders in
support. Conversely, a trade association
and a bank urged the Bureau to revise
the requirement such that one or more
minority individuals must hold ‘‘50
percent or more’’ of the ownership or
control because the statutory definition
may result in underreporting for equal
partnerships with mixed race partners
and this would, they said, slant the
statistical picture.
Regarding the proposed requirement
that in order to be considered a
minority-owned business, more than 50
percent of the net profit or loss must
accrue to one or more minority
individuals, a community group stated
that the definition is appropriate to
prevent illusory ‘‘ownership’’ by a
minority individual. Several other
commenters also supported the
definition.
Several industry commenters
requested that the Bureau not include
the requirement that more than 50
percent of the net profits or losses must
accrue to one or more minority
individuals. Some of these commenters
stated that the initial prong of the
definition requiring more than 50
percent of ownership or control by a
minority individual is sufficient for
determining ownership and would
reduce complexity for borrowers. A
CDFI lender stated that defining
ownership based on a profit and loss
calculation may not fully serve the
objectives of the statute, and asked the
Bureau to consider the CDFI Fund
definition of minority-owned
business.323 Several commenters also
argued that the net profits or losses
prong complicates the definition, could
result in inaccurate data collection,
implicates the limited understanding of
many small business owners regarding
the meaning of net profits and losses as
well as the sensitive nature of these
lotter on DSK11XQN23PROD with RULES2
323 The
community group cited to the September
2021 CDFI Transactional Level Report Data Point
Guidance, which provides guidance on providing
transactional level report data. Under ‘‘Minority
Owned or Controlled,’’ the guidance states to
‘‘[r]eport whether the investee/borrower is more
than 50% owned or controlled by one or more
minorities. If the business is a for-profit entity,
report whether more than 50% of the owners are
minorities. If the business is a nonprofit entity,
report whether more than 50% of its Board of
Directors are minorities.’’ CDFI Fund, CDFI
Transactional Level Report Data Point Guidance, at
33 (Sept. 2021), https://www.cdfifund.gov/sites/
cdfi/files/2021-08/CDFITLRGuidance_Final_
Sept2021.pdf.
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
issues, and concluded that many small
business owners will not understand the
definition as provided and will, as a
result, decline to answer the question.
A bank asked for clarification whether
data (specifically demographic data)
collected in prior years could be reused,
and what to do if there are multiple
collections. Specifically, the commenter
gave an example of an applicant that
provides demographic information for
one application, and then chooses not to
provide information for a subsequent
application, and asking which
collection should be reported.324 A
trade association stated that it is
possible in certain states for a third
party non-owner to act as trustee of a
trust, and that the Bureau should change
a comment example to clarify whether
it is the Bureau’s intent to presume that
the trustee of a trust is the owner.
Another bank also asserted that
requiring banks to collect such
information is costly to banks,
customers, and communities. A group of
trade associations asserted that the
commentary should be revised to
explicitly state that a financial
institution must provide an applicant
with the applicable definition.
Several industry commenters
supported the proposal to rely solely on
the data provided by the applicant and
that financial institutions should not be
required to verify any such information
provided by the applicant. With respect
to self-certification of minority-owned
business status, two trade associations
supported permitting credit applicants
to self-certify that 50 percent or more of
the net profit or loss accrues to one or
more minority individuals, rather than
lenders needing to verify this
information. Another trade association
asserted that the applicant should solely
determine whether the individual
owners are multi-ethnic or multi-racial
individuals and the financial institution
should not be required to otherwise
verify or report any information other
than that supplied by the applicant.
Final Rule
For the reasons set forth herein, the
Bureau is finalizing § 1002.102(m) with
a number of revisions to the regulatory
text and commentary to incorporate the
definition of minority individual. The
Bureau has made these changes to
streamline the rule and facilitate
compliance. The Bureau is otherwise
finalizing the associated commentary
with a minor adjustment for clarity.
324 See the section-by-section analysis of
§ 1002.107(d) regarding the use of previously
collected data.
PO 00000
Frm 00052
Fmt 4701
Sfmt 4700
Final § 1002.102(m) defines a
minority-owned business as a business
for which one or more American Indian
or Alaska Native, Asian, Black or
African American, Native Hawaiian or
Other Pacific Islander, or Hispanic or
Latino individuals hold more than 50
percent of its ownership or control and
for which more than 50 percent of the
net profits or losses accrue to one or
more such individuals. Final comment
102(m)–1 explains that a business must
satisfy both prongs of the definition to
be a minority-owned business—that is,
(A) more than 50 percent of the
ownership or control is held by one or
more such individuals, and (B) more
than 50 percent of the net profits or
losses accrue to one or more such
individuals. Final comment 102(m)–1
includes an additional sentence to
clarify that a business that is controlled
by an individual with the characteristics
listed in the regulatory text satisfies this
prong of the definition even if none of
the individuals with ownership in the
business satisfies those characteristics.
Final comment 102(m)–2 clarifies that
the definition of minority-owned
business is used only when an applicant
determines if it is a minority-owned
business for purposes of final
§ 1002.107(a)(18), and is finalized with
an adjustment made for clarity. Final
comment 102(m)–3 is finalized as
proposed and notes that a financial
institution is permitted to assist an
applicant when determining whether it
is a minority-owned business but is not
required to do so, may provide the
applicant with the definitions of
ownership, control, and accrual of net
profits or losses set forth in final
comments 102(m)–4 through –6, and
that, for purposes of reporting an
applicant’s minority-owned business
status, a financial institution relies on
the applicant’s determinations of its
ownership, control, and accrual of net
profits and losses.
Final comment 102(m)–4, finalized
with minor edits for consistency and
clarity, provides examples of ownership
and clarifies that, where applicable,
ownership needs to be traced through
corporate or other indirect ownership
structures. With regard to a commenter’s
assertion that, in certain states, a trustee
could act as a third party non-owner
trustee of a trust, the Bureau believes
the trustee would be considered an
owner for purposes of this definition.
Final comment 102(m)–4 also clarifies
(as it did in the Bureau’s proposal) that
a trustee is considered the owner of a
trust.
Final comment 102(m)–5 clarifies that
an individual controls a business if that
individual has significant responsibility
E:\FR\FM\31MYR2.SGM
31MYR2
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
lotter on DSK11XQN23PROD with RULES2
to manage or direct the business, while
final comment 102(m)–6 clarifies that a
business’s net profits and losses accrue
to an individual if that individual
receives the net profits, is legally
entitled or required to receive the net
profits or losses, or is legally entitled or
required to recognize the net profits or
losses for tax purposes. Both comments
are finalized with minor edits for
consistency and clarity.
Final comments 102(m)–7 and –8 are
adopted from the commentary to
proposed § 1002.102(l) (respectively,
proposed comments 102(l)–2 and –3).
Final comment 102(m)–7 clarifies that
an individual who is multi-racial or
multi-ethnic constitutes an individual
for which the definition of minorityowned business may apply, depending
on whether the individual meets the
other requirements of the definition.
Final comment 102(m)–8 clarifies that
the relationship of the ethnicity and
race categories used in this section are
aggregate ethnicity and race categories
and are the same aggregate categories
(along with Not Hispanic or Latino for
ethnicity, and White for race) to collect
an applicant’s principal owners’
ethnicity and race pursuant to final
§ 1002.107(a)(19). Final comment
102(m)–8 is revised from proposed
comment 102(l)–3 to more clearly state
the relationship of the ethnicity and
race disaggregated subcategories in this
comment to those used in final
§ 1002.107(a)(19). Proposed comment
102(l)–1 was not finalized because it
was no longer relevant once the
definition of minority individual was
incorporated into the minority-owned
business definition.
With respect to the categories of
persons that constitute minorities for
purposes of determining minorityowned business status, the Bureau
believes its clarified terminology in final
§ 1002.102(m), which uses the aggregate
ethnicity and race categories set forth in
existing § 1002.13(a)(1)(i) and appendix
B to Regulation C, will avoid the
potentially confusing situation where an
applicant is presented one set of
aggregate ethnicity and race categories
when answering questions about the
principal owners’ ethnicity and race
pursuant to final § 1002.107(a)(19)
(which also uses the same aggregate
ethnicity and race categories) 325 but is
325 The Bureau notes that while the aggregate
ethnicity and race categories are the same among
final § 1002.107(a)(19), existing § 1002.13(a)(1)(i),
and appendix B to Regulation C, the disaggregated
race subcategories that an applicant may use to
respond to a financial institution’s inquiry as to its
principal owners’ race under final § 1002.107(a)(19)
differ (i.e., due to the addition of disaggregated
Black or African American race subcategories) from
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
35201
and small businesses in understanding
this definition.
asked to use a different set of aggregate
categories when indicating whether the
business is a minority-owned business.
It also avoids creating a situation where
a financial institution is required to use
different aggregate ethnicity and race
categories when complying with
different portions of Regulation B and,
if applicable, Regulation C. This
consistency across ethnicity and race
data collection regimes will also allow
for better coordination among data users
when reviewing data.326 Further, the
Bureau believes that these categories
represent contemporary, more specific
delineations of the categories described
in section 1204(c)(3) of FIRREA.327
The Bureau does not believe it would
be appropriate to deviate from the
statutory definition of a minority-owned
business in the various ways some
commenters suggested, and the Bureau’s
authority to deviate from the statutory
language is limited. The Bureau also
believes that many small business
applicants already respond to questions
about who owns and who controls a
business entity when completing
customer due diligence forms or
otherwise responding to questions
related to that rule and thus will be
familiar with these concepts. Although
the customer due diligence rule does
not address the second prong of the
definition regarding accrual of net
profits or losses, final comment 102(m)–
6 provides a comprehensive explanation
of this prong of the definition.
With regard to comments urging the
Bureau to remove the prong requiring
that more than 50 percent of its net
profits or losses accrue to one or more
minority individuals in order to be
considered a minority-owned business,
aside from the Bureau’s limited
authority to deviate from the statutory
language, the Bureau finds that this
prong is necessary to prevent illusory
‘‘ownership’’ claims by ‘‘straw’’ owners.
Finally, with regard to commenters’
requests for further clarification, in
accordance with ECOA section
704B(g)(3), the Bureau may release
material, as part of its regulatory
implementation strategy, to assist both
financial institutions with complying
with the requirements of § 1002.102(m)
Proposed Rule
ECOA section 704B(e) requires
financial institutions to compile and
maintain the ethnicity, race, and sex of
an applicant’s principal owners.
However, section 1071 does not
expressly define who is a principal
owner of a business. Proposed
§ 1002.102(o) would have defined
principal owner in a manner that is, in
part, consistent with the beneficial
ownership requirements in FinCEN’s
customer due diligence rule.328
Specifically, a natural person would be
a principal owner if the natural person
directly owns 25 percent or more of the
equity interests of the business. Further,
as noted in proposed comment 102(o)–
1, a natural person would need to
directly own an equity share of 25
percent or more in the business in order
to be a principal owner. The Bureau also
the disaggregated race subcategories in existing
§ 1002.13(a)(1)(i), and appendix B to Regulation C.
See the section-by-section analysis of
§ 1002.107(a)(19).
326 For example, OMB uses these same categories
for the classification of Federal data on race and
ethnicity. See Off. of Mgmt. & Budget, Revisions to
the Standards for the Classification of Federal Data
on Race and Ethnicity, 62 FR 58785 (Oct. 30, 1996).
327 See, e.g., 80 FR 36356 (June 24, 2015) (NCUA
interpretive ruling and policy statement
implementing an identical FIRREA definition of
minority using this same modern technology).
328 See 31 CFR 1010.230 (describing the beneficial
ownership requirements for legal entity customers).
As noted above, FinCEN recently issued a final rule
to implement requirements regarding reporting of
beneficial ownership information pursuant to the
Corporate Transparency Act. See 87 FR 59498
(Sept. 30, 2022). That final rule does not amend the
current customer due diligence rule (although
FinCEN has indicated that it will be revised at a
later point). See 87 FR 59498, 59507. Notably,
however, FinCEN’s final rule did not change the 25
percent threshold for determining ownership. See
id. at 59594.
PO 00000
Frm 00053
Fmt 4701
Sfmt 4700
102(n) Open-End Credit Transaction
Proposed § 1002.102(n) would have
stated that an open-end credit
transaction means an open-end credit
plan as defined in Regulation Z
§ 1026.2(a)(20), but without regard to
whether the credit is consumer credit,
as defined in § 1026.2(a)(12), is
extended by a creditor, as defined in
§ 1026.2(a)(17), or is extended to a
consumer, as defined in § 1026.2(a)(11).
The term ‘‘open-end credit transaction’’
is undefined in section 1071. The
Bureau’s proposal would have specified
different rules for collecting and
reporting certain data points based on
whether the application is for a closedend credit transaction or an open-end
credit transaction.
The Bureau sought comment on its
proposed approach to this definition.
The Bureau received no comments and
is finalizing § 1002.102(n) as proposed.
The Bureau believes this definition is
reasonable because it aligns with the
definition of ‘‘open-end credit
transaction’’ in Regulation Z
§ 1026.2(a)(20), and that such alignment
will minimize confusion and facilitate
compliance.
102(o) Principal Owner
E:\FR\FM\31MYR2.SGM
31MYR2
lotter on DSK11XQN23PROD with RULES2
35202
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
proposed that entities not be considered
principal owners and indirect
ownership by individuals likewise not
be considered when determining if
someone is a principal owner for
purposes of collecting and reporting
principal owners’ ethnicity, race, and
sex or the number of principal owners.
Thus, when determining who is a
principal owner, ownership would not
be traced through multiple corporate
structures to determine if a natural
person owns 25 percent or more of the
applicant’s equity interests.
Additionally, because only a natural
person would be a principal owner for
purposes of the rule, entities such as
trusts, partnerships, limited liability
companies, and corporations, would not
be principal owners.
Proposed comment 102(o)–2 would
have clarified that a financial institution
would provide an applicant with the
definition of principal owner when
asking the applicant to provide the
number of its principal owners pursuant
to proposed § 1002.107(a)(20) and the
ethnicity, race, and sex of its principal
owners pursuant to proposed
§ 1002.107(a)(19). Proposed comment
102(o)–2 would have also explained that
if a financial institution meets in person
with a natural person about a covered
application, the financial institution
may be required to determine if the
natural person with whom it meets is a
principal owner in order to collect and
report the principal owner’s ethnicity
and race based on visual observation
and/or surname. Additionally, proposed
comment 102(o)–2 would have noted
that if an applicant does not provide the
number of its principal owners in
response to the financial institution’s
request pursuant to proposed
§ 1002.107(a)(21), the financial
institution may need to determine the
number of the applicant’s principal
owners and report that information
based on other documents or
information.
The Bureau explained that aligning
the proposed definition of principal
owner with the 25 percent ownership
definition in the customer due diligence
rule would likely be familiar to most
financial institutions and applicants.
The customer due diligence rule is
broadly in use and banks, credit unions,
and certain other financial institutions
must comply with that rule. Further, the
Bureau believed that applicants, as a
general matter, would be more likely to
be familiar with customer due diligence
requirements than SBA or CDFI Fund
requirements because they have to
complete customer due diligence forms
before opening an initial account (i.e.,
loan or deposit account) at a bank or at
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
certain other institutions. However,
unlike the customer due diligence rule,
due to potential complications with
collecting ethnicity, race, and sex
information for principal owners, the
Bureau proposed that individuals that
only indirectly own 25 percent or more
of an applicant’s equity interests, as
well as entities and trusts, would not be
considered principal owners for
purposes of the rule. The Bureau sought
comment on its proposed definition,
including its proposal to not include
individuals that only indirectly own 25
percent or more of an applicant’s equity
interests as principal owners.
Comments Received
The Bureau received comments on
this aspect of the proposal from a
number of banks, trade associations,
community groups, and a business
advocacy group. Some of the industry
commenters and a community group
supported the Bureau’s proposed
definition for principal owner. A group
of trade associations agreed with the
Bureau’s proposal to align, in part, the
definition with the customer due
diligence rule, stating that financial
institutions are already familiar with
ownership concepts through that rule.
Trade association commenters also
supported the Bureau’s proposal not to
include entities and indirect ownership
by natural persons, with one stating that
the concepts of ownership by entities
and indirect ownership would add
unnecessary complexity to the Bureau’s
final rule and another noting that its
members found them difficult concepts
to explain and determine. The
community group supporting the
Bureau’s proposed definition for
principal owner stated that the
proposed definition made intuitive
sense, as 25 percent is a significant
amount of ownership.
Several other industry commenters
did not support the Bureau’s proposed
definition. Specifically, these
commenters requested that the Bureau
look to and align with all the concepts
of the customer due diligence rule. The
commenters stated that because
financial institutions and customers are
familiar with the customer due
diligence rule and financial institutions
already identify principal owners
thereunder, consistency between the
two regulatory regimes would reduce
complexity and facilitate compliance. A
business advocacy group stated that
aligning the rules completely would
allow financial institutions to leverage
existing processes and training and
focus on customer needs rather than
regulatory interpretation. Another
commenter argued that a new definition
PO 00000
Frm 00054
Fmt 4701
Sfmt 4700
for principal owner under the rule
would add unnecessary complexity to
the loan origination process. A lender
specifically suggested that financial
institutions be required to identify and
verify the identity of each individual
who owns 25 percent or more of the
entity, and one individual who controls
the entity, as is required under the
customer due diligence rule. Another
commenter similarly argued for
replicating this requirement for the rule,
arguing that financial institutions would
not find it challenging to trace indirect
ownership because they already do so
under the customer due diligence rule,
that the approach would be familiar to
small business applicants structured as
legal entities, and that small businesses
that are not legal entities (e.g., sole
proprietorships) likely would not have
complicated equity structures.
Two industry commenters that
supported aligning principal owner
definition in the Bureau’s rule more
closely with the customer due diligence
rule than proposed by the Bureau also
expressed concern that differences in
the definition between the regulatory
regimes would lead to customer
confusion. One of these commenters
argued that confusion would likely
result for applicants who will be asked
to provide information about principal
owners under both rules at the same
point of the origination process. The
other asserted that confusion as a result
of different definitions would increase
the possibility that customers would
refuse to provide information.
A bank commented that the Bureau’s
proposal did not provide enough
guidance or procedures for how
financial institutions should handle
reporting for small business applicants
whose principal owner(s) are a separate
corporate entity or trust.
Another bank stated that financial
institutions should not be required to
determine the ownership of small
businesses, which it said the proposed
rule would require.
A trade association, which requested
an exclusion for applications from trusts
from coverage under the final rule,
raised a question about who should be
considered a principal owner of a trust
for data collection purposes, such as
whether they should be the settlors,
beneficiaries, trustees, or some
combination thereof.
Final Rule
For the reasons set forth herein, the
Bureau is finalizing its definition of
principal owner in § 1002.102(o) and
associated commentary with certain
adjustments. The Bureau believes it is
appropriate to align, in part, its
E:\FR\FM\31MYR2.SGM
31MYR2
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
definition of principal owner with the
25 percent ownership concept in
FinCEN’s customer due diligence rule
given financial institutions’ and
applicants’ likely familiarity with that
rule’s requirements.329 The Bureau does
not believe, however, that its definition
must completely match the ownership
and control requirements in the
customer due diligence rule as urged by
some commenters. While differences
between similar concepts in different
regulatory regimes may lead to some
initial confusion, particularly as
financial institutions (as well as small
business applicants) already familiar
with the customer due diligence rule
implement this final rule’s
requirements, the Bureau believes that
adding the concepts of indirect
ownership by natural persons, as well as
ownership by entities or trusts, to the
definition of principal owner would add
unnecessary complexity to this final
rule.
Generally, FinCEN’s customer due
diligence rule defines a beneficial owner
as not just any individual who directly
owns 25 percent or more of a legal
entity, but also includes individuals
who indirectly have that amount of
ownership in the entity, such as through
multiple corporate structures.330 If a
trust directly or indirectly owns 25
percent or more of the entity, the trustee
is considered to be a beneficial
owner.331 In addition to ownership, the
customer due diligence rule also looks
to control. A beneficial owner also
includes the single individual with
significant responsibility to control,
manage, or direct the entity.332
The Bureau does not believe that it
would be appropriate for the rule’s
definition of principal owner to
incorporate indirect ownership and
control, as suggested by some
commenters. This final rule requires
covered financial institutions to collect
and report the ethnicity, race, and sex
of small business applicants’ principal
owners and includes the definition of
principal owner at § 1002.102(o) for the
purpose of facilitating financial
institutions’ and applicants’ ability to
provide such information. The Bureau
believes that a simpler definition for
principal owner that aligns with the
lotter on DSK11XQN23PROD with RULES2
329 86
FR 56356, 56395 (Oct. 8, 2021).
330 31 CFR 1010.230(d)(1). See also Fin. Crimes
Enf’t Network, U.S. Dep’t of Treas., FinCEN
Guidance FIN–2018–G001: Frequently Asked
Questions Regarding Customer Due Diligence
Requirements for Financial Institutions 3 (Apr. 3,
2018), https://www.fincen.gov/sites/default/files/
2018-04/FinCEN_Guidance_CDD_FAQ_FINAL_508_
2.pdf. Certain legal entities are exempted from the
rule. 31 CFR 1010.230(e)(2).
331 31 CFR 1010.230(d)(3).
332 31 CFR 1010.230(d)(2).
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
customer due diligence rule’s general 25
percent or more ownership concept, but
which only applies to individuals (not
entities or trusts) with direct ownership,
will encourage applicants to provide
their principal owners’ ethnicity, race,
and sex and facilitate more accurate
reporting. With the simpler definition
for principal owner, applicants do not
need to first make potentially difficult
determinations about which individuals
indirectly own or control the small
business before providing such
individuals’ ethnicity, race, and sex
information.
The Bureau does not believe
differences between the customer due
diligence beneficial owner definition
and the principal owner definition in
this rule will lead applicants to refuse
to provide their principal owners’
ethnicity, race, and/or sex information,
as suggested by one commenter. In
contrast, the Bureau believes that its
principal owner definition is less
complicated and easier to understand
and is more likely to facilitate
applicants’ willingness to provide their
principal owners’ information.
With respect to a commenter’s
assertion that the NPRM did not provide
enough guidance or procedures for how
financial institutions should handle
reporting for small business applicants
whose principal owner(s) are a separate
corporate entity or trust, under the final
rule (as generally in the proposal), only
individuals are considered principal
owners. Thus, entities, such as trusts,
partnerships, limited liability
companies, and corporations, are not
principal owners. Final comment
107(a)(19)–10 clarifies that if an
applicant has fewer than four principal
owners (e.g., because only one
individual owns 25 percent or more of
the equity interests of the small
business), the financial institution
reports ethnicity, race, and sex
information for the number of principal
owners that the applicant has identified
and reports that the ethnicity, race, and
sex fields for additional principal
owners are ‘‘not applicable.’’ (In the
NPRM, this clarification generally
appeared in proposed appendix G,
instruction 25.)
Relatedly, as discussed in the sectionby-section analysis of § 1002.106(a), a
trust may also be a small business
applicant (as opposed to a trust that is
an owner of small business applicant)
under the final rule. In this case, as was
noted by a trade association commenter,
it is unclear who should be considered
a principal owner for the purpose of
principal owners’ ethnicity, race, and
sex information. The Bureau has added
new comment 102(o)–2 clarifying that if
PO 00000
Frm 00055
Fmt 4701
Sfmt 4700
35203
a trust is an applicant for a covered
credit transaction, a trustee is
considered an owner of the trust, to
align with commentary accompanying
the definitions for LGBTQI+-owned
business, minority-owned business, and
women-owned business.
As to a commenter’s concern that the
rule would require financial institutions
to determine the ownership of a
business, it is unclear as to the specific
aspect of the Bureau’s proposal to which
the commenter was referring. Under the
Bureau’s proposal (as in the final rule),
a financial institution would collect and
report the following information related
to the ownership of an applicant: the
applicant’s status as a minority-owned
and/or women-owned small business
(as well as LGBTQI+-owned business
status), the number of principal owners,
and the ethnicity, race, and sex of those
principal owners. A financial institution
can rely (and, in fact, for the protected
demographic information, must rely)
upon an applicant’s self-reported
information. This aspect of those data
points has been substantially finalized
as proposed. Final comment 107(a)(18)–
9, regarding the collection and reporting
of women-owned, minority-owned, and
LGBTQI+-owned business status
information clarifies that a financial
institution must only report an
applicant’s responses, even if it verifies
or otherwise obtains such information.
Final comment 107(a)(20)–2, regarding
the collection and reporting of the
number of an applicant’s principal
owners, also provides that a financial
institution may rely upon an applicant’s
statements or information to report such
information. It further provides that the
financial institution is not required to
verify the number of an applicant’s
principal owners, but if it does so, then
it must report the verified information.
Thus, a financial institution is not
required to make its own determinations
about the ownership of a business under
the final rule.333
In light of the foregoing, the text of
final § 1002.102(o) and final comment
102(o)–1 generally remain unchanged
from the proposal, though upon further
consideration the Bureau has changed
the reference to ‘‘natural person’’ in the
333 The Bureau notes, however, that as part of its
proposal requiring financial institutions to collect
principal owners’ ethnicity and race via visual
observation or surname in certain circumstances, a
financial institution would have needed to
determine if a representative of the applicant with
whom it was meeting in person was a principal
owner. As discussed in the section-by-section
analysis of § 1002.107(a)(19) below, the Bureau is
not finalizing this requirement. Thus, to the extent
the comment was referring to this aspect of the
proposal, the commenter’s concern has been
rendered moot.
E:\FR\FM\31MYR2.SGM
31MYR2
35204
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
proposed definition and related
comment to ‘‘individual’’ in the final
rule. In user testing conducted on
versions of the Bureau’s proposed
sample data collection form at appendix
E, users expressed confusion about the
term ‘‘natural person.’’ 334 The Bureau
does not believe that there is a
meaningful difference between the
terms ‘‘individual’’ and ‘‘natural
person’’ and as a result has decided to
use the term ‘‘individual’’ in the
definition for comprehensibility.
The Bureau is finalizing proposed
comment 102(o)–2, renumbered as final
comment 102(o)–3, to explain the
purpose of the definition of principal
owner; the Bureau has revised this
comment to reflect other changes in the
rule.
102(p) Small Business
Final § 1002.102(p) refers to
§ 1002.106(b) for a definition of the term
‘‘small business.’’ See the section-bysection analysis of § 1002.106(b) for a
detailed discussion of that definition.
102(q) Small Business Lending
Application Register
Proposed § 1002.102(q) would have
defined the term ‘‘small business
lending application register’’ or
‘‘register’’ as the data reported, or
required to be reported, annually
pursuant to proposed § 1002.109. This
definition referred only to the data that
is reported, or required to be reported,
annually; it did not refer to the data
required to be collected and maintained
(prior to reporting).335 The Bureau
sought comment on its proposed
definition of ‘‘small business lending
application register’’ or ‘‘register’’ in
proposed § 1002.102(q). The Bureau
received no comments on this
definition, and therefore is finalizing
§ 1002.102(q) as proposed.
lotter on DSK11XQN23PROD with RULES2
102(r) State
Proposed § 1002.102(r) would have
referred to existing § 1002.2(aa) for a
definition of the term ‘‘State.’’ Existing
§ 1002.2(aa) defines the term as any
State, the District of Columbia, the
Commonwealth of Puerto Rico, or any
territory or possession of the United
States. The Bureau requested comment
334 CFPB, User testing for sample data collection
form for the small business lending final rule at
app. B, at 12, 15 (Mar. 2023), https://
www.consumerfinance.gov/data-research/researchreports/user-testing-for-sample-data-collectionform-for-the-small-business-lending-final-rule/.
335 In contrast, the term ‘‘Loan/Application
Register’’ in Regulation C § 1003.2(k) refers to both
the record of information required to be collected
pursuant to § 1003.4 as well as the record submitted
annually or quarterly, as applicable, pursuant to
§ 1003.5(a).
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
on its proposed approach to this
definition, but did not receive any
feedback. The Bureau is finalizing
§ 1002.102(r) as proposed. The Bureau
believes that, being consistent with
existing Regulation B, this definition
will be familiar to financial institutions.
102(s) Women-Owned Business
Proposed Rule
ECOA section 704B(b)(1) requires
financial institutions to inquire whether
applicants for credit are women-owned
businesses. For purposes of the financial
institution’s inquiry under 704B(b),
704B(h)(6) defines a business as a
women-owned business if (A) more than
50 percent of the ownership or control
is held by one or more women, and (B)
more than 50 percent of the net profit
or loss accrues to one or more women.
Section 1071 does not expressly define
the related terms of ‘‘ownership’’ or
‘‘control,’’ nor does it describe what it
means for net profits or losses to accrue
to an individual.
Proposed § 1002.102(s) would have
defined a women-owned business as a
business for which more than 50
percent of its ownership or control is
held by one or more women, and more
than 50 percent of its net profits or
losses accrue to one or more women.
Proposed comment 102(s)–1 would have
explained that a business must satisfy
both prongs of the definition to be a
women-owned business—that is, (A)
more than 50 percent of the ownership
or control is held by one or more
women, and (B) more than 50 percent of
the net profits or losses accrue to one or
more women.
Proposed comment 102(s)–2 would
have clarified that the definition of
women-owned business is used only
when an applicant determines if it is a
women-owned business for purposes of
proposed § 1002.107(a)(19). A financial
institution would have provided the
definition of women-owned business
when asking the applicant to provide
women-owned business status pursuant
to proposed § 1002.107(a)(19), but a
financial institution would not have
been permitted or required to make its
own determination regarding whether
an applicant is a women-owned
business for this purpose.
Proposed comment 102(s)–3 would
have further noted that a financial
institution would be permitted to assist
an applicant when determining whether
it is a women-owned business but
would not be required to do so, and
could provide the applicant with the
definitions of ownership, control, and
accrual of net profits or losses set forth
in proposed comments 102(s)–4 through
PO 00000
Frm 00056
Fmt 4701
Sfmt 4700
–6. Additionally, for purposes of
reporting an applicant’s women-owned
business status, a financial institution
would rely on the applicant’s
determinations of its ownership,
control, and accrual of net profits and
losses.
The Bureau proposed to clarify
‘‘ownership’’ and ‘‘control’’ using
concepts from FinCEN’s customer due
diligence rule. Proposed comment
102(s)–4 would have clarified that a
natural person owns a business if that
natural person directly or indirectly,
through any contract, arrangement,
understanding, relationship or
otherwise, has an equity interest in the
business. Proposed comment 102(s)–4
would have also provided examples of
ownership and clarified that, where
applicable, ownership would need to be
traced or followed through corporate or
other indirect ownership structures for
purposes of proposed §§ 1002.102(s)
and 1002.107(a)(19). Proposed comment
102(s)–5 would have clarified that a
natural person controls a business if that
natural person has significant
responsibility to manage or direct the
business and would provide examples
of natural persons who control a
business. Proposed comment 102(s)–6
would have clarified that a business’s
net profits and losses accrue to a natural
person if that natural person receives
the net profits, is legally entitled or
required to receive the net profits or
losses, or is legally entitled or required
to recognize the net profits or losses for
tax purposes.
The Bureau sought comment on the
proposed definition of women-owned
business and possible alternatives that
may clarify the term in order to help
ensure that small business applicants
can determine whether they are womenowned businesses for purposes of data
collection pursuant to section 1071.
Comments Received
The Bureau received comments
regarding the definition of a womenowned business from a number of
banks, trade associations, and
community groups.
One community group requested that
the Bureau add an ‘‘I don’t know’’
response to the list of possible
responses, as there may be applicants
who cannot make a legal conclusion as
to whether the small business is
women-owned.
Regarding the proposed requirement
that to be considered a women-owned
business, one or more women must hold
‘‘more than 50 percent’’ of the
ownership or control, the Bureau
received several comments from
community groups and a CDFI lender
E:\FR\FM\31MYR2.SGM
31MYR2
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
lotter on DSK11XQN23PROD with RULES2
supporting this requirement. A trade
association stated that the Bureau
should revise the requirement to state
that one or more women must hold ‘‘50
percent or more’’ of the ownership or
control because the statutory definition
may result in underreporting for equal
partnerships with mixed gender
partners.
Regarding the proposed requirement
that to be considered a women-owned
business, more than 50 percent of the
net profit or loss must accrue to one or
more women, one community group
stated that the statutory definition is
appropriate to prevent illusory
‘‘ownership’’ by one or more women.
Another commenter supported the
definition.
Some commenters stated that the
Bureau should not include the statutory
definition requirement that more than
50 percent of the net profit or loss must
accrue to one or more women. A
number of commenters stated that the
initial prong of the definition requiring
more than 50 percent of ownership or
control by a woman is sufficient for
determining ownership and would
reduce complexity for borrowers. A
CDFI lender stated that defining
ownership on a profit and loss
calculation may not fully serve the
objectives of the statute, and asked the
Bureau to consider the CDFI Fund
definition of women-owned business.336
Several industry commenters asserted
that the net profits or losses prong
complicates the definition, can result in
inaccurate data collection (for example,
in spousal relationships where each
partner equally owns and controls a
small business), implicates the limited
understanding of many small business
owners regarding the meaning of net
profits and losses as well as the
sensitive nature of these issues, and that
many small business owners will not
understand the definition as provided
and will, as a result, decline to answer
the question.
A bank asked for clarification whether
data (specifically demographic data)
collected in prior years could be reused,
and what to do if there are multiple
collections. Specifically, the commenter
336 The community group cited to the September
2021 CDFI Transactional Level Report Data Point
Guidance, which provides guidance on providing
transactional level report data. Under ‘‘Women
Owned or Controlled,’’ the guidance states to
‘‘[r]eport whether the investee/borrower is more
than 50% owned or controlled by one or more
women. If the business is a for-profit entity, report
whether more than 50% of the owners are women.
If the business is a nonprofit entity, report whether
more than 50% of its Board of Directors are
women.’’ CDFI Fund, CDFI Transactional Level
Report Data Point Guidance, at 33 (Sept. 2021),
https://www.cdfifund.gov/sites/cdfi/files/2021-08/
CDFITLRGuidance_Final_Sept2021.pdf.
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
gave an example of an applicant that
provides demographic information for
one application, and then chooses not to
provide information for a subsequent
application, and asking which
collection should be reported.337 A
trade association stated that it is
possible in certain States for a third
party non-owner to act as trustee of a
trust, and that the Bureau should change
a comment example to clarify whether
it is the Bureau’s intent to presume that
the trustee of a trust is the owner.
Another bank also asserted that
requiring banks to collect such
information is costly to banks,
customers, and communities. A group of
trade associations asserted that the
commentary should be revised to
explicitly state that a financial
institution must provide an applicant
with the applicable definition.
Final Rule
For the reasons set forth herein, the
Bureau is finalizing § 1002.102(s) with
one addition and one minor adjustment
for clarity, along with several nonsubstantive technical revisions to
update citations to other provisions.
Final § 1002.102(s) defines a womenowned business as a business for which
more than 50 percent of its ownership
or control is held by one or more
women, and more than 50 percent of its
net profits or losses accrue to one or
more women. Final comment 102(s)–1
explains that a business must satisfy
both prongs of the definition to be a
women-owned business and includes an
additional sentence to clarify that a
business that is controlled by a woman
or by women satisfies this prong of the
definition even if none of the
individuals with ownership in the
business are women.
Final comment 102(s)–2 clarifies that
the definition of women-owned
business is used only when an applicant
determines if it is a women-owned
business for purposes of final
§ 1002.107(a)(18), and is finalized as
proposed with the exception of one
small adjustment for clarity.
Final comment 102(s)–3 is finalized
as proposed and notes that a financial
institution is permitted to assist an
applicant when determining whether it
is a women-owned business but is not
required to do so, may provide the
applicant with the definitions of
ownership, control, and accrual of net
profits or losses set forth in final
comments 102(s)–4 through –6, and
that, for purposes of reporting an
337 See the section-by-section analysis of
§ 1002.107(d) for a discussion on the use of
previously collected data.
PO 00000
Frm 00057
Fmt 4701
Sfmt 4700
35205
applicant’s women-owned business
status, a financial institution relies on
the applicant’s determinations of its
ownership, control, and accrual of net
profits and losses.
Final comment 102(s)–4 is finalized
with an updated cross-reference and
minor edits for consistency and clarity.
It provides examples of ownership and
clarifies that, where applicable,
ownership needs to be traced or
followed through corporate or other
indirect ownership structures. With
regard to a commenter’s assertion that,
in certain states, a trustee could act as
a third party non-owner trustee of a
trust, the Bureau believes that in such
circumstances, the trustee would be
considered an owner for purposes of
this definition. Final comment 102(s)–4
also clarifies (as it did in the Bureau’s
proposal) that a trustee is considered the
owner of a trust.
Final comment 102(s)–5 clarifies that
an individual controls a business if that
individual has significant responsibility
to manage or direct the business, while
final comment 102(s)–6 clarifies that a
business’s net profits and losses accrue
to an individual if that individual
receives the net profits or losses, is
legally entitled or required to receive
the net profits or losses, or is legally
entitled or required to recognize the net
profits or losses for tax purposes. Both
comments are finalized with minor edits
for consistency and clarity.
The Bureau does not believe that it
would be appropriate to deviate from
the statutory definition of womenowned business, as suggested by some
commenters, and notes that the Bureau’s
authority to deviate from the statutory
language is limited. The Bureau also
believes that many small business
applicants already respond to questions
about who owns and who controls a
business entity when completing
customer due diligence forms or
otherwise responding to questions
related to that rule and thus will be
familiar with the concepts therein.
Although the customer due diligence
rule does not address the second prong
of the definition regarding accrual of net
profits or losses, final comment 102(s)–
6 provides a comprehensive explanation
of this prong of the definition.
With regard to comments urging the
Bureau to remove the prong requiring
that more than 50 percent of its net
profits or losses accrue to one or more
women in order to be considered a
women-owned business, the Bureau
finds that this prong is necessary to
prevent illusory ‘‘ownership’’ claims by
‘‘straw’’ owners.
Finally, in accordance with ECOA
section 704B(g)(3), the Bureau may
E:\FR\FM\31MYR2.SGM
31MYR2
lotter on DSK11XQN23PROD with RULES2
35206
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
release material, as part of its regulatory
implementation strategy, to assist both
financial institutions in complying with
the requirements of § 1002.102(s) and
small businesses in understanding this
definition.
believes that adopting the Regulation C
definition of dwelling is no longer
necessary to minimize the compliance
risks that would have arisen from
having to report a transaction under
both Regulation C and this final rule.
Proposed Definition of Dwelling
Proposed § 1002.102(j) would have
referred to Regulation C § 1003.2(f) for a
definition of the term ‘‘dwelling.’’ That
provision defines dwelling to mean a
residential structure, whether or not
attached to real property. The term
includes but is not limited to a detached
home, an individual condominium or
cooperative unit, a manufactured home
or other factory-built home, or a
multifamily residential structure or
community. Proposed comment 102(j)–
1 would have provided that Bureau
interpretations that appear in
supplement I to part 1003 containing
official commentary in connection with
§ 1003.2(f) are generally applicable to
the definition of a dwelling in proposed
§ 1002.102(j). Proposed comment 102(j)–
2 would have clarified that the
definition of dwelling under existing
§ 1002.14(b)(2) applies to relevant
provisions under existing Regulation B,
and proposed § 1002.102(j) is not
intended to repeal, abrogate, annul,
impair, or interfere with any existing
interpretations, orders, agreements,
ordinances, rules, or regulations
adopted or issued pursuant to existing
§ 1002.14(b)(2). The Bureau did not
receive any comments on this aspect of
the proposal.
The Bureau is not finalizing its
proposed definition of ‘‘dwelling.’’ The
need for the Bureau to adopt its own
definition of ‘‘dwelling’’ in this
rulemaking is obviated by the Bureau’s
decision in this final rule to not require
reporting of transactions that would
constitute ‘‘covered loans’’ under
Regulation C. That decision is discussed
in detail in the section-by-section
analysis of § 1002.104 below. The
Bureau understands that there may be
limited instances where a dwelling is
used as collateral for a covered credit
transaction that does not fall under the
definition of a Regulation C covered
loan because it does not involve the
purchase, improvement, or refinance of
a dwelling—for example, where a small
business seeks to use their primary
dwelling as collateral to obtain working
capital such as inventory. In this
example, the transaction would only be
reported under the final rule, not under
Regulation C, with a credit purpose of
working capital (includes inventory or
floor planning) per final comment
107(a)(6)–1. Taking into account these
limited circumstances, the Bureau
Section 1002.103
Applications
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
Covered
ECOA section 704B(b) requires that
financial institutions collect, maintain,
and report to the Bureau certain
information regarding ‘‘any application
to a financial institution for credit.’’ For
covered financial institutions, the
definition of ‘‘application’’ will trigger
data collection and reporting obligations
with respect to covered credit
transactions. However, section 1071
does not expressly define ‘‘application.’’
The Bureau is finalizing § 1002.103
and associated commentary with minor
revisions for clarity and consistency, to
define what is, and is not, a covered
application for purposes of subpart B
pursuant to its authority in ECOA
section 704B(g)(1) to prescribe such
rules and issue such guidance as may be
necessary to carry out, enforce, and
compile data pursuant to section 1071.
Final § 1002.103(a) provides a general
definition of the term ‘‘covered
application,’’ followed by a list of the
circumstances that are not covered
applications in final § 1002.103(b). For
the reasons discussed below, the Bureau
believes that its determinations as to
what does and does not constitute a
covered application for purposes of this
rulemaking constitute reasonable
interpretations of an ‘‘application’’ as
used in section 1071.
103(a) Covered Application
Proposed Rule
The Bureau proposed to define a
covered application in § 1002.103(a) as
an oral or written request for a covered
credit transaction that is made in
accordance with procedures used by a
financial institution for the type of
credit requested. As noted above, the
term ‘‘application’’ is undefined in
section 1071. The Bureau believed its
proposed definition of the term was
reasonable, particularly as it would
align with the similar definition of
‘‘application’’ in existing § 1002.2(f).
The Bureau also proposed commentary
to accompany this definition.
In considering the proposed
definition of a ‘‘covered application,’’
the Bureau believed that incomplete and
withdrawn applications—which would
have generally been captured under
proposed § 1002.103(a)—would be
essential to the purposes of section 1071
as a tool to identify potential
PO 00000
Frm 00058
Fmt 4701
Sfmt 4700
discrimination and to better understand
the credit market. The definition of
‘‘covered application’’ in proposed
§ 1002.103(a), which was similar to the
definition of ‘‘application’’ in existing
§ 1002.2(f), would have also been
familiar to creditors and would have
provided flexibility to accommodate
different application processes.
The Bureau recognized that the
proposed definition of ‘‘covered
application’’ in § 1002.103(a), while
flexible, would have meant that data
collection and reporting may be
triggered at different times for different
financial institutions and different types
of covered credit transactions. While the
proposed definition of ‘‘covered
application’’ would not have provided a
bright-line rule, the Bureau believed the
proposed definition would have been
familiar to financial institutions and
would have provided consistency with
similar definitions found in existing
Regulation B and Regulation C.
As discussed in the NPRM, the
Bureau also considered proposing
several other options for defining a
‘‘covered application.’’ First, the Bureau
considered triggering collection and
reporting based on a ‘‘completed
application,’’ which is defined in
existing § 1002.2(f) as an application in
which the creditor has received ‘‘all the
information that the creditor regularly
obtains and considers’’ in evaluating
similar products. As noted in the
NPRM, the Bureau did not propose to
use the definition of ‘‘completed
application’’ in existing § 1002.2(f) for
its definition of covered application in
subpart B, as doing so would have
excluded incomplete applications and
many withdrawn applications that may
reflect demand for credit or potential
discrimination during the application
process. The Bureau also considered
proposing to define ‘‘covered
application’’ as a set of specific data
points that, if collected, would trigger a
duty to collect and report small business
lending data. As noted in the NPRM, the
Bureau did not propose this approach
for several reasons, including that it
would have introduced a new regulatory
definition of ‘‘application,’’ would have
led to operational changes and
complexities for financial institutions,
and could have led to increased evasion.
Proposed comments 103(a)–1 through
–3 would have provided additional
guidance on identifying what is a
‘‘covered application.’’ Proposed
comments 103(a)–4 through –6 would
have addressed how a financial
institution reports multiple covered
credit transaction requests at one time
or a request for a credit transaction that
results in the origination of multiple
E:\FR\FM\31MYR2.SGM
31MYR2
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
lotter on DSK11XQN23PROD with RULES2
covered credit transactions. Proposed
comment 103(a)–7 would have
addressed how a financial institution
would report applications where there
is a change in whether the applicant is
requesting a covered credit transaction.
The Bureau sought comment on its
proposed definition of a covered
application in § 1002.103(a) and
associated commentary. The Bureau
also sought comment on the advantages
and disadvantages of collecting data on
incomplete or withdrawn applications,
as well as how collection would or
would not further the purposes of
section 1071. In addition, the Bureau
sought comment on reporting of
multiple lines of credit on a single
credit account, including how financial
institutions internally consider multiple
lines of a credit on a single account and
the Bureau’s approach in proposed
comment 103(a)–6.
Comments Received
The Bureau received comments on its
proposed approach to defining a
covered application from a wide range
of lenders, trade associations,
community groups, and a business
advocacy group. The overwhelming
majority of commenters to address the
issue, including most industry
commenters and some community
groups, generally supported the
Bureau’s proposal to define a ‘‘covered
application’’ largely consistent with the
existing Regulation B definition. Several
of these commenters stated that lenders
are familiar with the existing Regulation
B definition and so implementing it
within this rule would minimize the
need for additional training or new
procedures. Commenters also stated that
the proposed definition is a flexible one
that can accommodate the variety of
small business lenders, products, and
processes that exist in the marketplace,
and thus avoids a one-size-fits-all
approach that would be unworkable in
small business lending. Several lenders
and trade associations urged the Bureau
to finalize proposed comment 103(a)–1,
which would have provided that a
financial institution has latitude to
establish its own application process or
procedures, including designating the
type and amount of information it will
require from applicants. Some of these
commenters also stated that the
proposed comment is consistent with
longstanding interpretation of existing
Regulation B and that the flexibility is
critical given the unique nature of
commercial credit applications. A
community bank stated that defining an
application based on a set of specific
data points would be inappropriate for
commercial lending, which is less
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
standardized than consumer mortgage
lending. The bank further noted that
defining an application based on a
standardized set of data points would be
unnecessary so long as each data point
has a ‘‘not applicable’’ or ‘‘not received’’
choice for incomplete applications,
which the commenter emphasized
would be important to capture.
Some community groups and
community-oriented lenders expressed
support for the Bureau’s proposed
definition because it would capture
applicants that do not make it to a
completed application, and therefore
potentially help identify barriers to
credit early in the application process.
These commenters argued that the
proposed definition would further the
purposes of section 1071, including by
identifying potential bias,
discouragement, or other
discrimination. Similarly, some
community-oriented lenders stated that
the proposed definition would strike the
right balance of triggering data
collection and reporting requirements
only after there is an actual request for
credit, but still early enough in the
process to capture most incomplete,
withdrawn, and denied applications.
One community group expressed
concern about the lack of
standardization under the proposed
definition, but ultimately concluded
that the proposed definition makes
sense and any concerns could be allayed
through monitoring. The commenter
expressed understanding for the desire
to follow current lender procedures for
defining an application based on
existing Regulation B, though noted that
how a lender defines an application
should have enough standardization to
generate consistent data and be early
enough in the process to capture
incomplete and withdrawn
applications, which are necessary to
identify discouragement. The
commenter also expressed support for
the idea that peer comparisons may be
a reasonable way to check a financial
institution’s method of defining an
application; for example, by analyzing
whether a financial institution has
abnormally high rates of approval or
low rates of incomplete applications.
A number of industry commenters,
including community banks, credit
unions, and trade associations,
described the small business application
process as informal and consultive.
These commenters explained that the
application process often does not
involve a written application or a
‘‘formal’’ application, can be monthslong, and often involves extensive backand-forth communications between the
lender and the small business, including
PO 00000
Frm 00059
Fmt 4701
Sfmt 4700
35207
in-person meetings, phone calls, texts,
and emails. One commenter noted that
many loans are funded without any
‘‘application,’’ but rather based on the
business’s existing relationship with the
institution and financial information on
file. Some commenters described how
the application process can start
informally from a conversation, a
general inquiry, or as an offshoot to
deposit activity. Commenters explained
that a business will bring in financial
statements, tax returns, business plans,
and other documents, which will be
reviewed by the financial institution in
order to analyze and generate the most
appropriate package to fit the credit
needs of the business. Several banks
stated that business customers will often
‘‘shop around’’ with multiple financial
institutions to get the best terms. Several
commenters stated that small business
lending often involves a lot of ‘‘hand
holding’’ and lender involvement to
reach a point where a formal application
or a particular product and terms can be
considered. Industry commenters also
stated that commercial business
customers are unique and each requires
an individualized approach based on
the characteristics of the business and
the products of interest. Several
commenters also noted that the small
business lending process differs from
mortgage lending, which is highly
regimented and uniform.
A number of community banks and
other industry commenters expressed
concern that the Bureau’s rule
implementing section 1071 would
standardize and formalize the small
business application process (which,
they asserted, would be to its
detriment); they predicted that business
customers would be unhappy with the
more rigid lending structure, and may
avoid seeking credit altogether. These
commenters expressed concern that
small business lending would become
impersonal and ‘‘form centric,’’ and that
it would change the fundamental
relationship between lender and
borrower, including the personalized
attention and advice currently provided
by lenders. Many of these commenters
stated the view that the rule’s data
collection and reporting requirements
would cause them to lose flexibility and
adopt ‘‘check-the-box’’ criteria that is at
odds with how community banks
conduct business. Several commenters
were concerned that at the start of an
inquiry, a lender would need to
implement a written application or
other formalized method to collect the
required data and that by doing so,
conversations will turn into implied
commitments. Commenters also stated
E:\FR\FM\31MYR2.SGM
31MYR2
lotter on DSK11XQN23PROD with RULES2
35208
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
the belief that lenders would implement
a more rigid application process in
order to avoid triggering data collection
and reporting requirements under the
Bureau’s rule. Several other commenters
argued that data collection and
reporting obligations would require
lenders to rebuild their loan application
process and incur additional training
and other costs, would reduce the
availability of credit, and would give
large banks an unfair advantage because
such entities will have an easier time
implementing the requirements of the
Bureau’s rule for online applications.
Most of these commenters’ concerns
were directed at small business lending
data collection and reporting generally,
and not specifically at the proposed
definition of a covered application.
However, a few commenters urged the
Bureau to finalize a more concrete
definition of covered application due to
the concern that a subjective definition
would be difficult for financial
institutions’ employees to implement.
One commenter was also concerned
about how its practices would be
reviewed by the subjective judgment of
examiners. Another commenter
cautioned against reporting of oral
applications, noting that it could lead to
inaccurate data if an answer is misheard
or mistyped.
Some industry commenters, including
trade associations for community banks,
credit unions, and online lenders,
requested the Bureau define a covered
application consistent with existing
Regulation B’s ‘‘completed application’’
definition in existing § 1002.2(f), which
would require reporting only when the
lender has received all the information
that the creditor regularly obtains and
considers in evaluating applications for
the amount and type of credit requested
(i.e., enough information to make a
credit decision). These commenters
argued that triggering data collection
and reporting off an ‘‘oral or written
request’’ would be unrealistic,
unworkable, and too open-ended. One
commenter stated that a mere request is
not something a lender can act or report
on because there is insufficient
information at that point to make the
required reporting. Another commenter
said that lenders need clear guidance on
what events trigger data collection and
the completed application definition
would provide the most uniformity
across products and financial
institutions. Another commenter stated
that using the completed application
definition would avoid collecting data
on incomplete applications, which often
come from ‘‘unengaged’’ applicants.
This commenter also noted that
collecting 1071 data could lead to
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
applicant confusion as to why personal
information is being collected, which
could lead to more incomplete
applications. The commenter further
argued that completed applications are
the most essential data to capture in
small business lending, that there is no
indication Congress intended section
1071 to mirror HMDA or existing
Regulation B, and that discouragement
can be investigated using other 1071
data and existing examination
authorities. Similarly, two industry
commenters opposed requiring
reporting on incomplete or withdrawn
applications, arguing that reporting such
transactions would not serve the
purposes of section 1071, would create
additional operational and regulatory
burden, and that the focus of the
Bureau’s rule should be on declined and
originated applications. Another urged
the Bureau to avoid triggering collection
based on when a credit check is pulled,
noting that financial institutions may
often conduct a soft pull credit check
outside the application process.
In contrast, some community group
commenters argued that the proposed
definition of covered application would
be too narrow, and requested that a
covered application include all
communications where a business
inquires about credit and seeks a credit
decision. In support, the commenters
pointed to research identifying
discrimination in the pre-application
stage. As noted above, other community
group commenters supported the
Bureau’s proposed definition of a
covered application, stressing the need
to capture applications that do not make
it to a completed application.
The Bureau received several
comments on certain aspects of its
proposed commentary to § 1002.103(a).
A community bank and a community
group supported proposed comment
103(a)–4, which would have provided
that if an applicant makes a request for
two or more covered credit transactions
at one time, the financial institution
reports each request for a covered credit
transaction as a separate covered
application. The bank stated that while
the proposed approach would result in
more work for the financial institution,
it would lead to more accurate reporting
(since each request would generate
different reported data) and the
approach would be similar to how data
are reported under Regulation C. The
community group commenter stated
that it would be a reasonable approach
and would accurately reflect the varied
credit needs of applicants. A group of
community group commenters
supported the Bureau’s proposed
approach to require reporting of
PO 00000
Frm 00060
Fmt 4701
Sfmt 4700
separate applications where an
applicant seeks two or more products at
one time, but requested that where the
applicant only seeks one product, but is
not sure about the type of product, it
should only be reported as a single
covered application. These commenters
also noted a concern that the language
in proposed comment 107(a)(5)–2
requiring lenders to maintain reasonable
procedures designed to collect data,
including regarding the credit product
requested, would require the lender to
identify each product that would be
acceptable to the applicant, and if
multiple, report them as separate
covered applications.
In response to the Bureau’s request for
comments as to how a financial
institution should report applications
where there is a change in whether the
request for credit involves a covered
credit transaction, which was addressed
in proposed comment 103(a)–7, the
Bureau received feedback from trade
associations and a business advocacy
group. These commenters opposed
reporting on a transaction in which the
product ultimately pursued is not a
covered credit transaction. They argued
that financial institutions should not be
required to report on non-covered credit
transactions, collecting partial data on a
product that is not a covered transaction
would affect data quality and be of low
value, and doing so would not advance
the purposes of section 1071. Two of the
commenters sought clarification or a
safe harbor providing that if a financial
institution collects data on an
application that the financial institution
anticipates will be covered by the
Bureau’s rule implementing section
1071 at the time of collection, but
ultimately is not covered, the initial
collection does not violate existing
Regulation B. Otherwise, the Bureau did
not receive any additional comments
directly discussing proposed comment
103(a)–7 and limited reporting of noncovered credit products, despite seeking
comment on the advantages and
disadvantages of requiring full or
limited reporting where an applicant
initially seeks a product that is a
covered credit transaction, but
ultimately is offered and accepts a
product that is not reportable.
Although the Bureau did not seek
comment on the issue, a couple
commenters asked how to report on an
application made jointly by multiple
business co-applicants. An agricultural
lender requested that, if an application
is submitted by more than one business,
the financial institution be permitted to
treat all co-applicants as one applicant
when determining whether a borrower
is a ‘‘small business.’’ The commenter
E:\FR\FM\31MYR2.SGM
31MYR2
lotter on DSK11XQN23PROD with RULES2
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
also asked the Bureau to clarify how to
identify whether the application is from
a minority-owned or women-owned
business where one, but not all, coapplicants are minority- and womenowned businesses. Another commenter
requested that the Bureau clarify that
loans jointly made to multiple
businesses, where one or more of the coapplicants may qualify as a small
business under the rule, but are not the
primary business seeking the funding,
are not subject to data collection and
reporting requirements.
Several commenters asked the Bureau
to clarify certain scenarios related to a
covered application, including
clarifying that certain scenarios are not
covered applications. Several industry
commenters were concerned that
language in the NPRM’s preamble—
noting that ECOA section 704B(b)(1)
provides that an ‘‘application’’
triggering data collection and reporting
obligations occurs without regard to
whether such application is received in
person, by mail, by telephone, by
electronic mail or other form of
electronic transmission, or by any other
means—may be interpreted to require a
financial institution to accept an
application through all of these
channels. One commenter asked for
clarification whether a covered
application includes an incomplete
application where the information
provided is insufficient to render a
credit decision by the lender. A trade
association representing online lenders
asked the Bureau to expressly exclude
from the definition of a covered
application the circumstance where a
business populates certain information
on a web page, but does not follow
through with submitting the form to the
financial institution. The commenter
argued that it would be very
burdensome for the financial institution
to capture such circumstances as
reportable transactions and that
attempting to do so would result in
misleading, erroneous, and unhelpful
data. A couple commenters requested
certain additional exclusions from the
definition of covered application,
including for HMDA reporters, cobranded and private label credit cards,
and purchased loans.
overwhelming majority of commenters,
including industry and community
group commenters, supported this
definition. As noted by some
commenters, the definition will be
familiar to creditors, provides flexibility
to accommodate different application
procedures and lending models
(including written and oral
applications), and will capture
incomplete and withdrawn
applications, which are essential data
for identifying potential barriers to
credit, including potential
discrimination. Final § 1002.103(a) will
also align with the similar definition of
‘‘application’’ in existing § 1002.2(f),
which is reasonable given the term
‘‘application’’ is otherwise undefined in
ECOA and section 1071. Finally, the
Bureau believes this approach strikes an
appropriate balance by triggering data
collection and reporting requirements
only after there is a request for credit
(using procedures defined by the
financial institution), but still early
enough in the process to capture most
incomplete, withdrawn, and denied
applications, which are essential data to
the purposes of section 1071.
A number of industry commenters,
particularly smaller institutions that
engage in relationship lending,
described the application process as
informal, high-touch, and involving
extensive back-and-forth. The Bureau
believes the final definition of covered
application can work well within the
heterogeneous and sometimes iterative
context of small business lending.
Indeed, final § 1002.103(a) defines
covered application in a manner that
provides financial institutions flexibility
to define an application based on its
own unique business model. Thus,
while a financial institution must have
some type of trigger or tipping point
within its process when an applicant
has made a request for credit in
accordance with its procedures,
therefore triggering a ‘‘covered
application,’’ financial institutions have
leeway on how precisely to define that
tipping point, provided it occurs in the
early stages of the process before a
financial institution has begun
meaningfully evaluating or
underwriting the request.338 Moreover,
Final Rule
For the reasons set forth herein, the
Bureau is finalizing § 1002.103(a) as
proposed to define a ‘‘covered
application’’ as an oral or written
request for a covered credit transaction
that is made in accordance with
procedures used by a financial
institution for the type of credit
requested. As described above, the
338 The Bureau recognizes that the flexibility
provided in final § 1002.103(a), which defines a
covered application, may result in data collection
and reporting obligations being triggered at different
times for different financial institutions and
different types of covered credit transactions. For
example, for a financial institution that defines an
application under its procedures as the submission
of a standard form either online or in-person, a
‘‘covered application’’ will be triggered when an
applicant submits the form. In contrast, another
financial institution may not use a standard form
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
PO 00000
Frm 00061
Fmt 4701
Sfmt 4700
35209
as noted above, creditors complying
with existing Regulation B should be
familiar with this definition, and have
already incorporated it in some manner
into their processes.339 In response to
industry commenters’ concern that data
collection and reporting under this final
rule will standardize and formalize
small business lending, the Bureau
notes that most of this feedback was not
directed at the proposed definition of a
‘‘covered application,’’ but rather at the
overall data collection and reporting
regime. Indeed, some of the commenters
raising these concerns also expressly
supported the proposed definition of a
covered application. Moreover, in
response to commenters’ general
concerns that data collection and
reporting under this rule will
standardize and formalize small
business lending, the Bureau does not
believe that collection of certain data
points will necessitate that lenders to
fundamentally alter how they conduct
business. Moreover, section 1071 is a
congressional mandate; the Bureau has
sought to implement it in a manner that
furthers the purposes of the statute
while reducing unnecessary burden.
and instead define an application as a request for
credit only when the applicant authorizes the
creditor to pull a credit check on the business and
principal owners to allow the creditor to determine
whether the business, in particular, qualifies for a
particular product. In that circumstance, a ‘‘covered
application’’ will not be triggered until that process
was satisfied. Using the same example, if the
financial institution orally collects certain
information from a prospective applicant (such as
gross annual revenue and business location) and
discusses with the prospective applicant potential
credit product options offered by the financial
institution, no ‘‘covered application’’ will be
triggered until the prospective applicant indicates
that it wants to proceed to apply for credit and
authorizes the financial institution to pull a credit
check. Similarly, if a prospective applicant merely
expresses interest in knowing the types of products
that the creditor offers—not yet focusing on any
particular type of covered credit transaction and not
yet interested in submitting a ‘‘covered
application’’—the interaction also will not be
reportable under this example.
339 The Bureau believes that business creditors
should be familiar with operationalizing this
definition based on their experience providing
adverse action notices under existing Regulation B,
which can be triggered in relation to an incomplete
application. See § 1002.9(a)(1) and (c) (requiring
notice within 30 days after taking adverse action on
an incomplete application or 30 days after receiving
an incomplete application). The Bureau believes
that financial institutions may also be familiar with
Regulation C’s definition of ‘‘application,’’ which
generally aligns with existing § 1002.2(f)’s
definition of the term. See § 1003.2(b) (generally
defining an ‘‘application’’ as ‘‘an oral or written
request for a covered loan that is made in
accordance with procedures used by a financial
institution for the type of credit requested’’); see
also Regulation C comment 2(b)–1 (noting that
Bureau interpretations that appear in the official
commentary to Regulation B are generally
applicable to the definition of application under
Regulation C).
E:\FR\FM\31MYR2.SGM
31MYR2
lotter on DSK11XQN23PROD with RULES2
35210
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
Several commenters had specific
suggestions or concerns regarding the
definition of a covered application.
Regarding several commenters’ concern
that the definition is too subjective, the
Bureau notes that a bright-line
definition would likely impose a more
rigid process on financial institutions
that would be difficult to implement
given the heterogenous nature of small
business lending. Moreover, as noted
above, the definition used in final
§ 1002.103(a) should be familiar to
financial institutions and will provide
consistency with existing Regulation B
and Regulation C. The Bureau is also
not adopting existing Regulation B’s
definition of a ‘‘completed application,’’
as urged by some commenters. Although
the Bureau agrees that a ‘‘completed
application’’ definition would provide
greater uniformity, the definition would
exclude incomplete applications and
most withdrawn applications. The
Bureau believes including such
applications is essential to the purposes
of section 1071, as it may reflect
demand for credit and potential
discrimination early in the application
process. As to the commenters who took
issue with the proposed covered
application definition precisely because
it includes incomplete and withdrawn
applications, the Bureau believes
collecting data on such applications is
likewise essential for the purposes of
section 1071 and may reveal important
trends or information on why small
businesses initially seek credit, but
ultimately do not complete the
application process.
On the other hand, the Bureau does
not believe it would be appropriate to
expand the definition of ‘‘covered
application’’ to include all
communications where a business
inquires about credit and seeks a
decision. Although discrimination may
occur in the pre-application phase, the
Bureau believes that it could be very
difficult as an operational matter for
financial institutions to collect 1071
data whenever a business expresses any
interest in credit, no matter how
preliminary or informal the request, and
that could require reporting of
transactions with missing, unavailable,
or erroneous data. As discussed below
in the section-by-section analysis of
§ 1002.103(b), the Bureau is excluding
inquiries and prequalification requests
from the definition of a covered
application; many of the reasons for
those exclusions are relevant here as
well and thus the Bureau is not
broadening the general definition of a
covered application. In response to a
commenter’s concern about reporting of
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
oral applications, the Bureau notes that
it is the responsibility of the financial
institution to ensure that it accurately
collects and reports required data
pursuant to final § 1002.107, no matter
the method of application. Commenter
requests for certain additional
exclusions from the definition of
covered application, including for
HMDA reporters, co-branded and
private label credit cards, and
purchased loans, are addressed in more
detail in the section-by-section analysis
of § 1002.104 below.
Several commenters asked the Bureau
to clarify certain scenarios related to a
covered application. First, in response
to several industry commenters’
concerns that the language in the
NPRM’s preamble discussing ECOA
section 704B(b)(1) could be interpreted
to require a financial institution to
accept an application through all of
these channels, the Bureau notes that
this was not the intent and that it does
not interpret ECOA section 704B(b)(1)
in that manner. Rather, the Bureau
interprets the statutory language to
mean that data collection and reporting
requirements apply regardless of a
financial institution’s method of
accepting applications. Thus, whatever
the means used by a financial
institution to accept applications (e.g.,
in person, by telephone, by electronic
transmission, etc.), once a covered
application is triggered, the financial
institution has a duty to collect and
report on the application.
Next, a commenter asked whether a
covered application includes an
incomplete application where the
information provided is insufficient to
render a credit decision by the lender.
Assuming the business has requested a
covered credit transaction in accordance
with procedures used by a financial
institution for the type of credit
requested, the financial institution
would be required to collect and report
data, even if there is insufficient
information to render a credit
decision.340 Indeed, as noted above, the
340 Generally, a ‘‘covered application’’ may align
with the information necessary to make a credit
decision or it may be possible to have a ‘‘covered
application’’ before having information necessary to
make a credit decision—it depends on each
financial institution’s own procedures. For
example, suppose a financial institution defines an
application under its procedures as the point when
an applicant, or someone on the applicant’s behalf,
requests credit by filling out certain key pieces of
information on an application form. If nothing else
is required to qualify for credit and the financial
institution’s process is to immediately transmit the
application to underwriting for a decision once the
form is submitted, under the proposed definition of
‘‘covered application,’’ data collection and
reporting obligations would likely be triggered at
the same time there is sufficient information to
PO 00000
Frm 00062
Fmt 4701
Sfmt 4700
Bureau believes capturing incomplete or
withdrawn applications is essential to
the purposes of section 1071.
In response to a trade association’s
request to expressly exclude from the
definition of a covered application the
circumstance where a business
populates certain information on a web
page, but does not follow through with
submitting the form to the financial
institution, the Bureau notes that
reporting of such circumstances
depends on the procedures used by a
financial institution for the type of
credit requested. For example, if a
financial institution’s procedures
require an applicant to submit a paper
or digital form to the financial
institution in order to be considered for
the credit product requested, then there
is no covered application that is
reportable until the business submits
the form to the financial institution. If,
on the other hand, the financial
institution regularly begins evaluating
information about the applicant even if
the form is not ‘‘officially’’ submitted to
the financial institution, then there is
likely a reportable covered application,
even if the applicant has not
‘‘submitted’’ the form. In other words, if
a financial institution offering online
applications does not track or begin to
evaluate applications until the business
presses a ‘‘submit’’ button, the financial
institution would not be required to
begin tracking partial information
inputted online for purposes of this
final rule.
One commenter was concerned that
the proposed definition lacked
standardization, and emphasized the
need for monitoring to ensure that
financial institutions define an
application under their own procedures
in a manner that generates consistent
data and is early enough in the process
to capture incomplete and withdrawn
applications. The Bureau agrees that
review of data, including peer analysis,
is important and may indicate whether
a financial institution collects data in a
manner that appropriately captures
incomplete and withdrawn
applications. For example, instances of
unusually high approval rates or
unusually low rates of incomplete and
withdrawn applications can
preliminarily indicate financial
institutions that may be seeking to
define an ‘‘application’’ in its written
make a credit decision. On the other hand, if the
financial institution requires additional verification
of information and the institution commonly makes
follow-up requests after the applicant has requested
credit and before submitting the loan file to
underwriting, the financial institution would likely
have a ‘‘covered application’’ before it has sufficient
information to make a credit decision.
E:\FR\FM\31MYR2.SGM
31MYR2
lotter on DSK11XQN23PROD with RULES2
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
policies as occurring later in the process
than actually occurs in practice; if a
financial institution has a very high
approval rate because all ‘‘applications’’
have been vetted earlier in the process,
the financial institution’s stated
definition of an application likely does
not reflect its actual practices. Similarly,
where a financial institution has very
few incomplete or withdrawn
applications this may—depending on
the financial institution’s product
offering and business model—be a sign
that the financial institution is
collecting data or defining an
application as occurring after an
applicant has requested credit. While a
financial institution has flexibility to
identify its own procedures for what
constitutes a request for credit, thereby
triggering data collection and reporting
obligations under this final rule, the
Bureau anticipates that in most cases a
covered application will typically occur
before the financial institution
underwrites or evaluates the request for
credit.
The Bureau is finalizing comment
103(a)–1 with minor revisions for
clarity. Final comment 103(a)–1
underscores that a financial institution
has latitude to establish its own
application procedure and to decide the
type and amount of information it will
require from applicants. The Bureau
removed the word ‘‘process’’ (from the
phrase ‘‘process and procedures’’) in
proposed comment 103(a)–1 to align
with the term ‘‘procedures’’ in final
§ 1002.103(a) and in final comment
103(a)–2; the rewording is not intended
to indicate a substantive change. The
Bureau is also finalizing as proposed
comments 103(a)–2 and –3. Final
comment 103(a)–2 explains that the
term ‘‘procedures’’ refers to the actual
practices followed by a financial
institution as well as its stated
application procedures, and provides an
example. Final comment 103(a)–3
provides that the commentary
accompanying existing §§ 1002.2(f) and
1002.9 is generally applicable to the
definition of ‘‘covered application,’’
except as provided otherwise in final
§ 1002.103(b).
In response to certain commenter
questions about the scope of a covered
application, the Bureau is adding new
comment 103(a)–4 to clarify that the
term covered application does not
include solicitations, firm offers of
credit, and other evaluations or offers
initiated by the financial institution
because in these situations, the business
has not made a request for credit, and
provides illustrative examples. New
comment 103(a)–4, including a
summary of comments received relating
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
to the change, is discussed in the
section-by-section analysis of
§ 1002.103(b).
The Bureau is finalizing comment
103(a)–5 (proposed as comment 103(a)–
4) to provide that if an applicant makes
a request for two or more covered credit
transactions at one time, the financial
institution reports each request as a
separate covered application. The
Bureau believes this approach furthers
the purposes of section 1071 by better
capturing demand for credit, including
demand for different covered credit
transactions at the same time. The
Bureau also believes this method of
reporting will lead to higher data
accuracy, as argued by one commenter,
due to the simplicity of the approach.
Finally, the Bureau believes that
concerns about duplicative information
requests will be mitigated by permitting
financial institutions to reuse certain
previously collected data, as set forth in
final § 1002.107(d). In response to a
commenter request, the Bureau is
revising final comment 103(a)–5 to
clarify that if an applicant is only
requesting a single covered credit
transaction, but has not decided on
which particular product, the financial
institution reports the request as a single
covered application. This clarification
resolves a commenter’s concern that a
financial institution will need to report
multiple covered applications if more
than one credit product is acceptable to
the applicant. Final comment 103(a)–5
also provides illustrative examples.
The Bureau is finalizing comments
103(a)–6 and –7 (proposed as comments
103(a)–5 and –6) with minor
adjustments for clarity and consistency.
Final comment 103(a)–6 addresses the
circumstance where an initial request
for a single covered credit transaction
would result in the origination of
multiple covered credit transactions.
Similarly, final comment 103(a)–7
addresses requests for multiple lines of
credit at one time, providing that such
requests are reported based on the
procedures used by the financial
institution for the type of credit account.
The Bureau is adopting new comment
103(a)–8 to address reporting of
duplicate covered applications. Under
new comment 103(a)–8, a financial
institution may treat two or more
duplicate covered applications as a
single covered application for purposes
of subpart B, so long as for purposes of
determining whether to extend credit,
the financial institution would also treat
one or more of the applications as a
duplicate under its procedures. The
Bureau is adding this comment to
respond to commenters’ general
concerns about duplicative reporting
PO 00000
Frm 00063
Fmt 4701
Sfmt 4700
35211
and because the Bureau does not believe
reporting of true duplicates would
further the purposes of section 1071. As
set forth in new comment 103(a)–8,
however, the provision only applies if
the applications are duplicates that a
financial institution would otherwise
treat as such under its own procedures.
The Bureau is finalizing comment
103(a)–9 (proposed as comment 103(a)–
7) with revisions for clarity. Final
comment 103(a)–9 addresses how a
financial institution reports applications
where there is a change in whether the
applicant is requesting a covered credit
transaction. Final comment 103(a)–9
provides that if an applicant initially
requests a product that is not a covered
credit transaction, but prior to final
action taken decides to seek instead a
product that is a covered credit
transaction, the application is a covered
application and must be reported
pursuant to final § 1002.109. However,
if an applicant initially requests a
product that is a covered credit
transaction, but prior to final action
taken decides instead to seek a product
that is not a covered credit transaction,
the application is not a covered
application and thus is not reported.
The Bureau agrees with commenters’
concerns that requiring reporting on
applications where the applicant
ultimately does not seek a covered
credit transaction could lead to data
quality issues, for example, if only
partial data are captured. Although the
Bureau sought comment on whether to
require full or limited reporting in order
to address concerns about potential
steering in these cases, the Bureau did
not receive any specific comments
advocating for either full or limited
reporting. In response to commenter
requests for clarification that a financial
institution does not violate existing
Regulation B if it collects otherwise
prohibited information on a transaction
that ultimately is not a covered
application, the Bureau has revised final
§ 1002.112(c)(4) to provide a safe harbor
for incorrect determination of a covered
credit transaction if, at the time of
collection, the financial institution had
a reasonable basis for believing that the
application was a covered application.
The Bureau has also revised final
comment 103(a)–9 to clarify that once a
financial institution determines there is
a covered application, it shall endeavor
to compile, maintain, and report the
data required under § 1002.107(a) in a
manner that is reasonable under the
circumstances. Final comment 103(a)–9
also discusses reporting if a financial
institution makes a counteroffer for a
product that is not a covered credit
E:\FR\FM\31MYR2.SGM
31MYR2
lotter on DSK11XQN23PROD with RULES2
35212
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
transaction. Finally, the Bureau revised
the language ‘‘during the application
process’’ to ‘‘prior to final action taken’’
in final comment 103(a)–9 to provide
greater clarity on the applicable
timeframe.
The Bureau is adding new comment
103(a)–10 to address reporting in
situations where a covered financial
institution receives a covered
application from multiple businesses
that are not affiliates, as defined in final
§ 1002.102(a). The Bureau is adding this
commentary in response to commenters’
questions about how to report certain
data if there is more than one coapplicant. Final comment 103(a)–10
provides that if a covered financial
institution receives a covered
application from multiple businesses
who are not affiliates, as defined by
final § 1002.102(a), it shall compile,
maintain, and report data pursuant to
final §§ 1002.107 through 1002.109 for
only a single applicant that is a small
business, as defined in final
§ 1002.106(b). A covered financial
institution shall establish consistent
procedures for designating a single
small business for purposes of collecting
and reporting data under subpart B in
situations where there is more than one
small business co-applicant, such as
reporting on the first small business
listed on an application form.
The Bureau considered requiring
reporting data of all co-applicant small
businesses, but doing so could
potentially add significant complexity
and may result in data quality issues.
For example, reporting co-applicants as
separate applications would likely
result in duplicative reporting or special
rules to address how to modify the
reported data to avoid duplication.
Similarly, requiring additional fields to
accommodate reporting of all coapplicants’ information would result in
a significant expansion of the total data
fields reported, adding considerable
complexity and potentially leading to
data quality issues. Given that only two
commenters raised the issue of coapplicants, the Bureau believes that
financial institutions likely do not
frequently encounter applications
involving more than one small business
applicant.
On the other hand, the Bureau is not
requiring reporting of a small business
co-applicant only if it is the primary
business seeking funding, as suggested
by one commenter. The Bureau believes
it may not always be clear who is the
‘‘primary’’ applicant if there are
multiple co-applicants; such a rule
could be used to evade reporting
altogether in these situations. The
Bureau therefore believes that it is
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
reasonable to require data collection and
reporting for a single small business if
there are multiple co-applicants. Final
comment 103(a)–10 provides several
illustrative examples. In addition, new
§ 1002.5(a)(4)(x) permits a creditor to
collect certain demographic information
concerning a co-applicant without
violating existing Regulation B. See also
the section-by-section analysis of
§ 1002.106(b) for a discussion of
calculating gross annual revenue for
purposes of determining small business
status under final § 1002.106(b) if there
are multiple co-applicants.
Lastly, the Bureau is adding new
comment 103(a)–11 to clarify that
refinances and requests for additional
credit amounts on an existing account
are covered applications, as further
discussed in the section-by-section
analysis of § 1002.103(b).
103(b) Circumstances That Are Not
Covered Applications
Proposed Rule
Proposed § 1002.103(b) would have
identified certain circumstances that are
not covered applications—even if they
may otherwise be considered an
application under existing § 1002.2(f).
Specifically, the Bureau proposed that a
covered application would not include
(1) reevaluation, extension, or renewal
requests on an existing business credit
account, unless the request seeks
additional credit amounts; and (2)
inquiries and prequalification requests.
Solicitations and firm offers of credit
would also not have been ‘‘covered
applications’’ under the proposed
definition. Proposed comments 103(b)–
1 through –5 would have provided
additional guidance and examples of
circumstances that do and do not trigger
data collection and reporting for
covered applications.
The Bureau sought comment on
proposed § 1002.103(b) and associated
commentary concerning circumstances
that would not be a covered application.
Solicitations for comment on specific
issues are noted throughout the
discussion below.
Reevaluation, extension, or renewal
requests on an existing business credit
account, unless the request seeks
additional credit amounts. The Bureau
proposed to exclude from the definition
of a ‘‘covered application’’ requests by
borrowers to modify the terms or
duration of an existing extension of
credit, other than requests for additional
credit amounts. The Bureau believed
that requests to modify the terms or
duration of an existing extension of
credit, which occur with high frequency
in the small business lending space,
PO 00000
Frm 00064
Fmt 4701
Sfmt 4700
would have added complexity and
burden for financial institutions, while
potentially providing limited additional
information relevant to the purposes of
section 1071.
However, the Bureau proposed that
reporting would have been required for
requests for additional credit amounts
(such as line increases or new money on
existing facilities). The Bureau believed
that capturing requests for additional
credit amounts would further the
purposes of section 1071, particularly
the community development purpose,
as it would have more accurately
captured demand for credit.
Inquiries and prequalification
requests. The Bureau proposed to
exclude inquiries and prequalification
requests from what constitutes a
‘‘covered application.’’ The Bureau
believed that requiring data collection
for all inquiries and prequalification
requests could create operational
challenges and pose data accuracy
issues, including raising the risk of
missing, unavailable, erroneous, or
duplicative data.
The Bureau also considered whether
to only require reporting of inquiries
and prequalification requests in
situations that would otherwise be
treated as an ‘‘application’’ under
existing Regulation B—i.e., when the
financial institution evaluates
information about the business, decides
to decline the request, and
communicates this to the business.
Ultimately, the logistics of reporting an
inquiry or prequalification request only
in these circumstances (where an
inquiry or prequalification request
becomes an ‘‘application’’ under
existing § 1002.2(f)) could be
operationally challenging for financial
institutions, could lead to data
distortion as only denials would be
captured, and could cause unintended
market effects.
On the other hand, potential
discrimination may occur in these early
interactions with a financial institution.
In particular, the Bureau was concerned
about excluding data on inquiries and
prequalification requests when the
financial institution evaluates
information about a business and
declines the request, as such data may
be useful for identifying potential
discouragement of or discrimination
against applicants or prospective
applicants.
Ultimately, however, the Bureau
believed it was appropriate to interpret
‘‘application’’ as used in section 1071 to
exclude inquiries and prequalification
requests given the considerations
identified above, including the timing
and often informal nature of such
E:\FR\FM\31MYR2.SGM
31MYR2
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
interactions, the operational challenges
of implementing such a definition, and
related concerns about the reliability of
the data.
The Bureau sought comment on a
number of issues in connection with the
reporting of inquiries and
prequalification requests. For example,
the Bureau sought comment on whether
instead to define a ‘‘covered
application,’’ consistent with existing
Regulation B, to include inquiries or
prequalification requests where the
financial institution evaluates
information about the business, decides
to decline the request, and
communicates this to the business.
Related to this alternative approach, the
Bureau further sought comment on
whether additional data fields would be
necessary in order to distinguish
prequalification requests and inquiries
from other reported applications. In
addition, if the Bureau were to require
reporting of declined inquiries or
prequalification requests, the Bureau
sought comment on whether financial
institutions would want the option to
report all prequalification requests and
inquiries, to allow for a comparison
with denials.
Solicitations, firm offers of credit, and
other evaluations or offers initiated by
the financial institution. Proposed
comment 103(b)–4 would have clarified
that the term covered application does
not include solicitations and firm offers
of credit. The Bureau explained that like
other reviews or evaluations initiated by
the financial institution, these
communications do not involve an
applicant requesting credit, and so
would not be ‘‘covered applications.’’
Excluding solicitations and firm offers
of credit would also be consistent with
the language of ECOA section
704B(b)(1), which expressly
contemplates that an application could
arise in response to a solicitation by a
financial institution, though the text is
silent on solicitations without any
applicant response. Thus, consistent
with the statutory language, the Bureau
proposed that a solicitation or firm offer
of credit could become a ‘‘covered
application’’ under the proposed
definition if an applicant responds to
the solicitation or offer by requesting a
covered credit transaction.
lotter on DSK11XQN23PROD with RULES2
Comments Received
The Bureau received comments on its
proposal to identify certain
circumstances that are not covered
applications, even if they otherwise
would have been considered an
application under existing § 1002.2(f),
from a wide range of lenders, trade
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
associations, community groups, and a
business advocacy group.
Some commenters, including several
lenders and trade associations,
expressly supported all the
clarifications of circumstances that are
not reportable in proposed
§ 1002.103(b). One noted that the
proposed exclusions would avoid
duplicative steps and keep the data
collection focused on its core purposes.
Other commenters stated that the
proposed exclusions were appropriate
because they would not provide useful
data and that the proposal would help
ease financial institutions’ transition to
data collection. Comments on particular
aspects of proposed § 1002.103(b) are
discussed below.
Reevaluation, extension, or renewal
requests on an existing business credit
account, unless the request seeks
additional credit amounts. Many
industry commenters supported the
Bureau’s proposed exclusion of
reevaluations, extensions, or renewal
requests on an existing business credit
account. However, industry commenters
largely urged the Bureau to exclude
requests for additional credit amounts
on existing accounts. These commenters
argued that reporting line increases
would add unnecessary complexity and
time to an otherwise streamlined
process that occurs with high frequency,
in response to rapid changes to business
conditions, and is typically automated,
which they said further lowers any risk
of discrimination. These commenters
argued that data collection for line
increases would hurt small businesses
by introducing hurdles in transactions
where time is of the essence, and might
discourage businesses from seeking line
increases or creditors from offering
them. Commenters also noted
differences in how credit line increases
are underwritten compared to other
business credit: the process typically
does not involve an application or other
documentation, may involve limited
underwriting, and any analysis
performed is usually focused on the
business’s past performance and
relationship with the financial
institution. In addition, commenters
expressed concern that including line
increases would distort the data (for
example, by ‘‘double reporting’’
accounts or because of the unique
nature of credit line increases) or would
provide data of limited value. A couple
commenters emphasized the potential
compliance difficulties for financial
institutions, noting that excluding line
increases would be simpler and avoid
the need for financial institutions to
determine who initiated a line increase.
A trade association raised the additional
PO 00000
Frm 00065
Fmt 4701
Sfmt 4700
35213
concern that reporting of credit line
increases and other requests for
additional credit amounts will inflate
the number of originations counted for
purposes of determining whether an
institution is a covered financial
institution. In support of excluding
modifications more generally, one
commenter stated that modifications are
not explicitly covered by other
consumer financial laws and
regulations, such as HMDA, the Real
Estate Settlement Procedures Act of
1974 (RESPA), and Regulation Z.
Although opposed to the reporting of
line increases, several commenters
urged that, to the extent such
transactions are reportable, the Bureau
should mitigate the burden on financial
institutions by (1) exempting any
existing account from data collection
under the Bureau’s rule; and (2)
permitting lenders to rely on prior
responses regardless of when provided,
unless there is a reason to believe the
data are inaccurate. In support of the
first proposal, these commenters argued
that existing accounts may need
challenging technology build-outs to
integrate the rule’s data collection
requirements and existing clients may
not be used to the collection process.
Most community groups to comment
on this issue generally requested that all
such circumstances (reevaluations,
extensions, renewals), as well as
refinances, be treated as reportable
applications. These commenters argued
that there should be a reportable
application whenever a business
communicates an interest in obtaining
credit and has requested lender action,
or if the lender takes action on the
request, such as pulling a credit report,
the business’s tax information, or
obtaining other data that can be used for
underwriting—particularly if the
financial institution’s actions might
negatively affect the business (for
example, by lowering their credit score).
A few commenters specifically focused
on renewals and extensions, urging the
Bureau to require reporting of these
transactions, and to separate such
transactions in the data from new
originations. These commenters argued
that renewals and extensions are an
important source of credit for businesses
and not reporting such circumstances
would create a disconnect with
Community Reinvestment Act (CRA)
reporting. One commenter urged the
Bureau to collect verbal and written
agricultural loan modification or
restructuring requests made to the Farm
Service Agency, arguing that such
requests constitute applications under
existing Regulation B, highlighting
concerns about discrimination in loan
E:\FR\FM\31MYR2.SGM
31MYR2
lotter on DSK11XQN23PROD with RULES2
35214
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
servicing and the detrimental effects on
businesses when servicing applications
are not granted, including default,
acceleration, and foreclosures. Some
commenters further argued that lenderinitiated renewals should also be
captured, given the detrimental effect
they may have on a business that is
‘‘denied’’ credit or experiences a
reduction in access to credit.
Several commenters requested
clarification on aspects of the Bureau’s
proposed approach to reevaluation,
extension, or renewal requests. A
community bank was uncertain what
dates to report under § 1002.107(a)(2)
and (9) (application date and action
taken date) for requests for additional
credit on existing accounts, and was
concerned that if the dates changed
from the initial origination, it could be
construed as a data misrepresentation.
Several other commenters inquired
whether a transaction is a reportable
covered application if a new note is
executed as part of a request to
consolidate existing credit amounts
under the same terms or as part of a
periodic review extending the credit
under the same terms. A sales-based
financing company explained that its
customers often request funding over
time, and asserted that each new request
for credit should be reportable.
Inquiries and prequalification
requests. The industry commenters to
weigh in on inquiries and
prequalification requests, including
several banks, a CDFI lender, trade
associations, and a business advocacy
group, overwhelmingly supported the
Bureau’s proposal to exclude inquiries
and prequalification requests.
Commenters argued that including
inquiries and prequalification requests
would be operationally difficult given
the high volume of such requests and
because the interactions typically occur
before the financial institution has the
infrastructure in place to track requests
for credit. They also argued that
including such interactions could be
misleading and lead to data accuracy
issues, given the informal nature of such
requests and because many such
inquiries are subsequently abandoned or
otherwise left incomplete. A business
advocacy group also noted concerns
about duplicative reporting of inquiries
and prequalification requests if the
business ultimately submits a credit
application. A group of trade
associations for insurance premium
finance lenders argued that including
inquiries and prequalification requests
would be unworkable for their lenders,
who are often not aware of a prospective
applicant’s interest in credit until they
receive an agreement from the
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
applicable insurance agent or broker; as
a result, such financial institutions
would be unaware of any inquiries or
prequalification requests. Another
commenter argued that reporting such
transactions would effectively punish
borrowers for inquiring about
qualification requirements, products,
and rates. Finally, one commenter stated
that each financial institution should be
permitted to define what constitutes an
application, including any exclusions.
Although industry commenters were
generally in favor of the exclusion, a
number of industry commenters stated
that the line between inquiries or
prequalification requests and covered
applications should be sufficiently clear
to avoid uncertainty during
implementation, and asked the Bureau
provide examples, in commentary to the
rule, to differentiate these scenarios.
Conversely, a number of commenters,
including a lender and community
groups, urged the Bureau to require
reporting on all or some inquiries and
prequalification requests. Citing a study
identifying the prevalence of
discrimination in the pre-application
phase,341 commenters argued that the
definition of covered application must
be broad enough to capture preapplication phase discrimination.
Several commenters requested that all
communications where a business
inquires about credit and seeks a credit
decision should be reportable; another
commenter urged reporting whenever
the financial institution pulls a credit
report or takes other action to begin
underwriting. Several other commenters
suggested that the Bureau align with
existing Regulation B’s treatment of
prequalifications by treating denied
inquiries and prequalifications as
reportable applications.342 One
community group emphasized the
importance of having online
applications reported, including online
prequalification requests in particular.
The commenter argued that the absence
of such data has been detrimental in the
HMDA context, it creates an imbalance
between online and traditional lenders,
and the burden of reporting would be
low as lenders are already required to
capture such transactions for purposes
of providing adverse action notices.
341 Nat’l Cmty. Reinvestment Coal.,
Disinvestment, Discouragement and Inequity in
Small Business Lending (Sept. 2019), https://
ncrc.org/wp-content/uploads/2019/09/NCRC-SmallBusiness-Research-FINAL.pdf.
342 Existing comment 2(f)–3 provides that a
creditor treats an inquiry or a prequalification
request as an application if it evaluates information
about the consumer, decides to decline the request,
and communicates this to the consumer.
PO 00000
Frm 00066
Fmt 4701
Sfmt 4700
Although the Bureau sought comment
on whether, alternatively, to define a
‘‘covered application’’ consistent with
Regulation C—which does not require a
financial institution to report
prequalification requests and does not
address reporting of inquiries more
generally—the Bureau did not receive
any comments directly on this point.
Similarly, the Bureau did not receive
any comments directly responding to its
request for comment on the frequency
with which financial institutions accept
prequalification requests and what data
are collected in connection with such
prequalification requests, as well as
potential effects on the market if some
or all prequalification requests were
reportable under section 1071. In
addition, the Bureau did not receive any
comments in response to its request for
feedback on whether assumptions 343
are used in the small business lending
context and whether reporting of
assumptions for small business lending
would further the purposes of section
1071.
Solicitations, firm offers of credit, and
other evaluations or offers initiated by
the financial institution. A number of
industry commenters urged the Bureau
to exclude ‘‘preapprovals,’’ which the
commenters described as credit offered
or originated by the financial institution
without an initiating application from
the business (including offers for a
different product or offers to extend
additional credit amounts). One of the
commenters was particularly concerned
about lender-initiated offers based on
data collected or acquired by the
financial institution about the small
business; for example, a financial
institution that uses deposit account
data to evaluate a business for credit
card offers. The commenter argued that
in these circumstances, the business has
not been ‘‘denied’’ credit because it
never applied for credit; similarly, the
commenter argued, accepted offers also
should not be reported because there is
no initiating application from the
business. The commenter further argued
that reporting of originated offers
initiated by the financial institution
would skew the data, as it would only
reflect approvals. Reporting of ‘‘denied’’
offers, argued the commenter, would be
infeasible, create confusion for the
customer, and likely lead lenders to
discontinue extending such offers
altogether. Several other industry
commenters similarly urged the Bureau
to exclude ‘‘preapprovals,’’ though they
343 Regulation C requires the reporting of
assumptions for HMDA. See Regulation C comment
2(j)–5 (discussing when assumptions should be
reported as home purchase loans).
E:\FR\FM\31MYR2.SGM
31MYR2
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
lotter on DSK11XQN23PROD with RULES2
did not explain what precisely they
meant by the term. One commenter
argued that while preapprovals are
clearly articulated in Regulation C,
‘‘preapprovals’’ do not exist in the small
business lending space.
Final Rule
For the reasons set forth herein, the
Bureau is finalizing § 1002.103(b) as
proposed to identify certain
circumstances that are not covered
applications, even if they otherwise
would have been considered an
application under existing § 1002.2(f).
Specifically, final § 1002.103(b)
provides that a covered application does
not include (1) reevaluation, extension,
or renewal requests on an existing
business credit account, unless the
request seeks additional credit amounts;
and (2) inquiries and prequalification
requests. The Bureau is finalizing
comments 103(b)–1 through –4 with
minor revisions for clarity and
consistency, to provide additional
guidance and examples of
circumstances that do and do not trigger
data collection and reporting under the
definition of a covered application. The
Bureau is finalizing comment 103(b)–5,
which discusses inquiries and
prequalification requests, to provide
additional discussion and examples
distinguishing a covered application
from an inquiry or prequalification
request. As discussed in the section-bysection analysis of § 1002.103(a) above,
the Bureau is also adding new comment
103(a)–4 to clarify that solicitations,
firm offers of credit, or other evaluations
initiated by the financial institution are
not a covered application; however, if
the business seeks to obtain the credit
offered, the business’s request
constitutes a covered application.
Reevaluation, extension, or renewal
requests on an existing business credit
account, unless the request seeks
additional credit amounts. Pursuant to
final § 1002.103(b)(1), the Bureau is
excluding reevaluation, extension, or
renewal requests on an existing business
credit account, unless the request seeks
additional credit amounts, from the
definition of a covered application. The
Bureau believes that requests to modify
the terms or duration of an existing
extension of credit—such as extensions
on the duration of a credit line or
changes to a guarantor requirement—
occur with high frequency in the small
business lending space. If the Bureau
were to require reporting of such
circumstances, the Bureau believes it
would add complexity for reporting
financial institutions while, as some
commenters have noted, potentially
providing limited additional
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
information relevant to the purposes of
section 1071. Moreover, the Bureau
believes that broadly including requests
to modify the terms or duration of
existing extensions of credit might affect
data quality absent additional flags to
distinguish the transactions from new
originations, as well as to identify the
particular nature of the changes. The
Bureau further notes that Regulation C
takes a similar approach by excluding
reporting of loan modifications.344
Although some commenters argued
that such transactions should be
reported because they would provide a
better understanding on the availability
of credit, the Bureau believes such
benefits would be modest, particularly
absent additional data concerning how
the modified credit request differs from
the original request, which would
require the collection of a number of
additional data points. Similarly,
although one commenter urged the
Bureau to collect verbal and written
agricultural loan modification or
restructuring requests made to the Farm
Service Agency, as discussed directly
above, the Bureau believes expanding
data collection and reporting
requirements to all modification
requests (except requests for additional
credit amounts) would add significant
complexity for lenders, could be
duplicative, and may provide limited
benefits without knowing the precise
terms changed in the modification
request. Nor does the Bureau believe
that the definition of covered
application should be expanded to
encompass any expression of interest
from a business to obtain credit or
action by the financial institution
towards underwriting; as noted above in
the section-by-section analysis of
§ 1002.103(a) above, triggering data
collection and reporting obligations too
early could add significant complexity
and affect data quality.
The Bureau believes that requiring
reporting of requests for additional
credit amounts (such as line increases or
new money on existing facilities) is
appropriate. Capturing requests for
additional credit amounts directly
furthers the purposes of section 1071,
particularly the business and
community development purpose, as it
will more accurately capture demand
for credit. Although industry
commenters opposed reporting on new
credit amounts due to what they
344 See Regulation C comment 2(d)–2. Although
CRA regulations currently require the reporting of
renewals, the recent proposed revisions to the CRA
rule would instead use 1071 data once available to
satisfy small business loan and small farm loan data
collection and reporting requirements. 87 FR 33884,
33997–98 (June 3, 2022).
PO 00000
Frm 00067
Fmt 4701
Sfmt 4700
35215
described as the streamlined, fast-paced
nature of such reviews, the Bureau
believes those factors do not outweigh
the benefits of having these data
collected and reported. Moreover, the
Bureau does not believe that collecting
data on such transactions will be so
time consuming or difficult that it will
dissuade small businesses from seeking
the additional credit they need,
particularly in light of final
§ 1002.107(d), which permits financial
institutions to reuse applicant-provided
data in certain circumstances. Collecting
data on requests for additional credit
amounts will assist in fair lending
testing and provide additional insight
into small business credit trends and
availability, furthering the purposes of
section 1071, even if—as some
commenters suggested—line increases
are often underwritten differently than
new requests for credit.
Regarding commenters’ concerns
about duplicative reporting, the Bureau
notes that pursuant to final
§ 1002.107(a)(7) and (8), the financial
institution only reports the additional
credit amount sought (and approved or
originated, as applicable)—not the
entire credit amount extended—
therefore avoiding duplicative reporting.
Moreover, the fact that a request is for
a line increase will be reflected in the
reporting of credit purpose pursuant to
final § 1002.107(a)(6). Thus, unlike
renewals or modifications more
generally, which may occur for a variety
of reasons, requests for additional credit
amounts and the amounts requested
will be clearly identifiable in the data.
The Bureau also believes that
commenters’ concerns about the time
and difficulty associated with collecting
data are further mitigated by final
§ 1002.107(d), which permits a financial
institution to reuse certain data points
under certain circumstances. In
response to a commenter’s concern that
reporting of credit line increases and
other requests for additional credit
amounts will inflate the number of
originations counted for purposes of
determining whether an institution is a
covered financial institution, the Bureau
notes that new comment 105(b)–4
clarifies that requests of additional
credit amounts on an existing account
are not counted as originations for the
purpose of determining whether a
financial institution is a covered
financial institution pursuant to
§ 1002.105(b).
The Bureau is also providing
specialized rules for the reporting of
line increases, as suggested by several
commenters. One suggested strategy—
exempting accounts that are in place
before this final rule goes into effect—
E:\FR\FM\31MYR2.SGM
31MYR2
35216
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
lotter on DSK11XQN23PROD with RULES2
could significantly reduce reportable
transactions, potentially for years into
the future.345 Moreover, under the tiered
implementation period set forth in final
§ 1002.114(b), the Bureau believes that
financial institutions (and their
customers) will have adequate time to
adjust to reporting. Similarly, in
response to a different commenter’s
question about reporting requests for
additional credit amounts, the Bureau
notes that if there is an application for
an additional credit amount on a
covered credit transaction, a financial
institution must collect data pursuant to
this final rule even if the existing
account was opened prior to the
applicable compliance date.
The Bureau is also not adopting the
commenters’ second suggestion—to
indefinitely allow financial institutions
to rely on prior applicant responses—as
the commenters provide no reason why
reused data are more trustworthy in the
context of requests for additional credit
amounts, compared to other existing
customers’ requests for new credit.
However, pursuant to final
§ 1002.107(d), financial institutions may
reuse most applicant-provided data, so
long as there is no reason to believe the
data are inaccurate, for up to 36 months.
Although not specific to requests for
additional credit amounts, this
provision may ease some of the
commenters’ concerns.
In response to comments, mainly from
community groups, regarding the
importance of having refinance
transactions reported, the Bureau is
revising comment 103(b)–2 to make
clear that an applicant’s request to
refinance, which occurs when an
existing obligation is satisfied and
replaced by a new obligation
undertaken by the same borrower, is
reportable. The Bureau agrees with
commenters that refinance transactions
should be covered applications; they
legally constitute a new credit
obligation, and so are typically included
within regulatory schemes governing
originations.346 Indeed, as one
345 Although information on average business
credit card account age is not publicly available,
credit card accounts typically have no expiration
date and so may remain open indefinitely. Thus,
exempting such accounts could create blind spots
in the data for potentially years, or even decades,
into the future.
346 See, e.g., Fed. Fin. Insts. Examination Council,
A guide to CRA Data Collection and Reporting, at
12 (2015), https://www.ffiec.gov/cra/pdf/2015_
CRA_Guide.pdf (stating that an institution should
collect information about small business and small
farm loans that it refinances or renews as loan
originations). Regulation C § 1003.4(a)(3) (requiring
reporting of whether the covered loan is a
refinance); Regulation Z § 1026.20(a) (‘‘A
refinancing occurs when an existing obligation that
was subject to this subpart is satisfied and replaced
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
commenter correctly noted, the Bureau’s
inclusion of refinancing categories for
the credit purpose data point (in
proposed comment 107(a)(6)–1) in the
proposed rule shows that the Bureau
intended for refinances to be reportable
transactions.
Several other commenters also
requested clarification on aspects of the
Bureau’s proposed approach to
reevaluation, extension, or renewal
requests. In response to a community
bank’s questions regarding what dates to
report under § 1002.107(a)(2) and (9)
(application date and action taken date)
for requests for additional credit on
existing accounts, the Bureau notes the
dates should be based on the new
request for credit. Because a request for
additional credit amounts is considered
a separate covered application pursuant
to final § 1002.103(a), all data reported,
including applicable dates, should be in
reference to the new request for credit,
and not the initial origination. Several
other commenters inquired whether a
transaction is a reportable covered
application if a new note is executed as
part of a request to consolidate existing
credit amounts under the same terms or
as part of a periodic review extending
the credit under the same terms. If an
existing obligation is satisfied by a new
credit obligation, as determined by
contract and State law, it would
generally be reportable as a covered
application (assuming the other
conditions of a covered application are
met). Although in certain circumstances
this may require reporting of credit
amounts previously outstanding under a
different credit obligation with the same
borrower and with similar or identical
terms, the Bureau believes that seeking
to exempt these fact-specific
circumstances would add considerable
complexity to the rule and could
undermine data quality. The Bureau
generally agrees with the assertion that
each new request for credit that is
separately evaluated should be
reportable (excluding counteroffers,
pursuant to final comment 107(a)(9)–2).
If a financial institution evaluates each
new request for credit, then each of
those instances should be reported as
separate covered applications for the
amount advanced. For example, if a
small business makes several requests
for advances from a merchant cash
advance provider, each of which is
evaluated by the provider, each of those
requests will typically constitute a
separate covered application. In
contrast, if a financial institution
extends a line of credit up to a specified
amount, then any request drawn against
the line within that established limit is
authorized and would not be a separate
covered application. See also existing
§ 1002.2(q), which defines the term to
‘‘extend credit’’ or ‘‘extension of credit.’’
Inquiries and prequalification
requests. As the Bureau explained in the
NPRM, existing Regulation B recognizes
that before a consumer or business
requests credit in accordance with the
procedures used by a creditor for the
type of credit requested, a creditor may
provide a prospective applicant with
information about credit terms.
Generally, an inquiry occurs when a
prospective applicant consumer or
business requests information about
credit terms offered by a creditor; a
prequalification request generally refers
to a request by a consumer or business
for a preliminary determination on
whether the prospective applicant
would likely qualify for credit under a
creditor’s standards or for what
amount.347 Under existing Regulation B
comments 2(f)–3 and 9–5, an inquiry or
prequalification request may become an
‘‘application’’ if the creditor evaluates
information about the consumer or
business, decides to decline the request,
and communicates this to the consumer
or business; otherwise, such inquiries
and prequalification requests are
generally not considered applications
under existing Regulation B. As
explained in existing comment 2(f)–3,
whether the inquiry or prequalification
request becomes an application depends
on how the creditor responds to the
consumer or business, not on what the
consumer or business says or asks.
Finally, Regulation C excludes all
prequalification requests from HMDA
reporting, even if the prequalification
request constitutes an application under
existing Regulation B.348
Pursuant to final § 1002.103(b)(2), a
‘‘covered application’’ does not include
inquiries and prequalification requests,
even in circumstances where the
inquiry or prequalification request may
constitute an ‘‘application’’ under
existing § 1002.2(f). The Bureau agrees
with commenters who stated that
reporting inquiries or prequalification
requests would be extremely
operationally difficult given the volume
of such requests and because such
requests typically occur very early in
the process, making it difficult to obtain
or track applicant-provided data. There
could be data quality issues given the
sometimes-informal nature of such
by a new obligation undertaken by the same
consumer. A refinancing is a new transaction
requiring new disclosures to the consumer. . . .’’).
347 See Regulation C comment 2(b)–2 (describing
prequalification requests).
348 See id.
PO 00000
Frm 00068
Fmt 4701
Sfmt 4700
E:\FR\FM\31MYR2.SGM
31MYR2
lotter on DSK11XQN23PROD with RULES2
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
requests, which could raise the risk of
missing, unavailable, or erroneous data.
As noted by one commenter, reporting
inquiries and prequalification requests
could also be duplicative if the
applicant subsequently applies for
credit in accordance with the
procedures designated by the financial
institution; the Bureau would
potentially need to create a separate
data field or flag to distinguish such
requests. Requiring reporting of such
interactions could also lead financial
institutions to pull back on offering
prequalification reviews or engaging
with prospective applicants, which
could inhibit prospective applicants
from shopping around for the best
terms. As discussed in the section-bysection analysis of § 1002.103(a) above,
small depository institutions have
expressed concern that this rule will
overly formalize small business lending
and inhibit relationship lending. Given
these concerns, the Bureau is not
expanding the definition of a covered
application to include pre-application
conduct, such as every time a business
inquires about credit or if a financial
institution pulls information about the
business, as urged by some community
groups.
The Bureau also is not requiring, as
suggested by some commenters,
reporting of inquiries and
prequalification requests only in
situations that would otherwise be
treated as an ‘‘application’’ under
existing Regulation B—i.e., when the
financial institution evaluates
information about the business, decides
to decline the request, and
communicates this to the business. The
logistics of reporting an inquiry or
prequalification request only in these
circumstances could be operationally
challenging for financial institutions
and could lead to data distortion in a
manner inconsistent with the statutory
purposes of section 1071, as only
denials would be captured. In this case,
a financial institution may prefer to
report all inquiries and prequalification
requests, which could lead to some of
the challenges identified above.
Moreover, a financial institution will
not know ex ante whether a
prequalification will result in the
financial institution notifying the
business it is unlikely to qualify, and so
the financial institution would likely
need to collect 1071 data at the
beginning of the interaction regardless.
Although the Bureau sought comment
about its concerns related to the
reporting of only denials, no
commenters specifically addressed this
issue.
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
As noted above, one commenter
emphasized the importance of having
online applications reported, including
online prequalification requests in
particular, arguing that the absence of
reporting would lead to a lack of data
and an imbalance among lenders. The
Bureau notes, however, that the final
rule does not exclude online
applications (nor did the proposal).
While prequalification requests are
excluded for the reasons discussed
above, that exclusion is not limited to a
particular channel. However, to the
extent an online questionnaire is truly a
voluntary tool for businesses to shop
around for potential terms, and not an
application under the procedures
established by the financial institution,
the Bureau believes such inquiries
should be excluded for the reasons
described above.
Of course, requests for credit that
meet the definition of ‘‘covered
application’’ are reportable, even if the
application was preceded by an inquiry
or prequalification request. For
example, if a business initially seeks
information about potential credit
offerings, the financial institution
responds, and then the business submits
an application for a covered credit
transaction, the application is
reportable. If, on the other hand, the
business asks about potential credit
offerings, but then chooses not to
request credit, there is no covered
application.
In response to commenters’ request to
provide further examples, in
commentary to the rule, to differentiate
inquiries or prequalification requests
and covered applications, the Bureau
has added to comment 103(b)–5
additional illustrative examples.
The Bureau has also made minor
revisions to comment 103(b)–4 for
clarity and consistency.
In sum, the Bureau believes it is
appropriate to interpret ‘‘application’’ as
used in section 1071 to exclude
inquiries and prequalification requests
given the considerations identified
above, including the timing and often
informal nature of such interactions, the
operational challenges of implementing
such a definition, and related concerns
about the reliability of the data.
However, the Bureau does share
commenters’ concerns about
discrimination that may occur in the
pre-application phase. As discussed
above, the Bureau believes it is
important for regulators and other
enforcers to review data collected and
reported pursuant to section 1071 to
preliminarily identify where financial
institutions might not be appropriately
defining an application, and for
PO 00000
Frm 00069
Fmt 4701
Sfmt 4700
35217
financial institutions to self-monitor for
the same. For example, as discussed
above, very high approval rates or very
low rates of incomplete or withdrawn
applications may be a preliminary
indication that the financial institution
is evading its obligations, for example,
by collecting 1071 data late in the
application process. Similarly, such
rates may also suggest that the financial
institution has a regular practice of
decisioning requests for credit through
‘‘inquiries’’ or ‘‘prequalification
requests’’; if such reviews are regularly
conducted and effectively function as a
prescreening tool for the financial
institution, they should be reported as a
‘‘covered application.’’ 349
The Bureau believes it is important
for regulators and other enforcers to also
carefully review the data for indicia of
potential illegal discouragement in the
pre-application stage, and for financial
institutions to self-monitor for the same.
For example, analyzing the rates of
applications from small businesses
within majority-minority
neighborhoods, as compared to a
financial institution’s peers, may be
useful to identify potential
discrimination. Finally, the Bureau
notes that inquiries and prequalification
requests where the institution evaluates
information about the consumer or
business, declines the request, and
communicates it to the business or
consumer, are ‘‘applications’’ under
existing Regulation B, and are thus
subject to its requirements regarding
‘‘applications,’’ including its adverse
action notification requirements and
nondiscrimination provisions. As stated
in final comment 103(b)–1, in no way
are the exclusions in final § 1002.103(b)
intended to repeal, abrogate, annul,
impair, change, or interfere with the
scope of the term application in existing
§ 1002.2(f) as applicable to existing
Regulation B.
Solicitations, firm offers of credit, and
other evaluations or offers initiated by
the financial institution. The Bureau is
adding new comment 103(a)–4 to clarify
that the term covered application does
not include solicitations, firm offers of
credit, and other evaluations or offers
initiated by the financial institution
because the business has not made a
request for credit, and to provide
illustrative examples. The Bureau is
adding this comment in response to
comments from industry urging the
Bureau to exclude ‘‘preapprovals,’’
which the commenters described as
credit offered by the financial
institution without an initiating
application from the business. The
349 See
E:\FR\FM\31MYR2.SGM
also final comment 103(b)–5.
31MYR2
lotter on DSK11XQN23PROD with RULES2
35218
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
Bureau agrees with commenters who
urged that solicitations, reviews, or
evaluations initiated by the financial
institution should not, on their own, be
considered ‘‘covered applications’’
because the communications do not
involve an applicant requesting credit.
Excluding solicitations and firm offers
of credit is also consistent with the
language of ECOA section 704B(b)(1),
which expressly contemplates that an
application in response to a solicitation
by a financial institution could be an
application under section 1071, but the
text is silent on solicitations without
any applicant response.
The Bureau does not agree, however,
that such offers or evaluations should
not be reported even where the
applicant responds to such a request
and seeks the credit offered, as
suggested by one commenter. Once the
applicant responds affirmatively to the
solicitation indicating that it wishes to
proceed, there is a request for credit
from the applicant; there is no
requirement in the final definition of a
covered application that the applicant
be the initiating entity, only that the
applicant make an oral or written
request for a covered credit transaction
in accordance with procedures used by
a financial institution for the type of
credit requested. Capturing such
requests would also implement the
language of ECOA section 704B(b)(1),
which provides that data collection and
reporting is required ‘‘whether or not
such application is in response to a
solicitation by the financial institution.’’
The commenter also argued that
reporting on accepted solicitations or
offers would skew the data as it would
only include accepted offers. The
Bureau understands that this may result
in some data skew, but believes this
outcome is preferrable to having no data
at all on applicant requests for credit in
response to a solicitation. Thus,
solicitations, firm offers of credit, or
other evaluations or offers initiated by
the financial institution for a covered
credit transaction may become a
‘‘covered application’’ if an applicant
responds to the solicitation or offer by
requesting the offered credit. However,
if a financial institution unilaterally—
with no request from the business—
increases a credit line or provides some
other type of credit to the business, it
would not be considered a covered
application because, similar to a mere
solicitation, the transaction does not
involve a request for credit.
Several commenters also asked the
Bureau to provide that ‘‘preapprovals’’
are not covered applications. As noted
above, to the extent the commenters are
referring to evaluations or offers
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
initiated by the financial institution
alone, such events are not covered
applications unless the applicant
affirmatively responds, wishing to
proceed. However, a preapproval as
described in existing comment 2(f)–5.i
is an example of a covered application.
Under that comment, a preapproval
occurs when a creditor reviews a
request under a program in which the
creditor, after a comprehensive analysis
of an applicant’s creditworthiness,
issues a written commitment valid for a
designated period of time to extend a
loan up to a specified amount. If a
creditor’s program does not provide for
giving written commitments, requests
for preapprovals are treated as
prequalification requests.
Section 1002.104 Covered Credit
Transactions and Excluded
Transactions
104(a) Covered Credit Transaction
ECOA section 704B(b) requires
financial institutions to collect and
report information regarding any
application for ‘‘credit’’ made by
women-owned, minority-owned, or
small businesses. Although the term
‘‘credit’’ is not specifically defined in
section 1071, ECOA defines ‘‘credit’’ as
‘‘the right granted by a creditor to a
debtor to defer payment of debt or to
incur debts and defer its payment or to
purchase property or services and defer
payment therefor.’’ 350 As noted above
in the section-by-section analysis of
§ 1002.102(d), existing Regulation B
further defines ‘‘business credit’’ as
‘‘extensions of credit primarily for
business or commercial (including
agricultural) purposes,’’ with some
exclusions.351 As discussed in detail
below, the Bureau is finalizing its
proposal that covered financial
institutions report data for all
applications for transactions that meet
the definition of business credit unless
otherwise excluded.
Proposed § 1002.104(a) would have
defined the term ‘‘covered credit
transaction’’ as an extension of business
credit that is not an excluded
transaction under proposed
§ 1002.104(b). Proposed comment
104(a)–1 would have reiterated that the
term ‘‘covered credit transaction’’
includes all business credit (including
loans, lines of credit, credit cards, and
merchant cash advances) unless
otherwise excluded under § 1002.104(b).
The Bureau explained that such credit
transactions for agricultural purposes
and HMDA-reportable transactions
350 15
351 12
PO 00000
U.S.C. 1691a(d); see also § 1002.2(j).
CFR 1002.2(g).
Frm 00070
Fmt 4701
Sfmt 4700
would have fallen within the scope of
the proposed rule. The Bureau noted
that this was not an exhaustive list of
covered credit transactions; other types
of business credit would have
constituted covered credit transactions
unless excluded by proposed
§ 1002.104(b). With respect to excluded
transactions, proposed § 1002.104(b)
would have stated that the requirements
of subpart B do not apply to trade credit,
public utilities credit, securities credit,
and incidental credit. Proposed
commentary would have made clear
that the term ‘‘covered credit
transaction’’ also did not cover
factoring, leases, consumer-designated
credit used for business purposes, or
credit secured by certain investment
properties.
The Bureau received comments on
transaction coverage from many lenders,
trade associations, business advocacy
groups, nonbank online lenders, the
offices of two State attorneys general,
and community groups. The Bureau
received a few comments from industry
expressing general support for the
proposed definition of covered credit
transaction. Many community groups,
as well as several community-oriented
lenders and a cross-sector group of
lenders, community groups, and small
business advocates, requested expansive
and broad product coverage; some
commenters argued that such coverage
was needed to prevent evasion, for
comprehensive data analysis, and/or to
fulfill section 1071’s statutory purposes.
Some commenters suggested the Bureau
monitor the market to ensure that new
products are covered by, and reported
under, the rule. A business advocacy
group and a joint letter from community
groups, community-oriented lenders,
and business advocacy groups urged the
Bureau to subject ‘‘all forms of credit’’—
including merchant cash advances,
factoring, and leases, in addition to term
loans, credit cards, and other forms of
credit—to fair lending and credit need
analysis. They asserted that each of
these products occupies a substantial
portion of the ‘‘credit market’’ for small
businesses and excluding any of them
would allow potentially detrimental
lending practices to proliferate.
For the reasons set forth herein, the
Bureau is finalizing its definition of
‘‘covered credit transaction’’ in
§ 1002.104(a) as proposed. Final
§ 1002.104(a) defines the term ‘‘covered
credit transaction’’ as an extension of
business credit that is not an excluded
transaction under § 1002.104(b). Final
comment 104(a)–1 reiterates that the
term ‘‘covered credit transaction’’
includes all business credit (including
loans, lines of credit, credit cards, and
E:\FR\FM\31MYR2.SGM
31MYR2
lotter on DSK11XQN23PROD with RULES2
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
merchant cash advances) unless
otherwise excluded under final
§ 1002.104(b). Loans, lines of credit,
credit cards, merchant cash advances,
and credit products used for agricultural
purposes fall within the scope of this
final rule, which covers the majority of
products that small businesses use to
obtain financing.352 As discussed in
greater detail below, the Bureau believes
that covering these products in this rule
is important to fulfilling the purposes of
section 1071. The Bureau stresses that
the products discussed herein do not
constitute an exhaustive list of covered
credit transactions; other types of
business credit not specifically
described in the rule and its associated
commentary nevertheless constitute
covered credit transactions unless
excluded by final § 1002.104(b). In line
with this approach, the Bureau thus is
not expressly listing other products
(such as credit extensions incident to
factoring arrangements discussed below)
as covered credit transactions.
Final § 1002.104(b), in turn, states that
the requirements of subpart B do not
apply to trade credit, HMDA-reportable
transactions, insurance premium
financing, public utilities credit,
securities credit, and incidental credit.
Associated commentary makes clear
that the term ‘‘covered credit
transaction’’ also does not cover
factoring, leases, consumer-designated
credit that is used for business or
agricultural purposes, or credit
transaction purchases, purchases of an
interest in a pool of credit transactions,
and purchases of a partial interest in a
credit transaction. In response to
comments received, the Bureau is now
excluding HMDA-reportable
transactions and insurance premium
financing from the scope of this final
rule. As a result, the Bureau believes
that proposed commentary that would
have made clear that the term ‘‘covered
credit transaction’’ does not cover credit
secured by certain investment
properties is not necessary.
The Bureau agrees that broad product
coverage is important to fulfill section
1071’s statutory purposes, though the
Bureau is not extending coverage to all
forms of small business financing as
requested by some commenters. The
Bureau believes the exclusions from the
definition of covered credit transaction
that it proposed in § 1002.104(b) are
appropriate and has added two
additional exclusions (HMDAreportable transactions and insurance
premium financing) in response to
comments received. For the reasons set
forth herein, the Bureau is finalizing
352 See
White Paper at 21–22.
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
§ 1002.104 pursuant to its authority
under ECOA section 704B(g)(1) to
prescribe such rules and issue such
guidance as may be necessary to carry
out, enforce, and compile data under
section 1071.
Comments received on specific types
of transactions that are reportable or not
reportable under this rule are discussed
in turn below.
Loans, Lines of Credit, and Credit Cards
Proposed Rule
Proposed § 1002.104(a) would have
defined the term ‘‘covered credit
transaction’’ as an extension of business
credit that is not an excluded
transaction under proposed
§ 1002.104(b). Proposed comment
104(a)–1 would have reiterated that the
term ‘‘covered credit transaction’’
includes all business credit (including
loans, lines of credit, credit cards, and
merchant cash advances) unless
otherwise excluded under § 1002.104(b).
The Bureau did not propose definitions
for loans, lines of credit, and credit
cards because the Bureau believed these
products are generally and adequately
covered by the definition of ‘‘credit’’ in
proposed § 1002.102(i), which, as noted
above, references existing § 1002.2(j).
The Bureau sought comment on its
proposed approach to covered credit
transactions and particularly on
whether it should define loans, lines of
credit, and credit cards, and, if so, how.
Comments Received
A few commenters expressed general
support for the explicit coverage of
loans, lines of credit, and credit cards.
One bank commenter opined that the
Bureau’s rule does not need to define
loans, lines of credit, and credit cards
because those definitions would add
unnecessary complexities. One
community group expressed approval
for the Bureau’s proposed coverage of
lines of credit, stating that such
products meet important credit needs to
help businesses weather fluctuations in
revenues and their coverage will help
inform stakeholders whether minorityand/or women-owned businesses are
able to access this important credit type
or whether they experience a
disproportionate amount of denials.
The Bureau received mixed feedback
regarding its proposed coverage of credit
cards. A few community groups
supported credit card coverage, with
one noting that credit cards are widely
used by small businesses, often with
smaller principal balances and higher
interest rates than term loans. This
commenter stressed the importance of
assessing whether Hispanic- and
PO 00000
Frm 00071
Fmt 4701
Sfmt 4700
35219
African American-owned businesses are
more likely to rely upon credit cards
than other businesses and whether the
smallest businesses, and women- and
minority-owned businesses, have
equitable access to term loans or are
served disproportionately by credit card
loans or other credit products.
By contrast, a few credit union trade
associations urged the Bureau to
exclude credit cards from the rule to
reduce burden and reporting volumes.
One commenter argued that every credit
union that offers even a single small
business credit card product will
ultimately become a covered financial
institution unless the Bureau either
establishes a de minimis threshold or
expressly excludes small business credit
cards. Another urged the Bureau to
exclude credit cards from the rule on
the basis that these products are already
covered by the Credit Card
Accountability Responsibility and
Disclosure (CARD) Act and the
exclusion would reduce compliance
burden without weakening the quality
of resulting data and would relieve
lenders of the responsibility to sort out
and isolate business credit card data
from consumer credit card data, which
are often both run by the same platform
independently of other commercial
lending activities.
Final Rule
For the reasons set forth herein, the
Bureau is finalizing its coverage of loan,
lines of credit, and credit cards as
proposed. These products are
commonly offered to small business
applicants (making up almost 60
percent of the aggregate dollar volume
of various financial products used by
small businesses).353 According to a
recent Federal Reserve Banks’ survey of
employer firms, loans and lines of credit
were the most common forms of
financing sought by applicants, with
credit cards in second place.354 The
Bureau believes that covering these
products is important for advancing
both of section 1071’s statutory
purposes.
The Bureau does not believe that it
would be appropriate to exclude credit
cards from coverage, as requested by
several commenters. The Federal
Reserve Banks found that almost one
third of employer firm applicants sought
credit cards 355 and credit card usage
among minority-owned small
businesses is higher than among white353 See
id. at 21 fig. 2.
Report on Employer Firms at 25, https://
www.fedsmallbusiness.org/survey/2022/report-onemployer-firms.
355 Id.
354 2022
E:\FR\FM\31MYR2.SGM
31MYR2
35220
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
owned small businesses.356 The Bureau
believes that excluding this popular
source of small business financing,
particularly among the smallest
businesses and start-ups, would not be
consistent with section 1071’s statutory
purposes. The Bureau has considered
the concerns regarding reporting
volumes among credit unions and notes
that its higher originations threshold in
final § 1002.105(b) for coverage under
the rule should help alleviate these
concerns. The Bureau does not believe
that CARD Act reporting is a sufficient
substitute for data collected under
section 1071 because it does not cover
business-purpose credit cards and does
not include protected demographic
information, both of which are central to
section 1071’s statutory purposes.
The Bureau is finalizing § 1002.104(a)
and comment 104(a)–1 as proposed. The
Bureau is not adopting definitions for
loans, lines of credit, and credit cards
because it believes these products are
generally and adequately covered by the
definition of ‘‘credit’’ in
§ 1002.102(i).357
Merchant Cash Advances
lotter on DSK11XQN23PROD with RULES2
Background and Proposed Rule
As discussed above, proposed
§ 1002.104(a) would have defined the
term ‘‘covered credit transaction’’ as an
extension of business credit that is not
an excluded transaction under proposed
§ 1002.104(b), and proposed comment
104(a)–1 would have reiterated that the
term ‘‘covered credit transaction’’
includes all business credit (including
loans, lines of credit, credit cards, and
merchant cash advances) unless
otherwise excluded under § 1002.104(b).
The Bureau sought comment on its
proposed approach to covered credit
transactions, and in particular, on
whether it should define merchant cash
advances and/or other sales-based
financing transactions, and if so, how.
As the Bureau explained in the
NPRM, merchant cash advances are a
form of financing for small businesses
that purport to be structured as a sale of
potential future income. Merchant cash
advances vary in form and substance,
but under a typical merchant cash
356 See, e.g., Fed. Rsrv. Bank of N.Y. et al., LatinoOwned Businesses: Shining a Light on National
Trends (Nov. 2018), https://www.newyorkfed.org/
medialibrary/media/smallbusiness/2017/Report-onLatino-Owned-Small-Businesses.pdf (finding that
Latino business owners are more likely than nonLatino white business owners to use credit cards).
357 As noted in the section-by-section analysis of
§ 1002.107(a)(5) below, the Bureau distinguishes
between secured and unsecured loans and lines of
credit when financial institutions report the type of
credit product being applied for. The Bureau does
not believe that this distinction has relevance to
whether these products constitute ‘‘credit.’’
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
advance, a merchant receives a cash
advance and promises to repay it plus
some additional amount or multiple of
the amount advanced (e.g., 1.2 or 1.5,
the ‘‘payback’’ or ‘‘factor’’ ‘‘rate’’). The
merchant promises to repay by either
pledging a percentage of its future
revenue, such as its daily credit and
debit card receipts (the ‘‘holdback
percentage’’), or agreeing to pay a fixed
daily withdrawal amount to the
merchant cash advance provider until
the agreed upon payment amount is
satisfied. Merchant cash advance
contracts often provide for repayment
directly through the merchant’s card
processor and/or via Automated
Clearing House withdrawals from the
merchant’s bank account.358 Merchant
cash advances constitute the primary
product under an umbrella term often
referred to as ‘‘sales-based financing;’’
generally, transactions wherein a
financial institution extends funds to a
business and repayment is based on the
business’s anticipated sales, revenue, or
invoices.359
The Bureau understands that the
merchant cash advance market is
generally dominated by nondepository
institutions not subject to Federal safety
and soundness supervision or reporting
requirements. The Bureau also
understands that merchant cash
advance providers may not be required
to obtain State lending licenses. As a
result, information on merchant cash
advance lending volume and practices
is limited. The Bureau notes, however,
that a few states have enacted laws that
would impose disclosure requirements
358 This description is based on the Bureau’s
review of a sample of merchant cash advance
contracts that the Bureau believes fairly represent
typical merchant cash advance contracts in the
market. The Bureau’s review comports with
observations made by industry and community
groups regarding merchant cash advances.
359 As stated below, the Bureau is not specifically
defining sales-based financing in the rule because
the Bureau believes these products are covered by
the definition of ‘‘credit’’ in final § 1002.102(i). New
York and California laws have recently sought to
define sales-based financing. New York law, for
example, defines ‘‘sales-based financing’’ as ‘‘a
transaction that is repaid by the recipient to the
provider, over time, as a percentage of sales or
revenue, in which the payment amount may
increase or decrease according to the volume of
sales made or revenue received by the recipient.’’
N.Y. Fin. Serv. 801(j). New York’s definition of
sales-based financing also encompasses a true-up
mechanism where the financing is repaid as a fixed
payment but provides for a reconciliation process
that adjusts the payment to an amount that is a
percentage of sales or revenue. Id. California law
uses a similar definition. See 10 Cal. Code Reg.
2057(a)(22) (defining sales-based financing as ‘‘a
commercial financing transaction that is repaid by
a recipient to the financer as a percentage of sales
or income, in which the payment amount increases
and decreases according to the volume of sales
made or income received by the recipient’’ and
including ‘‘a true-up mechanism’’).
PO 00000
Frm 00072
Fmt 4701
Sfmt 4700
upon certain commercial financing
providers, including merchant cash
advance providers.360
Although the Bureau’s 2017 White
Paper estimated the merchant cash
advance market constituted less than 1
percent of the aggregate dollar volume
of various financial products used by
small businesses in the U.S. in 2014,361
the Bureau notes that more recent
evidence suggests the industry may now
be much larger. For example, the 2021
Federal Reserve Banks’ survey of firms
with 1–499 employees (‘‘employer
firms’’) found that 8 percent of such
businesses applied for and regularly
used merchant cash advances.362
Moreover, on August 18, 2019, the trade
website deBanked reported that
according to an investment bank’s
projections, ‘‘the [merchant cash
advance] industry will have more than
doubled its small business funding to
$19.2 billion by year-end 2019, up from
$8.6 billion in 2014.’’ 363
The Bureau understands that
merchant cash advances are often used
by merchants due to the speed and ease
with which they can be obtained,364
360 See, e.g., Cal. S.B. 1235 (Sept. 30, 2018),
https://leginfo.legislature.ca.gov/faces/
billTextClient.xhtml?bill_id=201720180SB1235;
N.Y. S.B. S5470B (Dec. 23, 2020), https://
legislation.nysenate.gov/pdf/bills/2019/S5470B.
The California law does not go so far as to amend
the California Financing Law to require factors or
merchant cash advance providers to be licensed,
but it does impose first-in-the-nation disclosure
requirements in connection with these products
similar to those imposed under TILA. The
California law is implemented through regulations
that took effect on December 9, 2022. See State of
Cal. Dep’t of Bus. Oversight, PRO 01–18
Commercial Financing Disclosures SB 1235 (June 9,
2022), https://dfpi.ca.gov/wp-content/uploads/sites/
337/2022/06/PRO-01-18-Commercial-FinancingDisclosure-Regulation-Final-Text.pdf. The New
York law is also implemented through regulations,
which have not been finalized yet. See N.Y. Dep’t
of Fin. Servs., Revised Proposed New 23 NYCRR
600 (Sept. 14, 2022), https://www.dfs.ny.gov/
system/files/documents/2022/09/rp_23nycrr600_
text_20220914.pdf.
361 See White Paper at 21 fig. 2, 22 fig. 3.
362 Fed. Rsrv. Banks, Small Business Credit
Survey—2022 Report on Employer Firms, at 19
(Feb. 22, 2022), https://www.fedsmallbusiness.org/
survey/2022/report-on-employer-firms (2022 Small
Business Credit Survey). Starting in 2017, the
Federal Reserve Banks began to gather specific data
on merchant cash advances for its annual reports
on small business financing for employer firms—in
the 2017 report, the survey found that 7 percent of
such businesses applied for and regularly used
merchant cash advances. Fed. Rsrv. Banks, Small
Business Credit Survey—2017 Report on Employer
Firms, at 9 (Apr. 11, 2017), https://
www.fedsmallbusiness.org/survey/2017/report-onemployer-firms (2017 Small Business Credit
Survey).
363 Paul Sweeney, Gold Rush: Merchant Cash
Advances Are Still Hot, deBanked (Aug. 18, 2019),
https://debanked.com/2019/08/gold-rushmerchant-cash-advances-are-still-hot/.
364 See Fed. Rsrv. Banks, Small Business Credit
Survey—2021 Report on Employer Firms, at 26
(Feb. 3, 2021), https://www.fedsmallbusiness.org/
E:\FR\FM\31MYR2.SGM
31MYR2
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
lotter on DSK11XQN23PROD with RULES2
particularly for merchants unable to
obtain financing from more traditional
sources.365 According to the 2021
Federal Reserve Banks’ report regarding
firms owned by people of color (both
small employer firms and non-employer
firms), Black-owned firms, Hispanicowned firms, and Asian-owned firms
were more likely to have applied for
merchant cash advances (14 percent, 10
percent, and 10 percent, respectively)
than white-owned firms (7 percent).366
The Bureau believes that the higher
frequency of merchant cash advance use
among minority-owned businesses
coupled with reports of problematic
provider practices lends credence to
claims that merchant cash advances
may raise fair lending concerns. The
Federal Trade Commission (FTC)
released a Staff Perspective in February
2020 discussing its concerns with the
merchant cash advance industry 367 and
noting the industry’s tendency to ‘‘cater
to higher-risk businesses or owners with
low credit scores—typically offering
them higher-cost products.’’ 368 The FTC
has also filed enforcement actions
against merchant cash advance
providers and their principals, in one
case alleging that they misrepresented
the terms of merchant cash advances
that they provided, and then used
‘‘unfair collection practices, including
sometimes threatening physical
violence, to compel consumers to
pay.’’ 369 In April 2021, the FTC
obtained a settlement that required a
merchant cash advance provider to pay
more than $9.8 million to settle charges
that it took money from businesses’
survey/2021/report-on-employer-firms (2021 Small
Business Credit Survey) (reporting that 84 percent
of surveyed credit applicants were approved for a
merchant cash advance, as compared to a 43
percent approval rate for personal loans).
365 See 2022 Small Business Credit Survey (noting
that only 8 percent of ‘‘high credit risk’’ applicants
obtained all the financing sought).
366 See Fed. Rsrv. Banks, Small Business Credit
Survey—2021 Report on Firms Owned by People of
Color, at 30 (Apr. 15, 2021), https://
www.fedsmallbusiness.org/survey/2021/2021report-on-firms-owned-by-people-of-color (Small
Business Credit Survey of Firms Owned by People
of Color).
367 Fed. Trade Comm’n, ‘Strictly Business’ Forum,
Staff Perspective, at 6–8 (Feb. 2020), https://
www.ftc.gov/system/files/documents/reports/staffperspective-paper-ftcs-strictly-business-forum/
strictly_business_forum_staff_perspective.pdf.
368 See id. at 2.
369 Press Release, Fed. Trade Comm’n, New YorkBased Finance Companies Deceived Small
Businesses, Non-Profits and Seized Their Personal
and Business Assets (June 10, 2020), https://
www.ftc.gov/news-events/press-releases/2020/06/
new-york-based-finance-companies-deceived-smallbusinesses. See also Press Release, Fed. Trade
Comm’n, FTC Alleges Merchant Cash Advance
Provider Overcharged Small Businesses Millions
(Aug. 3, 2020), https://www.ftc.gov/news-events/
press-releases/2020/08/ftc-alleges-merchant-cashadvance-provider-overcharged-small.
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
bank accounts without permission and
deceived business owners about the
amount of financing they would receive
and about other features of its financing
products.370 More recently, the FTC
obtained a court order that permanently
bans a merchant cash advance company
and its owner from the merchant cash
advance industry for deceiving and
threatening small businesses and their
owners.371
Moreover, the Bureau understands
that the delinquency/default rate
amongst small businesses that use
merchant cash advances is relatively
high—6 to 20 percent according to one
estimate 372 and 10 percent according to
an SEC analysis of one merchant cash
advance provider 373 (compared with a
charge off rate between 0 to 3.59 percent
on SBA loans 374 and just over 1 percent
on certain commercial and industrial
loans 375). The Bureau believes this high
default rate may be explained by the fact
that the typical merchant cash advance
holdback percentage—10 to 20 percent
of gross receipts or revenues—may be
onerous for already cash-strapped small
businesses.376 The Bureau also
understands that it is not uncommon for
370 Press Release, Fed. Trade Comm’n, Cash
Advance Firm to Pay $9.8M to Settle FTC
Complaint It Overcharged Small Businesses (Apr.
22, 2021), https://www.ftc.gov/news-events/pressreleases/2021/04/cash-advance-firm-pay-98msettle-ftc-complaint-it-overcharged.
371 Press Release, Fed. Trade Comm’n, FTC
Action Results in Ban for Richmond Capital and
Owner From Merchant Cash Advance and Debt
Collection Industries and Return of More Than
$2.7M to Consumers (June 6, 2022), https://
www.ftc.gov/news-events/news/press-releases/2022/
06/ftc-action-results-ban-richmond-capital-ownermerchant-cash-advance-debt-collection-industries.
372 See Bryant Park Capital, Merchant Cash
Advance/Small Business Financing Industry
Report, at 28 (Jan. 2016), https://
bryantparkcapital.com/wp-content/uploads/2018/
06/BPC-MCA-SMB-Financing-Industry-Report.pdf.
373 SEC Complaint (Jan. 2020), https://
www.sec.gov/litigation/complaints/2020/
comp24860.pdf.
374 Small Bus. Admin., Table 9—Charge Off Rates
as a Percent of Unpaid Principal Balance (UPB)
Amount by Program (Mar. 31, 2022), https://
www.sba.gov/document/report-small-businessadministration-loan-program-performance.
375 Bd. of Governors of the Fed. Rsrv. Sys.,
Charge-Off and Delinquency Rates on Loans and
Leases at Commercial Banks (Aug. 22, 2022),
https://www.federalreserve.gov/releases/chargeoff/
delallsa.htm.
376 See Bd. of Governors of the Fed. Rsrv. Sys.,
Browsing to Borrow: ‘‘Mom & Pop’’ Small Business
Perspectives on Online Lenders, at 9 (June 2018),
https://www.federalreserve.gov/publications/files/
2018-small-business-lending.pdf (Board Small
Business Perspectives) (noting that when asked
‘‘about the toughest part of running their
businesses, most participants cited the challenges of
managing their cash flow’’); id. at 5 (noting that
‘‘[s]ome observers have argued that the owner’s loss
of control over cash flow puts some small
businesses at risk’’). The Bureau also notes that
many merchant cash advance providers believe that
they are not subject to State usury laws.
PO 00000
Frm 00073
Fmt 4701
Sfmt 4700
35221
small businesses that use merchant cash
advances to obtain new merchant cash
advances from other merchant cash
advance providers (more than a quarter
of such businesses, by one account); 377
they also may use one merchant cash
advance to pay off another. Firms that
take on added debt loads in this way (a
process known as ‘‘stacking’’) ‘‘may not
fully recognize the costs involved,
which could potentially jeopardize the
financial health of their businesses.’’ 378
As small businesses struggled with
the COVID–19 pandemic, reports of
merchant cash advance providers
employing aggressive collection
practices continued, such as ‘‘pursuing
legal claims against owners that freeze
their bank accounts and . . . pressing
their family members, neighbors,
insurers, distributors—even their
customers.’’ 379 Given the fact that 84
percent of the credit applicants
surveyed by the Federal Reserve Banks
were approved for a merchant cash
advance 380 and the fact that it appears
to have been significantly more difficult
to obtain credit as a ‘‘high credit risk’’
applicant during the COVID–19
pandemic,381 the Bureau believes that
many vulnerable small businesses
sought merchant cash advances to
support their pandemic recovery.
Comments Received
The Bureau received comments on
this aspect of the proposal from a wide
range of lenders, trade associations,
business advocacy groups, community
groups, individuals, the offices of two
State attorneys general, and others. The
Bureau observes that, throughout the
development of the rule to implement
section 1071, merchant cash advances
have been the focus of significant
attention and a unique source of nearconsensus among a diverse array of
stakeholders—almost all of whom
377 See Opportunity Fund, Unaffordable and
Unsustainable: The New Business Lending, at 3
(May 2016), https://www.leg.state.nv.us/App/
InterimCommittee/REL/Document/13129 (stating
that ‘‘[m]ore than a quarter of the businesses in our
dataset had loans outstanding with multiple
alternative lenders’’).
378 Board Small Business Perspectives at 6.
379 Gretchen Morgenson, FTC official: Legal ‘loan
sharks’ may be exploiting coronavirus to squeeze
small businesses, NBC News (Apr. 3 2020), https://
www.nbcnews.com/business/economy/ftc-officiallegal-loan-sharks-may-be-exploiting-coronavirussqueeze-n1173346.
380 See 2021 Small Business Credit Survey at 26.
381 Compare id. at 22 (noting that only 7 percent
of ‘‘high credit risk’’ applicants obtained all the
financing sought), with Fed. Rsrv. Banks, Small
Business Credit Survey—2020 Report on Employer
Firms, at 12 (Apr. 7, 2020), https://
www.fedsmallbusiness.org/survey/2020/report-onemployer-firms (reporting that 23 percent of ‘‘high
credit risk’’ applicants obtained all the financing
sought) (2020 Small Business Credit Survey).
E:\FR\FM\31MYR2.SGM
31MYR2
35222
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
lotter on DSK11XQN23PROD with RULES2
advocated for covering merchant cash
advances in the rule.382 Comments
received in response to the NPRM were
no different in that, with the exception
of a sole credit union trade association,
the only commenters that supported the
exclusion of merchant cash advances
from the rule were merchant cash
advance providers or trade associations
representing merchant cash advance
providers (the Bureau is not aware of
any credit unions that offer merchant
cash advances as that term is used
herein). Most of these commenters
argued that merchant cash advances do
not meet the definition of credit under
ECOA or State law and should instead
be treated like traditional factoring
arrangements (described in detail
below), which are generally understood
not to be credit. A few of these
commenters also asserted that covering
merchant cash advances is contrary to
public policy because doing so will
negatively impact access to financing
and because they benefit businesses.
Two commenters asserted that the
Bureau failed to engage adequately in
cost/benefit analysis as required by
section 1022(b)(2)(a) of the Dodd-Frank
Act, claiming that some smaller funders
would exit the market due to increased
regulatory burdens and costs. One
commenter explained that because the
merchant cash advance industry has
never had to track the demographic
status of a small business owner,
implementing the Bureau’s rule would
require costly programming upgrades,
adjustments to merchant cash advance
funder systems, and additional
employees to handle the reporting and
auditing of these functions. This
commenter also argued the rule would
result in a less competitive market
dominated by larger players and would
put merchant cash advances at an unfair
disadvantage compared to factoring.
The Bureau received many comments,
primarily from community groups and
community-oriented lenders, expressing
broad support for covering merchant
cash advances. A few of these
commenters pointed to the fact that
State regulators have started cracking
down on the merchant cash advance
industry due to its lack of transparency
and potentially predatory practices. A
community group and a cross-sector
group of lenders, community groups,
382 For instance, of the substantive responses to
the 2017 request for information, comments
authored or co-authored by dozens of stakeholders
(including community and business groups,
industry, and trade associations) expressed explicit
support for requiring the reporting of merchant cash
advances (and additional letters expressed support
for covering ‘‘fintech’’ or ‘‘alternative online’’
products more generally).
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
and small business advocates noted that
merchant cash advances are an
important and growing part of small
business financing, with the community
group relaying one merchant cash
advance provider’s announcement that
the COVID–19 pandemic created new
demand for its products, in part because
the kinds of smaller firms that it
primarily serves encountered greaterthan-normal challenges to accessing
capital through traditional bank
financing during the pandemic. The
cross-sector group and another
community group stressed a need for
transparency and noted that there is
insufficient data on merchant cash
advances. The community group
acknowledged that reporting on
merchant cash advances may be more
complex due to their different terms but
argued that these features make
transparency into this lending channel
critical. This commenter also opined
that excluding merchant cash advances
from scrutiny would encourage lenders
to ‘‘double down’’ on their use rather
than offer more consumer-friendly
products.
Several supporters of merchant cash
advance coverage, including the offices
of two State attorneys general,
maintained that merchant cash
advances are clearly credit and they
incur repayment liability. A joint letter
from community and business advocacy
groups explained that merchant cash
advances are distinct from factoring in
that a genuine factoring transaction
creates a completed sale of receivables
owed to the seller as a result of goods
delivered or services provided by the
seller to a third party. A few
commenters asserted that coverage of
merchant cash advances meets section
1071’s statutory purposes. One online
lender noted that merchant cash
advances are not regulated. Many
commenters expressed strong concerns
about high costs and predatory practices
often associated with merchant cash
advances, with the majority of these
commenters expressing particular
concern about use of merchant cash
advances among minority business
owners. A CDFI lender explained that it
had analyzed several merchant cash
advance and balance sheet lender
agreements provided by its clients and
discovered that the average product
carried an annual percentage rate of 94
percent, with one product reaching 358
percent. This commenter also found
that, among the Hispanic borrowers in
its sample, the average monthly
payment was more than 400 percent of
their take-home pay. An online lender
characterized the lack of transparency in
PO 00000
Frm 00074
Fmt 4701
Sfmt 4700
pricing merchant cash advances as a
significant market failure that harms
small business owners. A community
group expressed strong concerns about
the increasingly common practice of
using confessions of judgments (where a
borrower must agree to allow the lender
to obtain a legal judgment without going
to court) within merchant cash advance
lending, citing an investigation that
found that the number of merchant cash
advance cases ending with a confession
in favor of a merchant cash advance
provider in New York State rose from 14
cases in 2014 to over 3,500 cases in
2018.383 The commenter noted that the
study further found that these
confession of judgment cases won the
merchant cash advance industry an
estimated $500 million in 2017.384
Potential coverage of merchant cash
advances under the final rule has also
drawn the attention of government
entities seeking to regulate the industry.
For example, in response to the SBREFA
Outline, the California Department of
Financial Protection and Innovation
submitted a comment letter stating that
‘‘nearly all the data points would be just
as easy for a merchant cash advance
company to report as any other financial
institution.’’ In addition, FTC staff
submitted a comment letter in response
to the Bureau’s Request for Information
on the Equal Credit Opportunity Act
and Regulation B 385 noting that the FTC
has brought many actions protecting
small businesses but that detecting
illegal conduct in this space can be
challenging, particularly with regard to
merchant cash advances. The FTC
comment letter urged the Bureau to
remind small business lenders that
whether a particular law applies
depends on actual facts and
circumstances and not solely on how
one party chooses to characterize the
transaction. FTC staff also
recommended that the Bureau help
small businesses through data
collection, collecting complaints, and
education.386
In response to the NPRM, the offices
of two State attorneys general submitted
a comment stating that merchant cash
advance transactions fall within the
definition of credit and that the
383 Zachary R. Mider & Zeke Faux, Sign Here to
Lose Everything Part 1: ‘‘I Hereby Confess
Judgment’’ (Nov. 20, 2018), https://
www.bloomberg.com/graphics/2018-confessions-ofjudgment.
384 Zachary R. Mider & Zeke Faux, Sign Here to
Lose Everything Part 2: The $1.7 Million Man (Nov.
27, 2018), https://www.bloomberg.com/graphics/
2018-confessions-of-judgment-millionaire-marshal/.
385 Comment No. CFPB–2020–0026–0117 (Dec. 1,
2020), https://www.regulations.gov/comment/CFPB2020-0026-0117.
386 Id.
E:\FR\FM\31MYR2.SGM
31MYR2
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
lotter on DSK11XQN23PROD with RULES2
inclusion of merchant cash advance
transactions is crucial given the rapid
expansion of the merchant cash advance
market in the past decade and limited
publicly available data on market size or
standard industry practices. Having
brought enforcement actions against
multiple merchant cash advance
providers, they also asserted that the
unregulated nature of the merchant cash
advance market makes it ripe for the
type of problematic practices that they
have directly observed through their
investigations into the industry. They
expressed strong support for the
inclusion of merchant cash advance
transactions within the scope of the
Bureau’s rule, stating their belief that
the rule will promote fairness,
transparency, and enhanced data
collection in the area of small business
financing, including the rapidly growing
merchant cash advance market that is
targeting small businesses.
The Bureau also received a few
comments about other aspects of its
proposal to cover merchant cash
advances. One commenter advised
against defining merchant cash
advances in the rule, arguing that such
a definition could be inconsistent with
some State laws and thus may create
additional complexity in complying
with the final rule. Another commenter
urged the Bureau to clarify the
application of the rule to merchant cash
advances, including by clearly defining
merchant cash advances and explaining
how the rule will apply to the particular
features of merchant cash advance
products. Two commenters expressed
more general support for coverage of
sales-based financing.
Final Rule
For the reasons set forth herein, the
Bureau is finalizing its definition of
‘‘covered credit transaction’’ as
proposed. Final § 1002.104(a) defines
the term ‘‘covered credit transaction’’ as
an extension of business credit that is
not an excluded transaction under
§ 1002.104(b). Final comment 104(a)–1
reiterates that the term ‘‘covered credit
transaction’’ includes merchant cash
advances.
The Bureau believes that the statutory
term ‘‘credit’’ in ECOA is intentionally
broad so as to include a wide variety of
products without specifically
identifying any particular product by
name. As noted above, ECOA defines
‘‘credit’’ to mean ‘‘the right granted by
a creditor to a debtor to defer payment
of debt or to incur debts and defer its
payment or to purchase property or
services and defer payment therefor.’’
As a result, the definition does not
explicitly state that it applies to any
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
type of credit, whether it be installment
loans, credit cards, or merchant cash
advances. To the extent there is any
ambiguity about whether a particular
product constitutes ‘‘credit,’’ Congress
appears to have intended for the Bureau
(or previously, the Board) to fill that
gap, but neither the Bureau nor the
Board have had occasion to provide
further clarity with respect to coverage
of sales-based financing products like
merchant cash advances except to note
in commentary that factoring, as ‘‘a
purchase of accounts receivable,’’ 387 is
not covered by ECOA or Regulation B.
However, based on its review of typical
merchant cash advance arrangements
and its expertise with respect to the
nature of credit transactions, the Bureau
believes the term ‘‘credit’’ encompasses
merchant cash advances and other types
of sales-based financing. As a result, the
Bureau believes that merchant cash
advances and other sales-based
financing are covered by the definition
of ‘‘credit’’ in final § 1002.102(i). The
Bureau does not believe it is necessary
to specifically define merchant cash
advances or sales-based financing
because the broad definition of ‘‘credit’’
in ECOA and Regulation B—includes
credit products covered by the rule
unless the Bureau specifically excludes
them.
Nor does the Bureau believe that
merchant cash advances should be
excluded from the rule as a species of
factoring because merchant cash
advances do not constitute factoring
within the meaning of the existing
commentary to Regulation B or the
definition in final comment 104(b)–1. In
factoring transactions, entities receiving
financing sell their legal right to
payment from a third party for goods
supplied or services rendered, and that
right exists at the time of the transaction
itself; the provider of funds seeks
payment directly from the third party,
and the transaction between the
recipient and the provider of funds is
complete at the time of the sale. In other
words, the recipient of the financing has
no remaining payment obligation,
meaning that no payment is deferred. In
contrast, at the time of the advance in
a merchant cash advance, the recipient
of the financing has no existing rights to
payment that it can transfer. The
transaction thus constitutes only a
promise by the recipient to transfer
funds to the provider once they
materialize at a later date. The Bureau
believes that the ECOA definition of
credit, by referring to the right to
‘‘defer’’ payments, necessarily invokes
this temporal consideration.
387 Existing
PO 00000
comment 9(a)(3)–3.
Frm 00075
Fmt 4701
Sfmt 4700
35223
The Bureau does not agree with
arguments raised by other commenters
that merchant cash advances are not
‘‘credit’’ under ECOA. Specifically, the
Bureau does not agree that the purchase
of the right to a specific portion of a
merchant’s future proceeds, up to an
agreed-upon limit, constitutes a
substantially contemporaneous
exchange of value between a merchant
cash advance provider and a merchant.
The Bureau notes that a merchant’s
proceeds from future sales of goods and
services, by definition, do not exist in
the present and thus there can be no
contemporaneous exchange of value,
substantial or otherwise, where there is
no present right to payment. The Bureau
believes merchant cash advances are
clearly distinguishable from back-dated
checks, service contracts with staggered
payment schedules, and true leases
(discussed below). Merchant cash
advances are typically repaid over a
period of three to 12 months and the
merchant has no existing rights to
payment that it can transfer to the
merchant cash advance provider until
they materialize at a later date, usually
at least a month later. The Bureau also
notes that under Regulation B, a
transaction is ‘‘credit’’ if there is a right
to defer payment of a debt—regardless
of the number of installments required
for repayment or whether the
transaction is subject to a finance
charge.388
Furthermore, the Bureau interprets
ECOA’s definition of credit as making
dispositive whether one party has
granted another the right to repay at
some time subsequent to the initial
transaction, without consideration of
factors such as the absence of recourse
or analysis of who bears the risk of loss.
Merchant cash advance providers grant
such a right: they advance funds to
small businesses and grant them the
right to defer repayment by allowing
them to repay over time. Additionally,
as a practical matter, the Bureau
understands that merchant cash
advances are underwritten and function
like a typical loan (i.e., underwriting of
the recipient of the funds; repayment
that functionally comes from the
recipient’s own accounts rather than
from a third party; repayment of the
advance itself plus additional amounts
akin to interest; and, at least for some
subset of merchant cash advances,
repayment in regular intervals over a
predictable period of time).
Finally, the Bureau believes that the
inclusion of merchant cash advances in
the Bureau’s rule is important to
fulfilling both the fair lending and the
388 Existing
E:\FR\FM\31MYR2.SGM
comment 2(j)–1.
31MYR2
35224
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
business and community development
purposes of section 1071.389
Commenters have warned of high costs
and predatory practices in this area, and
the Bureau is particularly focused on
their increasingly prevalent use among
minority business owners.390 The
Bureau also believes that including
merchant cash advances will create a
more level playing field across financial
institutions that provide cash flow
financing to small businesses by
shedding light on such credit
transactions as well as create a dataset
that better reflects demand for such
financing by the smallest and most
vulnerable businesses.
Agricultural-Purpose Credit
Background
As reported by the 2017 Census of
Agriculture,391 there are about 3.4
million farmers and ranchers
(‘‘producers’’) working on 2 million
farming and ranching operations
(‘‘farms’’) in the United States. The U.S.
Department of Agriculture (USDA)
Economic Research Service found that
family farms (where the majority of the
business is owned by the operator and
individuals related to the operator) of
various types together accounted for
nearly 98 percent of U.S. farms in
2020.392 Small family farms (less than
$350,000 in gross cash farm income)
accounted for 90 percent of all U.S.
farms and large-scale family farms ($1
million or more in gross cash farm
income) make up about 3 percent of
farms but 44 percent of the value of
production.393
According to the 2020 Annual Report
of the Farm Credit Administration, most
agricultural lending (approximately 83
percent) is done by either commercial
banks or the Farm Credit System (FCS),
a network of government-sponsored
enterprises regulated by the Farm Credit
Administration, an independent
389 ECOA
section 704B(a).
e.g., Fed. Rsrv. Bank of N.Y. et al., LatinoOwned Businesses: Shining a Light on National
Trends (Nov. 2018) (stating ‘‘Latino business
owners are more likely than non-Latino White
business owners to use credit cards, factoring, and
merchant cash advances—products that require less
collateral and are associated with higher average
interest rates’’).
391 The Census of Agriculture is conducted by the
USDA every five years and provides a detailed
picture of farms and the people who operate them.
See generally U.S. Dep’t of Agric., 2017 Census of
Agriculture (Apr. 2019), https://
www.nass.usda.gov/Publications/AgCensus/2017/
Full_Report/Volume_1,_Chapter_1_US/usv1.pdf.
392 Econ. Rsch. Serv., U.S. Dep’t of Agric.,
Farming and Farm Income (updated Sept. 1, 2022),
https://www.ers.usda.gov/data-products/ag-andfood-statistics-charting-the-essentials/farming-andfarm-income/.
393 Id.
lotter on DSK11XQN23PROD with RULES2
390 See,
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
government agency.394 The USDA’s
Farm Service Agency accounts for a
small share (3 percent) of agricultural
credit through direct loans and
guarantees of loans made by private
lenders.395
In a July 2019 report, the U.S.
Government Accountability Office
(GAO) discussed its finding that
information on the amount and types of
agricultural credit to socially
disadvantaged farmers and ranchers is
limited,396 and suggested that this
rulemaking may be a way to engage in
‘‘additional data collection and
reporting for nonmortgage loans.’’ 397
The GAO found that, using 2015–2017
USDA survey data, socially
disadvantaged farmers and ranchers
represented an estimated 17 percent of
primary producers in the survey, but
accounted for only an estimated 8
percent of total outstanding agricultural
debt.398 Loans to purchase agricultural
real estate accounted for most of socially
disadvantaged farmers and ranchers’
outstanding debt (67 percent).399 Farms
with minority or women primary
producers 400 are, on average, smaller
and bring in less revenue than farms
with a non-socially disadvantaged
primary producer (i.e., a white male)—
while socially disadvantaged farmers
and ranchers represented 30 percent of
all farms, they operated 21 percent of
total farmland and accounted for 13
percent of the market value of
agricultural products sold in 2017.401
The share of minority representation
in farming, particularly that of Black
farmers, has declined sharply over the
last 100 years.402 (The number of female
394 Farm Credit Admin., 2020 Annual Report of
the Farm Credit Administration, at 20 (2020),
https://www.fca.gov/template-fca/about/
2020AnnualReport.pdf.
395 Id.
396 See Gov’t Accountability Off., Agricultural
Lending: Information on Credit and Outreach to
Socially Disadvantaged Farmers and Ranchers is
Limited (2019), https://www.gao.gov/assets/gao-19539.pdf (GAO Report).
397 Id. at 12.
398 Id. at 16. ‘‘The primary producer is the
individual on a farm who is responsible for the
most decisions. Each farm has only one primary
producer.’’ Id. at 5.
399 Id. at introductory highlights.
400 ‘‘Producers’’ are individuals involved in farm
decision-making. A single farm may have more than
one producer.
401 See GAO Report at 7.
402 In 1910, approximately 893,370 Black farmers
operated approximately 41.1 million acres of
farmland, representing approximately 14 percent of
farmers. U.S. Census Bureau, 1910 Census: Volume
5 (Agriculture), Statistics of Farms, Classified by
Race, Nativity, and Sex of Farmers, at 298 (1910),
https://www2.census.gov/library/publications/
decennial/1920/volume-5/06229676v5ch04.pdf. In
2017, of the country’s 3.4 million total producers,
only 45,508 of them (1.3 percent) are Black and they
farm on only 4.1 million acres (0.5 percent of total
PO 00000
Frm 00076
Fmt 4701
Sfmt 4700
producers has increased significantly
over the last 100 years but remains
relatively small compared to male farm
producers.403) Based on the disposition
of numerous lawsuits alleging
discrimination against minority
farmers,404 the Bureau believes that
credit discrimination may play a role in
this decline. The GAO cites advocacy
groups for socially disadvantaged
farmers and ranchers, which have said
some socially disadvantaged farmers
and ranchers face actual or perceived
unfair treatment in lending or may be
dissuaded from applying for credit
because of past instances of alleged
discrimination.405 In addition, the GAO
cites advocacy groups, lending industry
representatives, and Federal officials in
stating that socially disadvantaged
farmers and ranchers are more likely to
operate smaller, lower-revenue farms,
have weaker credit histories, or lack
clear title to their agricultural land,
which can make it difficult for them to
qualify for loans.406 The Bureau
understands that determining the
‘‘creditworthiness’’ of a farmer is often
a judgmental process in which lending
decisions are de-centralized and involve
weighing many discretionary factors,
and believes that there are heightened
fair lending risks in agricultural lending.
Proposed Rule
In its proposal, the Bureau noted that
credit used for agricultural purposes is
generally covered by the broad
definition of credit under ECOA and
farmland); by comparison, 95 percent of U.S.
producers are white and own 94 percent of
farmland. U.S. Dep’t of Agric., 2017 Census of
Agriculture, at 62, 72 (Apr. 2019), https://
www.nass.usda.gov/Publications/AgCensus/2017/
Full_Report/Volume_1,_Chapter_1_US/usv1.pdf.
403 In 1910, women farmers represented
approximately 4 percent of farm workers. See U.S.
Census Bureau, 1910 Census: Volume 5
(Agriculture), Statistics of Farms, Classified by
Race, Nativity, and Sex of Farmers, at 340 (1910),
https://www2.census.gov/library/publications/
decennial/1920/volume-5/06229676v5ch04.pdf. As
of 2017, women account for approximately 36
percent of farmers. See U.S. Dep’t of Agric., 2017
Census of Agriculture, at 62 (Apr. 2019), https://
www.nass.usda.gov/Publications/AgCensus/2017/
Full_Report/Volume_1,_Chapter_1_US/usv1.pdf.
404 See, e.g., Order, In re Black Farmers
Discrimination Litig., No. 08–mc–0511 (D.D.C. filed
Aug. 8, 2008), https://blackfarmercase.com/
Documents/2008.08.08%20-%20PLF%
20Consolidation%20Order_0.pdf; Pigford v.
Glickman, 206 F.3d 1212 (D.C. Cir. 2000). See also
Garcia v. Vilsack, 563 F.3d 519 (D.C. Cir. 2009);
Love v. Connor, 525 F. Supp. 2d 155 (D.D.C. 2007);
Keepseagle v. Veneman, No. 99–CIV–03119, 2001
U.S. Dist. LEXIS 25220 (D.D.C. Dec. 12, 2001).
405 GAO Report at introductory highlights.
Additionally, the GAO cited these sources as noting
that some socially disadvantaged farmers and
ranchers may not be fully aware of credit options
and lending requirements, especially if they are
recent immigrants or new to agriculture. Id.
406 Id.
E:\FR\FM\31MYR2.SGM
31MYR2
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
lotter on DSK11XQN23PROD with RULES2
agricultural businesses are included in
section 1071’s definition of small
business. Taking into account the
information above, the Bureau stated
that covering agricultural credit in this
rulemaking was important for advancing
both of section 1071’s statutory
purposes and did not propose defining
covered credit in a way that would
exclude agricultural credit from
coverage. The Bureau sought comment
on the potential costs and complexities
associated with covering such credit.
Comments Received
The Bureau received comments on
this aspect of the proposal from many
agricultural lenders, banks, trade
associations, and community groups.
Several community-oriented lenders
and many community groups voiced
support for the Bureau’s proposed
coverage of agricultural-purpose credit.
A joint letter from community groups,
community oriented lenders, and
business advocacy groups asserted that
covering agricultural credit will be
helpful in advancing the goals of section
1071 because the vast majority of farms
are small and family run, and farmers
are an important part of the community
development landscape, and because
the litigation regarding discrimination
against Black farmers shows the risk of
discrimination and unequal access is
significant in the agricultural context. A
rural community group argued that the
Bureau’s legislative mandate is clear on
this issue because agricultural lending
falls under ECOA’s definition of credit
and farming operations are correctly
included in the proposed rule’s
definition of small business. Several
commenters asserted that covering
agricultural credit serves section 1071’s
community development and fair
lending statutory purposes. Another
community group expressed its belief
that 1071 data will allow for promotion
of adaptive and sustainable agriculture
among smaller farmers as opposed to
relying on large agricultural businesses.
Some commenters discussed their
belief that including agricultural credit
within the scope of this rule was needed
to address historical and/or continuing
discrimination. A rural community
group described the challenges relating
to justifying claims in the
discrimination settlements against
USDA due specifically to the lack of any
other form of data to quantify the results
of disparities in treatment with access to
loans. This commenter also relayed
minority farmers’ experiences of being
more at risk of foreclosure due to not
being told about or not being given fair
access to many farm programs that
benefit white farmers and due to
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
receiving unfavorable loans originated
with the specific intent of pushing these
farmers into acceleration and
foreclosure to remove them from their
land. This commenter also detailed how
the rule would illuminate a host of
factors leading to disparate treatment of
minority farmers, citing conflicts of
interest among staff of local Farm
Service Agency offices, disclosure of
loan terms, imposition of collateral
requirements, and changes in valuations
of assets in appraisals. This commenter
described discouragement of minority
farmers from making loan applications
or requesting loss mitigation and
asserted that data collection is a proven
way to document and address such
discouragement. The commenter alleged
that agricultural lenders, notably Farm
Credit System lenders, lack the data or
any system to comply with ECOA.
One community group maintained
that constrained access to capital has
contributed to the staggering loss of
Black-owned farmland in the Deep
South, while another said that the
Bureau’s rule will highlight the racially
disparate impact of facially neutral
policies that disproportionately result in
adverse outcomes for Black farmers,
including underwriting decisions based
on the types of farm, the business
structure, and land appraisals. A CDFI
lender relayed examples of issues faced
by Black farmers, including: (1) lack of
access to fair, affordable credit as a
barrier for new farmers; (2) lenders and
local USDA offices that seek to frustrate
Black farmers by making things more
complicated and causing lengthy delays
that white farmers do not encounter; (3)
lack of relationships with banks
resulting in their being less willing to
work with the farmers and provide
assistance during the loan application
process; (4) agricultural loan
underwriting criteria that favor beef,
cattle, and grain production, which are
often the enterprises of large-scale white
farmers; (5) alternative financing from a
private lender not being an adequate
substitute for having fair access to
government lending programs with 1
percent interest and 40 year terms; and
(6) Black farmers often being unable to
secure financing and thus being left
with no choice but to sell their land to
white farmers.
Several commenters stressed the need
for transparency due to lack of sufficient
data on agricultural lending markets.
One such commenter noted that the
USDA has not made its limited data—
which includes only numbers of loans
applied for, made, and denied, at the
county level—easily available to the
public. This commenter also argued that
comprehensive data are particularly
PO 00000
Frm 00077
Fmt 4701
Sfmt 4700
35225
important to increase equity and
uniformity in loan modifications and
restructurings and to assist with
decisions related to pandemic relief
programs and the grant of specialized
loan servicing. Another commenter
suggested that 1071 data would help the
USDA, the SBA, and other relevant
government agencies better understand
the needs of small agricultural
businesses and noted that agricultural
credit extends beyond acquisition of
inventory farmland to include
operational loans, agricultural
machinery and building loans, and
loans to develop local markets for
selling agricultural products. A
community group dismissed concerns
that agricultural lending data would be
too complex to collect and report,
because it is already reported under
CRA.
Some commenters suggested changes
and clarifications related to applying the
Bureau’s rule to agricultural credit. One
community group suggested the Bureau
modify or clarify data collection to
identify forms of disparate treatment
unique in small-scale farm operations
that may differ from other small
businesses. This commenter also
suggested that the Bureau clarify that
the rule covers the Farm Service
Agency, the Farm Credit System, all
lenders making Farm Service Agency
guaranteed loans, and the full range of
other entities that provide credit to
small farm businesses. A number of
Farm Credit System lenders expressed
support for a trade association letter that
discussed how agricultural lending is
fundamentally different from small
commercial lending and requested a
different small business definition to
account for how they would be
disproportionately covered by the rule.
These comments are discussed in more
detail in the section-by-section analysis
of § 1002.106(b). One agricultural
community group suggested that base
acre payment transactions (transactions
that take into account certain
government payments, which are in
turn based on a farm’s historic crop
yield) should be considered covered
credit transactions because of concerns
that base program acres may not benefit
Native American farmers and because
base acre payments are often used to
prove or deny a farmer’s request for loan
origination or modification.
Some industry commenters requested
an exclusion for agricultural credit from
the Bureau’s rule. One credit union
association argued that agricultural
lending should be exempted because
many agricultural borrowers are
serviced by small local community
financial institutions, including credit
E:\FR\FM\31MYR2.SGM
31MYR2
35226
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
unions whose members are
agriculturally based and whose
members and borrowers are represented
on the credit unions’ board of directors.
A few other commenters asserted that
agricultural credit is not comparable to
other types of small business lending
and urged the Bureau to exempt it on
those grounds; one stated that it does
not make sense to compare a 200-acre
farm with a gas station. A trade
association pointed to different
treatment under CRA and HMDA as
evidence that it was unlikely that
section 1071 was enacted to cover
agricultural lending because their
underwriting criteria are distinct and
different from small business loans. A
bank also suggested exempting
agricultural lending, maintaining that its
numbers would not be useful for fair
lending purposes because unlike small
business loans that are more on a one
loan to one borrower or two-to-one
basis, its agricultural portfolio included
multiple loans to the same borrower. A
few commenters argued that covering
agricultural credit under the rule would
have an outsized impact on farmers by
increasing this cost of credit and
reducing its availability. A trade
association asserted that the burden of
section 1071 compliance may force
small lenders to reduce their lending
below the exemption threshold, which
in turn may limit the access to
agricultural credit because large banks
often do not engage in significant
agricultural lending.
lotter on DSK11XQN23PROD with RULES2
Final Rule
For the reasons set forth herein, the
Bureau is not defining a ‘‘covered credit
transaction’’ in final § 1002.104 in a way
that would exclude agricultural credit
from the final rule. Credit used for
agricultural purposes is generally
covered by the broad definition of credit
under ECOA. First, ECOA’s definition of
‘‘credit’’ is not limited to a particular
use or purpose and Regulation B
expressly covers agricultural-purpose
credit. Further, ECOA does not provide
an exception for agricultural credit, and
it assigns enforcement authority to
regulators of agricultural lending such
as the Secretary of Agriculture and the
Farm Credit Administration.407
Moreover, agricultural businesses are
included in section 1071’s statutory
definition of small business.408 The
407 See 15 U.S.C. 1691c; Regulation B
§ 1002.16(a).
408 ECOA section 704B(h)(2) (defining a small
business as having the same meaning as the term
‘‘small business concern’’ in section 3 of the Small
Business Act (15 U.S.C. 632)). Section 704B(h)(2)
defines small business by reference to the Small
Business Act definition of a small business concern,
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
Bureau believes that covering
agricultural credit in this rulemaking is
important for advancing both of section
1071’s statutory purposes and is not
excluding agricultural credit from the
final rule. The Bureau notes that most
of the comments received on this aspect
of the proposal were in favor of the rule
covering agricultural lending. Even the
many comments that the Bureau
received from Farm Credit System
lenders and related associations
generally focused on urging the Bureau
to adopt a separate small farm definition
rather than a wholesale exclusion of
agricultural credit.
As noted above, the products
discussed in this rule do not constitute
an exhaustive list of covered credit
transactions; other types of business
credit not specifically described in the
rule and its associated commentary
nevertheless constitute covered credit
transactions unless excluded by final
§ 1002.104(b). In line with this
approach, the Bureau thus is not
delineating certain products (such as
base acre payment transactions) as
covered credit transactions.
The Bureau does not believe it would
appropriate to exclude agricultural
credit from the rule, as requested by
some commenters. With regard to the
concern that agricultural lending should
be exempted because of the impact on
small local community financial
institutions, such as credit unions, the
Bureau notes that it is increasing its
institutional coverage threshold, as
discussed in the section-by-section
analysis of § 1002.105 below, to limit
any risk of impact on smaller financial
institutions or of market disruption in
the small business lending sector. By
declining to draw a potentially blurry
line between business-purpose credit
and agricultural-purpose credit, the
Bureau also believes that its finalized
inclusive approach will better enable it
to ensure that financial institutions that
are offering business credit are
complying with the final rule.
With respect to comments asserting
that agricultural credit is unique and not
comparable to other types of small
business lending, the Bureau
acknowledges that every small business
industry has its own unique
characteristics. In order to fulfill section
1071’s business and community
development purpose and to address the
particularities of certain lending
models, the Bureau is providing
clarification regarding how reporting
which includes independently owned and operated
‘‘enterprises that are engaged in the business of
production of food and fiber, ranching and raising
of livestock, aquaculture, and all other farming and
agricultural related industries.’’ 15 U.S.C. 632(a)(1).
PO 00000
Frm 00078
Fmt 4701
Sfmt 4700
rules apply to certain covered credit
transactions and is also not covering
certain transactions. For the reasons
described herein, however, the Bureau
is not categorically exempting
agricultural credit from the rule.
Moreover, the Bureau believes that
data on agricultural credit will be useful
for fair lending purposes. As discussed
above, there is some evidence that
minority-owned farms may obtain, or
may be offered, higher interest rates and
less favorable terms on agricultural
credit. Data collected and reported
under this final rule will allow the
Bureau, other government agencies, and
other data users to have insight into the
existing market, observe the market for
potentially troubling trends, and
conduct fair lending analyses.
The Bureau has considered the
comments arguing that covering
agricultural credit under the rule would
have an outsized impact on farmers by
increasing this cost of credit and
reducing its availability. The Bureau has
also considered the claim that small
lenders will reduce their lending below
the exemption threshold, which in turn
may limit the access to agricultural
credit because large banks often do not
engage in significant agricultural
lending. The Bureau does not believe
that there is a significant risk that
lenders will reduce their agricultural
lending as a result of this rule such that
there will be a marked impact on the
availability of agricultural credit.
Moreover, as noted in the section-bysection analysis of § 1002.105 below, the
Bureau is increasing its institutional
coverage threshold for the final rule to
reduce the impact on financial
institutions with the lowest volume of
small business lending, including
agricultural lenders.
Based on its review of the GAO
Report,409 the decline of minority
representation in farming over the last
100 years,410 the disposition of
numerous lawsuits alleging
discrimination against minority
409 See,
e.g., GAO Report at 16.
1910, approximately 893,370 Black farmers
operated approximately 41.1 million acres of
farmland, representing approximately 14 percent of
farmers. U.S. Census Bureau, 1910 Census: Volume
5 (Agriculture), Statistics of Farms, Classified by
Race, Nativity, and Sex of Farmers, at 298 (1910),
https://www2.census.gov/library/publications/
decennial/1920/volume-5/06229676v5ch04.pdf. In
2017, of the country’s 3.4 million total producers,
only 45,508 of them (1.3 percent) are Black and they
farm on only 4.1 million acres (0.5 percent of total
farmland); by comparison, 95 percent of U.S.
producers are white and own 94 percent of
farmland. U.S. Dep’t of Agric., 2017 Census of
Agriculture, at 62, 72 (Apr. 2019), https://
www.nass.usda.gov/Publications/AgCensus/2017/
Full_Report/Volume_1,_Chapter_1_US/usv1.pdf.
410 In
E:\FR\FM\31MYR2.SGM
31MYR2
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
lotter on DSK11XQN23PROD with RULES2
farmers,411 and comments discussing
how the inclusion of agricultural credit
in the rule is needed to address
historical and/or continuing
discrimination, the Bureau finds that
covering agricultural credit is crucial to
serving section 1071’s purpose of
facilitating enforcement of fair lending
laws.
The Bureau furthers finds that
covering agricultural credit is vital to
enable communities, governmental
entities, and creditors to identify
business and community development
needs and opportunities of small
businesses, including small farms. The
Bureau agrees with commenters that
stressed the need for transparency due
to lack of sufficient data on agricultural
lending markets. The Bureau believes
that the transparency afforded by data
collected and reported under this final
rule will empower rural communities to
better address the challenges they face,
particularly with regard to equitable
credit access. Representatives of these
communities appear to agree—in a
recent letter addressed to the House and
Senate Agriculture and Financial
Services and Banking committees
characterizing the proposed rule as
‘‘pro-farmer,’’ multiple community
groups noted that ‘‘[s]mall farmers have
consistently demanded more
transparent and fair markets, and our
members know that having an accurate
and up-to-date picture of agricultural
lending will help farmers and
consumers, not hurt them.’’ 412
Relatedly, in a recent report, the Bureau
found that rural communities face
unique challenges in accessing and
using consumer financial products and
that further research is required to better
understand the needs of rural
households and how the Bureau can
best ensure that rural residents have
equitable access to financial markets.413
The Bureau notes that many
agricultural lenders have already been
411 See, e.g., Order, In re Black Farmers
Discrimination Litig., No. 08–mc–0511 (D.D.C. filed
Aug. 8, 2008), https://blackfarmercase.com/
Documents/2008.08.08%20-%20PLF%20Consolidation%20Order_0.pdf; Pigford v. Glickman, 206
F.3d 1212 (D.C. Cir. 2000). See also Garcia v.
Vilsack, 563 F.3d 519 (D.C. Cir. 2009); Love v.
Connor, 525 F. Supp. 2d 155 (D.D.C. 2007);
Keepseagle v. Veneman, No. 99–CIV–03119, 2001
U.S. Dist. LEXIS 25220 (D.D.C. Dec. 12, 2001).
412 HEAL (Health, Environment, Agriculture,
Labor) Food All., Rural Coal., Nat’l Young Farmers
Coal., Ctr. for Responsible Lending et al., RE:
Support for Proposed Section 1071 rule and
Opposition to H.R.7768—Farm Credit
Administration Independent Authority Act (R.
Davis) (Sept. 14, 2022), https://www.ushcc.com/
advocacy-letters.html.
413 CFPB, Data Spotlight: Challenges in Rural
Banking Access (Apr. 2022), https://
files.consumerfinance.gov/f/documents/cfpb_dataspotlight_challenges-in-rural-banking_2022-04.pdf.
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
collecting and reporting some form of
data by HMDA, the CRA, and/or the
Farm Credit Administration and so
should be able to adapt to the data
collection requirements mandated by
Congress. Additionally, to the extent
that commenters were concerned about
the impact on the smallest agricultural
lenders, many of those concerns are
addressed by the Bureau’s decision, as
discussed in the section-by-section
analysis of § 1002.105(b) below, to
require data collection and reporting
only by financial institutions that meet
a 100-loan threshold. In short, as further
discussed in part IX below, the Bureau
does not anticipate any material adverse
effect on credit access in the long or
short term to rural small businesses.
104(b) Excluded Transactions
Proposed § 1002.104(b) would have
provided that the requirements of
subpart B do not apply to trade credit,
public utilities credit, securities credit,
and incidental credit. Proposed
comments 104(b)–1 and –2 would have
made clear that the term covered credit
transaction also does not cover factoring
and leases. Proposed comments 104(b)–
3 and –4 would have clarified that the
term covered credit transaction does not
include consumer-designated credit or
credit secured by certain investment
properties because such transactions are
not business credit. In the NPRM, the
Bureau also discussed its proposed
treatment of extensions of credit made
to governments or governmental
subdivisions, agencies, or
instrumentalities and certain purchases
of covered credit transactions.
The Bureau received comments on its
overall approach to § 1002.104(b) from
several banks, trade associations,
individuals, and members of Congress.
Two industry commenters supported
the exclusions as proposed, with
another commenter expressing support
but also suggesting expansion. Two
commenters suggested listing all
exclusions in the regulatory text with
any clarifications of those exclusions set
out in the commentary. A bank trade
association urged the Bureau to extend
section 1071 requirements to all
nontraditional lenders and
nontraditional products to avoid leaving
open the opportunity for the abuse or
dissatisfaction of small business
borrowers to go undetected or
disadvantaging highly regulated
institutions such as community banks.
A joint letter from several members of
Congress asked the Bureau reconsider
its proposed exclusions on the grounds
that such exclusions would lead to a gap
in understanding of the small business
lending marketplace and whether
PO 00000
Frm 00079
Fmt 4701
Sfmt 4700
35227
entities are in compliance with fair
lending laws. Comments received
regarding specific exclusions, including
additional exclusions sought by
commenters, are discussed in greater
detail below.
For the reasons set forth herein, the
Bureau is finalizing § 1002.104(b) to
provide that the requirements of subpart
B do not apply to trade credit, HMDAreportable transactions, insurance
premium financing, public utilities
credit, securities credit, and incidental
credit. In response to comments
received, the Bureau is excluding
HMDA-reportable transactions from
coverage under the final rule. As a
result, the Bureau believes that
proposed comment 104(b)–4 that would
have made clear that the term ‘‘covered
credit transaction’’ does not cover credit
secured by certain investment
properties is not necessary. Final
comments 104(b)–1 and –2 make clear
that the term covered credit transaction
also does not cover factoring and leases.
Final comment 104(b)–3 clarifies that
the term covered credit transaction does
not include consumer-designated credit
because such transactions are not
business credit. New comment 104(b)–
4 provides clarification regarding
certain purchases of covered credit
transactions, including pooled loans,
and partial interests. All of these
provisions are discussed in detail
below.
The Bureau has considered comments
suggesting that all exclusions be listed
in the regulatory text. The Bureau
appreciates the need for clarity in
articulating which products must be
reported under this final rule but
believes that it can provide sufficient
clarity through its regulatory text and
commentary. The Bureau’s approach
differentiates between products that
meet the definition of both ‘‘credit’’ and
‘‘business credit’’ under Regulation B,
and between those products that the
Bureau is excluding (for reasons
discussed below) pursuant to its
exception authority under ECOA section
704B(g)(2). Products excepted under
section 704B(g)(2) are enumerated in the
regulatory text. Such specific exclusion
is not necessary for products the Bureau
considers not to be ‘‘business credit’’ in
the first place; however, the Bureau
believes that identifying and describing
some such products in the
commentary—which it has done—will
provide clarity and facilitate
compliance.
E:\FR\FM\31MYR2.SGM
31MYR2
35228
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
104(b)(1) Trade Credit
lotter on DSK11XQN23PROD with RULES2
Background
Under existing Regulation B, trade
credit refers to a ‘‘financing arrangement
that involves a buyer and a seller—such
as a supplier who finances the sale of
equipment, supplies, or inventory; it
does not apply to an extension of credit
by a bank or other financial institution
for the financing of such items.’’ 414
Thus, trade credit typically involves a
transaction in which a seller allows a
business to purchase its own goods or
services without requiring immediate
payment in full, and the seller is not
otherwise involved in financial services
and does not otherwise provide credit
that could be used for purposes other
than the purchase of its own goods or
services.415 Businesses offering trade
credit generally do so as a means to
facilitate the sale of their own goods and
not as a stand-alone financing product
or a more general credit product offered
alongside the sale of their own goods or
services.
Although ECOA and Regulation B
generally may apply to trade credit,
most of the specific notification
requirements of existing Regulation B
do not apply to trade credit
transactions.416 The Bureau’s White
Paper estimated that trade credit
represents approximately 21 percent of
the aggregate dollar volume of various
financial products used by small
businesses.417 The Bureau understands
that there are tens of thousands of
merchants and wholesalers that extend
credit to small businesses solely in
connection with the sale of their goods
and services.
Proposed Rule
The Bureau proposed to not cover
trade credit in the section 1071 final
rule. Proposed § 1002.104(b)(1) would
have defined trade credit as a financing
arrangement wherein a business
acquires goods or services from another
business without making immediate
payment to the business providing the
goods or services. Proposed comment
104(b)(1)–1 would have provided that
an example of trade credit is one that
involves a supplier that finances the
sale of equipment, supplies, or
inventory. Proposed comment
104(b)(1)–1 would have provided that
an extension of business credit by a
financial institution other than the
supplier for the financing of such items
is not trade credit. Proposed comment
414 Comment
9(a)(3)–2.
comment 9(a)(3)–2.
416 See § 1002.9(a)(3)(ii).
417 White Paper at 21 fig. 2.
415 See
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
104(b)(1)–2 would have clarified that
the definition of trade credit under
existing comment 9(a)(3)–2 applies to
relevant provisions under existing
Regulation B, and that proposed
§ 1002.104(b)(1) is not intended to
repeal, abrogate, annul, impair, or
interfere with any existing
interpretations, orders, agreements,
ordinances, rules, or regulations
adopted or issued pursuant to existing
comment 9(a)(3)–2. The Bureau sought
comment on its proposal to exclude
trade credit from the rule and on its
proposed definition of trade credit.
Comments Received
The Bureau received comments on
this aspect of the proposal from a range
of commenters, including banks, trade
associations, and a business advocacy
group. Several industry commenters
expressed general support for the
proposal to exclude trade credit.
However, some of these commenters
advocated expanding the exclusion. For
instance, one commenter suggested that
all asset-based financing should be
excluded as trade credit, arguing that if
the rule should not apply to sellers to
facilitate their sales of goods, the rule
also should not apply to their ‘‘behind
the scenes’’ non-recourse factors and
asset-based lenders who facilitate those
sales. Two commenters urged
broadening the proposed exclusion to
include captive finance companies
when they are financing equipment
manufactured by their parent companies
because these companies exist solely to
facilitate the acquisition of the original
equipment manufacturers’ products. A
few comments more broadly asked that
the Bureau not limit the exclusion to
‘‘in-house’’ trade credit, suggesting that
trade credit offered by financial
institutions allows more suppliers to
offer trade credit programs, and as a
result provides more opportunities for
credit access to small businesses. These
commenters additionally argued that
such expansion is needed to prevent
uneven regulatory treatment, to promote
competition in the market for trade
credit, to avoid pushing more business
transactions into a less regulated
environment, and to obtain more
fulsome data collection and reporting on
trade credit. A trade association asked
the Bureau to clarify that the trade
credit exclusion encompasses auctions
where a buyer may pay for acquired
property at a later date.
A few other industry commenters
urged the Bureau to cover trade credit
in the final rule. Two of these
commenters argued that providers of
trade credit, especially in the
agricultural sector, are competitors to
PO 00000
Frm 00080
Fmt 4701
Sfmt 4700
traditional lenders, and should be
covered. One commenter asked the
Bureau to provide several specific
transaction examples so that covered
financial institutions can readily
identify those transactions that they
must report on, and those that are
exempted. Another commenter asked
the Bureau to clarify whether floor plan
financing, which generally allows
merchants to stock inventory available
for sale without advance payment to the
manufacturer or distributor, would fall
within the proposed trade credit
exclusion. This commenter noted that
floor plan finance companies support
merchants by allowing them to maintain
some level of inventory with frequent
adjustments to the financing and
payment terms, and they may be
affiliated with the manufacturer or
distributor.
Several commenters urged the Bureau
to expand its trade credit exclusion to
private label or cobranded credit. These
commenters primarily argued that such
transactions need to be quickly
completed, often at a point-of-sale, and
that asking for protected demographic
information and other required data
may reduce the supply and demand for
such credit. A few commenters
suggested that if the Bureau were to
include private label and co-branded
transactions in the final rule, it should
only require the collection and reporting
of such transactions over $50,000 to
mitigate the impact of their inclusion.
Final Rule
For the reasons set forth herein, the
Bureau is finalizing largely as proposed
its exclusion for trade credit in this final
rule. Final § 1002.104(b)(1) defines trade
credit as a financing arrangement
wherein a business acquires goods or
services from another business without
making immediate payment in full to
the business providing the goods or
services. The Bureau has added the
words ‘‘in full’’ to the proposed
definition to account for the fact that
trade credit may include an immediate
partial payment or down payment to the
businesses providing the goods or
services. Final comment 104(b)(1)–1
provides that an example of trade credit
is one that involves a supplier that
finances the sale of equipment,
supplies, or inventory. Final comment
104(b)(1)–1 provides that an extension
of business credit by a financial
institution other than the supplier for
the financing of such items is not trade
credit, and it also provides that credit
extended by a business providing goods
or services to another business is not
trade credit for the purposes of subpart
B where the supplying business intends
E:\FR\FM\31MYR2.SGM
31MYR2
lotter on DSK11XQN23PROD with RULES2
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
to sell or transfer its rights as a creditor
to a third party, such as a financial
institution. Final comment 104(b)(1)–2
clarifies that the definition of trade
credit under existing comment 9(a)(3)–
2 applies to relevant provisions under
existing Regulation B, and that
§ 1002.104(b)(1) is not intended to
repeal, abrogate, annul, impair, or
interfere with any existing
interpretations, orders, agreements,
ordinances, rules, or regulations
adopted or issued pursuant to existing
comment 9(a)(3)–2.
The Bureau is adopting a definition of
‘‘covered credit transaction’’ that
excludes trade credit pursuant to its
authority under ECOA section
704B(g)(1) to prescribe such rules and
issue such guidance as may be
necessary to carry out, enforce, and
compile data under section 1071, as
well as its authority under ECOA
704B(g)(2) to adopt exceptions to any
requirement of section 1071 and to
conditionally or unconditionally
exempt any financial institution or class
of financial institutions from the
statute’s requirements, as the Bureau
deems necessary or appropriate to carry
out the purposes of section 1071. While
trade credit constitutes ‘‘credit’’ within
the meaning of § 1002.102(i) and may
constitute ‘‘business credit’’ within the
meaning of § 1002.102(d), depending on
its purpose, and therefore generally
covered by ECOA, the Bureau believes
that trade credit is different from
products like loans, lines of credit,
credit cards, and merchant cash
advances and that there are several
reasons to exclude it from coverage. The
Bureau does not believe it would be
appropriate to include trade credit in
the scope of this final rule, despite some
commenters’ assertions that providers of
trade credit in the agricultural sector
would have a competitive advantage
over other lenders.
Trade credit is not a general-use
business lending product—that is, trade
creditors generally extend credit as a
means to facilitate the sale of their own
goods or services, rather than offering
credit as a stand-alone financial product
or as more general credit product
offered alongside the sale of their own
goods or services. The Bureau believes
that while trade creditors might meet
the definition of a financial institution
under § 1002.105(a), they are not
primarily financial services providers,
nor do they have the infrastructure
needed to manage compliance with
regulatory requirements associated with
making extensions of credit. The Bureau
understands that trade credit can be
offered by entities that are themselves
very small businesses; these entities, in
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
particular, may incur large costs relative
to their size to collect and report small
business lending data in an accurate and
consistent manner.418 Taken together,
requiring trade credit to be reported
under subpart B could lead to
significant data quality issues. The
Bureau also wants to avoid the risk that
the fixed costs of coming into
compliance with the rule could lead
these businesses to limit offering trade
credit to their small business customers,
which may run contrary to the business
and community development purpose
of section 1071. These concerns are
distinct from coverage generally under
ECOA and Regulation B, which as noted
above may still apply to trade credit.
The Bureau does not believe that the
trade credit exclusion should be
expanded to include all asset-based
financing, captive finance companies, or
trade credit offered by financial
institutions that are not suppliers of
goods or services, as requested by some
commenters. The Bureau believes that,
unlike trade creditors themselves, such
providers offer stand-alone credit
products in the same way as other
financial institutions and are not
retailers or merchants with limited
regulatory compliance experience. As
such, the Bureau does not have the same
concerns about data quality or reduced
small business lending by affiliates and
facilitators that it does about trade
creditors themselves. Thus, the Bureau
is finalizing its definition of trade credit
in § 1002.104(b)(1) to focus on the
business providing the goods or services
being financed. The trade credit
exclusion does not extend to affiliates
and facilitators of trade creditors that
provide financing, even if only for the
trade creditor’s products and not for
competing or unrelated products. Thus,
provided that they otherwise meet the
definition of a covered financial
institution in § 1002.105(b), such
affiliates and facilitators must collect
and report data under the rule.
The Bureau also is not making further
revisions to the regulatory text or
commentary. With respect to the
suggestion that the Bureau clarify that
the trade credit exclusion encompasses
auctions, the Bureau notes that because
auction houses generally do not supply
equipment, supplies, or inventory but
rather facilitate sales for others, they do
not offer trade credit under final
418 See Leora Klapper et al., Trade Credit
Contracts, 25 Review of Fin. Studies 838–67 (2012),
https://academic.oup.com/rfs/article/25/3/838/
1616515, and Justin Murfin & Ken Njoroge, The
Implicit Costs of Trade Credit Borrowing by Large
Firms, 28 Review of Fin. Studies 112–45 (2015),
https://academic.oup.com/rfs/article/28/1/112/
1681329.
PO 00000
Frm 00081
Fmt 4701
Sfmt 4700
35229
§ 1002.104(b)(1). However, other
exclusions, such as the exclusion for
incidental credit discussed below, may
apply to such transactions. The Bureau
is not adding further transaction
examples, as only one comment
requesting such additions and it
otherwise appears that commenters
understood that the proposed exclusion
was intended to narrowly cover credit
directly extended by the supplier of
goods and services. Regarding floor plan
financing, the Bureau notes that under
final § 1002.104(b)(1), the trade credit
exclusion applies where the
manufacturer or distributor is financing
its own inventory, but not where a
financial institution is providing the
financing and receiving payment.
The Bureau is also not expanding the
trade credit exclusion to cover private
label or cobranded credit transactions,
which are credit transactions (typically,
credit cards, but also revolving lines of
credit and installment loans) that are
originated at or facilitated by financial
institutions through retailers either instore or through a website. Moreover, as
explained in the section-by-section
analysis of § 1002.107(a)(5), the Bureau
believes it is important to capture these
products as a separate credit type. As
that section explains, a private-label
credit card account is a credit card
account that can only be used to acquire
goods or services provided by one
business (for example, a specific
merchant, retailer, independent dealer,
or manufacturer) or a small group of
related businesses. A co-branded or
other card that can also be used for
purchases at unrelated businesses is not
a private-label credit card.
The Bureau believes that covering
private label or cobranded credit
transactions supports section 1071’s
statutory purposes. For instance, the
Bureau believes that having robust data
on this important source of financing
will help to better understand small
business needs. In researching the
consumer credit card market, for
example, the Bureau learned that while
private label card account holding has
declined relative to general purpose
cards,419 late fees comprised the
419 The Bureau estimates that around 90 million
consumers hold at least one general purpose and at
least one private label card. Some 79 million hold
only general-purpose cards. Just under 9 million
hold only private label cards. General purpose cards
remain prevalent, while private label cardholding
has become relatively less common. By year-end
2020, there were 485 million open general purpose
card accounts and 214 million open private label
accounts. General purpose cardholding is just as
common today as it was prior to the Great
Recession, though that share is down from 63
percent on the eve of the pandemic. In contrast, 36
E:\FR\FM\31MYR2.SGM
Continued
31MYR2
35230
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
overwhelming majority—91 percent—of
all consumer fees and 25 percent of total
interest and fees for private label cards
(compared to 45 percent and 7 percent,
respectively, for general purpose credit
cards).420 Additionally, since private
label and cobranded credit accounts are
typically offered and serviced by
financial institutions, with applications
typically submitted directly to the
financial institution via a website, the
Bureau does not have the same concerns
related to data quality or regulatory
compliance as it does with trade credit
offered by a supplier of goods and
services who is not in the business of
providing financial services. The Bureau
also is not placing a $50,000 minimum
threshold on such transactions, as
suggested by a few commenters, because
doing so would exclude significant
portions of small business lending. The
Bureau does not believe that such an
approach would further the purposes of
section 1071.
104(b)(2) HMDA-Reportable
Transactions
lotter on DSK11XQN23PROD with RULES2
Proposed Rule
The potential for overlap exists
between section 1071 and HMDA
because HMDA reporting requirements
apply to mortgages regardless of
whether they are consumer-purpose or
business-purpose, so long as they are
secured by residential real property.
Section 1071 applies to all small
business credit, regardless of what the
credit is to be used for. For example, a
mortgage intended to finance the
purchase of an investment property
would be covered by HMDA, assuming
relevant institutional thresholds and
other coverage criteria were otherwise
met. If the mortgage applicant is a
natural person, their ethnicity, race, and
sex would be captured and reported
under HMDA. However, if the mortgage
applicant were a non-natural person
(e.g., a limited liability company or a
corporation), then the lender would not
collect demographic data under HMDA.
That is, the lender would still need to
report the application under HMDA, but
they would report ethnicity, race, and
sex as ‘‘not applicable.’’ But under the
percent of adults held at least one private label card
in 2020, compared to 52 percent in 2005.
Consumers in all credit score tiers have seen
declines in private label card account holding. Most
general purpose and private label cards are held by
consumers with superprime scores. CFPB, The
Consumer Credit Card Market, at 25–26 (Sept.
2021), https://files.consumerfinance.gov/f/
documents/cfpb_consumer-credit-card-marketreport_2021.pdf.
420 See CFPB, Credit card late fees, at 13 (Mar.
2022), https://files.consumerfinance.gov/f/
documents/cfpb_credit-card-late-fees_report_202203.pdf.
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
Bureau’s proposed rule, the lender
would have captured the applicant’s
principal owners’ ethnicity, race, and
sex.
In its NPRM, the Bureau stated that by
proposing to adopt Regulation C’s
definition of dwelling and its
commentary regarding investment
properties, the Bureau sought to ensure
consistency and minimize compliance
burdens for financial institutions that
must also report credit transactions
covered by HMDA (that is, HMDAreportable transactions). Using the 2019
HMDA data, the Bureau had found that
close to 2,000 lenders and around
530,000 applications indicated a
‘‘business or commercial purpose’’ and
around 500,000 applications were used
for an ‘‘investment’’ (as defined by the
occupancy code) purpose. Of those
applications, around 50,000 were for 5+
unit properties. The overall number of
applications the Bureau expected to be
reported annually under the proposed
rule would have been around 26
million. Thus, the Bureau had
anticipated a relatively small but not
insignificant overlap regarding real
estate investment loans between HMDA
and section 1071.
Also in its proposal, the Bureau stated
that it had considered excluding all
transactions that were also reportable
under HMDA but believed such an
exclusion would have added complexity
to data analysis. The Bureau understood
that requiring lenders to find and delete
from databases that supply their small
business lending data submission only
those transactions that also appear in
HMDA may require a separate scrub of
the data and create additional
compliance burden, as well as
compliance risk, if HMDA-reportable
transactions are not deleted from a small
business lending data submission. For
example, if a small business wants to
purchase a 5+ dwelling unit property
(that is, HMDA reportable), the financial
institution would have to make sure it
is not collecting protected demographic
information on principal owners, even
though that information must be
collected for every other type of loan
that same business might apply for. The
Bureau also believed that it may not be
possible to identify loans in the HMDA
data that, but for this exclusion, would
be reported under the Bureau’s rule
implementing section 1071 because the
financial institution would need to
know which HMDA applications are for
small businesses versus large
businesses. Moreover, excluding
HMDA-reportable applications could
mean that a financial institution that is
below the HMDA reporting threshold
would not report these loans at all.
PO 00000
Frm 00082
Fmt 4701
Sfmt 4700
Further, in addition to not being able
to distinguish which applications are
from small and not large businesses, the
Bureau noted in its proposal its
concerns that excluding all transactions
that were also reportable under HMDA
may be at odds with the statutory
purposes of section 1071. The Bureau
explained that the following proposed
data points would not be collected for
applications only reported under
HMDA: (1) the principal owner’s
ethnicity, race, and sex where the
applicant is an entity not an individual;
(2) minority-owned and women-owned
business status; (3) gross annual
revenue; and (4) other data points such
as pricing, NAICS code, and number of
workers.
For applications that, under the
proposal, would have been reported
under both HMDA and section 1071
(generally, business credit secured by
dwellings, with the exception of credit
secured by 1–4 individual dwelling
units that the applicant or one or more
of the applicant’s principal owners does
not, or will not, occupy), the Bureau
sought comment on whether it should
require such applications to be flagged
as such when reported under subpart B.
The Bureau noted its belief that for data
integrity and analysis purposes, it may
be helpful to know if a loan is in both
datasets and a dual reporting flag may
help ensure any data analysis is not
double-counting certain applications.
Comments Received
The Bureau received comments on
this aspect of the proposal from a range
of commenters, including lenders, trade
associations, community groups, and a
business advocacy group. Only one
commenter, a community group,
expressly supported dual reporting. The
Bureau received a general suggestion to
connect a loan to a HMDA record and
then capture, under HMDA,
demographic data on corporate entities,
and expand its coverage to include more
lenders, such as government entities
and CDFIs. Two commenters suggested
the Bureau provide a section 1071/
HMDA sample form to aid dual
reporting compliance. Some industry
commenters generally stressed the need
for consistency among reporting regimes
and asked the Bureau to reconcile any
differences.
Numerous comments, echoing those
made by a trade association, urged the
CFPB to avoid duplicative and
inconsistent reporting of HMDA and
CRA data in order to reduce compliance
burden and the potential for inaccurate
data reporting. An agricultural lender
suggested the Bureau might be able to
obtain 1071 data using the existing
E:\FR\FM\31MYR2.SGM
31MYR2
lotter on DSK11XQN23PROD with RULES2
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
definitions and collection process
currently in place for covered
institutions under HMDA. A few credit
union trade associations maintained
that reporting of HMDA-reportable
transactions should be voluntary. A
bank recommended the Bureau remove
and avoid data collection requirements
that are duplicative and/or inconsistent,
providing the example of misaligned
action taken categories or alternatively,
eliminate all business-purpose loans
from the HMDA reporting requirement.
A credit union argued that the benefit of
dual reporting does not justify the
increased burdens.
A few industry commenters stated
that if dual reporting is required under
the final rule, a dual reporting flag
would be useful. Another commenter
opposed adoption of a dual reporting
flag, arguing that flagging entries will be
a manual process that will increase the
time it takes to file both reports and
increase the possibility of making an
error.
Almost all the comments on this
aspect of the proposal argued against the
proposal to report HMDA-reportable
transactions under this rule. Some
opponents to dual reporting urged the
Bureau to exclude all HMDA-reportable
transactions from this rule, while others
recommended excluding transactions
covered by this rule (such as business
purpose loans) from Regulation C. A few
other commenters did not express a
preference and asked that the Bureau
exempt HMDA-reportable applications
from section 1071 reporting, or vice
versa. Many commenters asserted
burden and stated that reported data
would be duplicative and/or
inconsistent. Several commenters
pointed to differences in census tract
reporting requirements as a source of
potential confusion and data errors. And
as discussed in the section-by-section
analysis of § 1002.107(a)(19), another
urged the Bureau to consider difficulties
caused by the differences in collection
and reporting of the ethnicity, race, and
sex fields and the variations in data
specifications for such information.
One bank commenter suggested that
avoiding dual reporting may also avoid
materially misrepresenting a lender’s
total loan application activity. A few
industry commenters argued that
reporting under HMDA alone meets
1071 purposes, with two of these
commenters pointing to the Bureau’s
website, which states that HMDA ‘‘data
help show whether lenders are serving
the housing needs of their communities;
they give public officials information
that helps them make decisions and
policies; and they shed light on lending
patterns that could be
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
discriminatory.’’ 421 Two commenters
that argued against dual reporting
explained that mortgage lending is
fundamentally different from small
business lending. Responding to
concerns about data gaps, two other
commenters suggested that if the Bureau
tailored the exception to applications
that are reported under HMDA, not
applications that could be reported
under HMDA, institutions not subject to
the HMDA reporting regime would still
have to report HMDA-eligible
applications under section 1071 because
they would not actually report such
applications under HMDA. A bank
recommended separating HMDA and
section 1071 reporting such that only
after a transaction was assessed for
HMDA-reportability would a financial
institution determine whether the
transaction needed to be reported under
section 1071.
Final Rule
For the reasons set forth herein, the
Bureau is adding new § 1002.104(b)(2)
to exclude a covered loan as defined by
Regulation C, 12 CFR 1003.2(e),
pursuant to its authority under ECOA
section 704B(g)(2) to adopt exceptions
to any requirement of section 1071, as
the Bureau deems necessary or
appropriate to carry out section 1071’s
purposes. Under this approach, for all
applications with potential HMDA and
section 1071 overlap, the Bureau would
not require reporting under section 1071
(transactions would only be reportable
under HMDA, and the recordkeeping
and demographic data collection
obligations of HMDA will apply). In
2021, there were 61,789 ‘‘business or
commercial purpose’’ applications
(excluding purchased loans), reported
under HMDA with the ‘‘investment’’
occupancy code, for 5+ unit properties.
Of those, 54,436 were from ‘‘non-natural
person’’ applicants so demographic data
under HMDA was not collected (thus,
such data would have been requested
for only for 7,353 of the 61,789
applications in 2021). The Bureau
recognizes that there would continue to
be no demographic data information
collected and reported for the ∼55,000
HMDA applications with non-natural
person owners. The Bureau is finalizing
this exclusion of HMDA-reportable
transactions in order to alleviate
concerns from a broad range of industry
commenters about the difficulties
associated with dual reporting,
particularly in light of potential
inconsistences related to demographic
421 CFPB, Mortgage Data (HMDA), About HMDA,
https://www.consumerfinance.gov/data-research/
hmda/ (last visited Mar. 20, 2023).
PO 00000
Frm 00083
Fmt 4701
Sfmt 4700
35231
data collection and recordkeeping. In
addition, this approach resembles the
effort by the CRA agencies to eliminate
dual reporting under section 1071 and
the eventual CRA rule.
While the Bureau agrees that dual
reporting of such transactions could be
useful, the Bureau is mindful of
commenters’ concerns regarding burden
and that reported data would be
somewhat duplicative and/or
potentially inconsistent for data points
such as census tract, and principal
owners’ ethnicity, race, and sex. The
Bureau believes that excluding all
HMDA-reportable transactions would
further the purposes of section 1071
because such an exclusion would limit
this potential inconsistency that could
result in poor data quality. Further, the
Bureau is excluding all HMDAreportable transactions from this final
rule because excluding section 1071
transactions from Regulation C of
HMDA would require a separate
rulemaking and would disrupt ongoing
and planning HMDA data collection
efforts that have been in place for years.
The Bureau also agrees that reporting
under HMDA alone would meet section
1071’s purposes. Regulation C, which
implements HMDA, provides that its
public loan data can be used: (i) to help
determine whether financial institutions
are serving the housing needs of their
communities; (ii) to assist public
officials in distributing public-sector
investment so as to attract private
investment to areas where it is needed;
and (iii) to assist in identifying possible
discriminatory lending patterns and
enforcing antidiscrimination statutes.422
These purposes are entirely consistent
with section 1071’s purposes to
facilitate enforcement of fair lending
laws and enable communities,
governmental entities, and creditors to
identify business and community
development needs and opportunities of
women-owned, minority-owned, and
small businesses.423 As the Bureau has
previously stated, it believes that
‘‘HMDA’s scope is broad enough to
cover all dwelling-secured commercialpurpose transactions and that collecting
information about all such transactions
would serve HMDA’s purposes.’’ 424 The
Bureau has also noted that collecting
data about dwelling-secured
commercial-purpose transactions serves
HMDA’s purposes by showing not only
the availability and condition of
multifamily housing units, but also the
full extent of leverage on single-family
homes, particularly in communities that
422 Regulation
C § 1003.1(b)(1).
section 704(a).
424 80 FR 66127, 66171 (Oct. 28, 2015).
423 ECOA
E:\FR\FM\31MYR2.SGM
31MYR2
lotter on DSK11XQN23PROD with RULES2
35232
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
may rely heavily on dwelling-secured
loans to finance small-business
expenditures.425
The Bureau recognizes its finalized
approach will result in some data gaps.
Most notably, some section 1071
information will not be collected for
applications reported under HMDA,
including the principal owner’s
ethnicity, race, and sex where the
applicant is not an individual but an
entity (i.e., not a natural person);
minority-owned, women-owned, and
LGBTQI+-owned business statuses;
gross annual revenue; pricing; NAICS
code; and number of workers. Moreover,
at this time, the Bureau is not tailoring
its exception to applications that are
actually reported under HMDA, as
opposed to those that could be reported
under HMDA. New § 1002.104(b)(2)
excludes all transactions meeting the
definition of a Regulation C ‘‘covered
loan,’’ which means that institutions not
subject to the HMDA reporting regime
(because, for example, of institutional
coverage thresholds) do not have to
report HMDA-eligible applications
under section 1071 even though they
would not actually report such
applications under HMDA.
Additionally, the Bureau does not
believe it would be feasible to connect,
as suggested, an application reported
under this final rule to a HMDA record
and then capture, under HMDA,
demographic data on corporate entities,
and expand its coverage to include more
lenders, such as government entities
and CDFIs.
After considering the comments, the
Bureau has concluded that trying to
close all potential data gaps would
defeat the purpose of trying to reduce
complexity and alleviate concerns from
commenters about having to implement
and maintain two separate reporting
systems. Given the fact that the Bureau
expects around 25 million applications
to be reported annually under the final
rule, it believes that its exclusion of
HMDA-reportable transactions will
result in a relatively small loss of data
and that these data might have been
inconsistent with other 1071 data in
ways that could impede analysis,
frustrating the purposes of section 1071.
The Bureau also notes that even in its
proposal, and as discussed below, it did
not seek to requiring reporting of all
HMDA-reportable transactions under
section 1071—only those ‘‘business or
commercial purpose’’ applications
(excluding purchased loans), reported
under HMDA with the ‘‘investment’’
occupancy code, for 5+ unit properties
would have also been reported under
425 Id.
VerDate Sep<11>2014
1071. As a result, the Bureau notes that
for 7,353 of the 61,789 such applications
in 2021, there would continue to be no
demographic data information collected
and reported for only ∼55,000 HMDA
applications with non-natural person
owners. The Bureau believes that this is
an acceptable number given how small
it is compared to the total number of
reported transactions and given the
strong concerns expressed about the
difficulties with compliant dual
reporting that could result in poor data
quality and thereby undermine the
section 1071 statutory purposes. As for
the number of ‘‘covered loan’’
applications that are ultimately not
reported under HMDA, the Bureau
believes that these applications can be
excluded for the same reasons explained
below in the section-by-section analysis
of § 1002.105(b); financial institutions
with the lowest volume of small
business lending might limit small
business lending activity because of the
fixed costs of coming into compliance
with the reporting requirements,
creating risk of market disruption which
would run contrary to the business and
community development purpose of
section 1071. Additionally, as the
Bureau explained in HMDA, the Bureau
‘‘sought to exclude financial institutions
whose data are of limited value in the
HMDA dataset, thus ensuring that the
institutional coverage criteria do not
impair HMDA’s ability to achieve its
purposes, while also minimizing the
burden for financial institutions.’’ 426
The Bureau similarly believes that these
data would have limited value in the
1071 dataset—the Bureau will be able to
fulfill section 1071’s purposes without
it, while reducing burden and
complexity for financial institutions that
are not HMDA reporters.
Finally, the Bureau notes that section
1071 will capture business credit
transactions that are secured by real
estate but are not presently captured
under HMDA. For example, section
1071 will capture transactions secured
by non-dwellings as well as business
loans secured by an applicant’s primary
residence or residential investment
property as collateral for inventory
financing or working capital (such loans
would not be captured under HMDA
because they do not involve a home
purchase, home improvement, or
refinancing). The small business lending
rule will also capture transactions that
are secured by dwellings located on real
property used primarily for agricultural
purposes.
426 Id.
18:47 May 30, 2023
Jkt 259001
PO 00000
at 66278.
Frm 00084
Fmt 4701
Sfmt 4700
Credit Secured by Certain Investment
Properties
Based on feedback received during
the SBREFA process as well as its
general knowledge regarding both
consumer and commercial real estate
lending, the Bureau understands that
many financial institutions use their
consumer mortgage lending channels to
process credit applications secured by
1–4 individual dwelling units and used
for investment purposes, while
applications for credit secured by 5+
unit multifamily properties or rental
portfolio loans secured by more than
four 1–4 unit residential properties are
generally processed through commercial
mortgage lending channels. The Bureau
also understands that loans made
through consumer mortgage lending
channels are often made pursuant to the
guidelines of Fannie Mae, Freddie Mac,
the Federal Housing Administration,
and the Department of Veterans Affairs,
and are likely already reported under
HMDA.
In line with the SBREFA Panel’s
recommendation, the Bureau proposed
that the rule not cover credit secured by
certain investment properties, because
such credit may not always be primarily
for business or commercial purposes.
Specifically, proposed comment 104(b)–
4 would have explained that a covered
credit transaction does not include an
extension of credit that is secured by 1–
4 individual dwelling units that the
applicant or one or more of the
applicant’s principal owners does not,
or will not, occupy. The Bureau did not
propose to exclude credit secured by
owner-occupied dwellings; for example,
those secured by a dwelling occupied by
a business’s sole proprietor/principal
owner. The Bureau proposed to exclude
real estate investment loans only in
certain limited circumstances (such as
when credit is secured by non-owner
occupied 1–4 dwelling units and not 5+
dwelling units). The Bureau proposed to
define ‘‘dwelling’’ to have the same
meaning as Regulation C § 1003.2(f).
Similarly, proposed comment 104(b)–4,
which would address what does and
does not constitute an investment
property, was modeled on Regulation
C’s comment 4(a)(6)–4.
In its proposal, the Bureau noted its
belief that its exclusion of credit secured
by certain investment properties will
better capture lending to true small
businesses (as opposed to consumers
seeking to diversify their investments)
and will also better align with financial
institution lending practices. The
Bureau stated that it understands that it
may not always be easy for financial
institutions to distinguish between
E:\FR\FM\31MYR2.SGM
31MYR2
lotter on DSK11XQN23PROD with RULES2
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
business-purpose real estate investment
loans and consumer-purpose real estate
investment loans; however, covering all
such loans would likely include some
percentage of consumer-purpose loans,
which could be contrary to section
1071’s business and community
development purpose.
The Bureau sought comment on its
proposed approach for credit secured by
certain investment properties, including
whether it is appropriate to consider
credit not to be business credit when it
is secured by 1–4 individual dwelling
units that the applicant or one or more
of the applicant’s principal owners does
not, or will not, occupy; and, if not,
whether a different number of dwelling
units in the property securing the credit
would be an appropriate way to make a
distinction between business and
consumer-purpose credit. The Bureau
also sought comment on whether to
permit financial institutions to
voluntarily report real estate investment
loan transactions that are secured by
non-owner occupied 1–4 dwelling units.
The Bureau received comments on
this aspect of the proposal from lenders,
trade associations, and a community
group. Several commenters supported
the exclusion of credit secured by
certain investment properties. A
community group stated that the
exclusion was appropriate because the
purpose of such credit is investment
and not operating a business of renting
out units.
A few comments urged expansion of
the proposed exclusion to other real
estate secured lending. A joint letter
from several trade associations
representing the commercial real estate
industry advocated for expanding the
proposed exclusion to impose a clear
boundary between small business
lending and all investment property
lending to ensure that the information
gathered under section 1071 reflects
true small business lending. In line with
this suggestion, this commenter also
recommended rule text revisions.
Another trade association suggested
expanding the exclusion to all nonowner occupied commercial and
multifamily real estate lending, arguing
that the credit is underwritten on the
cash flow of the property and the value
of the property itself, rather than the
operating revenue of a business, like
other investment properties. Another
commenter suggested the Bureau
specifically exempt commercial real
estate loans secured by non-owneroccupied investment real estate to
borrowing entities with NAICS codes
5311XX, the industry code for lessors of
real estate.
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
Some comments reflected requests for
clarifications and confusion regarding
the proposal. A bank suggested
removing occupancy status from
covered credit transaction
considerations because occupancy does
not fairly or materially delineate small
business lending from consumer
lending and creates complexity in how
financial institutions would need to
design processes, systems, and training.
Community groups suggested the
Bureau require financial institutions to
ask whether the credit will be used
primarily for business purposes, such as
to secure rental income. A bank
suggested the Bureau focus on borrower
type (natural person versus entity)
instead of property type. A trade
association urged the Bureau to remove
the proposed exclusion for credit
secured by certain investment
properties and replace it with an
exclusion of all credit subject to
Regulation Z. Another bank commenter
sought clarification of the proposed
exclusion, noting situations where a
borrower or a related party occupies a
dwelling unit but still considers it to be
an investment property and not a
business. A trade association asked the
Bureau how to determine owner
occupancy for non-dwelling real estate,
such as where a business owns an office
building with multiple rental office
spaces, and rents out all of these spaces
except for one space occupied by the
business itself. One bank appeared to
believe that credit secured by 1–4
dwelling unit investment properties
would be reportable for both HMDA and
section 1071 with varying reporting
requirements.
For the reasons stated herein and in
the section above regarding HMDAreportable transactions, the Bureau is
adding new § 1002.104(b)(2) to exclude
a covered loan as defined by Regulation
C, 12 CFR 1003.2(e). This new exclusion
renders moot the Bureau’s consideration
of proposed comment 104(b)–4 by
encompassing virtually all credit that is
secured by 1–4 individual dwelling
units that the applicant or one or more
of the applicant’s principal owners does
not, or will not, occupy. The Bureau’s
decision also renders moot comments
regarding requests for clarifications and
confusion regarding the proposal.
A ‘‘covered loan’’ as defined by
Regulation C, 12 CFR 1003.2(e), means
a closed-end mortgage loan or an openend line of credit that is not an excluded
transaction under § 1003.3(c). A
transaction is not a ‘‘covered loan’’ if it
is excluded by purpose. For example,
Regulation C excludes agriculturalpurpose transactions and transactions
that are secured by a dwelling, as
PO 00000
Frm 00085
Fmt 4701
Sfmt 4700
35233
defined by § 1003.2(f), that is located on
real property that is used primarily for
agricultural purposes.427 The regulation
also excludes transactions otherwise
made primarily for a business or
commercial purpose 428 unless the
transaction is also: a home improvement
loan; 429 a home purchase loan; 430 or a
refinancing (including cash-out
refinancing).431 Transactions are only
covered under HMDA as covered loans
if they are secured by a lien on
dwelling. In addition to principal
residences, a dwelling includes, but is
not limited to, manufactured homes,
multifamily apartment buildings, and
properties for long-term housing and
related services (such as assisted living
for senior citizens or supportive housing
for people with disabilities). Thus, a
transaction may need to be reported
under section 1071 if it is secured by a
lien on a non-dwelling; for example, a
recreational vehicle, houseboat, a hotel,
dormitory, or properties for long-term
housing and medical care if the primary
use is not residential. For a full list of
exclusions, please refer to Regulation C,
section 1003.3. The Bureau notes that
even if a transaction is excluded under
Regulation C, that does not mean it is
necessarily reportable under section
1071. For example, even though a
transaction is a not a HMDA ‘‘covered
loan’’ if it is a purchase of a partial
interest in an otherwise covered loan,
and thus not excluded by new
§ 1002.104(b)(2), it is also not reportable
under this rule because, as explained
below in the section regarding certain
purchases of covered transactions, only
the definition of ‘‘covered application’’
will trigger data collection and reporting
obligations with respect to covered
credit transactions and such purchases
do not involve an application for credit.
While the Bureau anticipates that
adoption of new § 1002.104(b)(2) results
in the exclusion of most dwellingsecured lending, this Bureau is not
expanding this exclusion to all
investment (non-owner occupied)
property lending, as recommended by a
few commenters. Where a small
business seeks credit to invest in
commercial (non-dwelling) real estate, it
is likely to apply to a financial
institution’s commercial lending
division and there are unlikely to be any
difficulties in determining that the
transaction is a business-purpose real
estate investment (and not a consumerpurpose real estate investment). It is
427 12
CFR 1003.3(c)(9).
CFR 1003.3(c)(10).
429 12 CFR 1003.2(i).
430 12 CFR 1003.2(j).
431 12 CFR 1003.2(p).
428 12
E:\FR\FM\31MYR2.SGM
31MYR2
35234
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
lotter on DSK11XQN23PROD with RULES2
important for this rule to capture
lending to true small businesses (as
opposed to consumers seeking to
diversify their investments) to meet
section 1071’s business and community
development purpose. Moreover,
because such lending is not covered by
HMDA, the potential for poor data
quality arising from inconsistent dual
reporting does not occur in this
situation. In other words, excluding
such transactions from coverage would
not advance section 1071’s statutory
purposes in the same way as does
excluding HMDA-reportable
transactions. Rather, covering these
transactions will allow data users for the
first time to better understand the
rationale behind credit decisions, help
identify potential fair lending concerns,
and provide financial institutions with
data to evaluate their business
underwriting criteria and address
potential gaps for commercial real estate
lending and cash flow financing. In
addition, robust data on such credit
transactions across applicants, financial
institutions, products, and communities
could help target limited resources and
assistance to applicants and
communities, thus furthering section
1071’s business and community
development purpose. With respect to
fair lending compliance, such data
would help data users analyze potential
discriminatory disparities.
104(b)(3) Insurance Premium Financing
To better manage cash flow and help
pay for costly property and casualty
insurance premiums, many businesses
enter into insurance premium financing
arrangements. Under a typical
arrangement, an insurance premium
financing company provides funds to
pay for premiums that are remitted
directly to the business’s insurance
provider, either directly or through an
insurance agent or broker. The business
then repays the premium amount
advanced, plus some additional amount
in the form of interest or a service
charge, which is sometimes capped by
State law.432 If the business fails to
repay the loan or otherwise defaults in
its obligation, or if the insurance
contract is cancelled, the insurance
premium financing company is
empowered under the financing
agreement to demand the unearned
premiums directly from the insurer. The
Bureau understands that insurance
premium financing companies have
little to no contact with the businesses
seeking credit and insurance premium
financing arrangements are typically
432 See, e.g., Fla. Stat. Ann. section 627.840(3)(b);
215 Ill. Comp. Stat. Ann. 5/513a10(c).
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
underwritten based on the terms of the
insurance policy, the financial strength
of the insurer that issued the policy and
holds the unearned premium, and the
uncollateralized exposure of the
financing company, if any.
Unlike with other forms of credit,
borrowers in insurance premium
financing transactions are not free to use
advanced amounts for general purchases
because those amounts are intended
solely to cover the cost of property and
casualty insurance premiums and the
funds are often remitted directly to the
business’s insurer. Moreover, because
insurance premium financing
companies are contractually empowered
in the event of default to cancel the
insured’s insurance coverage and obtain
a refund of unearned premiums to repay
the amount advanced, these transactions
are not typically underwritten based on
the insured’s ability to repay but on the
value of the unearned premium
collateral and the financial strength of
the insurance carrier holding that
collateral. The Bureau also understands
that, in some cases, certain contractual
terms, including maximum interest
rates, are regulated by State law.433
In the NPRM, the Bureau stated its
belief that an organization offering
insurance premium financing, where
the organization provides short-term
loans to businesses to pay for property
and casualty insurance, would have
been included within the definition of
a financial institution in proposed
§ 1002.105(a), even though this specific
business model was not described in
proposed comment 105(a)–1. The
Bureau did not specifically discuss
insurance premium financing in its
section-by-section analysis of proposed
§ 1002.104, noting that the Bureau was
proposing to require that covered
financial institutions report data for all
applications for transactions that meet
the definition of business credit unless
otherwise excluded.
A group of insurance premium
financing trade associations urged the
Bureau to exclude insurance premium
financing from the rule. This comment
did not dispute that such financing is
credit but argued that it should not be
covered because it is unlike any other
form of small business credit—
insurance premium finance lenders do
not interact with or exchange
information with the applicant, credit
terms (including interest rate and fees)
are preestablished and do not vary, and
433 See, e.g., Fla. Stat. Ann. section 627.840
(providing, in part, that a premium finance
company shall not impose a service charge of more
than $12 per $100 per year); 215 Ill. Comp. Stat.
Ann. 5/513a10 (stating that the maximum service
charge is $10 per $100 per year).
PO 00000
Frm 00086
Fmt 4701
Sfmt 4700
some State insurance codes provide
requirements regarding interest rates,
fees, disclosures, and other aspects of a
premium finance transaction. This
commenter also maintained that
insurance premium financing presents
minimal fair lending risk, most of the
data proposed to be required is not
currently collected and would not be
useful for comparisons, and financing
companies would incur significant costs
to comply, potentially limiting access to
this credit. The commenter noted that
FinCEN exempted insurance premium
financing companies from its final rule
imposing customer due diligence
(beneficial ownership) obligations under
the Bank Secrecy Act. This trade
association stated that, if the Bureau
does not exclude insurance premium
financing companies, the Bureau should
clarify how the rule will apply to avoid
curtailment of credit and conflict with
State insurance laws, particularly those
that prohibit, or at a minimum
discourage, insurance agents and
brokers from collecting applicantprovided demographic data from
insureds.
The Bureau also received a letter from
several members of Congress citing
potential conflicts between proposed
section 1071 requirements and State
regulatory frameworks that they
believed would improperly impair or
interfere with State insurance law. They
requested the Bureau reconsider
subjecting these products to the final
rule because they believed that doing so
would not advance the policy
underpinning section 1071 and would
further negatively impact small
businesses and their ability to purchase
adequate insurance coverage.
For the reasons set forth herein, the
Bureau is excluding insurance premium
financing transactions from the final
rule. New § 1002.104(b)(3) defines
insurance premium financing as a
financing arrangement wherein a
business agrees to pay to a financial
institution, in installments, the
principal amount advanced by the
financial institution to an insurer or
insurance producer in payment of
premium on the business’s insurance
contract or contracts, plus charges, and
as security for repayment, the business
assigns to the financial institution
certain rights, obligations, and/or
considerations (such as the unearned
premiums, accrued dividends, or loss
payments) in its insurance contract or
contracts. New § 1002.104(b)(3) adds
that this exclusion does not include the
financing of insurance policy premiums
obtained in connection with the
financing of goods and services.
E:\FR\FM\31MYR2.SGM
31MYR2
lotter on DSK11XQN23PROD with RULES2
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
The Bureau is adopting a definition of
‘‘covered credit transaction’’ that
excludes insurance premium financing
pursuant to its authority under ECOA
section 704B(g)(1) to prescribe such
rules and issue such guidance as may be
necessary to carry out, enforce, and
compile data under section 1071, as
well as its authority under 704B(g)(2) to
adopt exceptions to any requirement of
section 1071 and to conditionally or
unconditionally exempt any financial
institution or class of financial
institutions from the statute’s
requirements, as the Bureau deems
necessary or appropriate to carry out the
purposes of section 1071. While
insurance premium financing
constitutes ‘‘credit’’ within the meaning
of § 1002.102(i) and may constitute
‘‘business credit’’ within the meaning of
§ 1002.102(d) (depending on its
purpose), the Bureau believes that it is
categorically different from products
like loans, lines of credit, credit cards,
and merchant cash advances and that
there are several reasons to believe that
excluding it from coverage advances
section 1071’s statutory purposes.
Insurance premium financing is not a
general-use lending product, but
instead, like trade credit, exists only to
facilitate the sale of a specific
nonfinancial product or service.
Providers of insurance premium
financing are not primarily financial
services providers, nor do they currently
manage compliance with regulatory
requirements associated with making
extensions of credit. Taken together,
requiring insurance premium financing
to be reported under subpart B may lead
to significant data quality issues. In
addition, the fixed costs of coming into
compliance with this final rule could
lead insurance premium financing
companies to limit offering this credit to
their small business customers,
potentially undermining the business
and community development purpose
of section 1071.
The Bureau believes the new
exclusion in final § 1002.104(b)(3) will
carve out narrow financing
arrangements where the amount
financed is reasonably related to and
intended to directly pay the cost of a
business’s insurance policy premiums.
New § 1002.104(b)(3) also limits the
exclusion to situations where the
business assigns the financial institution
certain rights, obligations, and/or
considerations (such as the unearned
premiums) in its insurance policy
because the Bureau understands that
such security interests ensure that the
underwriting focus is on the insurer,
and not the small business applicant.
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
New § 1002.104(b)(3) clarifies that the
exclusion does not include the
financing of insurance contract
premiums purchased in connection
with the financing of goods and
services.
The Bureau notes that final
§ 1002.104(b)(3) does not cover
situations where the insurance provider
itself provides a business the right to
defer payment of an insurance premium
or fee owed by the business beyond the
monthly period in which the premium
or fee is due. However, such
arrangements may be covered by the
trade credit exclusion in final
§ 1002.104(b)(1).
Factoring
Background
In traditional factoring arrangements,
a business in need of financing sells all
or a portion of its accounts receivable
(existing but unpaid invoices) to another
business, known as a ‘‘factor.’’ The
factor then receives payments on the
accounts receivable from the business’s
debtors or customers directly, and not
from the business that had entered into
the factoring transaction. If the business
has sold only a portion of its invoices,
then once the account debtors pay their
invoices to the factor, the factor remits
the remainder of the balance to the
business after deducting a fee
(specifically, a discount applied to the
sold accounts receivable usually stated
on a percentage basis).
The Bureau understands that the
factoring market is generally dominated
by nondepository institutions not
subject to Federal safety and soundness
supervision or reporting requirements.
The Bureau also understands that
generally, factors may not be required to
obtain State lending licenses. As a
result, information on factoring volume
and practices is limited. The Bureau
notes, however, that the California and
New York disclosure laws mentioned
above cover factoring.434
The Bureau’s 2017 White Paper
estimated the factoring market as
constituting around 8 percent of the
number of accounts used by small
businesses in the U.S. in 2014.435 Based
on more recent evidence, the Bureau
believes the industry has not
significantly grown. For example, the
2017 and 2020 Federal Reserve Banks’
surveys of firms with 1–499 employees
(‘‘employer firms’’) found that 4 percent
434 See Cal. S.B. 1235 (Sept. 30, 2018), https://
leginfo.legislature.ca.gov/faces/
billTextClient.xhtml?bill_id=201720180SB1235;
N.Y. S.B. S5470B (July 23, 2020), https://
legislation.nysenate.gov/pdf/bills/2019/S5470B.
435 White Paper at 21 fig. 2, 22 fig. 3.
PO 00000
Frm 00087
Fmt 4701
Sfmt 4700
35235
of such businesses applied for and
regularly used factoring.436 In the 2020
Small Business Credit Survey of
Employer Firms, this figure dropped to
3 percent of employer firms 437 and in
the 2021 survey, this figure went back
up to 4 percent.438
An existing comment in Regulation B
(comment 9(a)(3)–3) provides that
‘‘[f]actoring refers to a purchase of
accounts receivable, and thus is not
subject to [ECOA or Regulation B].’’
Existing Regulation B does not offer a
definition for ‘‘accounts receivable.’’
However, if there is a ‘‘credit extension
incident to the factoring arrangement,’’
Regulation B’s notification rules 439
apply, as do other relevant sections of
ECOA and Regulation B.440 The Bureau
understands that the Board’s treatment
of credit extensions incident to factoring
arrangements—as a type of credit but
one entitled to exemptions from certain
requirements—was motivated by its
reading of congressional intent related
to the Women’s Business Ownership
Act of 1988,441 which amended ECOA
to extend notification and record
retention requirements to business
credit. In its proposed rule on this issue,
the Board explained that it was treating
credit extensions incident to factoring
arrangements differently from other
forms of business credit based on
‘‘evidence of congressional intent that
the amendments should not apply to
. . . certain types of business credit
(such as applications for trade credit
and credit incident to factoring
arrangements).’’ 442
Proposed Rule
In the NPRM, the Bureau proposed to
not cover factoring. Modeled on the
definitions set forth in the New York
and California commercial financing
436 2020 Small Business Credit Survey; 2017
Small Business Credit Survey.
437 See 2021 Small Business Credit Survey at 24.
438 See 2022 Small Business Credit Survey at 25.
439 See existing § 1002.9(a)(3)(ii) (requiring a
creditor to notify an applicant, within a reasonable
time (as opposed to within 30 days for credit sought
by consumers and businesses with gross revenues
of $1 million or less in preceding fiscal year), orally
or in writing, of the action taken).
440 Comment 9(a)(3)–3.
441 Public Law 100–533, 102 Stat. 2689 (1988).
442 54 FR 29734, 29736 (July 14, 1989); see also
134 Cong. Rec. H9282–89 (daily ed. Oct. 3, 1988)
(explaining that the committee recognizes that some
forms of commercial loan transactions and
extensions of credit may ‘‘require specialized
rules,’’ and that, for example, the committee
believes that loans and credit extensions incidental
to trade credit, factoring arrangements, and
sophisticated asset-based loans should continue to
be exempted from the record retention and
automatic notification requirements).
E:\FR\FM\31MYR2.SGM
31MYR2
35236
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
lotter on DSK11XQN23PROD with RULES2
disclosure laws,443 proposed comment
104(b)–1 would have provided that
factoring is an accounts receivable
purchase transaction between
businesses that includes an agreement
to purchase, transfer, or sell a legally
enforceable claim for payment for goods
that the recipient has supplied or
services that the recipient has rendered
but for which payment has not yet been
made. Proposed comment 104(b)–1
would have also clarified that an
extension of business credit incident to
a factoring arrangement is a covered
credit transaction and that a financial
institution shall report such a
transaction as an ‘‘Other sales-based
financing transaction’’ under proposed
§ 1002.107(a)(5).
The Bureau sought comment on its
proposed approach to factoring. The
Bureau also sought comment on how
the subset of purported factoring
arrangements that may in fact be credit
(i.e., those that are revolving in nature
or that cover anticipated receivables)
should be reported under the rule.
Specifically, the Bureau sought
comment on whether such arrangements
should be reported as credit extensions
incident to factoring (and thus reported
as ‘‘other sales-based financing’’) or as
merchant cash advances.
Comments Received
The Bureau received comments on
this aspect of the proposal from a range
of commenters, including lenders, trade
associations, and community groups.
One commenter urged the Bureau to
include the distinctions between
merchant cash advances and factoring
that were discussed in its NPRM
preamble in the final rule’s text or
commentary to avoid future confusion
over what products are ultimately
covered by the final rule. This
commenter also asked the Bureau to
address the role of recourse and
underwriting in its analysis of whether
a particular financing transaction
qualifies as credit. Another commenter
encouraged the Bureau to consider
differences between various factoring
product structures and offered some
explanations on how the term and costs
of factoring arrangements could be
reported. A community group asked the
Bureau to explicitly include credit
extensions incident to factoring
arrangements in the list of covered
transactions in the final rule, along with
loans, lines of credit, credit cards, and
merchant cash advances.
443 See Cal. S.B. 1235 (Sept. 30, 2018), https://
leginfo.legislature.ca.gov/faces/
billTextClient.xhtml?bill_id=201720180SB1235;
N.Y. S.B. S5470B (July 23, 2020), https://
legislation.nysenate.gov/pdf/bills/2019/S5470B.
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
A wide range of commenters,
including many community groups,
community-oriented lenders, several
members of Congress, individuals, and
a nonbank online lender, urged the
Bureau to cover factoring in the final
rule. One community group suggested
the Bureau use its discretionary
authority to define credit broadly,
regardless of comment 9(a)(3)–3 in
Regulation B or other ECOA provisions,
to avoid a conflict with congressional
intent of shedding light on the
distribution of financing to minorityowned, women-owned, and small
businesses. Several commenters shared
concerns about insufficient data on
factoring and stressed the need for more
transparency and for having a complete
picture of the small business financing
market. A few commenters argued that
factoring constitutes a large part of the
small business financing landscape and
that section 1071’s purposes would not
be fulfilled without covering this
product. Several commenters pointed to
the fact that factoring arrangements are
often used by minority-owned small
businesses as evidence that they should
be covered by the rule, with a few
commenters specifically raising fair
lending concerns related to factoring.
A few commenters questioned
factoring’s exclusion as non-credit, with
the cross-sector group arguing that its
inclusion would not create compliance
concerns for other provisions of
Regulation B because section 1071 is not
broadly applicable to the entirety of
Regulation B. That commenter also
argued that a factoring arrangement is
‘‘credit’’ whenever its recipient is held
liable for deferred payments conditional
on the third party’s ability to repay. This
commenter noted that while recourse
agreements (cited by the commenter as
constituting 88 percent of the industry)
enable the factor to pursue payment
from the recipient if the third party fails
to repay, non-recourse agreements also
enable factors to seek payments from
recipients under a variety of
circumstances. Another community
group argued a factoring arrangement is
credit when a small business receives an
amount less than the amount due from
its client because the small business
recipient in that case is effectively
paying interest and/or fees. A joint letter
from community groups suggested the
Bureau make clear that factoring is
excluded only where there is a bona fide
sale of an accrued right to payment
without creating any obligations—
contingent or otherwise—on the seller.
Two commenters pointed to the fact
that New York and California both
include factoring in their respective
commercial financing disclosure laws as
PO 00000
Frm 00088
Fmt 4701
Sfmt 4700
a reason why it should be covered by
the rule. Some commenters expressed
strong concerns that the exclusion of
factoring would open a door to potential
evasion by merchant cash advance
providers and other actors. Many
commenters urged the Bureau to
include factoring within its rule
implementing section 1071 in order to
monitor these arrangements and prevent
abuses.
Two commenters, both providers of
factoring, suggested the Bureau clarify
that non-recourse factoring is covered
by the trade credit exclusion. These
commenters noted that non-recourse
factors would be subject to the rule as
proposed because it would have
provided that the extension of business
credit by a financial institution (such as
a factor) other than a supplier for the
financing of the sale of inventory is not
‘‘trade credit.’’ These commenters
argued that compliance would be
burdensome and disruptive to their
operations, with one commenter
stressing how important non-recourse
factoring is in facilitating the sale of
product by sellers to buyers.
Final Rule
For the reasons set forth herein, the
Bureau is finalizing comment 104(b)–1
largely as proposed and is not covering
factoring under the rule. The Bureau
believes that, as discussed with respect
to merchant cash advances above, a
factoring agreement, as described in
comment 104(b)–1, is not credit under
ECOA because the provider of the funds
does not grant the recipient the right to
defer payment. Instead, the provider of
funds seeks payment directly from a
third party on a legally enforceable
claim for payment for goods that the
recipient has supplied or services that
the recipient has rendered but for which
payment in full has not yet been made.
The Bureau also believes that treating
factoring as credit under the rule could
create inconsistencies and compliance
concerns related to existing Regulation
B, which currently states that factoring
(as a purchase of accounts receivable) is
not subject to ECOA.
The Bureau is finalizing a detailed
description of what constitutes factoring
in comment 104(b)–1 because the
existing Regulation B commentary
regarding factoring may not provide
sufficient clarity for purposes of
collecting and reporting data under
section 1071 as it does not define
‘‘accounts receivable.’’ This finalized
description, modeled on the definitions
set forth in the New York and California
commercial financing disclosure
E:\FR\FM\31MYR2.SGM
31MYR2
lotter on DSK11XQN23PROD with RULES2
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
laws,444 provides that factoring is an
accounts receivable purchase
transaction between businesses that
includes an agreement to purchase,
transfer, or sell a legally enforceable
claim for payment for goods that the
recipient has supplied or services that
the recipient has rendered but for which
payment in full has not yet been made.
The Bureau has added the words ‘‘in
full’’ to the proposed description to
account for the fact that factoring may
include an immediate partial payment
or down payment to the businesses
supplying the goods or services.
Comment 104(b)–1 states that it is not
intended to repeal, abrogate, annul,
impair, or interfere with any existing
interpretations, orders, agreements,
ordinances, rules, or regulations
adopted or issued pursuant to existing
comment 9(a)(3)–3.
Based on the Bureau’s work to date,
comments received, and conversations
with industry stakeholders, the Bureau
understands that purported factoring
arrangements may take various forms,
including longer-term or revolving
transactions that appear to have credit
or credit-like features, and the Bureau
believes that a subset of such
arrangements may constitute credit
incident to the factoring arrangement.
Comment 104(b)–1 thus clarifies that an
extension of business credit incident to
a factoring arrangement is a covered
credit transaction and that a financial
institution shall report such a
transaction as an ‘‘Other sales-based
financing transaction’’ under
§ 1002.107(a)(5). By contrast,
arrangements that do not involve goods
or services that have already been
supplied or rendered are not ‘‘factoring’’
under the Bureau’s description. The
Bureau makes clear in comment 104(b)–
1 that, despite the fact that some
providers may label such arrangements
as factoring, the name used by the
financial institution for a product is not
determinative of whether or not it is a
‘‘covered credit transaction,’’ and such
arrangements are not factoring as
described in the final rule and are
covered.
The Bureau does not believe it would
be appropriate to codify distinctions
between merchant cash advances and
factoring in the final rule’s text or
commentary, as suggested by a
commenter. The Bureau believes that
factoring involves the sale of existing
and alienable assets, while merchant
cash advances involve a promise of
444 See Cal. S.B. 1235 (Sept. 30, 2018), https://
leginfo.legislature.ca.gov/faces/
billTextClient.xhtml?bill_id=201720180SB1235;
N.Y. S.B. S5470B (July 23, 2020), https://
legislation.nysenate.gov/pdf/bills/2019/S5470B.
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
future payments derived from
anticipated receivables. Accordingly,
providers of merchant cash advances—
but not factoring that involves the sale
of existing and alienable assets—grant
the right to incur debt and defer its
payment at a later date within the
meaning of ‘‘credit’’ under § 1002.102(i).
For that reason, to the extent that a
purported factoring arrangement
involves multiple revolving transactions
such that the transaction between the
recipient and the provider of funds is
not complete at the time of the sale, that
transaction constitutes credit, and the
Bureau would expect such a transaction
to be reported as an ‘‘Other sales-based
financing transaction’’ because it
constitutes an extension of business
credit that may or may not be incident
to a factoring arrangement (depending
on whether the first transaction
involved the sale of existing and
alienable assets). In terms of how to
report the term and costs of extensions
of credit incident to factoring
arrangements, the Bureau notes that
final § 1002.107(a)(12)(v) would require
financial institutions to report, for a
merchant cash advance or other salesbased financing transactions, the
difference between the amount
advanced and the amount to be repaid
and that final § 1002.107(a)(5)(iii)
requires reporting of estimated loan
term for merchant cash advances and
other sales-based financing in certain
circumstances.
As noted above, the products
discussed in this preamble do not
constitute an exhaustive list of covered
credit transactions; other types of
business credit not specifically
described nevertheless constitute
covered credit transactions unless
excluded by final § 1002.104(b). In line
with this approach, the Bureau is not
expressly delineating additional
products (such as credit extensions
incident to factoring arrangements) as
covered credit transactions in the final
rule’s regulatory text or commentary.
Nor is it reopening existing Regulation
B at this time in order to interpret
‘‘credit’’ to include factoring. The
Bureau acknowledges that factoring
constitutes a large part of the small
business financing landscape,
particularly among minority-owned
small businesses, and that it would be
helpful to have more transparency into
these arrangements. However, making
such a change as part of this final rule
could creating inconsistences and
compliance challenges with respect to
existing Regulation B provisions.
The Bureau also does not believe that
the question of whether a factoring
arrangement is credit should be
PO 00000
Frm 00089
Fmt 4701
Sfmt 4700
35237
determined based on whether the small
business recipient is effectively paying
finance charges. For the reasons
discussed in the section-by-section
analysis of § 1002.102(i), the Bureau is
finalizing a definition of ‘‘credit’’ that
largely follows the definition of credit in
ECOA 445 and existing § 1002.2(j);
meaning the right granted by a creditor
to an applicant to defer payment of a
debt, incur debt and defer its payment,
or purchase property or services and
defer payment therefor. This
longstanding definition does not turn on
‘‘the number of installments required for
repayment, or whether the transaction is
subject to a finance charge,’’ 446 nor on
how underwriting is conducted. Rather,
in order for factoring to be credit under
ECOA, a factor must grant the right to
defer payment of debt or to incur debts
and defer its payment.
The Bureau also does not believe it
would be appropriate, at this time, to
distinguish between recourse and nonrecourse factoring that involves the
business-to-business sale of existing and
alienable assets. The Bureau is aware
that a significant proportion of the
factoring market, as it is currently
understood, may consist of recourse
factoring, in which factors may pursue
repayment from the recipient of funds if
the third party fails to pay, and that
even non-recourse agreements may
enable factors to seek repayment from
recipients under some circumstances,
such as fraud. As a result, the Bureau
understands that in much of what
market participants understand to be
‘‘factoring’’ within the meaning of
existing Regulation B, the transaction
between the recipient and the provider
of funds is not conclusively complete at
the time of the sale. The Bureau agrees
with commenters that these transactions
are, at minimum, akin to credit.
Nevertheless, the Bureau believes that
requiring reporting for these
transactions at this time would have the
effect of upending market participants’
settled expectations that ‘‘factoring’’ is
not credit within the meaning of
existing Regulation B. Therefore, data
collection and reporting pursuant to
subpart B is not required for an accounts
receivable purchase transaction between
businesses that includes an agreement
to purchase, transfer, or sell a legally
enforceable claim for payment for goods
that the recipient has supplied or
services that the recipient has rendered
but for which payment has not yet been
made, regardless of whether the
445 See 15 U.S.C. 1691a. Existing Regulation B
uses the term ‘‘applicant’’ instead of ‘‘debtor.’’
446 Existing comment 2(j)–1.
E:\FR\FM\31MYR2.SGM
31MYR2
35238
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
agreement includes recourse or other
nonpayment contingency provisions.
The Bureau appreciates the fact that
New York and California both include
factoring in their respective commercial
financing disclosure laws and has in
fact drawn from the States’ helpful
regulatory language for its own section
1071 commentary. However, coverage of
factoring by these or other States 447 in
their commercial financing disclosure
regimes does not affect what constitutes
‘‘credit’’ under ECOA. The Bureau
understands concerns that exclusion of
factoring may open a door to potential
evasion by merchant cash advance
providers and other actors. However,
the Bureau does not agree that it must
include factoring in this final rule in
order to monitor these arrangements and
prevent abuses.
In the course of considering financial
institutions’ compliance with the rule,
the Bureau intends to closely scrutinize
secured finance transactions to ensure
that companies are appropriately
categorizing and reporting products as
required by section 1071. The Bureau
also intends to obtain more information
about the use of recourse and other
nonpayment provisions in the factoring
market, including types of these
provisions and the frequency with
which factors invoke them. If it proves
necessary to modify existing Regulation
B or subpart B, the Bureau is prepared
to exercise all of its available
authorities, including its authority
under section 703 of ECOA to make
adjustments that are necessary to
prevent circumvention or evasion.
With respect to comments asking the
Bureau to clarify that non-recourse
factoring is covered by the trade credit
exclusion, the Bureau notes that while
non-recourse factors may not be subject
to the trade credit exclusion because
they are not typically a supplier that
finances the sale of equipment,
supplies, or inventory, they are likely
providing ‘‘factoring’’ as described in
final comment 104(b)–1. For the reasons
discussed in the section-by-section
analysis of § 1002.104(b)(1), the Bureau
is not expanding its exclusion of trade
credit to include third-party financing
companies.
Leases
lotter on DSK11XQN23PROD with RULES2
Background
A leasing transaction generally refers
to an agreement in which a lessor
447 Other States, including Virginia and Utah,
have passed similar commercial financing
disclosure laws. See, e.g., Virginia H. 1027 (enacted
Apr. 11, 2022), https://lis.virginia.gov/cgi-bin/
legp604.exe?221+ful+CHAP0516; Utah S.B. 183
(enacted Mar. 24, 2022), https://le.utah.gov/∼2022/
bills/static/SB0183.html.
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
transfers the right of possession and use
of a good or asset to a lessee in return
for consideration.448 Under a ‘‘true’’ or
‘‘operating’’ lease, a lessee (the user)
makes regular payments to a lessor (the
owner) in exchange for the right to use
an asset (such as equipment, buildings,
motor vehicles, etc.).
Leases are not expressly addressed in
ECOA or Regulation B. Until the
issuance of the NPRM, the Bureau had
never opined on whether ECOA and
Regulation B apply to leases, and the
Board made only one statement about
the applicability of ECOA and
Regulation B to leases, in the preamble
to a final rule under ECOA. In that 1985
statement, the Board responded to the
Ninth Circuit’s opinion in Brothers v.
First Leasing,449 which concluded that
consumer leasing falls under ECOA.450
The Board stated that it believes that
‘‘Congress did not intend the ECOA,
which on its face applies only to credit
transactions, to cover lease transactions
unless the transaction results in a ‘credit
sale’ as defined in the Truth in Lending
Act and Regulation Z.’’ 451 The Board
then noted that it will continue to
monitor leasing transactions and take
further action as appropriate.452 The
Bureau is unaware of any such further
actions taken by the Board.
The Bureau understands that many
financial institutions (such as
equipment finance companies) offer
both loans and leases to their small
business customers and some financial
institutions comply with Regulation B
for their leases as well as their loans as
a matter of course. Lessor stakeholders
have told Bureau staff that from their
perspective, as well as that of their
customers, loans and leases are
indistinguishable. The Bureau
understands that this is particularly true
of ‘‘financial’’ or ‘‘capital’’ leases, as
defined under article 2A of the Uniform
Commercial Code (UCC),453 which
closely resemble (and according to some
stakeholders, in some cases are
indistinguishable from) term loans. The
Bureau understands that financial leases
are treated like assets on buyers’ balance
448 See
UCC 2A–103(1)(j) (defining a ‘‘lease’’).
F.2d 789 (9th Cir. 1984).
450 50 FR 48018, 48020 (Nov. 20, 1985).
451 Id.
452 Id. Since then, courts have gone both ways on
the issue. Compare Ferguson v. Park City Mobile
Homes, No. 89–CIV–1909, 1989 WL 111916, at *5
(N.D. Ill. Sept. 18, 1989) (consumer leases are
‘‘credit’’ under ECOA), with Laramore v. Ritchie
Realty Mgmt. Co., 397 F.3d 544, 547 (7th Cir. 2005)
(consumer leases are not ‘‘credit’’ under ECOA).
453 The Bureau notes that the UCC separately
defines a ‘‘consumer lease.’’ See UCC 2A–103(1)(e).
The Bureau’s analysis regarding leases does not
apply to leases primarily for a personal, family, or
household purpose.
449 724
PO 00000
Frm 00090
Fmt 4701
Sfmt 4700
sheets, whereas operating leases are
treated as expenses that remain off the
balance sheet. The Bureau understands
that the ownership characteristics of a
financial lease also resemble those of a
loan—the financial lease term is the
substantial economic life of the asset (as
evidenced by a low dollar purchase
option at the end of the lease term and/
or lack of residual financial obligations
at the end of the lease term) and the
lessee claims both interest and
depreciation on their taxes. The Bureau
understands that for some financial
institutions, reporting loans but not
leases may require added cost and effort
to separate them in databases. The
Bureau also understands that because
depository institutions currently report
both loan and lease activity to other
regulators in their Call Reports, they
may prefer to maintain a consistent
approach for section 1071.
Proposed Rule
In the NPRM, the Bureau proposed to
not cover leases. Drawing from the UCC
definition of ‘‘lease,’’ 454 which was
incorporated into the New York and
California commercial financing
disclosure laws,455 proposed comment
104(b)–2 would have provided that the
term covered credit transaction does not
cover leases, and that a lease, for
purposes of proposed subpart B, is a
transfer from one business to another of
the right to possession and use of goods
for a term, and for primarily business or
commercial (including agricultural)
purposes, in return for consideration. It
would have further stated that a lease
does not include a sale, including a sale
on approval or a sale or return, or a
transaction resulting in the retention or
creation of a security interest. The
Bureau sought comment on whether
there are types of leases, or leases with
certain characteristics, that should be
excluded from proposed comment
104(b)–2 and thus treated as reportable
under section 1071. Based on the
practical difficulty cited by some
stakeholders of distinguishing leases
from loans, the Bureau also sought
comment on whether financial
institutions should be permitted to
voluntarily report lease transactions.
454 UCC 2A–103(1)(j) (‘‘ ‘Lease’ means a transfer of
the right to possession and use of goods for a term
in return for consideration, but a sale, including a
sale on approval or a sale or return, or retention or
creation of a security interest is not a lease. Unless
the context clearly indicates otherwise, the term
includes a sublease.’’).
455 See Cal. S.B. 1235 (Sept. 30, 2018), https://
leginfo.legislature.ca.gov/faces/billTextClient.
xhtml?bill_id=201720180SB1235; N.Y. S.B. S5470B
(July 23, 2020), https://legislation.nysenate.gov/pdf/
bills/2019/S5470B.
E:\FR\FM\31MYR2.SGM
31MYR2
lotter on DSK11XQN23PROD with RULES2
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
Comments Received
The Bureau received comments on
this aspect of the proposal from several
community groups and community
oriented lenders, trade associations, an
online lender, and several members of
Congress. Many of these comments
argued that leases should be covered
under the Bureau’s rule. A few
commenters suggested that leases were
much like loans and other credit, with
one commenter asserting that where a
small business may retain leased
equipment, that is akin to lending in
which debt is incurred, payment is
deferred and payments are made over a
significant time period for a substantial
asset, that is, the equipment. This
commenter noted that the Bureau could
apply its proposed loan threshold to
leases. A cross-sector group of lenders,
community groups, and small business
advocates maintained that any data
collection on the leasing market would
be valuable, even if limited to credit sale
leases or ‘‘$1 leases’’ (where the lessee
makes payments on the leased item and
at the end of the lease term, purchases
the item for $1), which the commenter
viewed as a form of credit sale lease.
A few commenters urged the Bureau
to cover this large and growing share of
the small business financing market in
order to avoid data gaps. Two
commenters expressed fair lending and
predatory practice concerns regarding
leasing—one commenter pointed to a
lawsuit filed by the California State
Attorney General against two lease
financing companies operating in 15
states that allegedly forced 193 Black
churches to make lease payments on
falsely advertised and faulty computer
kiosks.456 Another commenter noted
that leases are often used by minorityowned businesses, in some cases more
often than white-owned businesses.
This commenter also noted that New
York and California both include leasing
in their respective commercial financing
disclosure laws and that at the Federal
level, bicameral commercial financing
disclosure legislation has been
introduced to cover leasing. Two
commenters argued that not covering
leases in the final rule would open the
door to potential evasion, allowing
merchant cash advance providers and
other financing companies to structure
transactions as leases instead of loans.
Several trade associations, including
ones representing equipment and
vehicle lease and finance companies,
expressed support for the Bureau’s
456 See Complaint, California v. Television
Broadcasting Online, Ltd., 2011 WL 849066 (Cal.
Super. Feb. 2011), https://oag.ca.gov/system/files/
attachments/press_releases/n2042_complaint.pdf.
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
proposed approach to not cover leases.
One commenter commended the Bureau
for recognizing that leases are not
treated as credit in the U.S. regulatory
structure and for proposing use of the
widely accepted UCC definition of a
lease. Another commenter observed that
the Bureau’s proposed definition of
‘‘lease’’ would not cover instances
where a lessee purchased or eventually
owned the product being leased. This
commenter advised against covering
leases in the rule, arguing that doing so
would result in incorrect reporting
when applicants’ employees submit
lease applications but do not know the
full scope of their employer’s ownership
makeup or financial holdings; it would
also increase compliance costs, making
short-term leases and rentals
significantly more expensive.
Final Rule
For the reasons set forth herein, the
Bureau is finalizing comment 104(b)–2
largely as proposed and is not covering
leases under the final rule. Drawing
from the UCC definition of ‘‘lease,’’ 457
which was incorporated into the New
York and California commercial
financing disclosure laws,458 comment
104(b)–2 provides that the term covered
credit transaction does not cover leases,
and that a lease, for purposes of subpart
B, is a transfer from one business to
another of the right to possession and
use of goods for a term, and for
primarily business or commercial
(including agricultural) purposes, in
return for consideration. It further states
that a lease does not include a sale,
including a sale on approval or a sale or
return, or a transaction resulting in the
retention or creation of a security
interest. In addition, comment 104(b)–2
clarifies that the name used by the
financial institution for a product is not
determinative of whether or not it is a
‘‘covered credit transaction.’’
The Bureau considered several other
approaches to covering leasing,
including referring to Regulation Z’s
definition of ‘‘credit sale.’’ Under that
definition, a ‘‘credit sale’’ is ‘‘a sale in
which the seller is a creditor,’’ and it
includes a lease—unless the consumer
may terminate it at any time without
penalty—where the consumer ‘‘[a]grees
457 UCC 2A–103(1)(j) (‘‘ ‘Lease’ means a transfer of
the right to possession and use of goods for a term
in return for consideration, but a sale, including a
sale on approval or a sale or return, or retention or
creation of a security interest is not a lease. Unless
the context clearly indicates otherwise, the term
includes a sublease.’’).
458 See Cal. S.B. 1235 (Sept. 30, 2018), https://
leginfo.legislature.ca.gov/faces/billTextClient.
xhtml?bill_id=201720180SB1235; N.Y. S.B. S5470B
(July 23, 2020), https://legislation.nysenate.gov/pdf/
bills/2019/S5470B.
PO 00000
Frm 00091
Fmt 4701
Sfmt 4700
35239
to pay as compensation for use a sum
substantially equivalent to, or in excess
of, the total value of the property and
service involved’’ and ‘‘[w]ill become
(or has the option to become), for no
additional consideration or for nominal
consideration, the owner of the property
upon compliance with the
agreement.’’ 459 The Bureau understands
that financial institutions focused on
offering leases and loans for business
purposes are generally not familiar with
the Regulation Z definition of ‘‘credit
sale,’’ given that Regulation Z applies
only to consumer credit.460 The Bureau
thus believes that referring to the
Regulation Z definition of ‘‘credit sale’’
could create confusion and would not
align with current industry practices.
The Bureau understands that such
financial institutions offering leases
primarily for business or commercial
(including agricultural) purposes are
more accustomed to applying the UCC
definitions of ‘‘lease’’ 461 and ‘‘finance
lease,’’ 462 and/or the generally accepted
accounting principles (GAAP) rules
issued by the Financial Accounting
Standards Board governing ‘‘operating,’’
‘‘capital,’’ and ‘‘finance’’ leases.463 The
Bureau believes that drawing from the
UCC definition of lease will lead to
more consistency with financial
institutions’ current practices. Nearly all
U.S. jurisdictions have adopted Article
2A of the UCC,464 and the Bureau
459 12
CFR 1026.2(a)(16).
Regulation Z §§ 1026.2(a)(12) (defining
‘‘consumer credit’’ as ‘‘credit offered or extended to
a consumer primarily for personal, family, or
household purposes’’) and 1026.3(a)(1) (excluding
extensions of credit ‘‘primarily for a business,
commercial or agricultural purpose’’).
461 UCC 2A–103(1)(j).
462 UCC 2A–103(1)(g).
463 See Fin. Acct. Standards Bd., Accounting
Standards Update: Leases (Topic 842), No. 2016–
02 (Feb. 2016), https://www.fasb.org/Page/
ShowPdf?path=ASU+2016-02_Section+A.pdf&title=
Update+2016-02%E2%80%94Leases+
%28Topic+842%29+Section+A%E2%80%94Leases
%3A+Amendments+to+the+FASB+Accounting+
Standards+Codification%C2%AE&accepted
Disclaimer=true&Submit=.
464 See Ala. Code 7–2A–101 et seq.; Alaska Stat.
45.12.101 et seq.; Ariz. Rev. Stat. 47–2A101 et seq.;
Ark. Code Ann. 4–2A–101 et seq.; Cal. Com. Code
10101 et seq.; Choctaw Tribal Code 26–2A–101 et
seq.; Colo. Rev. Stat. 4–2.5–101 et seq.; Conn. Gen.
Stat. 42a–2A–101 et seq.; D.C. Code 28:2A–101 et
seq.; Del. Code Ann. tit. 6, 2A–101 et seq.; Fla. Stat.
680.1011 et seq.; Ga. Code Ann. 11–2A–101 et seq.;
Haw. Rev. Stat. 490:2A–101 et seq.; Idaho Code 28–
12–101 et seq.; 810 Ill. Comp. Stat. 5/2A–101 et
seq.; Ind. Code 26–1–2.1–101 et seq.; Iowa Code
554.13101 et seq.; Kan. Stat. Ann. 84–2a–101 et
seq.; Ky. Rev. Stat. Ann. 355.2A–101 et seq.; Mass.
Gen. Laws ch. 106, 2A–101 et seq.; Md. Code Ann.,
Com. Law 2A–101 et seq.; Me. Stat. tit. 11, 2–1101
et seq.; Mich. Comp. Laws 440.2801 et seq.; Minn.
Stat. 336.2A–101 et seq.; Miss. Code Ann. 75–2A–
101 et seq.; Mo. Rev. Stat. 400.2A–101 et seq.; Mont.
Code Ann. 30–2A–101 et seq.; N.C. Gen. Stat. 25–
2A–101 et seq.; N.D. Cent. Code 41–02.1–01 et seq.;
460 See
E:\FR\FM\31MYR2.SGM
Continued
31MYR2
35240
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
lotter on DSK11XQN23PROD with RULES2
understands that virtually every form of
lease used by major leasing companies
provides that it is governed by the laws
of one of the jurisdictions that has
adopted Article 2A.
Based on its review of businesspurpose leases and its expertise with
respect to the meaning of ‘‘credit,’’ the
Bureau believes that the term ‘‘credit’’
does not encompass such business
leases. In the business-purpose context,
the Bureau understands that in a true
lease, the lessor retains title and will
receive the property back after the
conclusion of the lease term, without
any expectation by either party that, for
example, ownership of the property will
be transferred or that payments made
pursuant to the lease agreement
constitute anything other than payments
in exchange for the temporary use of the
property. As a result, the Bureau does
not believe that in the business-purpose
context a true lease transaction involves
the right to incur debt and defer its
payment, defer payment of a debt, or
defer payment for goods or services.
The Bureau is aware that there are
other types of leases with characteristics
that bear some resemblance to forms of
credit like credit sales, such as a
contemplated transfer of ownership at
the end of the lease term. The Bureau
does not parse whether different types
of leases might constitute ‘‘credit’’ but
notes that final comment 104(b)–2’s
definition of lease does not include a
sale, including a sale on approval or a
sale or return, or a transaction resulting
in the retention or creation of a security
interest. For further clarification, the
Bureau notes that UCC section 1–203
provides helpful guidance on how to
distinguish a lease from a security
interest. For example, UCC section 1–
203 provides, in part, that a lease
transaction creates a security interest if
the lessee’s payment obligation
continues for the term of the lease and
is not subject to termination by the
lessee and the lessee has an option to
become the owner of the goods for no
additional consideration or for nominal
additional consideration upon
N.H. Rev. Stat. Ann. 382–A:2A–101 et seq.; N.J.
Stat. Ann. 12A:2A–101 et seq.; N.M. Stat. Ann. 55–
2A–101 et seq.; N.Y. UCC Law 2–A–101 et seq.;
Neb. Rev. Stat. UCC 2A–101 et seq.; Nev. Rev. Stat.
104A.2101 et seq.; Ohio Rev. Code Ann. 1310.01 et
seq.; Okla. Stat. tit. 12A, 2A–101 et seq.; Or. Rev.
Stat. 72A.1010 et seq.; Pa. Cons. Stat. 2A101 et seq.;
R.I. Gen. Laws 6A–2.1–101 et seq.; S.C. Code Ann.
36–2A–101 et seq.; S.D. Codified Laws 57A–2A–101
et seq.; Tenn. Code Ann. 47–2A–101 et seq.; Tex.
Bus. & Com. Code Ann. 2A.101 et seq.; Utah Code
Ann. 70A–2a–101 et seq.; V.I. Code Ann. tit. 11A,
2A–101 et seq.; Va. Code Ann. 8.2A–101 et seq.; Vt.
Stat. Ann. tit. 9A, 2A–101 et seq.; W. Va. Code 46–
2A–101 et seq.; Wash. Rev. Code 62A.2A–101 et
seq.; Wisc. Stat. 411.101 et seq.; Wyo. Stat. Ann.
34.1–2.A–101 et seq.
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
compliance with the lease agreement.465
The UCC additionally provides that
additional consideration is nominal if it
is less than the lessee’s reasonably
predictable cost of performing under the
lease agreement if the option is not
exercised.466 The UCC appropriately
notes that whether a transaction in the
form of a lease creates a lease or security
interest is determined by the facts of
each case.467 The Bureau believes that
drawing from an established definition
of ‘‘lease’’ that small business lenders
already use will minimize compliance
risks and will offer sufficient
consistency and clarity regarding
interpretation of final comment 104(b)–
2.
The Bureau is not covering leases
under this final rule, as requested by
some commenters. The Bureau agrees
that some business leases are structured
like loans and other credit but notes that
a commenter’s example of a small
business being able to retain leased
equipment is an example of the creation
of a security interest, not a lease under
final comment 104(b)–2. Similarly, socalled ‘‘$1 leases’’ create security
interests because the lessee has an
option to become the owner of the goods
for nominal additional consideration.
As noted by one commenter, final
comment 104(b)–2’s definition of lease
does not include a transaction resulting
in the retention or creation of a security
interest.
The Bureau understands that
bicameral commercial financing
disclosure legislation was introduced in
the last Congress to cover some leasing
and other commercial finance products
under the Federal Truth in Lending Act
and that New York and California both
include leases in their respective
commercial financing disclosure laws.
(The Bureau has in fact drawn from the
states’ helpful regulatory language for its
own section 1071 commentary.)
However, the Bureau does not believe
that the coverage of leases in these
particular legislative efforts has any
bearing on what constitutes ‘‘credit’’
under ECOA. The Bureau appreciates
commenters’ concerns that not covering
leases could open a door to potential
evasion and lead to data gaps or fair
lending problems. The Bureau believes
that it can observe the small business
financing market for such abuses and
prevent them without including all
leases in the rule. For example, in
considering financial institutions’
compliance with the rule, the Bureau
intends to closely scrutinize
465 UCC
1–203(b).
1–203(d).
467 UCC 1–203(a).
466 UCC
PO 00000
Frm 00092
Fmt 4701
Sfmt 4700
transactions to ensure that companies
are appropriately categorizing and
reporting products as required by
section 1071.
Consumer-Designated Credit
The Bureau understands that some
small business owners may use
consumer-designated credit in order to
finance their small businesses—such as
taking out a home equity line of credit
or charging business expenses on their
personal credit cards.
The proposed rule would not have
covered products designated by the
creditor as consumer-purpose products
(consumer-designated credit). Proposed
comment 104(b)–3 would have made
clear that the term covered credit
transaction does not include consumerdesignated credit used for business
purposes, because such transactions are
not business credit. Proposed comment
104(b)–3 would have provided that a
transaction qualifies as consumerdesignated credit if the financial
institution offers or extends the credit
primarily for personal, family, or
household purposes. The Bureau sought
comment on this proposed
interpretation, including how the
Bureau has defined the scope of
consumer-designated credit. The Bureau
also sought comment on whether it
should permit financial institutions to
voluntarily report consumer-designated
credit when they have reason to believe
the credit might be used for business
purposes.
The Bureau received comments on
this aspect of the proposal from a range
of banks, credit unions, trade
associations, and community groups.
One trade association generally agreed
with the Bureau’s approach to
consumer-designated credit but asked
the Bureau to clarify whether retail
installment sales contracts are covered
by the exclusion of consumerdesignated credit. This commenter also
asked the Bureau to confirm that, in
determining whether credit is excluded
as consumer-designated credit, existing
comment 2(g)–1 interpreting the
definition of ‘‘business credit’’ applies,
which provides that ‘‘[a] creditor may
rely on an applicant’s statement of the
purpose for the credit requested.’’
Some industry commenters supported
the Bureau’s proposed exclusion of
consumer-designated credit. One of
these commenters argued that the
inclusion of consumer-designated credit
within the rule would dramatically
expand the size of the data collected
beyond the purpose of section 1071,
circumventing the congressional intent
and increasing the rule’s impact on the
availability of credit for all consumers—
E:\FR\FM\31MYR2.SGM
31MYR2
lotter on DSK11XQN23PROD with RULES2
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
not just business borrowers. Another
commenter asked the Bureau to clarify
that it will not challenge the designation
of a transaction as consumer-designated
credit, expressing concerns because
financial institutions have no reliable
method for validating a latent business
purpose in an application for a
consumer-designated credit transaction.
Two banks recommended against
requiring financial institutions to
second guess consumers’ intentions
regarding use of funds by requiring
them to report on loans suspected to be
used for business purposes.
Several commenters urged the Bureau
to cover consumer credit that will be
used for business purposes. One
community group suggested collecting
1071 data where personal credit card
applicants responded that 50 percent or
more of the loan would be used for
small business purposes, asserting that
this threshold would sufficiently weed
out applications that would result in
nominal amounts of funding for small
business purposes but would still
capture ones that are potentially
important for meeting the community
development purpose of section 1071.
Two commenters expressed concerns
that not covering consumer-designated
credit would result in a push toward
unregulated products, with one
commenter asserting that a portion of
the fintech sector is engaging in
unscrupulous targeting of vulnerable
customers (including racial and ethnic
minorities). Two community groups
asked the Bureau to reconsider its
proposal, emphasizing how important
consumer-designated credit is as a
source of financing for small businesses,
particularly for women-owned and
minority-owned small businesses, sole
proprietorships, and new businesses.
Another community group
recommended that the Bureau
additionally include personal credit
card loans that finance business
expenses, asserting that these cards are
a vital source of credit for very small
and start-up businesses, as well as
businesses owned by women and
people of color.
A number of banks suggested the
Bureau exclude all credit subject to
Regulation Z. Some suggested that such
an exemption would provide clarity to
the definition of ‘‘covered credit
transaction’’ and would ease
compliance burden when identifying
covered applications, implementing
data collection, and ensuring data
integrity in a manner that meets the
statutory purpose. One trade association
added that financial institutions are
already familiar with determining loan
purpose under the Regulation Z
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
definition in their everyday lending
activities and that this approach would
alleviate confusion with the proposed
exclusion for credit secured by certain
investment properties.
For the reasons set forth herein, the
Bureau is finalizing comment 104(b)–3
almost entirely as proposed and is not
covering consumer-designated credit
under the final rule. Comment 104(b)–
3 makes clear that the term covered
credit transaction does not include
consumer-designated credit used for
business or agricultural purposes,
because such transactions are not
business credit. The Bureau is adding
the reference to agricultural purposes
for clarity. Comment 104(b)–3 provides
that a transaction qualifies as consumerdesignated credit if the financial
institution offers or extends the credit
primarily for personal, family, or
household purposes. For example, an
open-end credit account used for both
personal and business purposes is not
business credit for the purpose of
subpart B unless the financial
institution designated or intended for
the primary purpose of the account to be
business-related.
The Bureau believes it is appropriate
to interpret section 1071 as not applying
to this type of credit. Most notably,
ECOA section 704B(b) directs financial
institutions to collect data in the case of
an application ‘‘for credit for womenowned, minority-owned, or small
business’’ (emphasis added). The statute
thus applies only to applications for
credit for a business; at the time of an
application for consumer-designated
credit, however, the application is not
for a business. Several policy reasons
also support this approach. First,
financial institutions may not be able to
consistently identify when consumerdesignated credit is being used for
business or agricultural purposes.
Inconsistent reporting across financial
institutions could lead to data quality
concerns. Credit sought by consumers
for both personal and business purposes
could be particularly difficult to
separate into reportable and nonreportable portions. The Bureau believes
that excluding consumer-designated
credit will simplify compliance by
obviating the need for financial
institutions to identify and distinguish
business uses of consumer-purpose
credit products. Second, not including
consumer-designated credit that is used
for business or agricultural purposes
within the scope of this rulemaking
makes it clear that the applications
reported will all be seeking credit to use
for business/agricultural purposes,
which supports section 1071’s directive
to collect and report data in the case of
PO 00000
Frm 00093
Fmt 4701
Sfmt 4700
35241
an application for credit for a business.
Third, not covering consumerdesignated credit that is used for
business or agricultural purposes
provides certainty to financial
institutions that offer only consumerdesignated credit that they are not
subject to this final rule’s data collection
and reporting requirements.
With respect to the request to clarify
whether retail installment sales
contracts are covered by the exclusion
of consumer-designated credit, the
Bureau notes that this exclusion applies
equally to all credit products. In other
words, a retail installment sales contract
qualifies as consumer-designated credit
if the financial institution offers or
extends it primarily for personal, family,
or household purposes. The Bureau
confirms, as requested, that because the
Bureau is finalizing § 1002.102(d) to
define business credit as having the
same meaning as in existing § 1002.2(g),
existing comment 2(g)–1 also applies to
subpart B. Thus, in determining
whether credit is excluded as consumerdesignated credit, a financial institution
‘‘may rely on an applicant’s statement of
the purpose for the credit requested.’’ 468
The Bureau agrees with commenter
concerns that the inclusion of
consumer-designated credit within the
rule would dramatically expand the size
of the data collected beyond the purpose
of section 1071, circumventing
congressional intent and potentially
increasing the rule’s impact on the
availability of credit for all consumers—
not just small business borrowers. The
Bureau also confirms that financial
institutions may rely on an applicant’s
statement of purpose for the credit
requested and need not report
consumer-purpose loans suspected to be
used for business purposes, recognizing
that alternative approaches would likely
result in inconsistent results across
lenders as they tried to discern latent
business purposes in an application for
a consumer-designated credit
transaction.
With respect to the suggestion that the
Bureau require financial institutions to
inquire on an application whether 50
percent or more of the borrowed funds
would be used for small business
purposes and require collection of 1071
data in those instances, the Bureau
believes that this approach would raise
many of the policy concerns discussed
above. The Bureau appreciates the
concerns about potential fair lending
violations and evasion raised by
commenters relating to consumerdesignated credit. The Bureau believes
that its finalized bright-line approach
468 Existing
E:\FR\FM\31MYR2.SGM
comment 2(g)–1.
31MYR2
35242
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
lotter on DSK11XQN23PROD with RULES2
will better enable it to ensure that
financial institutions that are offering
business credit are complying with the
final rule.
The Bureau is not excluding to
exclude all credit subject to Regulation
Z from this rule’s definition of
‘‘business credit,’’ as suggested by some
commenters. The final rule does not
cover consumer-designated credit,
which includes Regulation Z credit as
well as other consumer-designated
credit that is not encompassed by
Regulation Z. The Bureau notes that
some of Regulation Z’s provisions apply
to business purpose credit cards 469 and
that Regulation Z does not cover
consumer credit over certain applicable
threshold amounts.470
Certain Purchases of Covered Credit
Transactions, Including Pooled Loans
and Partial Interests Proposed Rule
As discussed in the section-by-section
analysis of § 1002.103 above, ECOA
section 704B(b) requires that financial
institutions collect, maintain, and report
to the Bureau certain information
regarding ‘‘any application to a financial
institution for credit.’’ For covered
financial institutions, the definition of
‘‘application’’ triggers data collection
and reporting obligations with respect to
covered credit transactions. In the
NPRM, the Bureau noted that under
proposed subpart B, purchasing a loan,
purchasing an interest in a pool of
loans, or purchasing a partial interest in
a loan does not, in itself, generate an
obligation for a covered financial
institution to report small business
lending data. Rather, a reporting
obligation arises on the basis of
receiving a covered application for
credit. (See the section-by-section
analysis of § 1002.109(a)(3) for
additional information.) The Bureau
also noted the corollary point that
selling an originated covered credit
transaction would not, in itself, obviate
an existing obligation of a covered
financial institution to report small
business lending data for that
application, pursuant to proposed
comment 107(a)–1.i.
In addition, the Bureau believed that
requiring covered financial institutions
to collect and maintain data related to
the purchase of an interest in a pool of
covered credit transactions would do
little to further the purposes of section
1071. The Bureau generally believed
that a pooled loan purchase would arise
after credit decisions on the relevant
loans had already been made (e.g., after
the loans were originated) and therefore
469 See
470 See
Regulation Z § 1026.12(a) and (b).
id. § 1026.3(b).
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
the Bureau believed that the purchaser
of an interest in a pool of loans would
understand that there would be no
section 1071 obligation. Information
about the loans in this pool would
already be captured, as the application
for each originated loan in the pool
would already be reported (assuming it
was originated by a covered financial
institution and otherwise satisfies the
requirements of subpart B). For clarity,
however, the Bureau stated in the
NPRM preamble that no reporting
obligations arise from purchasing an
interest in a pool of covered credit
transactions, including credit-backed
securities or real estate investment
conduits. The Bureau believed that this
clarification, similar to Regulation C
comment 3(c)(4)–1, would assist
covered financial institutions in
understanding the scope of their
obligations.
Moreover, the Bureau stated that the
purchase of a partial interest in a loan
does not, in itself, generate an obligation
for a covered financial institution to
report small business lending data. The
Bureau believed that this approach,
combined with proposed
§ 1002.109(a)(3), provided sufficient
clarity for financial institutions that
choose to take part in loan
participations. For example, Financial
Institution A receives an application
from a small business for a covered
credit transaction and approves the
loan, and then Financial Institution A
organizes a loan participation agreement
where Financial Institutions B and C
agree to purchase a partial interest. This
is a reportable application for a covered
credit transaction for Financial
Institution A, but it is not a reportable
application for Financial Institutions B
and C. The Bureau noted that this
approach differs from how loan
participations are reported by banks and
savings associations under the CRA.
That is, under the CRA, if the loan
originated by Financial Institution A
met the definition of a small business
loan, then for any (or all) of the financial
institutions that were CRA reporters, the
loans could be reported under the
CRA.471
The Bureau believed that the statutory
purposes of section 1071 encourage the
broad collection of small business
lending data by financial institutions.
The Bureau was not aware of any reason
why data with respect to covered credit
transactions should not be collected
because more than one financial
471 See, e.g., 12 CFR 228.21(f) (stating that when
assessing the record of a nonminority-owned and
nonwomen-owned bank, the Board considers loan
participation as a factor).
PO 00000
Frm 00094
Fmt 4701
Sfmt 4700
institution holds an interest in the
originated loan. Conversely, the Bureau
did not believe that requiring reporting
by each financial institution with a
partial interest in a covered credit
transaction would further section 1071’s
purposes, and because having a single
loan reported by multiple financial
institutions could compromise the
quality of the 1071 dataset. Read in
conjunction with proposed
§ 1002.109(a)(3), however, the Bureau
believed that the covered credit
transactions at issue here would
nonetheless generally be reported by
one financial institution provided it met
the threshold for originated loans
pursuant to § 1002.105(b)—i.e., the
financial institution that sold portions
of the loan to other participants.
The Bureau did not expressly exclude
loan purchases, the purchase of an
interest in a pool of covered credit
transactions or the purchase of a partial
interest in a covered credit transaction
in the proposed rule’s regulatory text or
commentary, but sought comment on
this approach. With respect to partial
interests specifically, the Bureau
solicited comment on how such an
exclusion may differ from reporting
obligations under the CRA and, if the
Bureau adopted another approach, how
overlapping reporters or data might be
flagged to avoid double-counting certain
information.
Comments Received
The Bureau received several
comments regarding loan purchases and
loan participations. Commenters did not
address pooled loans specifically. A
trade association and two banks agreed
that loan purchases should not be
covered; one of these banks requested
that the Bureau add commentary
emphasizing this point.
In contrast, two other commenters
argued that all loan purchases should be
reported, citing consistency with
treatment under CRA and HMDA. One
commenter further stated that excluding
loan purchases and participations from
reporting requirements would ignore the
role of financial institutions with a
significant percentage of loan purchases,
despite their importance in the small
business lending market. The other
commenter stated that 1071 data should
replace CRA lending data, the CRA
considers loan purchases, and thus so
should the Bureau’s rule for
consistency.
Several farm credit lenders and a
trade association said that participation
interests and participation loans should
be specifically excluded, noting that a
participation interest is legally distinct
from a loan, the purchaser of an interest
E:\FR\FM\31MYR2.SGM
31MYR2
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
lotter on DSK11XQN23PROD with RULES2
is not considered a creditor, and there
is risk of double counting the data. One
commenter asked that the Bureau
exclude loan participations from the
definition of ‘‘covered credit
transaction’’ because a customer never
applies for any lender to participate in
a covered credit transaction. In addition,
some farm credit lenders noted that they
frequently enter into loan participation
agreements. They stated that a loan
participation is significantly different
from the purchase of a loan because
under these agreements, the borrower’s
contractual relationship remains solely
with the lead lender. These commenters
further stated that requiring a
participant to report would be akin to
requiring a trust in a mortgage
securitization to report HMDA data.
Final Rule
For the reasons set forth herein, the
Bureau is revising the commentary to
§ 1002.104(b) to make clear that loan
purchases, the purchase of an interest in
a pool of loans, and the purchase of a
partial interest in a credit transaction
are not ‘‘covered credit transactions.’’
Specifically, the Bureau is adding
comment 104(b)–4 to clarify that for
purposes of subpart B, the term
‘‘covered credit transaction’’ does not
include the purchase of an originated
credit transaction, the purchase of an
interest in a pool of credit transactions,
or the purchase of a partial interest in
a credit transaction such as through a
loan participation agreement. Such
purchases do not, in themselves,
constitute applications for business
credit that the purchasing entity makes
decisions on. Relatedly, in order to
illustrate reporting obligations regarding
pooled loans and partial interests, the
Bureau is also adding examples to the
commentary to § 1002.109(a)(3). The
section-by-section analysis of
§ 1002.109(a)(3) addresses in detail
situations where multiple financial
institutions are involved in a covered
credit transaction.
While the Bureau acknowledges the
important role of loan purchases in the
small business lending market, the
Bureau notes that the definition of
‘‘covered application’’ triggers data
collection and reporting obligations
with respect to covered credit
transactions. Under the final rule,
purchasing an originated loan,
purchasing an interest in a pool of
loans, or purchasing a partial interest in
a loan does not, in itself, generate an
obligation for a covered financial
institution to report small business
lending data regarding the application
underlying the purchased loan. The
Bureau has made clear in final
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
§ 1002.109(a)(3) and associated
commentary that only the action taken
on the application is reportable.
In response to commenters who urged
consistency with HMDA, as noted
above, the statutory language in HMDA
contemplates data collection for loan
purchases. Similarly, as interpreted by
the agencies administering CRA, the
CRA statute permits banks to fulfill their
obligation to meet local credit needs by
lending in low-to-moderate income
communities or by purchasing loans
made by others.472 Conversely, section
1071 does not contain such language; it
is focused on applications as the trigger
for data collection and reporting
obligations. Thus, the Bureau concludes
for this rule that it is appropriate for
financial institutions to have reporting
obligations on the basis of making credit
decisions on applications, as explained
further in the section-by-section
analysis of § 1002.109(a)(3)—a
subsequent purchase of a loan (or an
interest in a pool of loans, or a partial
interest in a loan) is not, in itself,
reportable.
104(b)(4) Public Utilities Credit
As noted above, the existing
definition of business credit in
§ 1002.2(g) partially excludes public
utilities credit, securities credit,
incidental credit, and government
credit, as defined in existing § 1002.3(a)
through (d), from requirements of
existing Regulation B. For the purpose
of proposed subpart B, the Bureau
proposed complete exclusions for
public utilities credit from the
definition of a covered credit
transaction in proposed § 1002.104(b).
The Bureau also proposed to define
business credit in proposed
§ 1002.102(d) by reference to existing
§ 1002.2(g), which already excludes
public utilities credit. The Bureau
sought comment on its proposal to
exclude public utilities credit but did
not receive any comments in response.
For the reasons set forth herein, the
Bureau is finalizing § 1002.104(b)(2) as
proposed. Section 1002.104(b)(2)
excludes public utilities credit, as
defined in existing § 1002.3(a)(1).
Existing § 1002.3(a)(1) states that the
term public utilities credit refers to
extensions of credit that involve public
utility services provided through pipe,
wire, or other connected facilities, or
radio or similar transmission (including
extensions of such facilities), if the
charges for service, delayed payment,
and any discount for prompt payment
472 See, e.g., 12 CFR 228.22(a)(2) (stating that the
Board will consider both originations and
purchases of loans under the lending test).
PO 00000
Frm 00095
Fmt 4701
Sfmt 4700
35243
are filed with or regulated by a
government unit. Several existing
Regulation B requirements do not apply
to public utilities credit transactions.473
Existing comment 3(a)–1 explains that
the definition applies only to credit for
the purchase of a utility service, such as
electricity, gas, or telephone service.
Credit provided or offered by a public
utility for some other purpose—such as
for financing the purchase of a gas
dryer, telephone equipment, or other
durable goods, or for insultation or other
home improvements—is not excepted
under § 1002.104(b)(2) but may be
excepted if it constitutes trade credit
under § 1002.104(b)(1), or in the
example of financing for certain home
improvements, if it does not constitute
an extension of business credit under
§ 1002.104(a). Existing comment 3(a)–2
states in part that a utility company is
a creditor when it supplies utility
service and bills the user after the
service has been provided.
The Bureau is adopting a definition of
‘‘covered credit transaction’’ that only
covers business credit and that fully
excludes public utilities credit pursuant
to its authority under ECOA section
704B(g)(1) to prescribe such rules and
issue such guidance as may be
necessary to carry out, enforce, and
compile data under section 1071, as
well as its authority under ECOA
704B(g)(2) to adopt exceptions to any
requirement of section 1071 and to
conditionally or unconditionally
exempt any financial institution or class
of financial institutions from the
statute’s requirements, as the Bureau
deems necessary or appropriate to carry
out the purposes of section 1071. The
Bureau believes that fully excluding
public utilities credit from the rule is
reasonable for the same reasons as the
Board enumerated when it adopted
exemptions from certain procedural
requirements under subpart A.
Specifically, covering public utilities
credit under this rule could potentially
result in ‘‘substantial changes in the
forms and procedures of public utilities
companies. Costs associated with such
changes would, in all likelihood, be
passed along to [small business
owners].’’ 474 The Bureau notes that
many of the policies and procedures of
public utilities companies are separately
regulated at the State and municipal
levels by public service commissions,
and at the Federal level by the Federal
Energy Regulatory Commission. The
Bureau also believes that public utilities
credit is akin to trade credit and thus is
473 See
474 40
E:\FR\FM\31MYR2.SGM
§ 1002.3(a).
FR 49298, 49305 (Oct. 22, 1975).
31MYR2
35244
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
excluding it from coverage under
subpart B for the same reasons.
lotter on DSK11XQN23PROD with RULES2
104(b)(5) Securities Credit
As noted above, the existing
definition of business credit in
§ 1002.2(g) partially excludes public
utilities credit, securities credit,
incidental credit, and government
credit, as defined in existing § 1002.3(a)
through (d), from requirements of
existing Regulation B. For the purpose
of proposed subpart B, the Bureau
proposed complete exclusions for
securities credit from the definition of a
covered credit transaction in proposed
§ 1002.104(b). The Bureau sought
comment on its proposal to exclude
securities credit but did not receive any
comments in response.
For the reasons set forth herein, the
Bureau is finalizing § 1002.104(b)(3) as
proposed. Section 1002.104(b)(3)
excludes securities credit, as defined in
existing § 1002.3(b)(1). Existing
§ 1002.3(b)(1) states that the term
securities credit refers to extensions of
credit subject to regulation under
section 7 of the Securities Exchange Act
of 1934 or extensions of credit by a
broker or dealer subject to regulation as
a broker or dealer under the Securities
Exchange Act of 1934. Several existing
Regulation B requirements do not apply
to securities credit transactions.475
The Bureau is adopting a definition of
‘‘covered credit transaction’’ that only
covers business credit and that fully
excludes securities credit pursuant to its
authority under ECOA section
704B(g)(1) to prescribe such rules and
issue such guidance as may be
necessary to carry out, enforce, and
compile data under section 1071, as
well as its authority under ECOA
704B(g)(2) to adopt exceptions to any
requirement of section 1071 and to
conditionally or unconditionally
exempt any financial institution or class
of financial institutions from the
statute’s requirements, as the Bureau
deems necessary or appropriate to carry
out the purposes of section 1071. The
Bureau is excluding securities credit to
foster consistency with existing
Regulation B.
104(b)(6) Incidental Credit
As noted above, the existing
definition of business credit in
§ 1002.2(g) partially excludes public
utilities credit, securities credit,
incidental credit, and government
credit, as defined in existing § 1002.3(a)
through (d), from requirements of
existing Regulation B. For the purpose
of proposed subpart B, the Bureau
475 See
§ 1002.3(b).
VerDate Sep<11>2014
18:47 May 30, 2023
proposed complete exclusions for
incidental credit from the definition of
a covered credit transaction in proposed
§ 1002.104(b).
As the Bureau explained in the
NPRM, existing § 1002.3(c)(1) states that
incidental credit refers to extensions of
consumer credit other than public
utilities and securities credit (i) that are
not made pursuant to the terms of a
credit card account; (ii) that are not
subject to a finance charge (as defined
in Regulation Z § 1026.4); and (iii) that
are not payable by agreement in more
than four installments. For example,
existing comment 3(c)–1 explains that if
a service provider (such as a hospital,
doctor, lawyer, or merchant) allows the
client or customer to defer the payment
of a bill, this deferral of debt is credit
for purposes of Regulation B, even
though there is no finance charge and
no agreement for payment in
installments—meaning that it would not
be covered under Regulation Z. Such
extensions of incidental credit are
excepted from compliance with certain
procedural requirements as specified in
existing § 1002.3(c). The Board created
these exceptions in response to
commenters that urged it to minimize
burdens on businesses that ‘‘permit
their customers to defer payment of debt
as a convenience and are not in the
business of extending credit.’’ 476
The Bureau sought comment on its
proposal to exclude incidental credit
and it received one industry comment
in support of the proposed exclusion.
For the reasons set forth herein, the
Bureau is finalizing § 1002.104(b)(4) as
proposed. The Bureau is adopting a
definition of ‘‘covered credit
transaction’’ that only covers business
credit and that fully excludes incidental
credit pursuant to its authority under
ECOA section 704B(g)(1) to prescribe
such rules and issue such guidance as
may be necessary to carry out, enforce,
and compile data under section 1071, as
well as its authority under 704B(g)(2) to
adopt exceptions to any requirement of
section 1071 and to conditionally or
unconditionally exempt any financial
institution or class of financial
institutions from the statute’s
requirements, as the Bureau deems
necessary or appropriate to carry out the
purposes of section 1071. The Bureau
believes that the Board’s reasoning with
respect to incidental credit’s limited
exception under existing Regulation B is
equally applicable and relevant here.
Additionally, the Bureau believes that
providers of incidental credit may not
intend to extend credit and may not
currently manage compliance with
476 40
Jkt 259001
PO 00000
FR 49298, 49304 (Oct. 22, 1975).
Frm 00096
Fmt 4701
Sfmt 4700
regulatory requirements associated with
making extensions of credit. The Bureau
believes an exclusion is appropriate to
further the business and community
development purpose of section 1071
because of the likelihood that these
entities may incur large costs relative to
their size to collect and report 1071 data
in an accurate and consistent manner,
which could result in entities limiting
credit to their small business customers
or in potential data quality issues.
Government Credit
The existing definition of business
credit in § 1002.2(g) partially excludes
public utilities credit, securities credit,
incidental credit, and government credit
(that is, extensions of credit made to
governments or governmental
subdivisions, agencies, or
instrumentalities—not extensions of
credit made by governments), as defined
in existing § 1002.3(a) through (d), from
existing Regulation B.477
In its NPRM, the Bureau did not
propose in § 1002.104(b) to separately
exclude government credit, as defined
in existing § 1002.3(d)(1) to mean
‘‘extensions of credit made to
governments or governmental
subdivisions, agencies, or
instrumentalities.’’ The Bureau sought
comment on its approach to government
credit but did not receive any comments
on this aspect of the proposal. For the
purpose of subpart B, the Bureau is
finalizing complete exclusions for
public utilities credit, securities credit,
and incidental credit from the definition
of a covered credit transaction in final
§ 1002.104(b), as described above, but is
not adopting a similar exclusion for
government credit. The Bureau is
finalizing its approach because it
believes that an express exclusion for
extensions of credit made to
governments or governmental
subdivisions, agencies, or
instrumentalities is not necessary
because such governmental entities
would not constitute small businesses
under the final rule.478
Additional Requested Exclusions
The Bureau received numerous
comments requesting the Bureau
exclude additional products from
coverage under the rule. These
477 As explained in existing comment 3–1, under
§ 1002.3, procedural requirements of Regulation B
do not apply to certain types of credit. The
comment further states that all classes of
transactions remain subject to § 1002.4(a) (the
general rule barring discrimination on a prohibited
basis) and to any other provision not specifically
excepted.
478 Government entities are not ‘‘organized for
profit’’ and are thus not a ‘‘business concern’’ under
proposed § 1002.106(a).
E:\FR\FM\31MYR2.SGM
31MYR2
lotter on DSK11XQN23PROD with RULES2
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
comments and the Bureau’s response
are discussed below.
Point-of-sale transactions. A trade
association urged the Bureau to fully
exempt point-of-sale transactions from
the rule, arguing that data collected in
connection with such transactions
would be inaccurate. In the alternative,
this commenter suggested an exception
from the requirement to obtain principal
owners’ ethnicity, race, and sex
information, for credit lines below
$50,000. As discussed in the section-bysection analysis of § 1002.107(c), the
Bureau does not believe it would be
appropriate to categorically exempt
point-of-sale transactions. The Bureau
also is not adopting a minimum
transaction amount threshold, as
discussed below.
Minimum transaction amount
threshold. Some industry commenters
requested the Bureau exempt all credit
transactions from section 1071
collection and reporting requirements if
they fell below a certain minimum
transaction threshold. One commenter
asked the Bureau to adopt a de minimis
loan amount exemption of at least $1
million to soften the rule’s impact on
small entities and borrowers. A credit
union stated that the Bureau should
implement a minimum loan amount of
$10 million. Some banks urged an
exemption for ‘‘small loans’’ under
$25,000, asserting a need to help
institutions, especially smaller
institutions, keep compliance costs
down and ensure these credit products
remain available to the small and
agricultural businesses who need them
most.
Some industry commenters, including
several credit union trade associations,
requested an exemption for credit
transactions under $50,000. A few
commenters argued such an exemption
was needed for consistency with
National Credit Union Administration
regulations, which impose a $50,000
threshold for reporting member business
loans. Two credit union trade
associations argued that failing to
exempt such loans would reduce their
availability and also reflects a
substantial underestimation of the full
impact of the proposed covered
financial institution threshold. Several
trade associations also recommended
the Bureau permit voluntary reporting
of loans below $50,000. A bank stated
that a $50,000 threshold would result in
a significant improvement that would
still allow the Bureau to obtain
meaningful data. Another bank
maintained that this exclusion was
needed to reduce compliance burdens
related to small loans that are not
profitable but that are important to
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
communities. On the other hand,
another commenter stressed the
importance of supporting access to
microloans for financing start-up or
growth and suggested separating
microloans ($50,000 or less) into a
separate category.
A few industry commenters suggested
exempting loans under $100,000. These
commenters generally argued that such
an exemption was needed to keep the
cost of loan origination lower for small
dollar borrowers, thereby helping to
make more borrowers eligible for credit.
Several industry commenters urged the
Bureau adopt a minimum transaction
amount threshold, without specifying a
dollar amount. One of these commenters
noted that, due to price inflation,
$100,000 would be too small of an
amount for such a threshold and that if
a threshold were established, it would
need to be per loan and not cumulative.
For the reasons set forth herein, the
Bureau is not adopting an exemption for
credit transactions below a certain
dollar threshold. At the time of the
Federal Reserve Banks’ 2021 survey of
employer firms, 60 percent of employer
firms had $100,000 or less in
outstanding debt, with 48 percent of
such firms holding $50,000 or less in
outstanding debt.479 According to SBA
data, more than 87 percent of Paycheck
Protection Program loans in 2021 were
loans of $50,000 and below,480 and
approximately 20 percent of SBA 7(a)
loans between 2010 and 2019 were in
amounts less than $25,000. In terms of
industry adoption of minimum loan
amount thresholds, research by the
FDIC shows that only a small share
(14.8 percent) of small banks require a
minimum loan amount for their top loan
product to small businesses, compared
with a majority (69.8 percent) of large
banks.481 Moreover, as discussed in the
section-by-section analysis of
§ 1002.106(b)(1), the Bureau believes
that loan size a poor proxy for small
business size—in fact, FDIC staff found
‘‘at least $19.1 billion in gross
understatement of small business
lending (in which small businesses with
less than $1 million in gross annual
revenue received loans with amounts
greater than $1 million).’’ 482 Based on
this information, the Bureau does not
479 2022
Small Business Credit Survey at 13.
Bus. Admin., PPP Report: Approvals
through 05/31/2021, https://www.sba.gov/sites/
default/files/2021-06/PPP_Report_Public_210531508.pdf.
481 Small Business Lending Survey at 44, https://
www.fdic.gov/bank/historical/sbls/full-survey.pdf.
482 Fed. Deposit Ins. Corp., Measurement of Small
Business Lending Using Call Reports: Further
Insights From the Small Business Lending Survey,
at 7 (July 2020), https://www.fdic.gov/analysis/cfr/
staff-studies/2020-04.pdf.
480 Small
PO 00000
Frm 00097
Fmt 4701
Sfmt 4700
35245
believe that adopting a minimum
transaction amount threshold would
further the purposes of section 1071
because it would exclude substantial
portions of small business lending.
Vehicle financing. One bank urged the
Bureau to specify that any motor vehicle
financed in the first instance by retail
motor vehicle dealers are deemed
consumer loans and thus exempt. A
vehicle leasing trade association also
suggested that vehicle financing was so
similar to consumer lending that it
should be exempt from section 1071
reporting requirements.
The Bureau is not categorically
exempting business-purpose vehicle
financing, even though it may often be
offered alongside consumer-purpose
credit. Per existing comment 2(g)–1, the
test for deciding whether a transaction
qualifies as business credit is one of
primary purpose. Where a small
business applies for vehicle financing
primarily for business or commercial
(including agricultural) purposes from a
covered financial institution, the
transaction is reportable. For a broader
discussion of vehicle financing with
respect to reporting obligations where
multiple financial institutions are
involved in a covered credit transaction,
see the section-by-section analysis of
§ 1002.109(a)(3).
Letters of credit. A bank asked the
Bureau to clarify if letters of credit are
covered credit transactions for purposes
of section 1071, and if they are, this
commenter also recommended that the
Bureau exclude these types of
transactions from reporting.
The Bureau understands that letters of
credit products are primarily used in the
international trade context. Generally, a
letter of credit is an instrument issued
by a bank that promises, upon the
presentation of certain documents and/
or satisfaction of certain conditions, to
direct payment to a beneficiary of the
instrument. Letters of credit are often
presented by buyers of goods who seek
to postpone payment until their goods
have been received. Some letters of
credit are secured by a promissory note
and are converted if the customer fails
to pay.
ECOA and Regulation B do not
address letters of credit. Regulation Z
excludes letters of credit under its
comment 2(a)(14)–1.vi. In finalizing this
exclusion, the Board stated that
‘‘[i]ssuance of letters of credit and
execution of option contracts are not
extensions of credit, although there may
be an extension of credit when the letter
of credit is presented for payment or the
option is exercised, if there is a deferral
of the payment of a debt at that
E:\FR\FM\31MYR2.SGM
31MYR2
lotter on DSK11XQN23PROD with RULES2
35246
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
time.’’ 483 The Bureau agrees with the
Board’s assessment of these products
and believes that a letter of credit is not
credit under ECOA. Thus, the Bureau is
not covering letters of credit under the
final rule.
Government programs. Some industry
commenters urged the Bureau to exempt
government lending programs (such as
the Paycheck Protection Program) and/
or government sponsored/guaranteed
loans (such as USDA loans), arguing
that inclusion would discourage
participation. One also argued that the
fact that the fees and interest rates for
Paycheck Protection Program loans were
set by Congress, meant there was a
reduced risk of discriminatory lending
practices related to terms of the credit
transaction. Another suggested that
1071 data collection and reporting was
not required because many government
programs already collected similar
information. A few commenters
specifically recommended exempting
SBA lending programs, particularly
section 504 loans.
The Bureau has considered these
comments but is not categorically
exempting credit transactions originated
by, sponsored by, facilitated by, or
guaranteed by government entities.
According to one source, there are 65
government-sponsored, grants, loans,
and programs that may benefit small
businesses.484 The Bureau understands
that many small businesses rely on
government programs for credit and
believes that excluding such credit in
this final rule would not further either
of section 1071’s statutory purposes.
C–PACE loans. A trade association of
Commercial Property Assessed Clean
Energy (C–PACE) loan providers
requested an exemption due to
purportedly unique features of C–PACE
loans, such as prior approval by the
local government, absence of
acceleration, lack of control over the
identity of the obligor, and absence of
private remedies.
C–PACE programs generally allow
commercial property owners, which
could include small businesses, to
receive financing to fund clean-energy,
seismic strengthening, or water
conservation improvements to their
properties. The financial obligation
arises from voluntary contract. Various
private companies appear to play a
significant role in financing, originating,
and administering C–PACE transactions.
Under State law, C–PACE is an
483 46
FR 20848, 20851 (Apr. 7, 1981).
Chamber of Com., 65 Grants, Loans and
Programs to Benefit Your Small Business (Nov. 17,
2022), https://www.uschamber.com/co/run/
business-financing/government-small-businessgrant-programs.
484 U.S.
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
assessment that appears on businesses’
property tax bills. Although the
commercial property owner signs the
financing agreement, it is typically not
a personal liability of the commercial
property owner, and the obligation will
stay with the property until fully paid.
C–PACE is secured by a super-priority
lien on the property—if the property is
sold through foreclosure, C–PACE (like
a regular property tax lien) is first in
line to receive any proceeds from the
sale even if a mortgage was on the
property first. The Bureau understands
that typically, only the arrearage on the
C–PACE lien gets paid off in
foreclosure, and the rest of the C–PACE
indebtedness remains with the property
after foreclosure.
While publicly available data on C–
PACE programs appear to be limited,
the Bureau understands that these
programs are growing in popularity; 485
excluding these loan products from the
requirements of this rule would result in
incomplete data about the relevant
markets and would thus not advance
section 1071’s business and community
development purpose.
The Bureau is not excluding C–PACE
financing arrangements from reporting
under section 1071, as requested by one
commenter. Based on its understanding
of typical C–PACE financing
arrangements and its expertise with
respect to the nature of credit
transactions, the Bureau believes that
the term ‘‘credit’’ under ECOA and final
§ 1002.102(i) encompasses these
products. Under a C–PACE financing
arrangement, there is (1) a ‘‘debt’’ in the
form of an obligation to pay for the cost
of property upgrades and (2) a right to
defer payment on that obligation for a
term. Similarly, there is (1) a
‘‘purchase[] [of] property or services’’ in
the form of property upgrades, and (2)
a right to defer payment on the property
or services. The borrower enters into C–
PACE financing through a voluntary
transaction. That the parties agree that
payment will be made through an
assessment through the property tax
system does not change the Bureau’s
analysis. ECOA (and Regulation B) do
not specify a particular vehicle or form
of payment for a transaction to
constitute credit, nor do they limit the
form of obligation. The Bureau is not
specifically defining C–PACE financing
arrangements in the rule because the
Bureau believes these products are
485 See, e.g., Greenworks Lending, C–PACE
Financing Sees Massive Growth Nationally: What
you should know about this alternative
development financing mechanism (June 7, 2021),
https://commercialobserver.com/2021/06/c-pacefinancing-sees-massive-growth-nationally/.
PO 00000
Frm 00098
Fmt 4701
Sfmt 4700
covered by the definition of ‘‘credit’’ in
final § 1002.102(i).
Finally, in the Bureau’s judgment, an
exclusion of C–PACE loans—whether by
interpretation or by granting an
exception—would not further the fair
lending and the business and
community development purposes of
section 1071.486 This is for three
independent reasons. First, while the
Bureau understands that C–PACE
financing may present less fair lending
risk compared to some other products
because such financing is based on the
value of the property, not the
creditworthiness of the obligor (who can
change along with ownership of the
property), the Bureau does not believe
that is a sufficient reason by itself to
exclude C–PACE lending from coverage
under this final rule. Section 1071 is not
limited to those products with the
highest fair lending risk. Second, the
Bureau does not agree that data
collection to provide additional insight
into the product is unnecessary. Third,
and most significantly, including C–
PACE loans should create a more level
playing field across financial
institutions that provide construction
financing to small businesses as well as
create a dataset that better reflects
demand for such financing by the
smallest and most vulnerable
businesses.
Overdraft lines of credit. In its NPRM,
the Bureau did not address overdraft
lines of credit other than asking whether
they should be listed as a credit product
separate from other lines of credit. The
Bureau received one comment urging
exclusion of overdraft lines of credit on
the grounds that their inclusion would
significantly expand the data collection
requirements for small business deposit
account applications since most such
deposit accounts have an option to
obtain an overdraft line of credit. This
commenter also argued that collecting
data on overdraft lines of credit would
not further section 1071’s purpose of
preventing discrimination against small
business credit applicants because
banks conduct little, if any,
underwriting when extending overdraft
lines of credit on small business deposit
accounts.
The Bureau is not categorically
exempting overdraft lines of credit but
notes that they are reportable only
where there is an ‘‘application’’ under
§ 1002.103. Providing occasional
overdraft services as part of a deposit
account offering would not be reported
for the purpose of subpart B pursuant to
new comment 107(a)(6)–8.
486 ECOA
E:\FR\FM\31MYR2.SGM
section 704B(a).
31MYR2
lotter on DSK11XQN23PROD with RULES2
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
Voluntary Reporting
Absent a specific requirement to
collect protected demographic data
(such as in section 1071), ECOA
generally blocks collection of such
demographic data in connection with an
application for credit. The Bureau
sought comment on whether financial
institutions should be permitted to
voluntarily collect and report
applicants’ protected demographic
information for transactions such as
leases (due to the practical difficulty
cited by some stakeholders of
distinguishing leases from loans),
consumer-designated credit (when
financial institutions have reason to
believe the credit might be used for
business purposes), and real estate
investment loan transactions that are
secured by non-owner occupied 1–4
dwelling unit properties pursuant to
proposed § 1002.109.
The Bureau received comments from
community groups and trade
associations on this aspect of the
proposal. A number of community
groups stated that the Bureau should
permit voluntary reporting on leases
and factoring to have the most
comprehensive data on the small
business financing market as it relates to
minority entrepreneurs. A community
group purporting to address the
proposed amendments to existing
§ 1002.5(a)(4) commented that the
Bureau should permit voluntary
collection not only by financial
institutions not covered by the rule, but
also should permit covered financial
institutions to collect data on consumer
credit used to fund small businesses.
The Bureau did not receive any
industry comments expressing an
interest in being able to voluntarily
report non-covered products. In fact, a
few trade associations and a business
advocacy group expressly opposed such
voluntary reporting. One trade
association argued against voluntary
reporting of non-covered transactions,
citing concerns about the quality of data
collected and the creation of an uneven
playing field among financial
institutions that would contribute to
misinterpretations of the data by
observers. Two other commenters also
argued against the voluntary reporting
of consumer-designated credit used for
business purposes, asserting that such
reporting would create confusion,
introduce the possibility of error, and
put financial institutions in a position to
question their members’ intentions.
For the reasons set forth herein, the
Bureau is finalizing its approach to not
permit voluntary reporting of noncovered products. The Bureau sought
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
comment on voluntary reporting to
address a potential pain point for
industry but heard no industry interest
in such a solution. The Bureau thus
finds it unnecessary to change the
proposed section 1071 collection system
to receive data on such non-covered
products. However, as discussed in the
section-by-section analysis of
§ 1002.112(c)(3), the Bureau is adopting
a catch-all safe harbor that will protect
financial institutions who encounter the
underlying situation that voluntary
reporting was intended to address.
Specifically, that safe harbor will
address situations where a financial
institution has a reasonable basis—at
the time of collecting the protected
demographic information required by
this rule—to believe there is a covered
application and that data collection is
necessary, including situations in which
it later determines that the transaction is
not in fact reportable (because the
ultimate transaction is not a covered
product, the business is not small, or
there is otherwise not a covered
application).
Section 1002.105 Covered Financial
Institutions and Exempt Institutions
ECOA section 704B(h)(1) defines the
term ‘‘financial institution’’ as ‘‘any
partnership, company, corporation,
association (incorporated or
unincorporated), trust, estate,
cooperative organization, or other entity
that engages in any financial activity.’’
The Bureau is finalizing a definition of
financial institution in § 1002.105(a)
consistent with that statutory language.
The Bureau is defining a covered
financial institution in § 1002.105(b) as
a financial institution that originated at
least 100 covered credit transactions
from small businesses in each of the two
preceding calendar years. Only those
financial institutions that meet this
loan-volume threshold in the definition
of a covered financial institution would
be required to collect and report small
business lending data pursuant to
proposed subpart B.
The Bureau’s definitions reflect the
broad nature of the data collection
specified in section 1071, while
recognizing the risks that financial
institutions with the lowest volume of
small business lending might limit their
small business lending activity because
of the fixed costs of coming into
compliance with this rule.
The Bureau is finalizing § 1002.105 to
implement ECOA section 704B(h)(1)
and pursuant to its authority under
704B(g)(1) to prescribe such rules and
issue such guidance as may be
necessary to carry out, enforce, and
compile data pursuant to section 1071.
PO 00000
Frm 00099
Fmt 4701
Sfmt 4700
35247
The Bureau is also finalizing
§ 1002.105(b) pursuant to its authority
under 704B(g)(2) to conditionally or
unconditionally exempt any financial
institution or class of financial
institutions from the statute’s
requirements, as the Bureau deems
necessary or appropriate to carry out the
purposes of section 1071. The Bureau is
finalizing these provisions and using its
exemption authority under 704B(g)(2)
for the reasons set forth below.
105(a) Financial Institution
Proposed Rule
ECOA section 704B(h)(1) defines the
term ‘‘financial institution,’’ for
purposes of section 1071, as ‘‘any
partnership, company, corporation,
association (incorporated or
unincorporated), trust, estate,
cooperative organization, or other entity
that engages in any financial activity.’’
Existing Regulation B, which
implements ECOA, has not otherwise
defined this term.
Proposed § 1002.105(a) would have
restated the statutory definition of a
financial institution as any partnership,
company, corporation, association
(incorporated or unincorporated), trust,
estate, cooperative organization, or other
entity that engages in any financial
activity. The Bureau believed that this
definition reflects the broad nature of
small business lending data collection
specified in section 1071. Under such a
definition, the rule’s data collection and
reporting requirements would apply to
a variety of entities that engage in small
business lending, including depository
institutions (i.e., banks, savings
associations, and credit unions),487
online lenders, platform lenders, CDFIs,
Farm Credit System lenders, lenders
involved in equipment and vehicle
financing (captive financing companies
and independent financing companies),
commercial finance companies,
governmental lending entities, and
nonprofit, nondepository lenders.
The Bureau noted that the broad
scope of what may be considered a
‘‘financial activity’’ in the proposed
487 Throughout this document, the Bureau is
using the term depository institution to mean any
bank or savings association defined by the Federal
Deposit Insurance Act, 12 U.S.C. 1813(c)(1), or
credit union defined pursuant to the Federal Credit
Union Act, as implemented by 12 CFR 700.2. The
Bureau notes that the Dodd-Frank Act defines a
depository institution to mean any bank or savings
association defined by the Federal Deposit
Insurance Act; there, that term does not encompass
credit unions. 12 U.S.C. 5301(18)(A), 1813(c)(1). To
facilitate analysis and discussion, the Bureau is
referring to banks and savings associations together
with credit unions as depository institutions
throughout this rulemaking, unless otherwise
specified.
E:\FR\FM\31MYR2.SGM
31MYR2
35248
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
lotter on DSK11XQN23PROD with RULES2
definition of financial institution would
not be the principal determinative factor
as to whether small business lending
data collection and reporting is
required; the proposed definition of a
covered financial institution, the
proposed definition of a covered
application, and the proposed definition
of a covered credit transaction, among
others, all would impose limits on what
entities could be subject to the rule’s
data collection and reporting
requirements.
Proposed comment 105(a)–1 would
have provided a list of examples of
entities that may fit within the
definition of a financial institution. This
proposed comment would have made
clear that nonprofit and governmental
entities, governmental subdivisions, or
governmental agencies, among others,
who conduct financial activity fit within
the definition of a financial institution.
Proposed comment 105(a)–2 would
have referred to proposed § 1002.101(a)
to reiterate the statutory exclusion for
motor vehicle dealers.
The Bureau sought comment on this
proposed definition of a financial
institution, and generally requested
comment on whether additional
clarification is needed.
Comments Received
A broad range of commenters,
including lenders, trade associations,
community groups, and business
advocacy groups, expressed support for
the Bureau’s proposed general
definition of financial institution. A
number of commenters stated that it is
an appropriately broad definition that
captures a wide variety of lenders,
including online lenders, platform
lenders, lenders involved in equipment
and vehicle financing, and commercial
finance companies. Commenters
asserted that a broad definition will
yield meaningful data. Several
commenters noted that capturing a
broad array of lenders is essential for
achieving the objectives of section 1071
and that a broad definition is important
for regulatory parity. Other commenters
stated that there should be no
exceptions permitted for certain types of
lenders and a community group stated
that missing any segment of lending
risks encouraging abusive lending
institutions to violate fair lending laws.
One trade association expressed
opposition to the proposed definition,
however, arguing that it is too broad
because it includes captive vehicle
finance partners.
Several commenters agreed that the
rule must apply to government lenders,
with one commenter specifically
requesting inclusion of the Farm Service
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
Agency. An association urged the
Bureau to include as examples in the
rule the largest Federal, State, and
municipal lending programs.
Another trade association stated that
SBA certified development companies
are certified and regulated by the SBA,
and the SBA already collects
application information that includes
the data points that the Bureau proposes
to collect. The commenter further
asserted that reproducing these data will
likely incur significant one time and
ongoing compliance costs. In contrast, a
bank stated that data shows that the
performance levels of the SBA and the
lenders participating in their programs
has produced dismal results, permitting
some lenders to enjoy ‘‘preferred’’
lender status while not delivering loans
to disadvantaged communities.
Moreover, two commenters urged the
Bureau to work with other government
agencies to ensure that existing
reporting is leveraged where possible.
Final Rule
For the reasons set forth herein, the
Bureau is finalizing § 1002.105(a) and
its associated commentary as proposed.
The Bureau emphasizes that the list of
examples of entities in comment 105(a)–
1 is not exhaustive and that other
entities not specifically described may
nonetheless fit within the definition of
a financial institution under
§ 1002.105(a). The Bureau agrees with
commenters that governmental lenders
should be covered by the rule. As
explained in the proposed rule, the
Bureau interprets the statute to include
government entities in the definition of
financial institution. The definition of
the term ‘‘financial institution’’ in
ECOA section 704B(h)(1) includes the
phrase ‘‘or other entity.’’ That term
readily encompasses governments and
government entities. Even if the term
‘‘or other entity’’ were ambiguous, the
Bureau believes—based on its expertise
and experience—that interpreting it to
encompass governments and
government entities promotes the
purposes of section 1071.
For example, the Bureau believes that
it will be helpful to identify the
business and community development
needs and opportunities of small
businesses, including those that are
women-owned, minority-owned, and
LGBTQI+-owned, by collecting lending
data from both a county-run assistance
program for establishing new businesses
and financial institutions that operate
nationwide, like online lenders. The
Bureau also believes that the terms
‘‘companies’’ or ‘‘corporations’’ under
the definition of ‘‘financial institution’’
in ECOA section 704B(h)(1), cover all
PO 00000
Frm 00100
Fmt 4701
Sfmt 4700
companies and corporations, including
government-owned or -companies and
corporations. And even if those terms
were ambiguous, the Bureau believes—
based on its expertise and experience—
that interpreting them to cover
government-owned or -companies and
corporations advances the purposes of
section 1071, particularly the business
and community development purpose,
as it will more accurately capture
demand for credit.
The Bureau is not, however, listing
specific examples of covered
governmental lenders/programs in the
rule. The Bureau does not believe such
a list is necessary, and inclusion of a
specific list could cause confusion if the
listed programs (or those lenders’ loan
volumes) were to change.
In response to commenters who raised
potential overlap with other reporting
regimes, see part V.D.3 for a detailed
discussion of this issue.
Commenters’ requests for specific
exclusions, such as for captive vehicle
finance partners, are discussed in the
section-by-section analysis of
§ 1002.105(b) below.
105(b) Covered Financial Institution
Background
Throughout the rulemaking process,
the Bureau has received requests to
adopt a variety of exemptions from
collection and reporting requirements
under section 1071. Reasons cited have
included discouraging market
disruption, ensuring data quality,
alleged lack of materiality of data from
smaller lenders that rarely make small
business loans, and lack of capacity by
the lenders sufficient to justify small
business lending as a line of business in
light of the cost of complying with the
rule.
As detailed below, the Bureau is
adopting an activity-based exemption.
The Bureau defines a covered financial
institution in § 1002.105(b) as a
financial institution that originated at
least 100 covered credit transactions
from small businesses in each of the two
preceding calendar years. Only those
financial institutions that meet this
loan-volume threshold in the definition
of a covered financial institution will be
required to collect and report small
business lending data under this rule.
The final rule does not include
categorical exemptions for particular
types of institutions from coverage, but
the Bureau notes that its Regulation B
does not apply to motor vehicle
dealers.488
488 Regulation B does not apply to a person
excluded from coverage by section 1029 of the
Consumer Financial Protection Act of 2010, title X
E:\FR\FM\31MYR2.SGM
31MYR2
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
lotter on DSK11XQN23PROD with RULES2
Proposed Rule
Activity-based exemption. In the
SBREFA Outline, the Bureau stated that
it was considering whether only
financial institutions that engage in a
certain amount of small business
lending activity should be required to
collect and report 1071 data.489 The
Bureau explained that in light of section
1071’s potentially broad application to
financial institutions, an activity-based
test to determine reporting
responsibility might be appropriate. In
particular, the Bureau expressed
concern that financial institutions with
the lowest volume of small business
lending might limit their small business
lending activity because of the fixed
costs of coming into compliance with
the rule. The Bureau stated that this
result could be contrary to the
community development purpose of
section 1071.
In the NPRM, the Bureau stated that
it believed that an activity-based
threshold would provide a simple basis
for financial institutions that
infrequently lend to small businesses to
determine whether they have conducted
sufficient lending activity as to be
required to collect and report data under
proposed subpart B. The Bureau
believed that furnishing a dual activitybased and asset-based threshold, under
which infrequent lenders must ascertain
both measurements to determine
whether reporting may be required,
would cut against the goal of
simplifying the rule as lenders would
then have to track two metrics, not one.
The Bureau believed that a dual
threshold would create more regulatory
complexity as compared to only
tracking total annual small business
originations.
In particular, the Bureau believed that
a primary advantage of an activity-based
threshold—ease of compliance—would
be undermined if the Bureau were to
implement a complex, dual threshold
eligibility test. The Bureau wished to
ensure that infrequent lenders were not
incurring significant undue compliance
costs, particularly while not reporting
data. In general, tracking two thresholds
is more complex than tracking one. The
Bureau believed it is also more likely
that financial institutions are already
tracking total originations. The Bureau
believed that proposing an activitybased threshold that employs data
already generally collected by financial
institutions could mitigate the risk that
of the Dodd-Frank Wall Street Reform and
Consumer Protection Act, Public Law 111–203, 124
Stat. 1376, 2004 (2010).
489 SBREFA Outline at 12–13.
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
section 1071, when implemented,
would result in reduced access to credit.
Activity threshold level. Proposed
§ 1002.105(b) would have defined a
covered financial institution as a
financial institution that originated at
least 25 covered credit transactions for
small businesses in each of the two
preceding calendar years. Only those
financial institutions that meet this
loan-volume threshold in the definition
of a covered financial institution would
be required to collect and report small
business lending data pursuant to
subpart B.
The Bureau believed this definition
would facilitate compliance by
describing which financial institutions
are required to collect and report small
business data. The Bureau also
proposed commentary to accompany
proposed § 1002.105(b). In general, the
Bureau believed that fulfilling the
purposes of section 1071 necessitates
collecting small business lending data
from all sizes and types of financial
institutions (other than those with a low
volume of lending activity), particularly
given the variety of entities identified in
ECOA section 704B(h)(1). The Bureau
proposed to exempt certain financial
institutions from its small business
lending rule because it remained
concerned that financial institutions
with the lowest volume of small
business lending might limit their small
business lending activity due to the
fixed costs of coming into compliance
with the rule. That type of market
disruption could run contrary to the
business and community development
purpose of section 1071. Section 1071
describes its community development
purpose as ‘‘enabl[ing] communities,
governmental entities, and creditors to
identify business and community
development needs and opportunities of
women-owned, minority-owned, and
small businesses.’’ 490 In the Bureau’s
view, ensuring that business and
community development opportunities
could be met as well as identified
supported the Bureau’s use of its
exemption authority under 704B(g)(2)
here.
The Bureau proposed to set the
activity-based threshold based on small
business originations, rather than
applications. The statutory language of
section 1071 generally applies to
applications; however, the Bureau
believed that using small business
originations for purposes of defining a
covered financial institution is the
better approach. The Bureau expected
that financial institutions track their
small business application volumes in
490 ECOA
PO 00000
section 704B(a).
Frm 00101
Fmt 4701
various ways, but whether an
origination resulted was a clear and
readily identifiable metric. Using an
exemption metric based on applications
would have imposed new obligations on
financial institutions solely for purposes
of determining whether or not they are
subject to this rule. As discussed above,
the Bureau believed that proposing an
activity-based threshold that employed
data already generally collected by
financial institutions could mitigate the
risk that section 1071, when
implemented, would result in reduced
access to credit. In addition, even those
financial institutions that track total
applications now may not do so in a
way that fully aligns with how the
Bureau proposed to define covered
applications for purposes of proposed
subpart B. Using the number of
originations, as opposed to applications,
for an activity-based threshold was also
consistent with the Bureau’s Regulation
C.
The Bureau proposed to clarify in
§ 1002.105(b) that for purposes of
defining a covered financial institution,
if more than one financial institution
was involved in the origination of a
covered credit transaction, only the
financial institution that made the final
credit decision approving the
application shall count the origination.
The Bureau believed that providing this
clarifying language would assist
financial institutions in understanding
which transactions count towards the
loan-volume threshold. This approach
was consistent with the Bureau’s
proposed § 1002.109(a)(3).
Proposed comments 105(b)–4 and –5
would have explained when a financial
institution was a covered financial
institution following a merger or
acquisition. These proposed comments
were largely consistent with the
Bureau’s approach to reporting
obligations surrounding a merger under
Regulation C,491 with modifications to
reflect the nature of the small business
lending market and to provide
additional clarifications.
Proposed comment 105(b)–6 would
have clarified that Regulation B
(including proposed subpart B)
generally did not apply to lending
activities that occur outside the United
States.
Finally, proposed comment 105(b)–7
would have addressed financial
institutions that do not qualify as
covered financial institutions but may
nonetheless wish to voluntarily collect
and report small business lending data.
This proposed comment would have
reiterated that proposed
491 See
Sfmt 4700
35249
E:\FR\FM\31MYR2.SGM
Regulation C comments 2(g)–3 and –4.
31MYR2
lotter on DSK11XQN23PROD with RULES2
35250
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
§ 1002.5(a)(4)(vii) through (ix) permitted
a creditor that was not a covered
financial institution under proposed
§ 1002.105(b) to voluntarily collect and
report information regarding covered
applications in certain circumstances. If
a creditor is voluntarily collecting
applicants’ protected demographic
information for covered applications, it
shall do so in compliance with
proposed §§ 1002.107, 1002.108,
1002.111, 1002.112, and 1002.114 as
though it were a covered financial
institution. Proposed comment 105(b)–7
would have further stated that if a
creditor was voluntarily reporting those
covered applications to the Bureau, it
shall do so in compliance with
proposed §§ 1002.109 and 1002.110 as
though it were a covered financial
institution.
The Bureau sought comment on its
proposed 25 originations threshold
incorporated into the definition of a
covered financial institution. The
Bureau also solicited comment on
whether this threshold should
alternatively be set at 50 or 100 covered
credit transactions. In addition, the
Bureau sought comment on whether an
activity-based threshold should be
based on the total number of small
business applications, rather than
originations. The Bureau also requested
comment on whether additional
clarification was needed for this
proposed definition.
Two-year threshold measurement
period. The Bureau proposed to define
a covered financial institution using a
loan-volume threshold that must be
achieved in each of the two preceding
calendar years.
The Bureau acknowledged that a loanvolume threshold based on a two-year
period could create some operational
complexity for some financial
institutions. To be sure that it was not
a covered financial institution, a
financial institution would need to
maintain records sufficient to show total
small business originations for both
years of the threshold period. The
Bureau believed that two years was not
a prohibitively long time, although it is
possible that infrequent lenders may
have smaller staff or fewer resources to
reliably track such information for
section 1071’s purposes. The Bureau
believed that a two-year threshold
period was advisable to eliminate
uncertainty surrounding data collection
responsibilities. Under this proposal, a
financial institution that may not
frequently lend to small businesses, but
that experiences an unusual and
unexpectedly high lending volume in a
single year would not be a covered
financial institution. As discussed in
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
part VIII below, in order to comply with
the Bureau’s rule, a financial institution
may need to undertake substantial onetime costs that include operational
changes, such as staff training,
information technology changes, and
develop policies and procedures.
Therefore, the Bureau believed it
appropriate to propose a two-year
threshold period to provide more
stability around reporting
responsibilities. Regulations that
implement HMDA and the Community
Reinvestment Act provide similar
periods to determine coverage.
The Bureau noted that employing a
two-year approach would delay
reporting for new, potentially active
entrants. For example, under this
proposal a large lender that enters the
market and originates hundreds or even
thousands of small business loans in its
first two calendar years of lending
would not report its covered
applications. That is, under the Bureau’s
proposal, this financial institution
would not be required to collect and
report data on its covered applications
for small businesses in those first two
years, although the institution could
choose to voluntarily collect and report
data. The Bureau recognized, however,
that triggering data collection and
reporting requirements based on
lenders’ estimates of their projected
future volume could be challenging to
implement.
The proposed two-year threshold
period could pose other challenges for
financial institutions that conduct small
business lending activity near the
proposed 25 small business originations
threshold. See the section-by-section
analysis of § 1002.5(a)(4) above for a
discussion of § 1002.5(a)(4)(viii), which
would allow a financial institution to
collect ethnicity, race, and sex
information pursuant to proposed
subpart B for a covered application
under certain circumstances during the
second year of the threshold period. See
the section-by-section analysis of
§ 1002.114(c)(2) below for discussion of
additional flexibility that the Bureau is
finalizing regarding measuring lending
activity prior to the rule’s compliance
date.
Proposed comment 105(b)–1 would
have clarified the meaning of a
preceding calendar year for purposes of
the proposed activity-based threshold.
See the section-by-section analysis of
§ 1002.114(c)(3) below for additional
discussion regarding measuring lending
activity prior to the rule’s compliance
date. Proposed comment 105(b)–2
would have emphasized that a financial
institution qualifies as a covered
financial institution based on total
PO 00000
Frm 00102
Fmt 4701
Sfmt 4700
covered credit transactions originated
for small businesses, rather than
covered applications received from
small businesses. Proposed comment
105(b)–3 would have explained that
whether a financial institution is a
covered financial institution depends on
its particular small business lending
activity in the two preceding calendar
years, and that the obligations of a
covered financial institution is an
annual consideration for each year that
data may be compiled and maintained
under proposed § 1002.107(a).
Other requested exemptions. The
Bureau did not propose to adopt
alternative exemptions or exceptions to
the definition of covered financial
institution, other than the loan-volume
threshold as described above.
With respect to government lenders,
in the proposal the Bureau stated that it
has not identified, nor did small entity
representatives or other stakeholders
provide, policy or legal rationales for
excluding government lenders from the
rule. The Bureau believed that
collecting information on small business
lending by government entities
furthered the purposes of section 1071.
Moreover, the Bureau believed, as
described above in the discussion of
proposed comment 105(a)–1, that
government entities were included
within the phrase ‘‘other entity’’ in the
ECOA section 704B(h)(1) definition of
‘‘financial institution.’’ For example, the
Bureau believed that it would be helpful
to identify the business and community
development needs of women-owned,
minority-owned, and small businesses
by collecting lending data from both an
online lender and a county-run
assistance program for establishing new
businesses.
For the same reasons, the Bureau did
not believe that exempting not-for-profit
lenders from data collection was
consistent with the purposes of section
1071. The Bureau believed that
organizations exempt from taxation
pursuant to 26 U.S.C. 501(c) play a
crucial role in lending to small
businesses, particularly those that are
women- or minority-owned, in certain
communities.
With respect to the concern that
certain financial institutions may
encounter difficulty absorbing
compliance costs, the Bureau believed
that directly considering a financial
institution’s activity is a more
appropriate way to address this concern
and not a categorical exemption. With
respect to a financial institution’s
lending importance for a community or
region (such as low income or rural) as
a reason to include categorical
exemptions, the Bureau believed that
E:\FR\FM\31MYR2.SGM
31MYR2
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
lotter on DSK11XQN23PROD with RULES2
such arguments emphasize the
importance of collecting and analyzing
such data to further the purposes of
section 1071 rather than justify an
exemption. Finally, with respect to the
concern that certain business models or
products are not conducive to data
collection or reporting, the Bureau
believed it would most appropriately
address such concerns by providing
clarification regarding how reporting
rules apply to certain covered credit
transactions and also not covering
certain transactions. See the section-bysection analyses of §§ 1002.104(b) and
1002.109(a)(3). The Bureau proposed
comment 105(a)–1, discussed above,
consistent with the considerations
discussed here.
Therefore, for the reasons described
above, the Bureau did not propose to
define a covered financial institution by
providing alternative exemptions or
exceptions. The Bureau sought
comment on this approach, including
data or information that might bear
upon any such alternative exemptions
in light of section 1071’s purposes.
Comments Received
Commenters expressed a variety of
perspectives with respect to the
Bureau’s proposal regarding potential
exemptions. Feedback from most
industry commenters generally was in
support of exempting certain financial
institutions from data collection and
reporting obligations. Most feedback in
support of pursuing exemptions focused
on the potential burden of new
regulatory requirements, with some
commenters cautioning that collection
and reporting obligations could lead to
an increase in the cost of credit and
could cause lenders to exit the market.
A few commenters connected these
potential costs with section 1071’s
purpose of identifying business and
community development needs and
opportunities (chiefly arguing that costs
might lead to higher costs of lending or
lower lending volume), or otherwise
expressed a general belief that some
exemptions were consistent with
statutory purposes. In addition, many
commenters, mostly community groups,
urged caution with respect to the extent
of any such exemptions, arguing that
not capturing a significant amount of
small business lending data would run
contrary to the general purposes of
section 1071.
Activity-based exemption. Many
commenters supported the general
concept of an activity-based threshold.
A large bank asserted that an
origination-based approach would
ensure that collected data represents a
comprehensive view of the small
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
business lending landscape. A few
commenters stated that a clear, bright
line rule is helpful, and that an activity
threshold is relatively simple for lowvolume lenders to apply. Moreover, two
commenters said that an activity
threshold creates a level playing field,
while a CDFI lender stated that such an
approach will ensure that the Bureau
captures data from lenders that are
small in asset size but active in small
business lending. Two commenters,
however, noted that some lenders may
not currently track applicant GAR and
this may somewhat increase burden of
counting originations to small
businesses.
A community group urged the Bureau
to guard against evasion of the activitybased threshold through the creation of
subsidiaries, stating that the Bureau
should include a rule that for the
purposes of determining the loan
threshold, loans are counted at the
parent institution or holding company
level.
A number of commenters opposed an
activity-based threshold. Two banks
stated that it was confusing because the
threshold is only for originations, yet all
applications are reported. One of the
banks stated that a financial institution
may not know whether it would meet
the threshold until very close to the
reporting period, while another bank
stated it may be difficult to know which
loans are covered for purposes of
determining loan activity.
Several industry commenters asserted
that an activity-based threshold is not a
good metric for banks, with several
banks suggesting that an asset-size
coverage definition would be more
straightforward and consistent.
Commenters explained that lending
varies each year, while assets are more
predictable and forecastable. A few
community banks stated that an
activity-based threshold based solely on
originations is misguided and results in
a one-size-fits-all exemption that
disregards the unique characteristics
that exist in communities across the
country, resulting in reduced access to
credit. Several industry commenters
stated that an activity-based threshold
could encourage lenders to deny
applications or reduce their lending to
stay under the threshold. Additionally,
several commenters noted that some
lenders near the threshold may go back
and forth between being covered or not.
Counting originations. Several
lenders, trade associations, and a
community group, expressed support
for counting originations, not
applications, for determining coverage.
The community group asserted that this
PO 00000
Frm 00103
Fmt 4701
Sfmt 4700
35251
approach is consistent with CRA and
HMDA.
A few commenters provided feedback
on how originations should be counted
for purposes of determining the
threshold. A trade association asserted
that all Paycheck Protection Program
loans and similar future government
programs should be exempt from the
originations threshold. In addition, two
commenters stated that additional credit
amounts, such as line increases, should
not count as a separate credit product
for purposes of counting originations for
the threshold. One noted that very small
businesses may request multiple line
increases in a year.
Activity threshold level. The Bureau
received a large number of comments
regarding the activity threshold level
from a range of stakeholders, including
lenders and community groups. Many
community groups and some industry
commenters, including communityoriented lenders and a few large banks,
along with a minority business
advocacy group and several members of
Congress, supported the proposed 25
loan threshold, citing its broad coverage.
Commenters stated that the proposed
threshold allows for coverage of banks,
nondepository lenders, ‘‘fintech’’
lenders, CDFIs, and other types of
financial institutions. A communityoriented lender argued that gathering
data from small business lenders or all
types and sizes is critical, given that
entrepreneurs of color are less likely to
be approved for capital by banks, often
turning to alternative lenders as a result.
Another commenter stated that even a
25-origination lender will have
substantial data with respect to adverse
actions or declinations, up to four times
as much.
Commenters asserted that this
threshold was an appropriate approach
to excluding de minimis lenders, was
simple to apply, and would yield
meaningful data collection. A few
commenters argued that the activity
threshold should not be increased above
25 loans, given the Bureau’s estimated
costs of compliance. Some commenters
cited similarities to the 2015 HMDA
rule, with one commenter further
asserting that when the HMDA
threshold was raised, certain lenders no
longer reported data. Commenters
asserted that gathering robust lending
data will ensure that the rule
implementing section 1071 is fulfilling
the statutory purposes and community
development organizations need
sufficient data that cover enough of the
market. In addition, one commenter
urged a 10-loan threshold, asserting that
is the minimum threshold that is
necessary to change lending behavior
E:\FR\FM\31MYR2.SGM
31MYR2
lotter on DSK11XQN23PROD with RULES2
35252
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
and improve access to capital for Black
business borrowers. This commenter
further asserted that all regulated
financial institutions that maintain FDIC
deposit insurance should report their
small business lending results.
Many commenters, including
community groups, community-oriented
lenders, individual commenters, and a
business advocacy group, emphasized
that section 1071’s statutory purposes
could be frustrated if the threshold were
increased. Commenters argued that it
would be impossible to meet the
statutory purposes of the rule unless
most of the market is covered. A
commenter further asserted that if the
threshold were increased, the database
would no longer be statistically
representative of actual lending and
would not be able to accurately reveal
whether credit needs were being met in
all communities. Commenters stated
that increasing the threshold will
disproportionately harm many small
business owners, rural communities,
banking deserts and redlined areas that
may find that ‘‘small’’ lenders make up
a significant portion of the local lending
market. Commenters stated that
accurately measuring access to credit,
and pursuing fair lending enforcement
when warranted, would be substantially
diminished if too many lenders and
loans are exempt from reporting,
particularly in smaller cities and rural
areas. Another commenter asserted that
if the Bureau elected to use a higher
threshold it would exclude gathering
data from commercial lenders that are
small, but still impact many people.
Moreover, a commenter stated that the
Bureau’s estimates show decreased
coverage of banks at higher thresholds.
Commenters stated that it is important
to ensure coverage of rural areas, which
may be in persistent poverty, and which
are often served by small lenders.
Moreover, a community group stated
that the threshold must cover
intermediate-sized banks, which are
important to rural communities and
small cities, and whose information has
been missing from CRA data since 2003.
Commenters stated that increasing the
threshold could frustrate enforcement of
the CRA, and risk the chance that the
data are not representative of the actual
small business lending landscape. A
commenter further asserted that
comprehensive data are needed to assist
in fair lending actions at the local level.
In contrast, nearly all industry
commenters opposed the proposed
coverage threshold of 25 originations
annually for two consecutive years.
Commenters stated that the threshold
was too low and would lead to
increased costs and burden, particularly
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
for community banks and credit unions.
Numerous banks and trade associations
expressed concern that too many small
banks would be subject to the rule with
a 25-loan activity threshold. For
example, two trade associations asserted
that at least 780 banks under $100
million in assets would be subject to
reporting, and these institutions average
13 employees at 1.6 branches. In
addition, several members of Congress
asserted that the proposed threshold
levels for the rule were far too stringent,
and would drastically impact the ability
of small institutions to make loans to
small businesses and decrease access to
credit for minority-owned, womenowned, and small businesses. Several
commenters argued that small lenders
have little data to offer relative to the
costs of acquiring the data. One also
asserted that it was unreasonable to
subject thousands of additional small
depository institutions to a complex and
costly rule to collect data on
approximately four percent of the small
business lending market. Many of
commenters suggested higher
thresholds, with requests ranging from
100 to 1,000 transactions annually,
using the same two-year test. In
particular, a large number of
commenters requested thresholds at
100, 200, 500, or 1,000 loans annually.
A number of industry commenters
supported a 100-loan threshold. Many
of these commenters urged the Bureau
to set institutional coverage similar to
HMDA at that time, both for consistency
and because lenders already reporting
HMDA data would incur lower
compliance costs because they already
have data collection systems in place.
Moreover, commenters asserted that a
100-loan threshold would still capture
an estimated 95 percent of businesses
loans in the country.
Conversely, a CDFI lender and two
business advocacy groups opposed a
100-loan threshold, arguing that the
Bureau’s estimates show narrower
coverage of small business lending at
that threshold level. Another CDFI
lender stated that nearly a half billion in
lending would be obscured from
reporting in its community with a 100loan threshold.
A credit union trade association
stated that a 100-loan threshold was too
low. This commenter asserted that
researchers draw statistically significant
conclusions from HMDA data which
covers approximately 90 percent of the
mortgage market, and because a 100loan threshold covers more than that
percentage of the small business market,
the rule would gather more data than is
necessary.
PO 00000
Frm 00104
Fmt 4701
Sfmt 4700
In the context of discussing the rule’s
threshold, numerous commenters,
including community banks, credit
unions, and trade associations, along
with a group of State bank regulators,
cautioned the Bureau regarding the risk
of small lenders exiting the market due
to the rule’s burden. Commenters
argued that the rule will damage small
institutions’ ability to remain
competitive and would favor large
lenders with large compliance teams.
Many commenters stated that small
community banks and credit unions
lack the staff or resources, including
automation capabilities, to comply with
the reporting requirements, with
numerous institutions sharing the
limited number of full-time staff that
they had dedicated to business and
agricultural lending.
Commenters further argued that
Dodd-Frank Act mortgage rules resulted
in many community banks leaving the
mortgage lending business, and this
proposal would produce similar results.
For example, several commenters
argued that HMDA and TILA–RESPA
integrated disclosure rules led to market
exodus, and they were concerned that
there would be similar market exit of
local lenders following the proposed
rule implementing section 1071.492
Commenters stated that communities
could be left without a hometown bank
and small businesses may seek credit
from unregulated lenders. Moreover,
two national trade associations stated
that about 30 percent of surveyed
franchised light-duty and commercial
truck dealerships would discontinue
small business credit extensions.
Several commenters also argued that
the rule would exacerbate bank
consolidation, particularly in rural and
underserved areas, as the additional
regulatory burden on community banks
would lead to more mergers and
acquisitions. Commenters further
asserted that consolidation would
reduce lending options for consumers
and small businesses, and would
discourage some smaller financial
institutions from making small business
loans. A few commenters stated that the
rule would damage relationship banking
and create an environment with less
competition.
Numerous commenters also asserted
that the rule is likely to reduce access
to credit, as small banks and credit
unions do not have the economies of
scale to absorb the reporting costs, and
thus compliance costs will be passed
492 CFPB, Integrated Mortgage Disclosure Rule
Under the Real Estate Settlement Procedures Act
(Regulation X) and the Truth in Lending Act
(Regulation Z), 78 FR 80225 (Dec. 31, 2013).
E:\FR\FM\31MYR2.SGM
31MYR2
lotter on DSK11XQN23PROD with RULES2
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
along to small business customers.
Several commenters stated that they
would have to reconsider their product
offerings. For example, one bank stated
that they might need to also reconsider
their consumer product offerings and
prices, and a credit union stated they
might consider reducing lending to
avoid being covered by the rule. In
addition, one bank stated that they may
need to charge additional fees for
agricultural borrowers, while another
bank stated that they would either need
to increase their origination fee or
greatly increase the minimum loan
amounts. Another bank stated that as
operating costs increase, they will be
forced to adjust their business model by
either increasing interest rates on loans,
decreasing interest rates on deposits, or
implement other account fees.
Moreover, several commenters stated
that the 25-loan threshold would limit
small business lending flexibility,
which could stifle lending innovation
and result in lenders choosing to set
minimum loan amounts.
In addition, many commenters argued
that the 25-loan threshold would have a
negative effect on lending in small and
rural communities. Commenters stated
that small banks, which are vulnerable
to increased compliance costs, are often
located in rural areas where lending
options are limited. Several commenters
stated that the rule risks underserved
areas being afforded fewer loan options.
Commenters further asserted that the
rule’s regulatory burden would drive
consolidation in rural and underserved
areas, limiting access to credit in these
communities.
Several commenters drew
comparisons to HMDA. One bank stated
that when it was subject to HMDA
reporting, they struggled with
compliance and eventually elected to
reduce lending. In addition, several
commenters asserted that the proposed
25-loan threshold was inconsistent with
the reporting threshold of 100 closedend mortgages in Regulation C at the
time. Commenters argued that although
their institution was exempt from
HMDA reporting, and although their
commercial lending unit is small, they
would not qualify for the proposed 25origination exemption from reporting
under section 1071. A State bankers
association stated that half of their
survey respondents are exempt from
HMDA, while only six believed they
would be exempt with a 25-loan
threshold. The commenter further stated
that these small financial institutions—
83 percent under $250 million in
assets—have no data collection
infrastructure in place. Some other
commenters similarly asserted that
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
many smaller institutions do not have
data collection infrastructure in place
and stated that they would incur
significant costs.
In addition, some commenters
asserted that the Bureau did not provide
a sufficient rationale for a 25-loan
threshold, arguing that the Bureau has
not shown why this threshold is
necessary and appropriate to carry out
section 1071’s purposes. Several
commenters argued that the Bureau
could obtain sufficient data at a higher
threshold. Another commenter stated
that the Bureau did not fully consider
coverage, in particular how much data
would be forgone at each threshold. A
group of trade associations further
asserted that the Bureau is obligated to
provide coverage estimates for
nondepository institutions and that RFA
estimates are not sufficient.
While the Bureau did not propose an
asset-based threshold in the proposed
rule, numerous industry commenters
requested an asset size threshold,
ranging from $50 million to $10 billion.
However, some industry commenters as
well as community groups counseled
against an asset-based exemption,
arguing that exemptions should be
based instead on lending activity, and
that size-based exemptions risked
under-reporting in important markets.
For example, one commenter stated that
an asset-based threshold could affect
different regions of the country and risk
‘‘blind spots’’ in the data. Some
commenters said that assets are not an
applicable measurement for many
lenders, such as nondepository
institutions. A bank trade association
stated that asset-based exemptions have
been exploited by market disruptors
partnering with exempted institutions to
create an uneven regulatory playing
field.
Other requested exemptions. A
number of commenters opposed
exemptions for specific categories of
lenders (consistent with the Bureau’s
proposal), with several commenters
noting that capturing a broad array of
lenders is essential for achieving the
objectives of section 1071. Some
commenters asserted that the rule must
apply to government and public sector
lenders, merchant cash advance
companies, nondepository lenders, nonprofit lenders, online lenders, and/or
commercial finance providers. A State
bankers association stated that the
Bureau should specifically name
industrial loan companies to make clear
that all nonbank entities making small
business loans are covered by the rule.
Community groups asserted that all
lenders are obligated to comply with fair
lending laws, and requiring data
PO 00000
Frm 00105
Fmt 4701
Sfmt 4700
35253
disclosure will assist with ensuring
compliance. Moreover, several industry
commenters stated that a broad
definition is important to ensure a level
regulatory playing field and to ensure a
comprehensive view of the entire small
business lending market. A bank trade
association urged the Bureau to pay
close attention to nonbank lenders,
which the commenter stated are roughly
30 percent of the current market and not
currently subject to the Bureau’s
supervision.
In contrast, a large number of industry
commenters urged the Bureau to
exclude specific types of entities from
coverage under the rule. Some requested
that certain types of lenders such as
credit unions or CDFIs be excluded from
the rule entirely, while others requested
certain indirect lending/multi-party
business models be excluded, such as
when applications are made via loan
brokers, equipment dealers, or motor
vehicle dealers. Numerous industry
commenters noted the unique burdens
they believed the rule would place on
small banks and credit unions, while a
subset of these commenters argued that
the Bureau should exempt these smaller
institutions from the rule altogether.
Several commenters requested an
exemption for CDFIs, stating that they
are mission-driven institutions and
dedicating resources to new regulatory
requirements would detract from their
community focus. Moreover, some
commenters argued that requiring CDFIs
to report would be duplicative, as CDFIs
already report lending data to the CDFI
Fund that shows that they are providing
financial products for small businesses
in their communities. Commenters
further cited the Treasury Department’s
certification process for CDFIs and
stated that CDFIs are already held to a
high standard. Several commenters
cited that the Bureau decided to exempt
CDFIs when implementing the Qualified
Mortgage rule. Conversely, a number of
community groups argued that the rule
must apply to all financial institutions,
including CDFIs.
A number of commenters urged the
Bureau to exempt community banks
from reporting requirements, stating that
community banks already incur
substantial regulatory burden and
would be put at a competitive
disadvantage under the rule. Several
commenters emphasized the ‘‘highcontact and relationship-based business
lending model’’ of community banks. A
community bank asserted that
community banks should be
commended for advancing over 50
percent of the nation’s small business
loans and over 80 percent of the nation’s
agriculture loans despite holding less
E:\FR\FM\31MYR2.SGM
31MYR2
lotter on DSK11XQN23PROD with RULES2
35254
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
than 20 percent of the nation’s deposits.
Another community bank stated that
currently they are not subject to HMDA
or CRA reporting requirements and thus
this rulemaking poses the threat of
significant new burdens on small
community banks as well as on those
community banks that are already
subject to HMDA reporting.
In addition, some commenters stated
that covering community banks will
have the opposite effect of section
1071’s purposes. Commenters asserted
that community banks would incur
substantial burden in gathering new
data, which would make it more
burdensome and expensive to offer
small business loans, thus raising the
cost of credit. A community bank stated
that, if adopted as written, the rule’s
paperwork burden will harm
community banks, waste critical
resources, and further restrict lending.
Another community bank stated that the
rule as proposed may very well be the
final straw of regulation that will drive
small community banks out of business
with devastating impact on the small
communities they serve. Moreover,
commenters argued that the Bureau was
designed to regulate large, complex
financial institutions, not community
banks.
Several commenters also urged the
Bureau to exempt credit unions from
reporting requirements, stating that
credit unions have not demonstrated a
pattern of unfair lending, that they seek
to help women-owned and minorityowned businesses, and that credit
unions are member-owned and not-forprofit. A trade association asserted that
credit unions would like to furnish
more small business loans, but a
reporting regime will increase costs.
Some commenters stated that exempting
credit unions would allow them to
remain competitive lenders and would
avoid imposing new burdens on
members. In contrast, a number of
commenters—including community
groups, community-oriented lenders, a
business advocacy group, and a bank
trade association—opposed special
treatment for credit unions, citing a
2020 Federal Reserve study that shows
a higher percentage of Black and
Hispanic-owned firms sought loans
from credit unions and CDFIs. In
addition, a commenter stated that 2018–
2020 HMDA data show that 73 percent
of credit union lending in Mississippi
went to white borrowers and 15 percent
to Black borrowers.
One farm credit lender stated that
Farm Credit System institutions should
be exempt from collection and
reporting, while another asserted that
FCA financial institutions should have
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
a qualified exemption that permits
voluntary reporting. The latter
commenter stated that these financial
institutions are already reporting
lending on Young, Beginning, and Small
lending efforts and volume to the Farm
Credit Administration. In addition, one
commenter asserted that a lack of
understanding of the Farm Credit
System by the Bureau in this
rulemaking will have unintended
consequences for their customers. In
contrast, a community group urged the
Bureau to apply the rule implementing
section 1071 to agricultural lenders,
stating that historic discrimination
against minority and disadvantaged
groups has been well documented in
agriculture, and including agricultural
lenders will hold financial institutions
accountable to equitably serving small
farms and mid-sized farms, beginning
farmers, and historically underserved
farmers. Another community group
asserted that Farm Service Agency
activity should also be covered by the
rule.
Several commenters requested an
exemption for institutions outside of
Metropolitan Statistical Areas, with
many specifying that rural institutions
should be exempt from the rule.
Commenters stated that rural banks and
credit unions often play a vital role in
their communities and acquiring data
from rural lending will result in fewer
institutions willing to conduct rural
lending. Several industry commenters
asserted that the new burden to these
institutions will increase the cost of
credit, and will be a significant
detriment for local small businesses
seeking access to credit. A bank argued
that many rural loans are small dollar
loans to sole proprietors such as farmers
and ranchers and without an exemption,
the nation’s most rural and remote
borrowers will have a harder time
obtaining credit for their businesses.
Two banks requested exemptions for
CRA reporters, arguing that financial
institutions subject to Board, FDIC, or
OCC regulations under the CRA are
already being assessed to ensure that
they are identifying and meeting the
credit needs of the small businesses in
their communities. In addition, one of
the banks stated that CRA-examined
institutions with at least a satisfactory
rating for its two previous exams should
be exempt from reporting requirements.
In contrast, another commenter opposed
exempting CRA reporters, stating that
big banks and ‘‘shadow lenders’’ have
the most impact on small business
lending and have thwarted the effective
oversight and enforcement of the CRA.
The Federal Home Loan banks argued
that they should be exempt from the
PO 00000
Frm 00106
Fmt 4701
Sfmt 4700
rule, explaining that the proposed
definition of covered financial
institution inadvertently would capture
lending to their financial institution
member/borrowers because those
members are small businesses. They
stated that applying the rule
implementing section 1071 to them is
unnecessary in light of the
comprehensive FHFA regulatory regime
that applies to credit extended by the
Federal Home Loan banks to their small
and diverse financial institution
members.
A trade association urged the Bureau
to exempt SBA certified development
companies from the rule, stating that
these financial institutions are certified
and regulated by the SBA and have a
mission to assist small businesses with
access to capital, including businesses
in underserved communities. In
addition, two development companies
stated that they do not have the budget
to incur these new reporting costs.
A few commenters requested an
exemption for minority depository
institutions. A national trade association
asserted that Congress has determined
that such institutions play an important
role in serving underserved
communities and minority populations,
the intent behind section 1071 is
already met by minority depository
institutions, and therefore, the rule
should not redundantly be applied to
this special class of financial
institutions. One bank stated that
minority depository institutions are
mission-driven to support their
communities, while another bank
asserted that these institutions are
certified by the Treasury Department for
serving historically underserved
communities and/or low-to-moderate
income Americans.
A trade association stated that
retailers by their very nature are not
financial institutions and thus should
not be covered by the rule. The
commenter further argued that applying
this rule to retailers will have a negative
impact on retail employees and
customers as offering credit at retail
could be reduced or eliminated,
affecting overall access to credit.
Moreover, the commenter stated that the
retail environment is different from a
typical bank, in that employees are not
trained in the specifics of financial
products, and the environment may not
be practical for obtaining more sensitive
information.
Two trade associations requested an
exemption for loan brokers. One argued
that there could be duplicative or
inaccurate reporting in cases where
technology companies match an
applicant with multiple third-party
E:\FR\FM\31MYR2.SGM
31MYR2
lotter on DSK11XQN23PROD with RULES2
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
lenders. The other argued that it is
appropriate to have a similar approach
to HMDA and data can be obtained from
the lender instead of the broker.
Several commenters urged the Bureau
to exempt indirect lending transactions
where the applicant interacts only with
a vendor partner, such as equipment
dealers and manufacturers. Commenters
argued that the financial institution
does not directly interact with the
applicant, only the dealer or
manufacturer, and thus the fair lending
purpose of section 1071 would not be
furthered. A trade association asserted
that such an exemption would be
consistent with the Bureau’s proposed
approach to motor vehicle dealers. A
business advocacy group stated that,
alternatively, there should be flexibility
with respect to the timing and collection
of this information. They further argued
that the equipment dealer or
manufacturers’ employees are not
trained staff for the financial institution
and the data may be less accurate.
Some commenters stated that indirect
auto lenders should be exempt from the
rule. One commenter stated that the
Bureau should exclude motor vehicle
dealers, and by extension, financial
institutions when they are working with
motor vehicle dealers. Two commenters
stated that while indirect lenders may
be involved in credit decisions,
compliance with the rule would be
difficult, as the financial institutions
that evaluate and purchase the auto loan
never meet the applicant. One also said
that it was unclear what information
indirect lenders would be required to
gather.
In addition, two motor vehicle dealer
trade associations urged the Bureau to
exempt motor vehicle dealers. They
argued that collecting new data will
slow applications, raise compliance
burden, and increase the risk of
inaccurate data. They stated that motor
vehicle dealers do not have the
resources to comply with a rule in the
manner that a financial institution
would. Moreover, they stated that
survey data indicates 30 percent of
dealers might choose to leave the market
rather than face these compliance costs.
Two other trade associations pointed to
Board regulations implementing ECOA
and argued that the dealer would be
prohibited under the law from asking
the business owner for ethnicity, race,
and sex demographic data. In addition,
a bank expressed confusion over how a
covered financial institution can require
an exempt motor vehicle dealers to
collect 1071 data. Another commenter
noted that many dealers act as
intermediaries between buyers and
financial institutions, and requested that
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
the Bureau work with small motor
vehicle dealers to make the direct and
indirect impacts of the rulemaking the
least burdensome possible.
One State bankers association asserted
that much valuable small business
lending data will not be captured given
the Dodd-Frank Act exclusion for motor
vehicle dealers and urged the Bureau to
advocate in Congress as necessary to
include them in the rule.
A trade association urged the Bureau
to exempt captive vehicle partners from
reporting, arguing that these institutions
are inextricably tied to entities that are
exempt. The trade association further
argued that it would be confusing in
terms of reporting responsibility, as
there are many creditors involved in a
single loan and its subsequent
assignment, and the finance partner
does not directly interact with the
applicant. Furthermore, the commenter
stated that a lack of regulatory relief
could lead to market exit and that
captive finance companies are crucial to
the economy.
Commenters urged the Bureau to
exempt a variety of other entities,
including institutions outside of direct
CFPB supervisory authority, missiondriven banks, and financial institutions
that identify as small businesses. In
addition, some commenters urged the
Bureau to adopt exemptions similar to
HMDA using exemption factors such as
asset size, location test, federally related
test, and loan activity. One merchant
cash advance provider stated that
merchant cash advance funders should
not be considered covered financial
institutions because they do not extend
credit or provide loans.
In addition, several commenters cited
the firewall requirement and said that
certain financial institutions should be
exempted from the entire rule due to the
challenges associated with the statutory
firewall provision. One commenter said
that banks under $1 billion should be
exempted on this basis, a few said
community banks should be exempted
on this basis, and one commenter said
that all but the largest lenders or all
depository lenders should be exempted.
Two-year threshold measurement
period. Commenters who addressed the
issue were in support of a two-year
threshold measurement period, with
one community group citing its
consistency with CRA and HMDA.
Final Rule
For the reasons set forth herein, the
Bureau is revising § 1002.105(b) to set
the activity-based coverage threshold at
100 originations in each of the two
preceding calendar years, rather than 25
originations as proposed. The Bureau is
PO 00000
Frm 00107
Fmt 4701
Sfmt 4700
35255
also finalizing its proposal not to
exempt particular types of institutions
from the rule. The Bureau believes that
a 100-loan activity threshold achieves
section 1071’s purposes while
minimizing any risk that low volume
small business lenders would reduce
their lending activity. The Bureau is
adding comments 105(b)–3 and -4, as
explained below, as well as making
other minor revisions to the
commentary for additional clarity.
The Bureau is finalizing § 1002.105(b)
pursuant to its authority under ECOA
section 704B(g)(1) to prescribe such
rules and issue such guidance as may be
necessary to carry out, enforce, and
compile data pursuant to section 1071
and its authority under 704B(g)(2) to
adopt exceptions to any requirement of
section 1071 and, conditionally or
unconditionally, exempt any financial
institution or class of financial
institutions from the requirements of
section 1071, as the Bureau deems
necessary or appropriate to carry out the
purposes of section 1071.
Activity-based exemption. The
activity-based threshold for coverage in
the final rule will provide a simple basis
for financial institutions that
infrequently lend to small businesses to
determine whether they have conducted
sufficient lending activity as to be
required to collect and report data under
the final rule. Furthermore, in
comparison to an asset-based exemption
or a dollar-volume threshold, the
Bureau believes that an activity-based
exemption is a more compelling basis
for exempting certain financial
institutions from coverage in light of
section 1071’s business and community
development purpose.
While several commenters expressed
support for an asset-based threshold or
a dual asset-based and activity-based
threshold, the Bureau believes an
activity-based threshold is considerably
less complex. Moreover, small business
lending activity is more directly related
to a given financial institution’s role in
the small business lending market than
a measurement of the financial
institution’s size as measured in total
assets.
In addition, the Bureau believes that
an activity-based exemption is a
superior approach to a size-based
exemption because an exemption based
on asset size would apply only to
depository institutions. The Bureau is
unaware of a similar size metric for
nondepository institutions, and
commenters did not offer one. In
addition, the Bureau agrees with
commenters who stated that an assetbased exemption approach might create
an uneven playing field and might risk
E:\FR\FM\31MYR2.SGM
31MYR2
lotter on DSK11XQN23PROD with RULES2
35256
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
presenting a cost disadvantage for other
small financial institutions.
Moreover, exempting proportionately
more depository institutions than
nondepository institutions may present
a challenge to the comprehensiveness of
the small business applicants’
demographic data collected under
section 1071 as well as to the lending by
different types of lenders. A recent
small business credit survey revealed
racial disparities in applications under
the SBA’s Paycheck Protection Program:
the data showed white-owned firms
were most likely to apply for a loan
through a small bank (defined as under
$10 billion in assets), while Blackowned firms were three times as likely
as white-owned firms to apply for a loan
through an online lender.493 Exempting
depository institutions using an assetbased threshold and not similarly
exempting nondepository institutions
could run counter to the purposes of
section 1071 and undermine the utility
of the data, as well as the purposes of
the Bureau, which are, in part, ‘‘to
implement and, where applicable,
enforce . . . consistently’’ Federal laws
including ECOA.494
A few commenters asserted that an
activity-based threshold could
encourage lenders to deny applications
or reduce their lending to stay under the
threshold. These are speculative fears,
but to the extent that institutions intend
to take such action, the Bureau reminds
financial institutions that
inconsistencies in the way an institution
applies its policies could give rise to a
fair lending violation under ECOA.
Denied applications must indicate the
principal reason(s) for the adverse
action, as required by § 1002.9(b)(2).
Regarding a commenter’s concern
about potential evasion of the activitybased threshold through the creation of
subsidiaries, see the section-by-section
analysis of § 1002.109(a)(2) which
addresses reporting by subsidiaries.
Counting originations. The Bureau
agrees with commenters who asserted
that using a coverage threshold based on
the number of originations rather than
applications for purposes of defining a
covered financial institution is the
better approach. As one commenter
pointed out, many financial institutions
are already familiar with this approach
due to its consistency with CRA and
HMDA. Using originations provides a
clear and readily identifiable metric for
financial institutions. One commenter
stated that the Paycheck Protection
Program and similar future government
493 Small Business Credit Survey of Firms Owned
by People of Color at 14.
494 12 U.S.C. 5511(a).
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
programs should be exempt from the
threshold. As discussed above, the
Bureau is not exempting specific
government programs from the activitybased threshold. However, by the time
this rule is effective and implemented,
lending activity conducted pursuant to
the Paycheck Protection Program will
have long since ceased and such loans
will not be included in origination
counts, rendering such commenter
concerns moot.
In addition, the Bureau agrees with
commenters who stated that additional
credit amounts, such as line increases,
should not count as a separate
origination for purposes of counting the
activity-based threshold. Financial
institutions may receive multiple
requests for additional credit amounts
on existing accounts in any given year
and such activity may make it more
difficult for institutions to determine
coverage under the rule. In order to
address this issue, the Bureau is adding
comment 105(b)–5 which clarifies that
for purposes of determining coverage
under § 1002.105(b), requests for
additional credit amounts on an existing
account are not counted as originations.
Moreover, as discussed in
§ 1002.106(b)(2), every five years the
gross annual revenue threshold used to
define a small business in
§ 1002.106(b)(1) shall be adjusted, if
necessary, to account for inflation. The
first time such an update could occur is
early 2030, with an effective date of
January 2031. The Bureau is adding
comment 105(b)–4 to clarify how
financial institutions reporting data
should count originations in this
situation, explaining that a financial
institution seeking to determine
whether it is a covered financial
institution applies the gross annual
revenue threshold that is in effect for
each year it is evaluating.
Two-year threshold measurement
period. Consistent with commenters
who addressed the issue, the Bureau
believes that a two-year threshold
period is advisable to minimize
uncertainty surrounding data collection
responsibilities.
Activity threshold level. Supporters of
the 25-loan threshold and supporters of
the 100-loan threshold each argued that
the Bureau should set the threshold
with reference to the HMDA threshold
for closed-end loans. Given the
differences in statutory authorities and
between home mortgages and small
business loans, the Bureau does not
believe that the activity-based
PO 00000
Frm 00108
Fmt 4701
Sfmt 4700
thresholds implementing HMDA and
section 1071 must be the same.495
Table 1 below provides the Bureau’s
estimated share of depository
institutions, estimated share of small
business loans from those institutions
(measured in total number of loans), and
estimated share of small business credit
from those institutions (measured in
dollars) that would be covered by a
loan-volume threshold of 25, 50, or 100
small business loans. This information
is based on FFIEC and NCUA Call
Reports, as well as CRA submissions.496
The Bureau estimates that a depository
institution is covered for a particular
loan-volume threshold as of 2019 if the
estimated number of originations for
that institution exceeded the threshold
in both 2017 and 2018. Given the
limitations of the existing source data
(limitations acknowledged by the
congressional mandate of section 1071),
the Bureau cautions that these estimates
cannot provide a complete sense of the
possible consequences of adopting each
particular threshold. These estimates
apply only to depository institutions.497
495 The Bureau’s 2015 HMDA Rule set the closedend loan threshold at 25 originated loans for each
of the two preceding calendar years. Then, in 2020,
the Bureau increased the threshold to 100 closedend loans, effective the same year. However, in
September 2022, the United States District Court for
the District of Columbia vacated the 2020 HMDA
Rule’s increased reporting threshold for closed-end
mortgage loans as arbitrary and capricious under
the Administrative Procedure Act. Nat’l Cmty.
Reinvestment Coal. v. Consumer Fin. Prot. Bureau,
No. 20–cv–2074, 2022 WL 4447293 (D.D.C. Sept.
23, 2022).
Accordingly, the threshold for reporting data
about closed-end mortgage loans is 25, which was
the threshold set by the 2015 HMDA Rule. The
court upheld the 2020 HMDA Rule’s increase in the
open-end credit threshold.
See also CFPB, Home Mortgage Disclosure
(Regulation C); Judicial Vacatur of Coverage
Threshold for Closed-End Mortgage Loans,
Technical Amendment, 87 FR 77980 (Dec. 21,
2022), https://files.consumerfinance.gov/f/
documents/cfpb_judicial-vacatur-_technicalamendment_2022-12.pdf.
496 On the bank Call Report and in the
Community Reinvestment Act data, for small bank
and small farm loans, banks report on business
loans with original amounts of $1 million or less
and farm loans with original amounts of $500,000
or less. For lines of credit or loan commitments,
banks report the size of the line of credit or
commitment when it was most recently approved.
Banks include loans guaranteed by the SBA and
other government entities in their small loans to
businesses. Banks do not report loans to nonprofit
organizations in this category. Thus, these data
collections would include loans made to purchase,
for example, individual vehicles and pieces of
equipment for the nation’s largest businesses.
497 Under these data collections, banks report
small loans made to businesses and farms
(regardless of the borrower’s size). Credit unions
report commercial loans over $50,000 made to
members (also, regardless of the borrower’s size).
The methodologies and assumptions used to
produce these estimates are further documented in
the Supplemental estimation methodology for
institutional coverage and market-level cost
E:\FR\FM\31MYR2.SGM
31MYR2
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
35257
TABLE 1—ESTIMATED DEPOSITORY INSTITUTION COVERAGE BY LOAN VOLUME (AS OF 2019)
Coverage category
25 Loans
Institutions Subject to Reporting ....
lotter on DSK11XQN23PROD with RULES2
SBL Institutions Subject to Reporting 499.
Banks and Savings Associations
(SAs) Subject to Reporting.
SBL Banks and SAs Subject to
Reporting.
Credit Unions Subject to Reporting
SBL Credit Unions Subject to Reporting.
Share of Total Small Business
Credit by Depository Institutions
(Number of Loans Originated)
Captured.
Share of Total Small Business
Credit by Depository Institutions
(Dollar Value of Loans Originated) Captured.
50 Loans
100 Loans
all banks and
27%–30% of all depository institutions.
46%–50% of SBL depository institutions.
52%–56% of all banks and SAs ...
17%–19% of all depository institutions.
29%–32% of SBL depository institutions.
33%–36% of all banks and SAs.
SBL banks and SAs
53%–57% of SBL banks and SAs
33%–37% of SBL banks and SAs.
7% of all credit unions 501 .............
31% of SBL credit unions .............
4% of all credit unions ..................
18% of SBL credit unions .............
2% of all credit unions.
8% of SBL credit unions.
98.3%–98.6% ...............................
96.7%–97.3% ...............................
94.2%–95.1%.
95.3%–96.0% ...............................
89.4%–91.0% ...............................
81.0%–83.0%.
38%–40% of
tions 498.
63%–67% of
tutions.
70%–73% of
SAst 500.
71%–75% of
all depository instituSBL depository insti-
Table 1 above shows that as the loanvolume threshold rises, the estimated
share of depository institutions subject
to section 1071 decreases substantially.
Likewise, the estimated share of small
business loans and small business credit
captured by the rule would also
decrease, although those decreases are
less pronounced. The Bureau has no
information for nondepository
institutions (other than for Farm Credit
System institutions based on their Call
Report data 502) such that the Bureau
could provide similar estimates for
comment. The Bureau requested in the
NPRM such information and data that
might bear on any activity-based
exemption for nondepository
institutions and did not receive any
substantive information.
The Bureau notes that the above
estimates represent small business
lending data prior to the COVID–19
pandemic and ensuing policy responses.
The Bureau is keenly aware that many
financial institutions, including those
that may not have historically
participated actively in small business
lending, served their communities by
becoming participating lenders in the
SBA’s Paycheck Protection Program.
This program ended on May 31, 2021.
Because financial institutions’ initial
determinations of whether they are
covered under this final rule, and if so
into which compliance date tier they
fall, will be based on 2022 and 2023
originations (see final § 1002.114(b)),
institutions’ Paycheck Protection
Program lending activity will not factor
into whether a given financial
institution qualifies as a covered
financial institution because such
lending ceased in May 2021.
After considering the feedback from
commenters, the Bureau seeks to
minimize impact on the financial
institutions with the lowest volume of
small business lending due to the fixed
costs of coming into compliance with
this final rule. Numerous industry
commenters cautioned the Bureau
regarding the risk of market disruption
due to the rule’s burden and cost. Many
argued that the relatively large fixed
cost of complying with section 1071’s
data collection and reporting
requirements would significantly
increase the cost of small business
credit. Commenters argued that the rule
will damage small institutions’ ability to
remain competitive, would hasten
consolidation, and would favor large
lenders with large compliance teams. A
number of lenders discussed the ways
in which they may be forced to limit
their lending, particularly in rural and
underserved areas. Several lenders
asserted that a 100-loan threshold was
preferable, in part because HMDA
reporters already have data collection
infrastructure in place.
The Bureau stated in the NPRM that
it was also considering a 50 or 100
origination threshold. After
consideration of the comments, the
Bureau believes that a 100-loan activity
threshold is more appropriate. The
Bureau believes that this adjustment
will best address widespread industry
concerns regarding compliance burdens
for the smallest financial institutions
and that it is consistent with the
purposes of section 1071. A 100-loan
threshold will ease compliance burdens
for the smallest financial institutions
and will still capture the overwhelming
majority of the small business lending
market, including the majority of
agricultural lending. As demonstrated in
Table 1, a 100-loan threshold captures
nearly 95 percent of the share of small
business loans originated by depository
institutions. In short, while a 100-loan
origination threshold decreases data
coverage in comparison to a 25-loan
origination threshold, a 100-loan
origination threshold massively expands
data availability relative to the status
quo.503
Other requested exemptions. The
Bureau agrees with commenters who
estimates in the small business lending rulemaking.
This document is available at https://
https.consumerfinance.gov/data-research/researchreports/supplemental-estimation-methodologyinstitutional-coverage-market-level-cost-estimatessmall-business-lending-rulemaking/.
498 There were 10,525 depository institutions as
of December 31, 2019, including 112 credit unions
that are not Federally insured.
499 A depository institution is considered an ‘‘SBL
institution’’ if it has any small business loans on its
balance sheet.
500 Based on FFIEC Call Report data, there were
5,177 banks and savings associations as of
December 31, 2019.
501 Based on the 2019 NCUA Call Report data,
there were 5,348 credit unions as of December 31,
2019, including 112 credit unions that are not
Federally insured.
502 To estimate the number of Farm Credit System
(FCS) members covered by the final rule, the
Bureau considers the Young, Beginning, and Small
Farmers Reports for all Farm Credit System lenders
as of December 31, 2019. For the purposes of
estimating coverage, the Bureau assumes that all
loans made by FCS members to farmers are covered
loans. Thus, the Bureau estimates that the rule will
cover almost all FCS small business loans.
503 See part IX.H below for additional analysis on
coverage of rural vs. non-rural depository
institution branches. The Bureau notes that it has
no data on the geography of lending for all
depository institutions. Furthermore, commenters
provided no additional data. As such, the Bureau
is unable to estimate coverage of rural vs. non-rural
small business loans.
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
PO 00000
Frm 00109
Fmt 4701
Sfmt 4700
E:\FR\FM\31MYR2.SGM
31MYR2
lotter on DSK11XQN23PROD with RULES2
35258
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
urged broad coverage of financial
institutions under the rule. The Bureau
believes that, in light of the text and
purposes of section 1071, the Bureau
should generally adopt the posture that
all manner of small business lenders
should be subject to reporting. The
Bureau is not categorically exempting
any particular type of financial
institution from coverage. The Bureau
believes that exemptions for any
category of financial institution—
whether credit unions, community
banks, CDFIs, minority depository
institutions, government lenders, nonprofit lenders, agricultural lenders,
retailers, or merchant cash advance
providers—would create significant
gaps in the data and would create an
uneven playing field between different
types of institutions. Inclusion of data
from not-for-profit lenders is likely to be
particularly helpful in identifying
further opportunities for business and
community development, including by
for-profit creditors. Moreover, the
Bureau believes that most policy
arguments made by industry for being
exempt from this rule are better
addressed by adjusting the activitybased threshold to 100 originated loans.
The higher activity threshold will help
minimize compliance costs for all types
of smaller financial institutions with
lower lending volumes but still result in
a comprehensive dataset that furthers
section 1071’s statutory purposes.
Comment 105(a)–2 refers to
§ 1002.101(a) to reiterate the statutory
exclusion for motor vehicle dealers.
Given the statutory exclusion, motor
vehicle dealers are not required to
report small business lending data to the
Bureau. See the section-by-section
analysis of § 1002.109(a)(3) for further
discussion on reporting obligations
where multiple financial institutions are
involved in a covered credit transaction,
including indirect lending transactions.
With respect to addressing the
particularities of certain lending
models, the Bureau is not categorically
exempting particular financial
institutions from coverage. The Bureau
is, however, providing clarification
regarding how reporting rules apply to
certain covered credit transactions and
is also not covering certain transactions.
See the section-by-section analyses of
§§ 1002.104(b) and 1002.109(a)(3).
Regarding the request by some
commenters to be exempted from this
rule due to the statutory firewall
requirement, see the section-by-section
analysis of § 1002.108.
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
Section 1002.106 Business and Small
Business
ECOA section 704B(h)(2) defines the
term ‘‘small business’’ as having the
same meaning as ‘‘small business
concern’’ in section 3 of the Small
Business Act.504 The Bureau is defining
a small business consistent with the
statutory language. In particular, the
Bureau is defining a small business to
have the same meaning as the term
‘‘small business concern’’ in 15 U.S.C.
632(a), as implemented by 13 CFR
121.101 through 121.107.
Notwithstanding the size standards set
forth in 13 CFR 121.201, for purposes of
subpart B, the Bureau is providing that
a business is a small business if its gross
annual revenue for its preceding fiscal
year is $5 million or less. The SBA
Administrator has approved the
Bureau’s use of this alternate small
business size standard pursuant to the
Small Business Act.505 The Bureau has
also obtained approval for this gross
annual revenue threshold to adjust, if
need, for inflation or deflation every five
years (after January 1, 2025) using the
Consumer Price Index for All Urban
Consumers (U.S. city average series for
all items, not seasonally adjusted),
rounded to the nearest multiple of
$500,000.
Under the final rule, financial
institutions will need to consider
whether an applicant is a business
under § 1002.106(a) and if the applicant
is a business, whether it is small under
§ 1002.106(b). The Bureau believes that
these definitions implement the
statutory language of section 1071 while
reflecting the need for a wide variety of
financial institutions to apply a simple,
broad definition of a small business that
is practical across the many product
types, application types, technology
platforms, and applicants in the market.
For the reasons set forth below, the
Bureau is adopting § 1002.106 to
implement ECOA section 704B(h)(2)
and pursuant to its authority under
ECOA section 704B(g)(1) to prescribe
such rules and issue such guidance as
may be necessary to carry out, enforce,
and compile data under section 1071.
106(a) Business
Background
ECOA section 704B(h)(2) defines the
term ‘‘small business’’ as having the
same meaning as ‘‘small business
concern’’ in section 3 of the Small
Business Act.506 The Small Business
Act provides a general definition of a
U.S.C. 632.
U.S.C. 632(a)(2)(C).
506 15 U.S.C. 632.
‘‘small business concern,’’ authorizes
the SBA to establish detailed size
standards for use by all agencies, and
permits an agency to request SBA
approval for a size standard specific to
an agency’s program. The SBA’s
regulations define a ‘‘business concern’’
as ‘‘a business entity organized for
profit, with a place of business located
in the United States, and which operates
primarily within the United States or
which makes a significant contribution
to the U.S. economy through payment of
taxes or use of American products,
materials or labor.’’ 507
Proposed Rule
Proposed § 1002.106(a) would have
defined a business as having the same
meaning as the term ‘‘business concern
or concern’’ in 13 CFR 121.105. This
proposed definition is consistent with
ECOA section 704B(h)(2), which defines
the term ‘‘small business’’ as having the
same meaning as ‘‘small business
concern’’ in section 3 of the Small
Business Act.508 The SBA issued 13
CFR 121.105, entitled ‘‘How does SBA
define ‘business concern or concern,’’’
pursuant to the Small Business Act. The
Bureau referred to the entirety of that
section for additional information. In
particular, the Bureau noted that this
definition would include elements such
as being ‘‘a business entity organized for
profit’’ that has ‘‘a place of business
located in the United States’’ and
‘‘operates primarily within the United
States or . . . makes a significant
contribution to the U.S. economy.’’ 509
The Bureau sought comment on its
proposed definition of a business, and
generally sought comment on whether
additional clarification is needed.
Comments Received
Comments received focused primarily
on the Bureau’s proposed business size
standard, which are discussed in the
section-by-section analysis of
§ 1002.106(b) below. The Bureau did
receive some comments, however, on its
proposed approach to the definition of
business concern from a few banks,
trade associations, a business advocacy
group, and an online lender. These
commenters requested that the Bureau
consider certain modifications or
adjustments to the definition of a
business concern, such as clarifying that
the term does not include non-profit
entities, government agencies, certain
trusts, foreign entities, and certain real
estate holding companies.
504 15
507 13
505 15
508 15
PO 00000
Frm 00110
Fmt 4701
CFR 121.105.
U.S.C. 632.
509 13 CFR 121.105(a)(1).
Sfmt 4700
E:\FR\FM\31MYR2.SGM
31MYR2
lotter on DSK11XQN23PROD with RULES2
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
One bank generally supported the
proposed definition but requested
clarification that the definition of
business concern excludes ‘‘passive
businesses’’ and non-natural borrowing
entities that are established by
applicants solely for tax, anonymity,
and other such purposes not intended to
earn profit through business production,
operations, or service delivery. This
commenter noted that it is common for
consumer borrowers to establish limited
liability companies or trusts solely to
acquire properties and conduct similar
transactions, or for use in remaining
anonymous to preserve their physical
safety, and requested that these
scenarios be explicitly excluded because
these entities’ obligations and
contributions do not align with those of
small businesses.
A few commenters recommended that
applications from nonprofit
organizations also be exempted. A few
commenters specifically requested the
Bureau exclude any not-for-profit
organizations, which might include
non-operating entities, holding
companies, trusts, special purpose
vehicles, pass-through entities, holding
companies that are not organized for
profit, and limited liability companies
that are not formed for business
purposes.
Two commenters asked the Bureau to
confirm that public agencies and
government institutions are excluded
from the coverage of the final rule. One
commenter asked the Bureau to exclude
foreign-owned entities from the final
rule. A bank asked for clarification on
whether a ‘‘small business’’ can be taxed
under the owner’s Social Security
number (as opposed to an employer
identification number) or whether
people that have a ‘‘hobby’’ business or
farm that report income under Schedule
C or F within their tax returns are
considered a small business.
A trade association suggested the
Bureau exclude applications from trusts
(which could be a single purpose trust,
such as a land trust that is established
only to hold specific real estate, a
traditional estate planning vehicle or,
though more infrequently, a business
trust) from coverage under the final rule.
This commenter stated that including
trusts could raise difficult issues
regarding who should be considered for
data collection purposes (the settlors,
beneficiaries, trustees or some
combination thereof), what is the ‘‘net
profit or loss’’ of the trust, as well as
who is entitled to that net profit or loss.
The commenter argued that such
burdens would not be justified by the
minimal information that would be
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
generated with respect to reporting of
lending to trusts.
One commenter argued for the
inclusion of a test that would discern
between independent contractors and
what it called ‘‘actual’’ small businesses,
as it believes that the credit needs and
experiences of independent contractors
and many small businesses can differ
greatly. Another suggested the Bureau
confirm that the proposed definition of
‘‘small business’’ excludes subsidiaries
of large corporate entities.
A trade association for community
banks recommended the Bureau exclude
farms from the definition of ‘‘small
business,’’ arguing that the underwriting
criteria for small farm loans differ from
other small business loans and that this
distinction is acknowledged in several
Federal laws such as CRA and HMDA.
This commenter argued that the
proposed originations-based coverage
threshold would likely lead to many
small lenders reducing their agricultural
lending below the threshold, thereby
limiting the access to credit for small
farms, and concluded that an exemption
was needed to acknowledge the
uniqueness of agricultural lending.
Final Rule
For the reasons discussed herein, the
Bureau is finalizing § 1002.106(a) as
proposed, to define the term business as
having the same meaning as the term
‘‘business concern or concern’’ in 13
CFR 121.105.
As noted above, this definition
includes elements such as being ‘‘a
business entity organized for profit’’ that
has ‘‘a place of business located in the
United States’’ and ‘‘operates primarily
within the United States or . . . makes
a significant contribution to the U.S.
economy.’’ 510 This definition also
provides that a business concern may
take a number of different legal forms,
including a trust, sole proprietorship,
partnership, limited liability company,
corporation, joint venture, or
cooperative, except that where the form
is a joint venture there can be no more
than 49 percent participation by foreign
business entities in the joint venture.511
The Bureau is not providing
interpretations of this SBA regulation in
subpart B, as requested by some
commenters, because the Bureau
believes that existing SBA
interpretations are responsive to
commenters’ request for clarification.
For example, financial institutions are
not required to collect and report data
for not-for-profit applicants, because
they are not ‘‘organized for profit’’ and
510 13
511 13
PO 00000
CFR 121.105(a)(1).
CFR 121.105(b).
Frm 00111
Fmt 4701
Sfmt 4700
35259
are thus not a ‘‘business concern.’’ 512
Moreover, the Bureau expects that
applications from foreign businesses
will fall outside the scope of the rule’s
data collection and reporting
requirements unless they have a place of
business located in the United States
and they either operate primarily within
the United States or they make a
significant contribution to the U.S.
economy through payment of taxes or
use of American products, materials, or
labor.
The Bureau also does not believe it
would be appropriate to deviate from
the term ‘‘business concern or concern’’
in 13 CFR 121.105 by adopting
additional exclusions such as one for
passive businesses. As discussed above,
section 1071 defines small business as
referring to the definition of small
business concern in section 3 of the
Small Business Act. The Bureau thus
must look to this definition, and the
SBA’s implementing regulations, in
defining both a business and a small
business for purposes of this final rule.
(The SBA Administrator’s approval for
the Bureau’s alternate size standard for
this rulemaking is discussed in the
section-by-section analysis of
§ 1002.106(b) below.)
In addition, the Bureau believes that
covering applications from all types of
businesses in its rule (including passive
businesses 513 and non-operating
entities) is important for advancing both
of section 1071’s statutory purposes.
The Bureau is thus not adopting such
exclusions requested by commenters.
However, because the Bureau
understands that passive businesses and
non-operating entities are generally
affiliated with other businesses (for
example as subsidiaries of large
corporate entities), and because
financial institutions are permitted to
consider affiliate revenue in
determining whether a business is small
for purposes of this rule, the Bureau
anticipates that applications from most
512 See id., which states that a business concern
may be in the legal form of an individual
proprietorship, partnership, limited liability
company, corporation, joint venture, association,
trust or cooperative, except that where the form is
a joint venture there can be no more than 49 percent
participation by foreign business entities in the
joint venture.
513 The SBA defines a business as passive if: (i)
it is not engaged in a regular and continuous
business operation (the mere receipt of payments
such as dividends, rents, lease payments, or
royalties is not considered a regular and continuous
business operation); or (ii) its employees are not
carrying on the majority of day to day operations,
and the company does not provide effective control
and supervision, on a day to day basis, over persons
employed under contract; or (iii) it passes through
substantially all of the proceeds of the financing to
another entity. 13 CFR 107.720(b)(1).
E:\FR\FM\31MYR2.SGM
31MYR2
lotter on DSK11XQN23PROD with RULES2
35260
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
of these kinds of businesses ultimately
will not be reportable since many such
businesses will not be ‘‘small’’
businesses under the rule implementing
section 1071. (See the section-by-section
analysis of § 1002.106(b) for additional
related discussion.)
The Bureau does not agree that trusts
must be excluded, as suggested by one
commenter, on the grounds that
covering applications from trusts could
raise difficult issues regarding who
should be considered the principal
owner for data collection purposes.
Treatment under the final rule differs,
for certain data points, based on
whether the applicant’s owner is a trust
or whether the applicant itself is a trust.
When a financial institution seeks to
extend credit to a small business
applicant whose ownership interests or
assets are owned by a trust, the trust or
trustee often needs to be the applicant
for the credit. In such situations,
because only individuals who are direct
owners are considered principal owners
under final § 1002.102(o), entities such
as trusts would not be principal owners
and thus the financial institution would
not need to collect or report principal
owners’ ethnicity, race, and sex or the
number of principal owners. And as
outlined in new comment 102(o)–2, if
the applicant for a covered credit
transaction is a trust, a trustee is
considered the principal owner of the
trust for reporting purposes. The Bureau
also notes that only a trust organized for
profit would meet the definition of a
‘‘business concern’’ and fall within the
scope of the rule. The Bureau believes
that these clarifications sufficiently
address the commenter’s concerns and
that covering different types of business
structures in its final rule is important
for advancing both of section 1071’s
statutory purposes. Thus, the Bureau is
not defining business in a way that
would exclude trusts from the final rule.
In response to comments asking the
Bureau to confirm that public agencies
and government institutions are
excluded from the coverage of the final
rule, the Bureau notes that an express
exclusion for extensions of credit made
to governments or governmental
subdivisions, agencies, or
instrumentalities is not necessary
because such governmental entities do
not constitute businesses under the final
rule. Specifically, government entities
are not ‘‘organized for profit’’ and are
thus not a ‘‘business concern’’ under
final § 1002.106(a).
With respect to the suggestion that the
Bureau develop a test to identify
independent contractors (and
presumably exclude them), the Bureau
notes that it is not requiring financial
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
institutions to collect or report an
applicant’s business structure.
Independent contractor arrangements
can take many forms; the Bureau does
not believe it would be appropriate to
exclude from coverage under section
1071, for example, a business that acts
as an independent contractor to another
business, simply by virtue of that
arrangement. Finally, the Bureau notes
that the SBA has routinely treated
independent contractors as business
concerns 514 and based on both of
section 1071’s statutory purposes, the
Bureau is not convinced that it should
define business in a way that would
deviate from the SBA’s approach and
exclude independent contractors from
the final rule.
In response to a commenter’s request
for clarification on whether a ‘‘small
business’’ can be taxed under the
owner’s Social Security number (as
opposed to an employer identification
number) or whether people that have a
‘‘hobby’’ business or farm that report
income under Schedule C or F within
their tax returns are considered a small
business, the Bureau notes that
generally, tax documentation is not
dispositive for the SBA’s definition of a
small business concern. In many
instances (for example, with startup
businesses), the business may not have
any tax returns available or the business
may be a sole proprietorship that is
taxed under its owner’s Social Security
number. As long as the business is a
‘‘small business concern’’ in 15 U.S.C.
632(a) (as implemented in 13 CFR
121.101 through 121.107) and its gross
annual revenue for its preceding fiscal
year is $5 million or less, it is a small
business under this final rule.
For reasons discussed in the sectionby-section analysis of § 1002.104(a), the
Bureau is not adopting a categorical
exclusion for farms from the definition
of ‘‘small business.’’ Credit used for
agricultural purposes is generally
covered by the broad definition of
‘‘credit’’ under ECOA. ECOA’s
definition of credit is not limited to a
particular use or purpose and
Regulation B expressly covers
agricultural-purpose credit; ECOA does
not provide an exception for agricultural
credit; and it assigns enforcement
authority to regulators of agricultural
lending such as the Secretary of
514 For example, in an interim final rule
implementing changes related to loans made under
the Paycheck Protection Program, the SBA stated
‘‘SBA has determined that changing the calculation
for sole proprietors, independent contractors, and
self-employed individuals will reduce barriers to
accessing the [Paycheck Protection Program] and
expand funding among the smallest businesses.’’ 86
FR 13149, 13150 (Mar. 8, 2021) (emphasis added).
PO 00000
Frm 00112
Fmt 4701
Sfmt 4700
Agriculture and the Farm Credit
Administration.515 Moreover,
agricultural businesses are encompassed
in section 1071’s statutory definition of
small business.516 With respect to the
concerns that the Bureau’s proposed
originations-based threshold would
likely lead to many small lenders
reducing their agricultural lending
below the exemption threshold, the
Bureau notes that it is increasing the
exemption threshold as discussed in the
section-by-section analysis of
§ 1002.105(b) above. Moreover, the
Bureau believes that covering
agricultural businesses in its rule is
important for advancing both of section
1071’s statutory purposes, particularly
given historical and/or continuing
discrimination against Black farmers
and the need for transparency into
agricultural lending both for fair lending
enforcement and business and
community development. The Bureau is
thus not defining small business in a
way that would exclude such businesses
from the final rule.
106(b) Small Business Definition
106(b)(1) Small Business
Background
Section 1071 data collection
purposes, requirements, and potential
impacts. A key component of the
Bureau’s fair lending work under the
Dodd-Frank Act is to ensure fair,
equitable, and nondiscriminatory access
to credit for both individuals and their
communities.517 Section 1071 of the
Dodd-Frank Act, which amended
ECOA, requires financial institutions to
collect and report to the Bureau data
regarding applications for credit for
women-owned, minority-owned, and
small businesses. ECOA section
704B(h)(2) states that ‘‘[t]he term ‘small
business’ has the same meaning as the
term ‘small business concern’ in section
3 of the Small Business Act (15 U.S.C.
632).’’ Section 1071 was adopted for the
dual statutory purposes of facilitating
fair lending enforcement and enabling
communities, governmental entities,
and creditors to identify business and
community development needs and
515 See 15 U.S.C. 1691c; Regulation B
§ 1002.16(a).
516 ECOA section 704B(h)(2) (defining a small
business as having the same meaning as the term
‘‘small business concern’’ in section 3 of the Small
Business Act (15 U.S.C. 632)). Section 704B(h)(2)
defines small business by reference to the Small
Business Act definition of a small business concern,
which includes independently owned and operated
‘‘enterprises that are engaged in the business of
production of food and fiber, ranching and raising
of livestock, aquaculture, and all other farming and
agricultural related industries.’’ 15 U.S.C. 632(a)(1).
517 See 12 U.S.C. 5493(c)(2)(A).
E:\FR\FM\31MYR2.SGM
31MYR2
lotter on DSK11XQN23PROD with RULES2
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
opportunities of women-owned,
minority-owned, and small
businesses.518
As set forth in section 1071, the data
that financial institutions are required to
collect and report to the Bureau include,
among other things, the gross annual
revenue of the business in its preceding
fiscal year, the type and purpose of the
loan, the census tract for the applicant’s
principal place of business, and the
ethnicity, race, and sex of the principal
owners of the business.519 ECOA section
704B(f)(2)(C) further provides that
information compiled and maintained
under the statute shall be ‘‘annually
made available to the public generally
by the Bureau, in such form and in such
manner as is determined by the Bureau,
by regulation.’’ The Bureau believes that
the collection and subsequent
publication of robust and granular data
pursuant to section 1071 regarding
credit applications for small businesses
will provide much-needed transparency
to an otherwise opaque market and help
ensure fair, equitable, and
nondiscriminatory access to credit.
The Bureau understands that access to
fair, equitable, and nondiscriminatory
credit is crucial to the success of small
businesses. Small businesses—
including women-owned and minorityowned small businesses—need access to
credit to smooth out business cash flows
and to enable entrepreneurial
investments that take advantage of, and
sustain, opportunities for growth. The
market these businesses turn to for
credit is vast, varied, and complex.
Overall, small businesses have many
options when it comes to financing,
including a wide range of products and
providers. Yet market-wide data on
credit to small businesses remain very
limited, particularly with respect to
applicants’ protected demographic
information at the core of section 1071.
The Bureau believes that its rulemaking
implementing section 1071 of the DoddFrank Act will provide critical data for
financial institutions, community
groups, policy makers, and small
businesses.
SBA size standards. The Small
Business Act permits the SBA
Administrator to prescribe detailed size
standards by which a business concern
may be categorized as a small business,
which may be based on the number of
employees, dollar volume of business,
net worth, net income, a combination of
these, or other appropriate factors.520
As implemented by the SBA, these
size standards generally hinge on
518 ECOA
section 704B(a).
section 704B(e)(2).
520 15 U.S.C. 632(a)(2)(A) and (B).
519 ECOA
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
average annual receipts or the average
number of employees of the business
concern and are customized industryby-industry across 1,012 6-digit NAICS
codes. Specifically, the SBA typically
uses two primary measures of business
size for size standards purposes: (i)
average annual receipts 521 for
businesses in services, retail trade,
agricultural, and construction
industries, and (ii) average number of
employees for businesses in all
manufacturing, most mining and
utilities industries, and some
transportation, information and research
and development industries.522 To
measure business size, the SBA also
uses financial assets for certain financial
industries, and for the petroleum
refining industry it uses refining
capacity and employees. The SBA’s size
standards are used to establish
eligibility for a variety of Federal small
business assistance programs, including
for Federal government contracting and
business development programs
designed to assist small businesses in
obtaining Federal contracts and for the
SBA’s loan guarantee programs, which
provide access to capital for small
businesses that are unable to qualify for
and receive conventional loans
elsewhere.
Under the Small Business Jobs Act of
2010,523 the SBA is required to review
all size standards no less frequently
than once every five years.524 The SBA’s
lowest size standards based on average
annual receipts are currently used for
agricultural industries. At the time of
the Bureau’s NPRM, the SBA used a $1
million average annual receipts
standard for 46 out of 64 agricultural
industries.525
The SBA has since maintained or
increased its size standards across all
industries. Following the SBA’s
implementation of revised size
standards in May and June 2022 526 and
521 Effective January 6, 2020, the SBA changed its
regulations on the calculation of average annual
receipts for all its receipts-based size standards
from a three-year averaging period to a five-year
averaging period. 84 FR 66561 (Dec. 5, 2019).
522 The SBA now uses a 24-month average to
calculate a business concern’s number of employees
for eligibility purposes in all its programs. 87 FR
34094 (June 6, 2022).
523 Public Law 111–240, 124 Stat. 2504 (2010).
524 15 U.S.C. 632 note.
525 See Small Bus. Admin., Table of size
standards (effective Oct 1, 2022), https://
www.sba.gov/document/support-table-sizestandards.
526 Through a series of rules that became effective
on May 2, 2022, the SBA implemented revised size
standards for 229 industries (all using average
annual receipts standards) to increase eligibility for
its Federal contracting and loan programs. See 87
FR 18607 (Mar. 31, 2022); 87 FR 18627 (Mar. 31,
2022); 87 FR 18646 (Mar. 31, 2022); 87 FR 18665
PO 00000
Frm 00113
Fmt 4701
Sfmt 4700
35261
its inflation adjustment of monetarybased industry size standards in
November 2022,527 a $1 million
standard is no longer used for any
industry. The size standards for
agricultural industries now range from
$2.25 million to $34 million, and the
size standards for non-agricultural
industries now range from $8 million to
$47 million. In April 2022, the SBA also
proposed increasing 150 size standards
for businesses in manufacturing and
other sectors (excluding wholesale trade
and retail trade) that are based on the
number of employees.528 The SBA also
increased size standards for 57
industries in the wholesale trade and
retail trade sectors.529
The Small Business Act further
provides that no Federal agency may
prescribe a size standard for
categorizing a business concern as a
small business concern absent approval
by the SBA Administrator.530 The SBA’s
rule governing its consideration of other
agencies’ requests for approval of
alternate size standards requires that the
agency seeking to adopt an alternate size
standard consult in writing with the
SBA’s Division Chief for the Office of
Size Standards in advance of issuing an
NPRM containing the proposed
alternate size standard.531 The Bureau
met this requirement and also provided
a copy of the published NPRM to the
Division Chief for the Office of Size
Standards. The Bureau subsequently
obtained approval from the SBA
Administrator for its alternate small
business size standard contained in this
final rule.
Market considerations. A wide variety
of financial institutions, with varying
levels of sophistication and experience,
extend credit to small businesses. This
rulemaking applies to a broad range of
financial institutions. Banks and credit
unions that serve a breadth of customers
(Mar. 31, 2022). The SBA did not reduce any size
standards—it either maintained or increased the
size standards for all 229 industries, in many cases
with size standard increases of 50 percent or more.
Effective July 14, 2022, the SBA also increased size
standards for 22 wholesale trade industries and 35
retail trade industries. 87 FR 35869 (June 14, 2022).
527 87 FR 69118 (Nov. 17, 2022) (adjusting
monetary-based industry size standards (i.e.,
receipts- and assets-based) for inflation that
occurred since 2014 by adding an additional 13.65
percent inflation increase to these size standards).
528 87 FR 24752 (Apr. 26, 2022) (establishing 250
employees and 1,500 employees, respectively, as
the minimum and maximum size standard levels
for Manufacturing and other industries (excluding
Wholesale and Retail Trade), up from the current
minimum of 100 employees and the current
maximum of 1,500 employees in the SBA’s existing
size standards).
529 87 FR 35869 (June 14, 2022).
530 15 U.S.C. 632(a)(2)(C); see also 13 CFR
121.903(a)(5).
531 15 U.S.C. 632(a)(2).
E:\FR\FM\31MYR2.SGM
31MYR2
35262
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
lotter on DSK11XQN23PROD with RULES2
typically organize their commercial
lending operations into segments based
on a combination of risk, underwriting,
product offering, and customer
management factors that are appropriate
to each segment. The three most
frequent organizational groupings are
retail/small business, middle market,
and large corporate banking.
Commercial customers are generally
assigned to an organizational grouping
based on their revenue potential and
aggregate credit exposure, with smaller
accounts assigned to the retail/small
business banking area. The
overwhelming preponderance of small
businesses are found in the retail/small
business banking group, which may also
conduct consumer banking.
Today, the distinguishing
characteristic that many larger financial
institutions (principally banks with $10
billion or more in assets) use to assign
small businesses into the retail/small
business banking group is gross annual
revenue.532 While cut-offs vary by
financial institution, the Bureau
understands that a common
demarcation for small/retail customers
are those with less than $5 million, or
sometimes up to $10 million, in gross
annual revenue. The maximum amount
of a retail/small business banking term
loan or credit line is typically $5 million
or less.
Financial institutions that do not
conduct SBA lending generally do not
collect or consider the number of
employees of a small business applying
for credit, but they often capture gross
annual revenue information, including
for regulatory compliance purposes.
Specifically, retail/small business
lenders routinely collect applicants’
gross annual revenue information
because notification requirements under
existing Regulation B vary for business
credit applicants depending on whether
they ‘‘had gross revenues of $1 million
or less in [their] preceding fiscal
year.’’ 533 For a business applicant with
gross annual revenues of $1 million or
less, a creditor must provide a
notification following an adverse action,
such as a credit denial, that is generally
similar to that provided to a consumer
in both substance and timing.534 As a
532 See Fed. Deposit Ins. Corp., Small Business
Lending Survey, at 11 (2018), https://www.fdic.gov/
bank/historical/sbls/full-survey.pdf (FDIC Small
Business Lending Survey) (finding that a substantial
majority of large banks use gross annual revenue
(61.8 percent) as a limit to define small businesses).
533 12 CFR 1002.9(a)(3)(i).
534 Id. The notification requirements for
applicants with gross annual revenues in excess of
$1 million are generally more flexible in substance
and also do not impose a firm deadline for
provision of a Regulation B notification. 12 CFR
1002.9(a)(3)(ii).
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
result, small business lenders often
adopt compliance management systems
similar to those found among consumer
lenders.
The Bureau believes it is important
for a financial institution to be able to
quickly determine at the beginning of
the application process whether an
applicant is a ‘‘small business’’ for
purposes of this final rule. Financial
institutions generally cannot inquire
about an applicant’s protected
demographic information (including the
ethnicity, race, and sex of an applicant’s
principal owners) without being legally
required to do so.535 As discussed in the
Overview of this part V, this final rule
will only require (and thus only permit)
such inquiries for small business
applicants.536 While the Bureau is
allowing financial institutions flexibility
in when they seek this protected
demographic information, the Bureau
believes that financial institutions
generally have the best chance of
obtaining it and supporting the
purposes of section 1071, if they ask for
it in the earlier stages of the application
process. As a result, a financial
institution may need to know, even
before the application is initiated,
which application path the applicant
must follow—a 1071-governed or a non1071-governed application path.
Early feedback. From very early on in
its discussions with stakeholders
regarding section 1071, the Bureau has
received feedback focused primarily on
how the Bureau might define a business
size standard. For example, in response
to the Bureau’s 2017 request for
information, many stakeholders
expressed concern about the difficulties
in determining the appropriate NAICS
code for businesses and in applying the
NAICS-based standards in determining
whether a business loan applicant is a
small business. Commenters who
addressed the issue of a small business
definition were universally in favor of
the Bureau adopting something less
complex than the SBA’s size standards
based on 6-digit NAICS codes.
Commenters noted that the use of these
standards is relatively complex and
would introduce burdens for this rule
with limited benefit.
Likewise, during the SBREFA process,
small entity representatives generally
preferred a simple small business
definition and expressed concern
regarding the complexity of the SBA’s
NAICS-based size standards. Some
small entity representatives supported
535 See
12 CFR 1002.5(a).
inquiries are also permitted for coapplicants of small businesses pursuant to final
§ 1002.5(a)(4)(x).
536 Such
PO 00000
Frm 00114
Fmt 4701
Sfmt 4700
an approach for defining a small
business that would use an applicant’s
gross annual revenue for determining
whether it was ‘‘small’’ (thresholds
under consideration at SBREFA were $1
million and $5 million). For most small
entity representatives, nearly all their
small business customers had less than
$5 million in gross annual revenue;
most were under $1 million. Several
small entity representatives remarked
that a $1 million gross annual revenue
threshold would be too low, noting that
it would exclude many businesses
defined by SBA regulations as ‘‘small’’;
some of these small entity
representatives said that a $5 million
gross annual revenue threshold would
be acceptable. Some small entity
representatives advocated for higher
revenue thresholds, such as $8 million
or $10 million. Some small entity
representatives supported a more
complex approach that would
distinguish between applicants in
manufacturing and wholesale industries
(500 employees) and all other industries
($8 million in gross annual revenue).
One small entity representative also
supported another approach, which was
closest to the SBA’s existing size
standards, stating that it reflects the
SBA’s substantially different definitions
of a small business across different
industries. Feedback from stakeholders
other than small entity representatives
also reflected broad support for the
Bureau pursuing a simplified version of
the SBA small business definition.
Proposed Rule
Proposed § 1002.106(b) would have
defined a small business as having the
same meaning as the term ‘‘small
business concern’’ in 15 U.S.C. 632(a),
as implemented in 13 CFR 121.101
through 121.107. Proposed
§ 1002.106(b) would have further stated
that, notwithstanding the size standards
set forth in 13 CFR 121.201, for
purposes of proposed subpart B, a
business is a small business if its gross
annual revenue, as defined in proposed
§ 1002.107(a)(14), for its preceding fiscal
year is $5 million or less. The Bureau’s
proposal noted it was seeking SBA
approval for this alternate small
business size standard pursuant to the
Small Business Act.537
Proposed comments 106(b)–1 and
106(b)–2 would have clarified the
obligations of covered financial
institutions when new information
changed the determination of whether
an applicant is a small business, giving
rise to requirements under proposed
subpart B and/or prohibitions under
537 15
E:\FR\FM\31MYR2.SGM
U.S.C. 632(a)(2)(C).
31MYR2
lotter on DSK11XQN23PROD with RULES2
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
existing Regulation B. The Bureau
acknowledged that a financial
institution’s understanding of an
applicant’s gross annual revenue may
change as the application proceeds
through underwriting.
Proposed comment 106(b)–3 would
have explained that a financial
institution may rely on an applicant’s
representations regarding gross annual
revenue (which may or may not include
an affiliate’s revenue) for purposes of
determining small business status under
proposed § 1002.106(b).
The Bureau sought comment on this
proposed definition of a small business,
including the $5 million gross annual
revenue size standard, as well as
whether additional clarification is
needed for any aspect of this proposed
definition. The Bureau also sought
comment on whether another variation
of the proposed size standard would
better serve the purposes of section
1071, such as a lower revenue size
standard or a higher one, potentially at
the $8 million or $10 million level. The
Bureau also sought comment on
whether, in addition to the abovedescribed gross annual revenue-based
size standard, a small business
definition that also included any
business that was furnished a loan
pursuant to an SBA program (regardless
of the applicant’s gross annual revenue)
would further the purposes of section
1071.
Similarly, the Bureau sought
comment on whether a threshold based
on $8 million gross annual revenue or
500 employees (depending on the type
of business) would align more closely
with section 1071’s purposes. Likewise,
the Bureau sought comment on whether
a variation of the proposed size
standard, such as using an applicant’s
average gross annual revenue averaged
over two or five years, would better
serve the purposes of section 1071. In
addition, the Bureau sought comment
on defining a small business consistent
with the entirety of existing SBA
regulations, including any advantages or
disadvantages that using such a
definition might pose specifically in the
context of this rulemaking. Specifically,
the Bureau sought comment on how the
proposed size standard would fit in
with a financial institution’s current
lending or organization practices. The
Bureau sought comment on whether the
proposed size standard would introduce
additional difficulties or challenges for
SBA lenders.
Comments Received
The Bureau received many comments
supporting the use of a simple gross
annual revenue threshold from a range
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
of lenders and trade associations, along
with a community group, a technology
service provider, a business advocacy
group, several members of Congress,
and others. Many commenters said that
a gross annual revenue threshold was
simple, objective, relatively easy to
apply at the time of application, and/or
will make compliance easier. One bank
more generally emphasized the need for
a simplified definition of small business
that is easily determinable at the time of
application. Another commenter noted
that determining the appropriate NAICS
codes and the number of employees is
not easy early on in the application
process. A bank stated that revenue
thresholds provide a consistent and
transparent line of delineation. Some
commenters asserted that a gross annual
revenue threshold was preferable to the
SBA’s more complex size standards that
change over time. One commenter
asserted that a gross annual revenue
threshold was the only feasible way to
implement section 1071 and that trying
to apply SBA size standards would
massively complicate the data collection
process, lead to the introduction of
errors that would undermine data
accuracy and interfere with financial
institutions’ ability to extend credit to
business applicants in a prompt and
efficient manner. One agricultural
lender argued that having to determine
whether a business is small for the
purposes of the rule could delay
communicating a credit decision in
violation of ECOA and the Farm Credit
Act, while another commenter
hypothesized that financial institutions
may decline loan requests due to
inadequate financial documentation for
a small business determination. Another
commenter expressed general support
for a broad definition of small business.
Despite the broad support for a gross
annual revenue threshold, commenters
disagreed on where to set the threshold.
Some commenters supported the
proposed threshold of $5 million or less
in gross annual revenue. A trade
association stated that the proposed
approach was sufficiently broad and
could encompass as great a portion of
the population of minority- and womenowned businesses as practical. One
agricultural lender asked for additional
context and insight for the $5 million
threshold and an explanation regarding
how a number larger than $1 million,
which the Bureau had previously
considered during the SBREFA process,
meets the intent of Congress under
section 1071. A bank advocated for a
$250,000 gross annual revenue
threshold, asserting that most
businesses that surpass this threshold
PO 00000
Frm 00115
Fmt 4701
Sfmt 4700
35263
have access to or already utilize an
attorney or accountant, either one of
which should be able to adequately
advise on the presence of any
discriminatory terms.
The Bureau received some comments
expressing general disapproval of its
proposed approach to the gross annual
revenue threshold. A few banks argued
that a $5 million threshold is too high,
with one adding that this was
particularly true in community bank
areas and another suggesting that the
Bureau did not adequately support its
proposal with statistics. A few industry
commenters asserted that an expansive
small business definition would burden
their organizations with significant costs
and that the Bureau should instead
reduce the number of businesses that
are reportable under the regulation. A
women’s business advocacy group
suggested the Bureau have ‘‘multiple
levels’’ in its small business definition.
Several commenters noted a preference
for a gross annual revenue threshold
lower than $5 million, without
specifying an amount. A credit union
suggested the Bureau ensure that both
annual revenue and asset size 538 be
taken into consideration.
Most commenters that suggested an
alternative small business definition
expressed preference for a $1 million
gross annual revenue threshold. Some
industry commenters asserted that a $1
million threshold would be less
burdensome, less costly, and/or would
simplify compliance as compared to the
proposed $5 million threshold. One said
that anything other than a $1 million
threshold may be too complex for
applicants and/or financial institutions,
which could lead to less than expected
levels of data integrity and
misalignment with the 1071 statutory
purposes. Several industry commenters
and a business advocacy group argued
that a gross annual revenue threshold of
$1 million or less is more in line with
congressional intent and purpose. A
bank asserted that it would be more
feasible to implement a firewall between
underwriter and customer because a $1
million threshold would avoid a
complete change in how the bank
underwrites and processes small
business loan applications.
Some commenters said that a $1
million threshold would better align
with existing Regulation B adverse
action notification requirements, with
one adding that misalignment leads to
compliance costs. A bank suggested the
Bureau amend the existing Regulation B
538 It is unclear whether the commenter was
referring to the asset size of the small business or
asset size of the financial institution.
E:\FR\FM\31MYR2.SGM
31MYR2
lotter on DSK11XQN23PROD with RULES2
35264
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
requirements on adverse actions to
ensure consistency with this rule and
avoid confusion with loan officers and
loan processers.
Many more commenters advocated for
alignment with CRA regulations that use
$1 million or less in annual revenue to
define a small business, with some
arguing that misalignment with the CRA
would lead to increased compliance
costs. Some industry commenters
stressed the need for consistency
between reporting regimes, asserting
that the proposed threshold did not
align with other regulatory requirements
such as CRA. One commenter suggested
that inconsistency with CRA would add
another nuance to data validation. A
State bankers association suggested that
a $1 million threshold would also better
align with Small Business Development
Center and Small Business Investment
Company program guidelines. A credit
union trade association suggested that a
$1 million gross annual revenue
threshold would be consistent with the
SBA’s definitions for some types of
small businesses, including most
agricultural small businesses.
Some commenters said that a $1
million threshold would cover most
(over 95 percent) of small businesses as
defined by the SBA size standards in
effect at the time of the NPRM.
Similarly, many commenters argued
that the proposed $5 million threshold
would be overinclusive and a $1 million
threshold would better exclude nonsmall businesses. One bank said this
overinclusiveness would be particularly
notable in middle/rural America, while
another argued that the proposed
definition would create inequity and
inflated costs for banks serving small-tomidsize markets by picking up a
disproportionate number of businesses
as small businesses under the rule.
Two credit union trade associations
argued that the proposed $5 million
threshold would increase the size of the
1071 data collection, the risk to data
privacy, and the costs associated with
compliance for covered financial
institutions. Two other commenters
suggested that a $1 million threshold
would accomplish the goals of section
1071 without unnecessary drawbacks.
In contrast, some commenters
requested a more expansive size
standard for defining small businesses
under the rule. A number of community
groups expressed a preference for a $7.5
million threshold, citing language from
the SBA’s website 539 indicating that
539 Small Bus. Admin., Basic requirements,
https://www.sba.gov/federal-contracting/
contracting-guide/basic-requirements (last visited
Mar. 20, 2023).
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
most non-manufacturing businesses
with average annual receipts under $7.5
million will qualify as a small business.
A few other commenters expressed a
preference for a $8 million threshold. A
CDFI lender maintained that a $8
million threshold was the most common
SBA size standard threshold for average
annual receipts, would cover more
manufacturing and wholesale
businesses, and received broad support
from small entity representatives
(though they recommended eliminating
the 500 employees standard for
manufacturing and wholesale that was
part of that option under consideration
at SBREFA). Another commenter opined
that a threshold of $8 million (adjusted
every five years according to the SBA’s
recalibrations) would better cover the
small business market, account for
differences in business types (such as
manufacturing) and regional economic
conditions, and would more closely
align with what lenders already
consider small businesses. Finally, a
joint letter from community groups,
community oriented lenders, and
business advocacy groups asserted that
a threshold lower than $8 million would
lead to significantly less data against
which to compare lending patterns and
to identify lending trends and gaps.
Existing SBA size standards. Several
commenters recommended the Bureau
use the SBA’s definition and size
standards. One credit union trade
association asserted that the SBA
definition is already used by credit
unions and all financial services
providers as the industry standard and
thus using an alternative definition
would only create confusion and
inconsistent Federal regulations,
thereby harming credit unions’ ability to
serve their members. A bank argued that
having different definitions and
requirements across similar regulatory
obligations would result in more burden
and costs due to the unique review and
maintenance of each obligation.
Loan size. Some industry commenters
suggested defining a small business by
the credit amount requested. Several
said that small businesses should be
defined by loans of $1 million or less.
A bank asserted that this would be a
much more reasonable definition of
what a small business is and will
encompass the majority of its
commercial lending to small businesses.
A few commenters argued that this
would better align with CRA and call
report requirements. Another
commenter noted that loan size does not
fluctuate over time like revenue and it
is easy to identify at the beginning of the
application process. Some credit union
commenters suggested requiring
PO 00000
Frm 00116
Fmt 4701
Sfmt 4700
reporting for small business loans up to
$10 million. A few other industry
commenters suggested adopting a
maximum amount applied for
‘‘exclusion’’ of $750,000 in order to
exempt applications from non-small
businesses. These commenters asserted
that such an exclusion would
harmonize this rule with the SBA’s
maximum direct loan amount. A few
commenters expressed disapproval of a
$1 million loan size threshold, noting
many small businesses borrow amounts
far more than $1 million while many
large businesses borrow amounts far
below that threshold.
Small farm definition. The Bureau
received comments from many
agricultural lenders suggesting that the
$5 million gross annual revenue
threshold would be overinclusive when
applied to farms and that agricultural
lending needs a different small business
definition for purposes of section 1071
in order to capture only truly small
farms. One commenter asserted that
under the Small Business Act’s
implementing regulations, the Bureau
must take into account differing
industry characteristics. Specifically,
many agricultural lenders suggested that
the Bureau’s definition of ‘‘small
business’’ align with the Farm Credit
Administration’s (FCA) definition of
‘‘small farmer,’’ which is a ‘‘farmer,
rancher, or producer or harvester of
aquatic products who normally
generates less than $250,000 in annual
gross sales of agricultural or aquatic
products.’’ 540 A few also urged the
Bureau not to ignore the USDA small
farm definitions.541 One commenter
noted that even a $1 million threshold
would be too high because 96 percent of
farms had less than $1 million in annual
sales of agricultural products. Several
commenters suggested that the FCA
540 Farm Credit Admin., Bookletter 040—Revised:
Providing Sound and Constructive Credit to Young,
Beginning, and Small Farmers, Ranchers, and
Producers or Harvesters of Aquatic Products, at 2
(Aug. 10, 2007), https://ww3.fca.gov/readingrm/
Handbook/FCA%20Bookletters/BL040%20REVISED.docx.
541 The USDA Economic Research Service
(USDA–ERS) measures farm size by annual gross
cash farm income—a measure of the farm’s revenue
(before deducting expenses) that includes sales of
crops and livestock, payments made under
agricultural Federal programs, and other farmrelated cash income including fees from production
contracts. Econ. Rsch. Serv., U.S. Dep’t of Agric.,
Farm Structure and Contracting (last updated Mar.
8, 2022), https://www.ers.usda.gov/topics/farmeconomy/farm-structure-and-organization/farmstructure-and-contracting/. Within this
classification system, small family farms have gross
cash farm income less than $350,000, with
subcategories of low-sales farms (gross cash farm
income less than $150,000) and moderate-sales
farms (gross cash farm income between $150,000
and $349,999). Id.
E:\FR\FM\31MYR2.SGM
31MYR2
lotter on DSK11XQN23PROD with RULES2
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
definition would facilitate compliance
because staff and compliance
professionals at Farm Credit lenders are
already very familiar with that standard
and because it would be confusing and
burdensome for staff to manage two
competing regulatory definitions of
‘‘small’’ customers.
Several commenters noted that
approximately half of Farm Credit
System loans outstanding were to
‘‘small farmers’’ and that this level of
coverage would more than accomplish
section 1071’s statutory purposes. One
agricultural lender noted that over 76
percent of its loan volume portfolio
would fall within the proposed $5
million ‘‘small business’’ definition
(approximately 3,770 loans) but 10.7
percent of the loan volume portfolio
falls under the FCA definition
(approximately 2,730 loans).
Other suggested size standards. A
trade association representing online
lenders recommended the Bureau adopt
an easy-to-administer definition based
on 4-digit NAICS codes. This
commenter argued that while a singular
revenue or number of employees
standard to designate small businesses
might be simpler for the Bureau, it
would not be a true reflection of the
small business market. The commenter
asserted that employing the first 4 digits
of the NAICS codes would provide
measurements that differentiates
broadly by industry, but provides a
standard that gives lenders flexibility,
allowing them to use data supplied by
the borrower without having to
undertake a costly and time-consuming
verification process of the data
provided.
Many community groups,
community-oriented lenders, and a
minority business advocacy group urged
the Bureau to adopt the 500 employee/
$8 million test set forth in the SBREFA
Outline. A few of these commenters said
this was an easily implemented
definition that covered the bulk of small
businesses as defined by the SBA
without the complexities of the SBA’s
NAICS-code based definitions, whereas
the Bureau’s proposal would exclude
270,000 businesses that the SBA
classifies as small businesses, with
many such businesses
disproportionately located within retail
trade and construction industries, where
small businesses are more likely to be
owned by people of color.
One comment letter suggested
defining a small business as having a
gross annual revenue of $1 million and
including a threshold for the number of
employees required for a business to be
deemed small. They referenced the
SBA’s size standards, which use a 100-
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
employee threshold for some industries,
but suggested the Bureau use a similar
definition or alter its small business
definition to include more minorityand women-owned small businesses.
Other issues. A few comments
addressed the role of affiliate revenue in
business size determinations. A bank
suggested aligning treatment of affiliate
revenue with current CRA
requirements 542 to avoid reporting
disparities from institution to institution
for similarly situated applicants.
Pointing to SBA rules and guidance, two
other industry commenters asserted that
subsidiaries of large companies should
be excluded from the definition of
‘‘small business’’ if the aggregate
revenues for all affiliates, as defined in
13 CFR 121.103, exceed the gross
annual revenue threshold.
Two commenters asked for
clarification related to business size
determinations involving multiple
applicants. One suggested the Bureau
clarify that loans jointly made to
multiple borrowers are not reportable
where one or more of the borrowers may
qualify as a small business under the
rule but is not the primary business
seeking the funding. Another
commenter suggested the Bureau (i)
allow lenders to treat all co-borrowers as
one applicant such that the gross annual
revenue of all co-borrowers would be
aggregated for purposes of assessing
whether the loan is a small business
loan and (ii) clarify how to identify
loans to a ‘‘minority-owned business’’ or
a ‘‘women-owned business’’ when one,
but not all, co-borrowers meet the
definitions of these terms.
A group of insurance premium
finance trade associations noted that
their members do not obtain any
financial information or information
about for-profit status regarding any
applicant and suggested the Bureau
permit their members to ask the insured
business if it is a small business (after
furnishing the regulation’s operative
definition) when the signed premium
finance agreement is submitted to the
lender or immediately after the lender
receives the signed premium finance
agreement.
542 The CRA requires an institution to rely on the
revenues that it considered in making its credit
decision when indicating whether a small-business
or small-farm borrower had gross annual revenues
of $1 million or less—in the case of affiliated
businesses, the institution would aggregate the
revenues of the business and the affiliate to
determine whether the revenues are $1 million or
less only if the institution considered the revenues
of the entity’s parent or a subsidiary corporation of
the parent as well as that of the business. See Fed.
Fin. Insts. Examination Council, A Guide to CRA
Data Collection and Reporting, at 13 (Jan. 2001),
https://www.ffiec.gov/cra/pdf/cra_guide.pdf.
PO 00000
Frm 00117
Fmt 4701
Sfmt 4700
35265
Final Rule
For the reasons set forth herein, the
Bureau is finalizing § 1002.106(b)(1)
(proposed as § 1002.106(b)) to define a
small business as having the same
meaning as the term ‘‘small business
concern’’ in 15 U.S.C. 632(a), as
implemented in 13 CFR 121.101
through 121.107. As discussed above,
the Bureau believes that adopting
existing statutory and regulatory small
business definitions, which are widely
understood and already the subject of
notice and comment, is consistent with
the purposes of section 1071 and will
facilitate compliance. Final
§ 1002.106(b)(1) further states that,
notwithstanding the size standards set
forth in 13 CFR 121.201, for purposes of
subpart B, a business is a small business
if its gross annual revenue, as defined in
final § 1002.107(a)(14), for its preceding
fiscal year is $5 million or less. The
Bureau believes this definition
implements the statutory language of
section 1071 while reflecting a need for
financial institutions to apply a simple,
broad definition of a small business
across industries. The Bureau has
obtained SBA approval for this alternate
small business size standard pursuant to
the Small Business Act.543
The Bureau believes that adopting
this gross annual revenue standard is
consistent with the purposes of section
1071 and addresses the concerns that
the Bureau has heard with respect to
determining whether applicants are
small businesses for purposes of
complying with section 1071,
particularly regarding determining the
applicant’s NAICS code, and the
implications thereof. Due to concerns
expressed by other stakeholders, which
are described above, and upon its own
further consideration as discussed in
this section-by-section analysis under
Alternatives Considered below, the
Bureau is not adopting suggested
alternative standards, including, but not
limited to a $1 million gross annual
revenue standard, a $7.5 or $8 million
gross annual revenue standard, a
threshold based on loan size, a different
standard for agricultural lending, nor
the existing SBA size standards.
The Bureau agrees with the many
commenters who said that a definition
of small business for purposes of section
1071 based on a gross annual revenue
threshold was simple, objective,
relatively easy to apply at the time of
application, and/or will make
compliance easier. The Bureau
understands that a majority of large
banks already use gross annual revenue
543 15
E:\FR\FM\31MYR2.SGM
U.S.C. 632(a)(2)(C); 13 CFR 121.903.
31MYR2
35266
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
thresholds to delineate small business
lending within their own institutions.544
The Bureau also agrees that a gross
annual revenue threshold is the
preferred way to implement section
1071 to avoid overly complicating the
data collection process, leading to the
introduction of errors that would
undermine data accuracy, or interfering
with financial institutions’ ability to
extend credit to business applicants in
a prompt and efficient manner. The
Bureau believes that a simplified
definition of small business that does
not require determining the appropriate
NAICS codes and/or the number of
employees will satisfy lenders’ needs to
easily determine small business status
early in the application process and
avoid delays in communicating a credit
decision.
While the Bureau received broad
support for a simple gross annual
revenue threshold generally, it received
narrower support for a threshold of $5
million or less in gross annual revenue.
The Bureau believes that a $5 million
threshold strikes the right balance in
terms of broadly covering the small
business financing market to fulfill
section 1071’s statutory purposes while
meeting the SBA’s criteria for an
alternative size standard.545 As
described above, the SBA is generally
increasing size standards across
industries and no longer uses a $1
million annual receipts standard for any
industry. As a result, the Bureau’s $5
million standard is sufficiently
inclusive relative to the SBA size
standards. Moreover, while there is no
clear consensus on a simplified size
standard that uniformly covers all small
business financing markets,546 the
Bureau understands that among the
banks that already use a gross annual
revenue threshold to delineate small
business lending, the majority of banks
of all sizes use a threshold above $1
million in firm gross annual revenue.547
In fact, larger banks typically use even
higher thresholds (for banks with less
than $1 billion in assets, 25.1 percent
use a threshold greater than $5 million
in firm gross annual revenue, while 37.0
percent of banks with $1 billion to $10
billion in assets use a gross annual
544 See
FDIC Small Business Lending Survey at
lotter on DSK11XQN23PROD with RULES2
11.
545 See
15 U.S.C. 632(a)(2)(C); 13 CFR 121.903.
e.g., FDIC Staff Report at 10 (discussing
various gross annual revenue thresholds ranging
from $1 million to $10 million and resolving
‘‘[g]iven the lack of consensus on the correct
definition of a small business, [to] present results
using both thresholds wherever possible’’).
547 Id. at 9.
546 See,
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
revenue threshold of $5 million or
more).548
The Bureau has considered the
potential effect of applying a $5 million
gross annual revenue threshold to both
non-agricultural and agricultural
industries and compared that standard
to coverage under the SBA’s existing
size standards. Among non-agricultural
industries, the Bureau estimates 549 that
over 1.5 million (27 percent) small
businesses would not be covered by an
alternative $1 million gross annual
revenue threshold and at a $2 million
threshold, the rule would have been
underinclusive by 12 percent. (This and
other size standards suggested by
commenters are discussed in detail
under Alternatives Considered below.)
At a $8 million threshold, the
percentage of underinclusivity falls to
approximately 4 percent, or
approximately 235,000 non-agricultural
businesses.
Applying an $8 million threshold to
agricultural businesses, the Bureau’s
analysis 550 shows that over 20,000 such
businesses that are not considered small
under the SBA’s size standards would
have their applications reported to the
Bureau.551 With the finalized $5 million
gross annual revenue threshold, relative
to current SBA size standards, all small
farms’ applications will be reported to
the Bureau, along with applications
from 14,000 agricultural businesses that
are not considered small under the
SBA’s size standards. Thus, the Bureau
believes that its $5 million gross annual
revenue threshold strikes an appropriate
balance between covering the
applications of most businesses that are
considered small under the SBA’s size
standards, while minimizing the
number of businesses above the SBA’s
size standards whose applications will
be reported to the Bureau, and in a way
548 Id.
549 The Bureau used the most recent Statistics of
U.S. Businesses (SUSB) from Census (from 2017) to
estimate the total number of businesses that would
be under- or over-included for section 1071, relative
to the SBA’s size standards and based on various
revenue-based size standard alternatives. We use
SBA size standards as of May 2022 which reference
2017 NAICS codes; these NAICS codes are
consistent with the SUSB data. The 2017 SUSB
only contains information on employer businesses.
550 The Bureau’s analysis of agricultural
industries used the 2017 Census of Agriculture from
the USDA, relative to the SBA’s size standards,
based on various revenue-based size standard
alternatives. The Bureau notes that because the
Census of Agriculture does not have the granularity
of the SUSB, it made some additional strong
assumptions. The Census of Agriculture also does
not have the same employer/non-employer
distinction as the SUSB and therefore includes
information on all farms.
551 In the Census of Agriculture, there is just a
$5+ million category so this number would not
change for thresholds above $5 million.
PO 00000
Frm 00118
Fmt 4701
Sfmt 4700
that satisfies the SBA’s criteria for
approving an alternative size standard
under its regulations.
The Bureau also notes that in their
proposal to amend their regulations
implementing the CRA, the Board,
FDIC, and OCC proposed to define the
terms ‘‘small business’’ and ‘‘small
farm’’ consistent with the Bureau’s
definitions in its NPRM.552 Thus, per
the CRA proposal, once 1071 data are
available, the agencies would transition
from the current CRA definitions of
small business and small farm loans to
definitions that cover loans to small
businesses and small farms with gross
annual revenues of $5 million or less.553
Given the many comments that the
Bureau received advocating for CRA
alignment, the Bureau strongly supports
the CRA agencies’ efforts and believes
that finalizing its proposed small
business definition will streamline
reporting and minimize compliance
risks for financial institutions that are
also reporting covered credit
transactions under CRA and would
simplify data analysis for CRAreportable transactions. See part II.F.2.i
above for further discussion of the CRA
and its relationship to this rule.
With respect to a commenter’s
suggestion that the Bureau increase the
existing Regulation B threshold for
notification to business credit
applicants for consistency with this
rule, the Bureau does not believe such
a change would be appropriate at this
time. Given the fact that these
notification requirements have been in
place for close to 50 years and financial
institutions have invested in
compliance infrastructure around these
requirements, the Bureau believes that
the notification threshold in existing
Regulation B should not be amended
without additional research and input
from stakeholders.
To address ECOA and existing
Regulation B’s general prohibition
against inquiring about protected
demographic information in connection
with a credit transaction,554 and to
clarify the obligations of covered
financial institutions under subpart B,
the Bureau is adopting final comments
106(b)(1)–1 and 106(b)(1)–2 to address
situations when new information may
arise that could change the
determination of whether an applicant
is a small business. The Bureau
acknowledges that a financial
institution’s understanding of an
applicant’s gross annual revenue may
552 87
FR 33884, 33890 (June 3, 2022).
at 33899.
554 See existing § 1002.5(a)(2); 15 U.S.C.
1691(b)(5).
553 Id.
E:\FR\FM\31MYR2.SGM
31MYR2
lotter on DSK11XQN23PROD with RULES2
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
change as the institution proceeds
through underwriting. The Bureau is
finalizing comment 106(b)(1)–1
(proposed as 106(b)–1) with updated
cross-references to other portions of the
final rule. Final comment 106(b)(1)–1
explains that if a financial institution
initially determines an applicant is a
small business as defined in final
§ 1002.106(b) based on available
information and obtains data required
by final § 1002.107(a)(18) and (19), but
the financial institution later concludes
that the applicant is not a small
business, the financial institution may
process and retain the data without
violating ECOA or Regulation B if it
meets the requirements of final
§ 1002.112(c)(4). The Bureau is
finalizing comment 106(b)(1)–2
(proposed as 106(b)–2) with certain
revisions for additional clarity. Final
comment 106(b)(1)–2 explains that if a
financial institution initially determines
that the applicant is not a small
business as defined in final § 1002.106,
but then later concludes the applicant is
a small business prior to taking final
action on the application, the financial
institution must report the covered
application pursuant to final § 1002.109.
In this situation, the financial
institution shall endeavor to compile,
maintain, and report the data required
under final § 1002.107(a) in a manner
that is reasonable under the
circumstances.
The Bureau is finalizing comment
106(b)(1)–3 (proposed as comment
106(b)–3) to explain that a financial
institution is permitted to rely on an
applicant’s representations regarding
gross annual revenue (which may or
may not include an affiliate’s revenue)
for purposes of determining small
business status under final
§ 1002.106(b)(1). The comment further
clarifies that, if the applicant provides
updated gross annual revenue
information or the financial institution
verifies such information, the financial
institution must use the updated or
verified information in determining
small business status. The Bureau has
changed the heading of this comment
and has removed some of the
introductory language to this comment
for clarity as suggested by several
commenters; this change is not intended
to alter the meaning of this comment.
The Bureau has considered comments
regarding the role of affiliate revenue in
business size determinations. The
Bureau agrees that subsidiaries of large
companies should be excluded from the
definition of ‘‘small business’’ provided
that the aggregate revenues for all
affiliates, as defined in 13 CFR 121.103,
exceed the $5 million gross annual
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
revenue threshold—and, indeed, this is
consistent with what the Bureau
proposed. The Bureau is not, however,
adopting the mandate in the SBA
regulations, which provide that the
average annual receipts size of a
business concern with affiliates must be
calculated by adding the average annual
receipts of the business concern with
the average annual receipts of each
affiliate.555 The Bureau understands that
the SBA totals the average annual
receipts of the applicant and all of its
affiliates in determining size because in
order to be eligible for certain Federal
programs and certain Federal contracts
and subcontracts, a firm must be a
‘‘small business concern.’’ 556 Because
the size standard used for this rule is
only to determine whether data
collection is required pursuant to
section 1071 and has no bearing on
eligibility for Federal small business
assistance, the Bureau does not believe
it is necessary to mandate that financial
institutions consider affiliate revenue in
determining an applicant’s small
business status.
The Bureau believes that this
approach to use of affiliate revenue in
size determinations will address
concerns related to treatment of passive
businesses and non-operating entities,
such as special purpose vehicles. The
Bureau understands that passive
businesses and non-operating entities
are generally affiliated with other
businesses (for example as subsidiaries
of large corporate entities). The Bureau
notes that final § 1002.102(a) adopts the
SBA’s expansive view of what
constitutes affiliation,557 and it is
therefore unlikely that a special purpose
entity or other large project financing
investment entity would be formed
without any affiliation with an
established entity—rather, they are
likely created as subsidiaries of an
existing business or as joint ventures
between existing businesses.558 Thus,
555 13
CFR 121.104(d)(1).
Bus. Admin., Small Business
Compliance Guide, at 4 (July 2020), https://
www.sba.gov/sites/default/files/2020-10/
AFFILIATION%20GUIDE_Updated%20%28004
%29-508.pdf.
557 13 CFR 121.103; see also Small Bus. Admin.,
Small Business Compliance Guide (July 2020),
https://www.sba.gov/sites/default/files/2020-10/
AFFILIATION%20GUIDE_
Updated%20%28004%29-508.pdf (affiliation can
be based on (1) ‘‘control (when one controls or has
the power to control the other, or a third party or
parties controls or has the power to control both)’’;
(2) ownership; (3) ‘‘stock options, convertible
securities, and agreements to merge’’; (4)
management; (5) identity of interest’’; or (6)
‘‘franchise and license agreements’’).
558 Similarly, where a substantial portion of its
assets and/or liabilities of a special purpose entity
is the same as a predecessor entity, the SBA’s
556 Small
PO 00000
Frm 00119
Fmt 4701
Sfmt 4700
35267
financial institutions will be able to
exclude businesses that are, in fact,
middle- or large-sized applicants from
data collection and reporting under this
final rule by considering these
businesses’ affiliate revenues, which
will likely exceed the $5 million gross
annual revenue threshold for purposes
of the definition of a small business. For
example, if a financial institution
receives an application for financing
from a special purpose vehicle or shell
company established for the purpose of
acquiring significant commercial real
estate (such as a hospital building), the
financial institution could rely on
information provided by the applicant
regarding its, and its affiliates, gross
annual revenue for purposes of
determining small business status under
§ 1002.106(b). As discussed in greater
detail below, the Bureau also believes
that its approach to affiliate revenue
further obviates the need to define a
small business by the credit amount
requested as suggested by some
commenters.
The Bureau has considered the
comments regarding business size
determinations involving multiple
unaffiliated applicants and does not
agree with the suggested approach to
allow financial institutions to treat all
co-applicants as one applicant by
aggregating their gross annual revenues
for purposes of assessing business size.
The Bureau does not believe that (in
situations not involving affiliated
entities) such an approach would be
consistent with the SBA’s definitions of
business concern and small business
concern. The Bureau is addressing
commenters’ requests for clarification
on this issue by adding new comment
106(b)(1)–4, which provides that if a
covered financial institution receives a
covered application from multiple
businesses who are not affiliates, as
defined by final § 1002.102(a), where at
least one business is a small business
under final § 1002.106(b), the financial
institution shall compile, maintain, and
report data pursuant to final §§ 1002.107
through 1002.109 regarding the covered
application for only a single applicant
that is a small business. The comment
clarifies that the financial institution
shall not aggregate unaffiliated coapplicants’ gross annual revenues for
purposes of determining small business
status under final § 1002.106(b) and
provides a cross reference to final
comment 103(a)–9 for additional details.
definition of a business concern specifically
dictates that the annual receipts and employees of
the predecessor must be taken into account in
determining size of the new business concern. 13
CFR 121.105(c).
E:\FR\FM\31MYR2.SGM
31MYR2
35268
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
In response to the group of insurance
premium finance trade associations that
highlighted their members’ challenges
with determining small business status,
the Bureau notes that insurance
premium financing arrangements are
excluded under final § 1002.104(b)(4)
for the reasons set forth in the
corresponding section-by-section
analysis.
Alternatives Considered
lotter on DSK11XQN23PROD with RULES2
Gross annual revenue of $1 million. In
the NPRM, the Bureau did not propose
a $1 million gross annual revenue
threshold, expressing concern that such
a threshold likely would not satisfy the
SBA’s requirements for an alternative
size standard across industries and
would exclude too many businesses
designated as small under the SBA’s
size standards. Nevertheless, as
discussed above, many commenters
requested the Bureau adopt a $1 million
gross annual revenue threshold.
The SBA no longer uses a $1 million
annual receipts standard for any
industry and the Bureau does not
believe that a gross annual revenue
threshold of $1 million would be more
in line with congressional intent and
purpose. Congress did not specify a
gross annual revenue threshold for
defining a small business under section
1071 but instead pointed to the SBA’s
definition of small business concern.559
However, Congress set forth a process to
allow the Bureau to prescribe an
alternative size standard, if approved by
the SBA Administrator.560 Given the
fact that the SBA no longer uses a $1
million standard for any industry 561
and is thus unlikely to approve an
alternative size standard at that
threshold for all industries, the Bureau
believes that its small business
559 In ECOA section 704B(h)(2), Congress
provided that ‘‘[t]he term ‘small business’ has the
same meaning as the term ‘small business concern’
in section 3 of the Small Business Act (15 U.S.C.
632).’’
560 15 U.S.C. 632(a)(2)(C).
561 Through a series of rules that became effective
on May 2, 2022, the SBA implemented revised size
standards for 229 industries (all using average
annual receipts standards) to increase eligibility for
its Federal contracting and loan programs. See 87
FR 18607 (Mar. 31, 2022); 87 FR 18627 (Mar. 31,
2022); 87 FR 18646 (Mar. 31, 2022); 87 FR 18665
(Mar. 31, 2022). The SBA did not reduce any size
standards—it either maintained or increased the
size standards for all 229 industries, in many cases
with size standard increases of 50 percent or more.
Effective July 14, 2022, the SBA also increased size
standards for 22 wholesale trade industries and 35
retail trade industries. 87 FR 35869 (June 14, 2022).
Effective December 19, 2022, the SBA added an
additional 13.65 percent inflation increase to the
monetary small business size standards. 87 FR
69118 (Nov. 17, 2022).
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
definition is a more appropriate
alternative size standard.
While it is true that a $1 million
threshold would better align with
existing Regulation B adverse action
notification requirements, the Bureau
believes that the flexibilities built into
the final rule for small business size
determinations will obviate the need for
changes to adverse action operations,
including compliance with existing
Regulation B adverse action notification
requirements. The Bureau also notes
that the concerns raised by many
commenters regarding alignment with
CRA regulations would likely be
resolved if the CRA proposal, which
expressly seeks alignment with the
Bureau’s alternative small business
definition, is finalized. With respect to
suggested alignment with Small
Business Development Center and Small
Business Investment Company program
guidelines, the Bureau points to the fact
that credit transactions made under
programs with lower thresholds are by
default small business transactions for
the purposes of the final rule and thus
not inconsistent.
The Bureau has considered the
comments arguing that a $5 million
threshold would be overinclusive and a
$1 million threshold would better
exclude non-small businesses. Based on
the Bureau’s analysis, neither a $1
million threshold nor $5 million
threshold would be overinclusive
among non-agricultural industries
relative to the SBA’s current size
standards. On the other hand, the
Bureau estimates that, in terms of the
number of SBA ‘‘small’’ firms whose
applications would not be reported to
the Bureau, a $1 million threshold
would be 4.5 times more underinclusive
than a $5 million threshold. Moreover,
research conducted by FDIC staff found
that among banks with $1 billion to $10
billion in assets, more than one-third of
self-described small business lending
would be excluded under the $1 million
gross annual revenue definition and that
among banks with more than $10 billion
in assets, nearly two-thirds would be
excluded.562 Based on this study, FDIC
staff concluded that ‘‘for the typical
bank, a [gross annual revenue] threshold
of $1 million is overly conservative and
would exclude many firms that should
properly be considered small
businesses.’’ The Bureau agrees with
this conclusion, and likewise believes
that a $1 million gross annual revenue
threshold would not satisfy the SBA’s
requirements for an alternative size
standard across industries and would
562 FDIC
PO 00000
Staff Report at 10.
Frm 00120
Fmt 4701
Sfmt 4700
exclude too many businesses designated
as small under the SBA’s size standards.
Gross annual revenue of $7.5 to $8
million. The Bureau is not adopting a
$7.5 million or $8 million gross annual
revenue threshold, as suggested by a
number of commenters. While the
Bureau agrees that a threshold of $7.5 to
8 million would more expansively cover
SBA small businesses (the Bureau
estimates that under a $8 million
threshold, applications from
approximately 130,000 more SBA
‘‘small’’ firms would be reported to the
Bureau as compared to a $5 million
threshold), the Bureau does not believe
that this definition more closely aligns
with what lenders already consider
small businesses based on comments
received in support of a lower than $5
million threshold. Moreover, the Bureau
notes that while an $8 million threshold
would be less underinclusive among
non-agricultural industries relative to
SBA size standards, it would be more
overinclusive among agricultural
businesses.
Loan size. The Bureau does not
believe that it would be appropriate to
define a small business based on the
size of the loan applied for (i.e., by
adopting a maximum ‘‘amount applied
for’’ exclusion) such as one in the
amount of $750,000 (for SBA alignment)
or $1 million (for CRA alignment), as
suggested by some commenters. The
Bureau likewise is not defining a small
business based on whether a loan is for
an amount up to $10 million, as
suggested by some commenters, or any
other size.563 As explained in the
NPRM, the Bureau believes that such
potential definitions do not bear a
sufficient relationship to the size of the
business or its operations. For instance,
under a definition similar to existing
CRA requirements, application data for
businesses with low revenue that may
be applying for large loans would be
excluded. The Bureau does not believe
that adopting such an approach would
further the purposes of section 1071.
The Bureau likewise agrees with
commenters cautioning against using
the CRA definition based on loan size,
because many small businesses borrow
amounts far more than $1 million while
many large businesses borrow amounts
far below that threshold.564
563 It is possible that these commenters intended
to advocate for a $10 million gross annual revenue
threshold. For the reasons stated above, the Bureau
does not believe a definition of small business using
a $10 million gross annual revenue threshold would
fulfill section 1071’s statutory purposes.
564 See, e.g., FDIC Small Business Lending Survey
at 17 (finding that at banks with assets of $1 billion
to $10 billion, at least $19.1 billion in gross
understatement of small business lending (in which
E:\FR\FM\31MYR2.SGM
31MYR2
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
lotter on DSK11XQN23PROD with RULES2
Existing SBA size standards. Despite
some recommendations that the Bureau
use the SBA’s definition and size
standards, the Bureau believes the
SBA’s size standards are not suitable for
this data collection initiative and prefers
to establish a small business definition
specifically tailored to this rulemaking
implementing section 1071.
A simple, easy-to-implement small
business definition is necessary in light
of the general prohibition in existing
Regulation B against creditors’ inquiring
about protected demographic
information in connection with a credit
transaction unless otherwise required by
Regulation B, ECOA, or other State or
Federal law, regulation, order, or
agreement.565 ECOA section
704B(e)(2)(G), as implemented by this
rule, requires a financial institution to
collect and report the ethnicity, race,
and sex of the principal owners of the
business. Thus, in order to avoid
potential liability under ECOA and
existing Regulation B, a financial
institution must accurately determine
that a business credit application is
subject to section 1071 before inquiring
about the applicant’s protected
demographic information. The Bureau
does not believe the SBA’s existing size
standards allow for the quick and
accurate determination of small
business status required for this 1071
data collection initiative. Specifically,
the Bureau does not believe this
determination can be quickly and
accurately made if, as required under
the SBA’s existing size standards, the
financial institution must determine the
appropriate 6-digit NAICS code for the
business and then apply the NAICSbased size standards to determine
whether an applicant for business credit
is a small business.
As discussed above, commenters
expressed concern to the Bureau about
the difficulties in determining the
appropriate 6-digit NAICS code for
businesses and in applying the SBA’s
NAICS-based size standards. They
generally preferred a simple small
business definition and expressed
concern that the SBA’s approach to
defining a small business—which bases
classification on an applicant’s 6-digit
NAICS code—is relatively complex in
this context. The Bureau believes that
removing a NAICS code-based small
business determination as a step in
small businesses with less than $1 million in gross
annual revenue received loans with amounts greater
than $1 million)).
565 ECOA provides that it is not discrimination for
a financial institution to inquire about womenowned or minority-owned business status, or the
ethnicity, race, and sex of principal owners
pursuant to section 1071. 15 U.S.C. 1691(b)(5).
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
determining small business status will
both facilitate compliance and better
achieve the purposes of section 1071.
The Bureau understands that one reason
that commenters expressed a strong
desire for a simple approach to
determining whether an applicant is
small is that this initial determination
may drive the application process. To
comply with section 1071 requirements,
financial institutions may use a different
application process, or different or
additional application materials, with
small business credit applicants than
they do with applicants that are not
small businesses. Thus, quickly and
accurately determining whether an
applicant is a small business at the
outset of the application process may be
a crucial step, one that financial
institutions would benefit from being
able to seamlessly accomplish.
Considering the requirements and
prohibitions in ECOA with respect to
protected demographic information, the
Bureau understands the import that
financial institutions have placed on
both the speed and accuracy of this
determination.
Notwithstanding its decision to not
rely on NAICS codes in its small
business definition, the Bureau believes
that NAICS codes possess considerable
value for section 1071’s fair lending
purpose as well as its business and
community development purpose. As
discussed in the section-by-section
analysis of § 1002.107(a)(15) below, the
Bureau is therefore requiring financial
institutions to collect and report 3-digit
NAICS sector codes for applications
subject to this final rule. However, the
Bureau believes that gathering NAICS
code information at some point during
the application process, while still the
subject of some concern for financial
institutions, differs in kind from
requiring NAICS information as a
necessary step to beginning an
application (and correctly determining
which type of application to initiate). In
addition, the NAICS information now
required by the final rule is a 3-digit
NAICS code instead of a 6-digit code as
proposed; this information will provide
valuable data to analyze fair lending
patterns and identify business
subsectors with unmet credit needs,
while limiting the burden this collection
may impose on financial institutions
and small business applicants.
The Bureau also believes that its
simplified alternative size standard will
provide reporting results that are largely
consistent with what would be reported
by adopting the full SBA size standards.
The Bureau used data from the U.S.
Census’s 2012 Statistics of U.S.
Businesses (SUSB) and the U.S.
PO 00000
Frm 00121
Fmt 4701
Sfmt 4700
35269
Department of Agriculture’s 2012
Census of Agriculture to analyze how
various alternative approaches would
change the number of businesses
considered ‘‘small’’ under this rule
relative to the SBA definition.566 Among
the 7.2 million small employer
businesses and farms, the Bureau
estimates that 365,000 businesses that
would be small under the SBA’s
existing size standards will not be
covered by the Bureau’s $5 million gross
revenue standard. The Bureau further
estimates that the Bureau’s rule will
cover some 14,000 agricultural
businesses that would not be small
under the SBA’s existing size standards.
The Bureau believes that such variation
with respect to the SBA’s current size
standards is an appropriate trade-off for
the reasons described herein.
The Bureau notes, however, that some
industries will have greater divergence
between which businesses are small
under the Bureau’s $5 million gross
annual revenue alternative size standard
and which businesses are small under
the SBA’s existing size standards. That
is, applications for businesses that are
small under the SBA’s existing size
standards will be reported to the Bureau
less from some industries than others. In
general, there will be a larger proportion
of businesses whose applications will
not be reported in industries with a
higher revenue-based size standard. The
industries most affected by this are the
retail trade and construction industries.
Other industries disproportionately
affected may include manufacturing,
wholesale trade, health care and social
assistance, and professional, scientific,
and technical services. The Bureau
received limited public feedback with
respect to such concerns.
The Bureau also believes that a
simplified size standard will be
important for financial institutions that
may not frequently engage in small
business lending in determining
whether they are covered under this
final rule. As discussed in the sectionby-section analysis of § 1002.105(b),
small business lending data collection
and reporting is required only for
financial institutions that originated at
least 100 covered credit transactions for
small businesses in each of the two
preceding calendar years. Financial
institutions that do not frequently lend
566 The 2012 SUSB is the most recent Census
product to have categories of revenue and
employees granular enough to conduct this
analysis. The Bureau constructed the 2012
equivalents of the second and third alternatives due
to the vintage of the SUSB data available and used
the SBA’s 2012 size standards for the analysis. The
2012 SUSB only covers employer firms or
businesses with at least one employee.
E:\FR\FM\31MYR2.SGM
31MYR2
35270
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
lotter on DSK11XQN23PROD with RULES2
to small businesses will seek to track
precisely how many such transactions
they have originated. The Bureau
believes that it is important to empower
financial institutions to quickly
ascertain whether a covered credit
transaction was originated for a small
business, so that infrequent lenders can
continue to monitor whether
compliance with this final rule is
required.
The Bureau believes that its $5
million gross annual revenue standard
is a more efficient and appropriate
measure of applicant size for purposes
of determining whether small business
lending data collection is required
pursuant to section 1071. The Bureau
understands that the SBA generally
bases business concern size standards
on average annual receipts or the
average number of employees of the
business concern, as customized
industry-by-industry across 1,012 6digit NAICS codes. The SBA typically
uses two primary measures of business
size for size standards purposes: (i)
average annual receipts 567 for
businesses in services, retail trade,
agricultural, and construction
industries, and (ii) average number of
employees 568 for businesses in all
manufacturing industries, most mining
and utilities industries, and some
transportation, information, and
research and development industries.569
The Bureau understands that the SBA’s
size standards are used to establish
eligibility for a variety of Federal small
business assistance programs, including
for Federal government contracting and
business development programs
designed to assist small businesses in
obtaining Federal contracts and for the
SBA’s loan guarantee programs, which
provide access to capital for small
businesses that are unable to qualify for
and receive conventional loans
elsewhere. The Bureau notes that its $5
million size standard will only be used
to determine whether small business
lending data collection is required
pursuant to section 1071, and has no
567 The Bureau understands that the SBA changed
its regulations on the calculation of average annual
receipts for all its receipts-based size standards, and
for other agencies’ proposed receipts-based size
standards, from a three-year averaging period to a
five-year averaging period, outside of the SBA
Business Loan and Disaster Loan Programs. 84 FR
66561 (Dec. 5, 2019).
568 Generally, the average number of employees of
the business concern is used (including the
employees of its domestic and foreign affiliates)
based upon numbers of employees for each of the
pay periods for the preceding completed 24
calendar months. See 13 CFR 121.106(b)(1).
569 To measure business size, the SBA also uses
financial assets for certain financial industries, and
for the petroleum refining industry, it uses refining
capacity and employees.
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
bearing on eligibility for Federal small
business assistance. Moreover, the
Bureau believes it is far more likely that
an applicant will be able to readily
respond to a question regarding its gross
annual revenue for the preceding fiscal
year—something already contemplated
by existing Regulation B for all business
credit to determine whether adverse
action notice requirements apply 570—
than offer the closest metric currently in
use by SBA regulations, which is
generally average annual receipts across
the previous five fiscal years.571
The Bureau believes that requiring
application of existing SBA size
standards for this rule could result in
many financial institutions having to
undergo extensive operational and/or
compliance management system
changes. The Bureau believes that it will
reduce burden for financial institutions,
particularly those without sophisticated
compliance management systems or
familiarity with SBA lending, to comply
with a gross annual revenue size
standard for the section 1071 small
business definition that better aligns
with current lending practices.
If the Bureau were to adopt a small
business definition using the existing
SBA size standards that vary by
industry based on 6-digit NAICS codes,
financial institutions would only be able
to request an applicant’s protected
demographic information further along
in the application process, once they
have obtained the multiple pieces of
data that would be necessary to
determine whether the applicant is
small and, therefore, the 1071 process
applies. This delay could make it more
difficult for financial institutions to
collect applicants’ protected
demographic information (particularly
for applications that are withdrawn or
closed for incompleteness early in the
application process), which is important
to both of section 1071’s statutory
purposes. These data collection
considerations differ from those
applicable to SBA lending programs,
whereby a lender often cannot (and
should not) make an accurate eligibility
determination for an SBA loan until
later in the application process, often
after a loan has already been initially
decisioned and after the lender has
collected information related to size,
time in business, and other data.
In order to allow financial institutions
to expeditiously determine whether this
rule applies, the Bureau is seeking to
minimize complexity for financial
institutions in determining whether a
covered application is reportable
570 See
571 13
PO 00000
12 CFR 1002.9(a)(3).
CFR 121.104(a) and (c).
Frm 00122
Fmt 4701
Sfmt 4700
because the applicant business is a
small business—a necessary
determination for the collection of
protected demographic information
pursuant to section 1071. The Bureau
believes, and most commenters agreed,
that this rule will benefit from a
universal, easy-to-apply reporting
trigger that does not need to be
supported by additional documentation
or research. Such a reporting trigger
must be easily understood by small
business owners who may be
completing an application online, or by
the tens of thousands of customer-facing
personnel who take small business
applications in an industry with a
recent turnover rate of over 20
percent.572 The Bureau also believes
that a gross annual revenue reporting
trigger will facilitate better compliance
with section 1071 requirements because
it aligns with many larger financial
institutions’ current lending and
organizational practices, which use
gross annual revenue to assign small
businesses into their retail/small
business banking groups.573
Requiring financial institutions to rely
on the SBA’s existing size standards for
purposes of 1071 data collection and
reporting requirements could pose risks
to the efficient operation of small
business lending. Based on the
overwhelmingly consistent feedback the
Bureau has received from stakeholders
on this issue, the Bureau believes that
using the SBA’s existing size standards
for the purposes of section 1071—
wherein the financial institution must
quickly determine the appropriate 6digit NAICS code for businesses and
then apply a variety of standards,
including potentially gathering
information to determine five years of
the applicant’s average annual receipts
or employee information—would not
align with current lending and
organizational practices. Application of
the SBA’s existing size standards, at the
beginning of the application process,
could slow down the application
process, particularly at institutions that
otherwise would often be able to render
credit decisions in a matter of minutes;
the Bureau believes that financial
institutions may be compelled to raise
the cost of credit or originate fewer
covered credit transactions as a result.
572 Jim Dobbs, Employee churn surges at banks
despite pay hikes, Am. Banker (Sept. 9, 2022),
https://www.americanbanker.com/news/employeechurn-surges-at-banks-despite-pay-hikes.
573 See Fed. Deposit Ins. Corp., Small Business
Lending Survey, at 12 (2018), https://www.fdic.gov/
resources/publications/small-business-lendingsurvey/2018-survey/section2.pdf (finding that a
substantial majority of large banks use gross annual
revenue (61.8 percent) as a limit to define small
businesses).
E:\FR\FM\31MYR2.SGM
31MYR2
lotter on DSK11XQN23PROD with RULES2
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
Such an outcome could needlessly
affect access to credit for small
businesses. The Bureau believes that
eliminating credit opportunities or
reducing access to credit for small
businesses, including women-owned
and minority-owned small businesses,
in this way would frustrate the statutory
purpose of section 1071 to ‘‘enable
communities, governmental entities,
and creditors to identify business and
community development needs and
opportunities of women-owned,
minority-owned, and small
businesses.’’ 574
The Bureau expects that many
financial institutions, for efficiency, will
bifurcate their business credit
application procedures based on an
initial determination of whether the
application will be subject to this rule.
The Bureau therefore believes that many
financial institutions will not proceed
with taking applicant information until
the financial institution is able to
determine that the applicant is small (in
which case, this rule requires it to
collect and report the applicant’s
protected demographic information) or
that the applicant is not small (where
ECOA generally prohibits the financial
institution from collecting protected
demographic information). If this
process necessitates determining the
correct NAICS code for the applicant,
and in many cases, requesting five years
of average annual receipts or the 24month average number of employees
from the applicant pursuant to SBA’s
existing size standards, the Bureau
believes that businesses seeking credit
would encounter, at a minimum,
otherwise avoidable delays in
application processing.
Section 1071 is also unique in that
Congress specified that the data
collection regime include a particular
form of revenue for the businesses at
issue. As discussed in the section-bysection analysis of § 1002.107(a)(14)
below, section 1071 requires a financial
institution to collect ‘‘the gross annual
revenue of the business in the last fiscal
year of the women-owned, minorityowned, or small business loan applicant
preceding the date of the
application.’’ 575 The Bureau considered
whether under section 1071 a financial
institution should have to apply two
different revenue-based rules (first, one
for determining whether the business is
small under the existing SBA size
standards and therefore 1071 data must
be collected and reported; and, second,
if the business is small, another for
reporting the business’s gross annual
574 ECOA
section 704B(a).
575 Id.
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
revenue in the last fiscal year), or
whether applying only one revenuebased standard for implementing
section 1071 could be sufficient.
Requiring financial institutions to apply
different standards could be
unnecessarily confusing and
burdensome, as well as also increase the
potential for errors in data collection
and reporting. Moreover, as discussed
below, section 1071 amends ECOA,
which already incorporates the concept
of gross annual revenue as implemented
under existing Regulation B’s adverse
action notice requirements.
Small farm definition. The Bureau is
not adopting a different small business
definition for farms. Many agricultural
lenders suggested aligning with the
Farm Credit Administration’s (FCA)
small farmer definition for agricultural
financing transactions, primarily
arguing that: (i) the proposed $5 million
threshold is substantially overinclusive
as applied to the farming community
and would cover almost all the
customers of FCS lenders; (ii) aligning
with the FCA’s ‘‘small farmer’’
definition would facilitate compliance
and reduce burden because FCS lenders
are very familiar with the standard; and
(iii) this change would take into account
the unique nature of the agricultural
industry, which is disproportionately
dominated by family farms.
The Farm Credit Act of 1971
authorizes the FCS to provide financing
and services to farmers and ranchers
through FCS banks and associations.
The Act also provides the FCA, an
independent Federal agency, authority
to regulate and examine these
institutions and it requires them to
report annually to FCA about the
operations and achievements of the
associations’ lending and service
programs for young, beginning, and
small farmers and ranchers. FCA’s
definition of ‘‘small farmer’’ is ‘‘a
farmer, rancher, or producer or
harvester of aquatic products who
normally generates less than $250,000
in annual gross sales of agricultural or
aquatic products.’’ 576 The FCA has not
updated this threshold since it was first
adopted in 1998 although it has since
considered whether to change it.577
576 Farm Credit Admin., Bookletter 040—Revised:
Providing Sound and Constructive Credit to Young,
Beginning, and Small Farmers, Ranchers, and
Producers or Harvesters of Aquatic Products, at 2
(Aug. 10, 2007), https://ww3.fca.gov/readingrm/
Handbook/FCA%20Bookletters/BL040%20REVISED.docx.
577 84 FR 5389, 5390 (Feb. 21, 2019) (‘‘Several
agricultural and economic cycles have occurred
since 1998, and we are considering whether the
$250,000 gross sales amount continues to be
appropriate or should be revised or indexed to
reflect the changes, including the economic
PO 00000
Frm 00123
Fmt 4701
Sfmt 4700
35271
The NPRM made clear the Bureau’s
intention to cover agricultural credit,
and the Bureau did not propose a
separate small farm definition or any
other adjustments specifically for
agricultural credit. Prior to the SBA
increasing its size standards for small
farms, the Bureau acknowledged in the
NPRM that its proposed $5 million size
standard could result in data reporting
on applications from approximately
77,000 businesses that would not be
considered small under the SBA size
standards in effect at that time, the vast
majority of which would be farms (for
which, at that time, the SBA
predominantly used a $1 million
standard). Conversely, the Bureau
estimated that 270,000 primarily nonagricultural businesses that would be
small under the SBA’s size standards in
effect at the time of the NPRM would
not be covered under the proposed $5
million gross annual revenue standard.
As noted above, the SBA’s size
standards for agricultural industries
have increased since the NPRM and
now range from $2.25 million to $34
million average annual receipts—which
now means that the $5 million gross
annual revenue standard the Bureau is
finalizing is markedly more aligned
with SBA’s size standards for farms than
it was at the time of the NPRM. The
Bureau believes that these recent
changes to the SBA size standards,
which were based on extensive research
and a notice and comment rulemaking,
further suggest that a definition of small
farms based on $250,000 in annual gross
sales, preferred by certain commenters,
would not sufficiently cover small
agricultural businesses.
The Bureau does not believe that the
Small Business Act requires the Bureau
to adopt a separate definition for small
farms, as implied by one commenter.
The Small Business Act provides that
the SBA Administrator must ‘‘ensure
that the size standard varies from
industry to industry to the extent
necessary to reflect the differing
characteristics of the various industries
and consider other factors deemed to be
relevant by the Administrator.’’ 578 The
Bureau believes, and explained to the
SBA when obtaining its approval, that
this rule will benefit from a universal,
easy-to-apply reporting trigger that
reflects the need for a wide variety of
financial institutions to apply a simple,
broad definition of a small business that
is practical across the many product
types, application types, technology
platforms, and applicants in the market.
conditions presently affecting agricultural
producers.’’)
578 15 U.S.C. 632(a)(3).
E:\FR\FM\31MYR2.SGM
31MYR2
lotter on DSK11XQN23PROD with RULES2
35272
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
In particular, the Bureau believes that
the size standard finalized here is
consistent with factors that the SBA has
previously identified as relevant to the
proper exercise of its discretion in this
respect—the SBA considers (1) current
economic conditions, (2) its mission and
program objectives, (3) the SBA’s
current policies, (4) impacts on small
businesses under current and proposed
or revised size standards, (5) suggestions
from industry groups and Federal
agencies, and public comments on the
proposed rule, and (6) whether a size
standard based on industry and other
relevant data successfully excludes
businesses that are dominant in the
industry.579
While the Bureau received
widespread support for a simple gross
annual revenue threshold, it also
understands, as explained by some
commenters, that many agricultural
lenders generally do not collect gross
annual revenue for underwriting or
regulatory compliance purposes, which
could complicate use of a gross annual
revenue threshold to determine small
business status. Nonetheless, ECOA
section 704B(e)(2)(F) requires financial
institutions to collect and report gross
annual revenue under section 1071. As
discussed in its section-by-section
analysis of § 1002.107(a)(14), the Bureau
is finalizing comment 107(a)(14)–2,
which first clarifies that pursuant to
final § 1002.107(c), a financial
institution shall maintain procedures
reasonably designed to collect
applicant-provided data, including the
gross annual revenue of the applicant.
The final comment then states that if a
financial institution is nonetheless
unable to collect or determine the
specific gross annual revenue of the
applicant, the financial institution
reports that the gross annual revenue is
‘‘not provided by applicant and
otherwise undetermined.’’ The Bureau
believes that permitting this reporting
flexibility for agricultural lenders and
other financial institutions will reduce
the complexity and difficulty of
reporting gross annual revenue
information, particularly when an
application has been denied or
withdrawn early in the process and the
gross annual revenue could not be
collected.
While the Bureau acknowledges
arguments that the FCA definition might
facilitate compliance among FCS lender
staff and other compliance professionals
who are already familiar with that
definition, the Bureau does not believe
579 See 85 FR 62372, 62373 (Oct. 2, 2020)
(discussing the SBA’s revised size standard
methodology).
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
it would be appropriate to deviate from
its otherwise widely supported crossindustry approach. While the Bureau
acknowledges that the market share of
total farm business debt held by FCS
lenders is significant (44.4 percent at the
end of 2020 580), the Bureau is mindful
that many other types of non-FCS
lenders participate in this important
small business lending market. Such
lenders would not be able to leverage
familiarity with the existing FCA
definition and may engage in other
types of non-farm lending that would
not be subject to this definition. As a
result, these lenders may not equally
benefit from applying the FCA
definition to agricultural small
businesses. Indeed, the Bureau
understands that an association of
community banks issued a letter to
oppose efforts to obtain special
treatment for FCS lenders, stating that
‘‘[i]t would be totally inappropriate to
exempt FCS lenders from onerous
regulatory burdens while subjecting
smaller lenders, such as community
banks, to those regulations even as both
types of lenders are serving the same
customer base in many instances.’’ 581
The Bureau believes a consistent small
business definition that applies to all
financial institutions will result in
consistency across the 1071 data, more
robust fair lending analyses, and
arguably an even playing field for
compliance across all financial
institutions.
The Bureau acknowledges that a $5
million gross annual revenue threshold
will be somewhat overinclusive relative
to SBA and Census of Agriculture
standards. Some agricultural lenders
lament that the threshold would cover
almost all their lending and several
commenters argued in favor of the FCA
definition instead for section 1071
purposes because, they said, it would
capture a substantial amount of data
while mitigating some of the impact of
the compliance cost. As discussed
above, the Bureau believes that its $5
million gross annual revenue threshold
strikes an appropriate balance between
covering the applications of most
businesses that are considered small
under the SBA’s size standards, while
minimizing the number of businesses
above the SBA’s size standards whose
580 Farm Credit Admin., 2021 Annual Report, at
16 (2022), https://www.fca.gov/template-fca/about/
2021AnnualReport.pdf.
581 Letter from Indep. Cmty. Bankers of Am., to
Senate Chairs Stabenow and Brown and Ranking
Members Boozman and Toomey (June 23, 2022),
https://www.icba.org/docs/default-source/icba/
advocacy-documents/letters-to-congress/senateletter-opposing-fca-independent-authorityact.pdf?sfvrsn=8d2f1c17_0.
PO 00000
Frm 00124
Fmt 4701
Sfmt 4700
applications will be reported to the
Bureau, and in a way that satisfies the
SBA’s criteria for approving an
alternative size standard under its
regulations. In striking this balance, the
Bureau considered section 1071’s
statutory purposes, and it believes that
a broader scope of coverage with regard
to agricultural businesses is warranted,
given the historical and/or continuing
discrimination against Black farmers
and the need for transparency into
agricultural lending both for fair lending
enforcement and business and
community development.
Other suggested size standards. The
Bureau is not adopting a small business
definition based on 4-digit NAICS
codes, as suggested by one commenter.
As explained above in its discussion of
existing SBA size standards, the Bureau
believes needing to obtain even a 4-digit
NAICS code at the beginning of the
application process would often result
in a financial institution not being able
to determine whether an applicant for
business credit is small (and thus
subject to the data collection
requirements of this final rule) until
later in the application process.
Similarly, the Bureau believes that a
small business definition based on both
number of employees and gross annual
revenues (e.g., the 500 employee/$8
million standard set forth in the
SBREFA Outline and suggested by
commenters or one commenter’s 100
employee/$1 million standard) would
mean that a financial institution would
only be able to request an applicant’s
protected demographic information
further along in the application process,
once they have obtained the multiple
pieces of data that would be necessary
to determine whether the applicant is
small and, therefore, only at that later
stage would it be able to determine that
such data collection is required. This
delay could interfere with financial
institutions’ ability to collect these data,
particularly for applications that are
withdrawn or closed for incompleteness
early in the application process, which
would limit the usefulness of the data
for section 1071’s statutory purpose of
fair lending enforcement.
106(b)(2) Inflation Adjustment
Inflation is a general increase in the
overall price level of the goods and
services in the economy; deflation
marks a general decrease in the same. A
price index, of which there are several
types, measures changes in the price of
a group of goods and services. The
Board’s Federal Open Market
Committee currently finds that an
annual increase in inflation of 2 percent
in the price index for personal
E:\FR\FM\31MYR2.SGM
31MYR2
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
consumption expenditures, produced by
the Department of Commerce, is most
consistent over the longer run with the
Board’s mandate for maximum
employment and price stability.582 The
United States Bureau of Labor and
Statistics, which publishes several price
indices, found that from December 2020
to December 2021, ‘‘consumer prices for
all items rose 7.0 percent, the largest
December to December percent change
since 1981.’’ 583
In order to keep pace with changes to
the SBA’s own size standards and the
potential impact of future inflation or
deflation, the Bureau stated in the
NPRM that it was considering whether
it might update its proposed $5 million
gross annual revenue size standard over
time (perhaps at the end of a calendar
year in order to allow financial
institutions to use the same threshold
consistently throughout the year). The
Bureau sought comment on how this
should be done and the frequency at
which it should occur.
Two community groups and a CDFI
lender requested that the Bureau
address adjustments of its gross annual
revenue threshold for defining a small
business under the rule. The community
groups suggested annual adjustments for
inflation, while the CDFI lender
suggested an adjustment every five to
ten years to account for future inflation
and keep pace with changes to the
SBA’s own size standards. Conversely, a
bank argued against incremental
adjustments, stating that the Bureau
should set its small business definition
once in the final rule. Another bank
suggested that the Bureau wait to
determine if the threshold needs
adjusting after it has sufficient data to
analyze after several years of collection.
For the reasons set forth herein, the
Bureau is finalizing new
§ 1002.106(b)(2) to provide that every
five years after January 1, 2025, the
gross annual revenue threshold set forth
in § 1002.106(b)(1) shall adjust based
changes to the Consumer Price Index for
All Urban Consumers (U.S. city average
series for all items, not seasonally
lotter on DSK11XQN23PROD with RULES2
582 Bd. of Governors of the Fed. Rsrv. Sys., What
is inflation and how does the Federal Reserve
evaluate changes in the rate of inflation? (last
updated Sept. 2016), https://
www.federalreserve.gov/faqs/economy_14419.htm.
583 U.S. Bureau of Labor Stat., Consumer Price
Index: 2021 in review (Jan. 2022), https://
www.bls.gov/opub/ted/2022/consumer-price-index2021-in-review.htm.
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
adjusted), as published by the United
States Bureau of Labor Statistics (CPI–
U). Any such adjustment will be
rounded to the nearest multiple of
$500,000. If an adjustment is to take
effect, it will do so on January 1 of the
following calendar year.
New comment 106(b)(2)–1 clarifies
the Bureau’s inflation adjustment
methodology. The comment explains
that the base for computing each
adjustment (both increases and
decreases) is the January 2025 CPI–U;
this base value will be compared to the
CPI–U value in January 2030 and every
five years thereafter. The comment
provides several examples illustrating
this comparison. New comment
106(b)(2)–1 makes clear that if, as a
result of rounding to the nearest
multiple of $500,000, there is no change
in the gross annual revenue threshold,
there will be no adjustment.
New comment 106(b)(2)–2 provides
that if publication of the CPI–U ceases,
or if the CPI–U otherwise becomes
unavailable or is altered in such a way
as to be unusable, then the Bureau shall
substitute another reliable cost of living
indicator from the United States
Government for the purpose of
calculating adjustments pursuant to
final § 1002.106(b)(2).
The Bureau agrees with several
commenters that it should provide for a
mechanism to update the rule’s $5
million gross annual revenue size
standard over time to account for the
potential impact of inflation or
deflation. In order to minimize
operational disruptions, the Bureau is
not adopting an annual adjustment for
inflation; instead, a determination
regarding the need to adjust the
threshold will occur every five years,
beginning in 2030, to account for future
inflation or deflation on a schedule
similar to the SBA’s own size standards,
which are required to be reviewed no
less frequently than once every five
years under the Small Business Act.584
Recently, the SBA added a 13.65
percent inflation increase to its receiptsand assets-based size standards.585
Moreover, in order to mitigate
584 Pub. L. 111–240, 124 Stat. 2504 (2010); see
also 13 CFR 121.102(c) (requiring the SBA examine
the impact of inflation on monetary size standards
(e.g., receipts, tangible net worth, net income, and
assets) and make necessary adjustments at least
once every five years).
585 87 FR 69118 (Nov. 17, 2022).
PO 00000
Frm 00125
Fmt 4701
Sfmt 4700
35273
commenters’ concerns discussed in the
section-by-section analysis of
§ 1002.107(a)(14) regarding complexity
and difficulty of collecting gross annual
revenue information, the Bureau will
round any such adjustment to the
nearest multiple of $500,000. The
Bureau believes that this rounding, in
combination with the approach in final
comment 107(a)(14)–1—clarifying that a
financial institution need not verify
applicant-provided gross annual
revenue information, and providing
language that a financial institution may
use to ask the applicant for such
information—will make it easier for
financial institutions to more quickly
determine small business status for the
purpose of rule applicability. The
Bureau also believes that this approach
is consistent with existing Bureau
procedures for inflation adjustments
(albeit in a more streamlined way),
provides transparency for replication,
and will result in less-frequent changes
in the reporting requirements of
financial institutions, thereby reducing
the disruption that an annual inflation
adjustment might cause in this
situation.
The Bureau is providing commentary
to ensure transparency regarding its
inflation methodology, which will allow
financial institutions to better anticipate
and prepare for potential inflation or
deflation adjustments. To further
explain its methodology, the Bureau is
providing the following illustration,
which assumes that compliance with
the rule was required beginning July 1,
2014, subject to the same five-year
adjustment schedule described above. In
this illustration, the base for computing
each adjustment would be January 2015,
which had a CPI–U value of 233.707.
Here, the CPI–U value for January 2020
(257.971) would be used for the first
five-year inflation update since January
2015 and would update the gross annual
revenue threshold to reflect the change
in the CPI between January 2015 and
January 2020. As demonstrated with the
formulas below, the percentage change
between those two years’ CPI–U values
would be calculated (about 10.4
percent) and then would be applied to
the $5 million gross annual revenue
threshold to get a value of $5,519,112.
This would be rounded to $5,500,000
and would become the new threshold
effective in January 2021.
E:\FR\FM\31MYR2.SGM
31MYR2
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
following calculation would be
performed in January 2025 (ten years
The CPI–U series 586 used for the
Bureau’s inflation adjustment
methodology is public and can be used
by anyone wishing to perform the
calculation themselves. Additionally,
the Bureau of Labor and Statistics
provides an inflation calculator for this
exact CPI–U series, which allows any
entity to easily calculate an adjusted
gross annual revenue threshold without
the need for manual calculations.587
In addition to new comment
106(b)(2)–2, discussed above, which
clarifies the timing of its inflation
adjustments, the Bureau believes that
the adjustment schedule set forth below
will also be helpful to explain the
inflation adjustment timing:
TABLE 2—INFLATION/DEFLATION
ADJUSTMENT SCHEDULE
Date
January 2025
January 2030
Spring–Summer 2030.
January 2031
January 2035
lotter on DSK11XQN23PROD with RULES2
Spring–Summer 2035.
586 Specifically, the Bureau of Labor and Statistics
series is CUUR0000SA0 and a chart with its values
for all months and years is available at https://
data.bls.gov/timeseries/CUUR0000SA0. The CPI–U
is released on a month lag, so the value for January
is available in February.
587 This calculator is available at https://
www.bls.gov/data/inflation_calculator.htm and
uses the CUUR0000SA0 as the basis for its
calculation. To use this calculator for the
illustrative example above, enter 5,000,000 in the $
field, enter January 2015 as the starting date, and
January 2020 in the subsequent date field. Click on
calculate, and the result is $5,519,111.54, the same
number as above, which would be rounded to the
nearest $500,000, i.e., $5,500,000.
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
January 2036
Inflation/deflation adjustment
schedule
Base month/year for computing each adjustment.
Reference month/year for
the first five-year inflation
adjustment.
Calculation performed to determine changes in the
CPI–U between January
2025 and January 2030.
If necessary, effective date
for the adjusted gross annual revenue threshold
amount.
Reference month/year for
the second five-year inflation adjustment.
Calculation performed to determine changes in the
CPI–U between January
2025 and January 2035.
If necessary, effective date
for the adjusted gross annual revenue threshold
amount.
Section 1002.107
Reportable Data
Compilation of
107(a) Data Format and Itemization
Background
ECOA section 704B(e) requires
financial institutions to ‘‘compile and
maintain’’ records of information
PO 00000
Frm 00126
Fmt 4701
Sfmt 4700
after January 2015, five years after
January 2020):
provided by applicants ‘‘pursuant to a
request under subsection (b),’’ and
requires them to ‘‘itemiz[e]’’ such
information to ‘‘clearly and
conspicuously disclose’’ a number of
data points enumerated in the statute in
section 704B(b) and (e)(2).588 In
addition, section 704B(e)(2)(H) provides
the Bureau with authority to require
‘‘any additional data that the Bureau
determines would aid in fulfilling the
purposes of [section 1071].’’ Section
1071’s statutory purposes are twofold:
(1) to facilitate enforcement of fair
lending laws; and (2) to enable
communities, governmental entities,
and creditors to identify business and
community development needs and
opportunities of women-owned,
minority-owned, and small
businesses.589
Proposed Rule
The Bureau proposed to adopt the
data points enumerated in ECOA
section 704B(b) and (e)(2)(A) through
(G) largely consistent with its proposals
under consideration at SBREFA, but
with certain changes as discussed in the
proposed rule. Consistent with its
588 As discussed in greater detail above in E.2 of
the Overview to this part V, the Bureau interprets
the phrase ‘‘pursuant to a request under subsection
(b)’’ in section 1071 as referring to all of the data
points contemplated by ECOA section 704B(e), not
merely whether the applicant is a minority-owned,
women-owned, or small business.
589 ECOA section 704B(a).
E:\FR\FM\31MYR2.SGM
31MYR2
ER31MY23.210</GPH>
All subsequent adjustments would be
made in the same manner. For instance,
using the above illustrative example, the
ER31MY23.209</GPH>
35274
lotter on DSK11XQN23PROD with RULES2
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
approach in the SBREFA Outline,590 the
Bureau proposed data points pursuant
to its statutory authority set forth in
section 704B(e)(2)(H) relating to pricing,
time in business, NAICS code, and
number of workers. In addition, based
on feedback from small entity
representatives and other stakeholders
and in the course of developing the
proposed rule, the Bureau identified
several additional data points that it
believed would be important to the
quality and completeness of the data
collected and would aid significantly in
furthering the purposes of section 1071.
The Bureau proposed to adopt
additional data points regarding
application method, application
recipient, denial reasons, and number of
principal owners. In addition, the
Bureau relied on ECOA section
704B(e)(2)(H), as well as its authority
under 704B(g)(1), to propose certain
clarifications to the data points
enumerated in section 704B(b) and
(e)(2)(A) through (G).
In regard to the specific method by
which a financial institution would
collect the data points, the proposed
rule would have required a covered
financial institution to compile and
maintain data regarding covered
applications from small businesses, and
required that the data be compiled in
the manner prescribed for each data
point and as explained in associated
Official Interpretations (included in the
proposed rule) and the Filing
Instructions Guide that the Bureau
anticipated later providing on a yearly
basis. The proposed rule then explained
that the data compiled would include
the items described in proposed
§ 1002.107(a)(1) through (21). The
Official Interpretations, sometimes
referred to as official comments or
official commentary, would provide
important guidance on compliance with
the regulation and were discussed in
relation to each data point as well as
other regulatory provisions. The Filing
Instructions Guide would provide
instructions on the operational methods
for compiling and reporting data,
including which codes to report for
different required information. The
Filing Instructions Guide would be
updated yearly, as is the Filing
Instructions Guide that is used with
HMDA compilation and reporting.591
Proposed comment 107(a)–1 would
have provided general guidance on
complying with § 1002.107(a).
590 SBREFA
Outline at 34–35.
generally Fed. Fin. Insts. Examination
Council, The Home Mortgage Disclosure Act,
https://ffiec.cfpb.gov/ (last visited Mar. 20, 2023).
591 See
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
The Bureau crafted the proposed rule
in consideration of the concerns and
input of the small entity representatives
and other stakeholders. First, the
proposed rule would generally not have
required a financial institution to verify
applicant-provided information and
limited the data points proposed
pursuant to ECOA section 704B(e)(2)(H)
to those that the Bureau believed would
be most useful for the purposes of
section 1071. In addition, the Bureau
considered the costs, including data
quality scrubs, automation and training,
that would be imposed by the collection
and reporting of the proposed data
points; these were discussed in the
proposed rule and that discussion is
now updated in part IX below. The
Bureau attempted to craft the collection
and reporting requirements to be as
clear and operationally manageable as
possible, and requested comment on
potential methods for increasing clarity
and manageability.
In regard to concerns from small
entity representatives and other
stakeholders about being required to
collect applicants’ protected
demographic information for purposes
of section 1071, the Bureau noted that
several small entity representatives
reported collecting this kind of
information currently in certain
situations (because they are CDFIs, or
because they are participating in certain
SBA or similar guarantee programs). In
addition, the Bureau crafted the
proposed rule to provide flexibility for
financial institutions in the collection
and reporting of this information. The
Bureau also did not propose an
exemption for small financial
institutions from reporting data points
adopted pursuant to ECOA section
704B(e)(2)(H), as suggested by some
small entity representatives and
commenters, though it did propose an
exemption from the rule for certain
institutions with limited small business
credit originations.
The Bureau sought comment on its
proposed approach to the collection and
reporting of data points, including the
specific requests for input above and in
the section-by-section analysis of each
of the proposed data points.
Comments Received
The Bureau received numerous
comments discussing the general data
point collection and reporting
requirements from banks, trade
associations, credit unions, farm credit
institutions, community groups,
lenders, research institutions, an
association of State bank supervisors,
and a Federal agency. This comment
summary section will discuss the
PO 00000
Frm 00127
Fmt 4701
Sfmt 4700
35275
comments regarding the overall data
points first, then focus on those that
dealt specifically with the data points
proposed pursuant to ECOA section
704B(e)(2)(H) (often making statements
similar to those on the overall data
points). Comments regarding individual
data points are discussed below in the
section-by-section analyses that follow.
General data point comments. Several
community groups and a business
advocacy group supported the overall
data points requirements, stating that
robust data are essential for
understanding underwriting, gaps in
lending, unmet community needs, and
other issues that stand in the way of
equitable, responsible lending. A
business advocacy group stated that the
recent enhancement of HMDA data
proves the importance of robust data
because of its strongly positive impact
on lending to minorities. That
commenter also stated that the rule
should start out with the collection of
granular data because discrimination
often involves not only credit denials
but also less favorable credit terms.
A joint comment letter from
community groups, community oriented
lenders, and business advocacy groups
stated that CDFIs and mission-driven
lenders, who will have to comply with
the data point reporting requirements,
view the costs as reasonable considering
the benefits of the rule. Two
community-oriented lenders made
similar statements, saying that they
already collect most of this information
for underwriting and compliance with
other requirements. One also stated that
it does not plan to raise fees or restrict
access to credit as a result of the rule.
One rural community group stated that
the data points will be important for
understanding agricultural lending and
for that reason supported the inclusion
of agricultural lending under the rule.
Several industry commenters stated
that the data points were too numerous
and would be burdensome to collect
and report. These commenters stated
that setting up the compliance system
would be particularly costly and that
the cost would have to be passed on to
customers, and one suggested that the
Bureau should reconsider moving
forward with the rule. These
commenters also stated that financial
institutions do not currently collect
these data points. A trade association for
online lenders stated that collecting
these data points would interfere with
online lenders’ business model and the
Bureau should obtain this information
from other sources, such as the SBA, the
Minority Business Development
Agency, and the Treasury Department.
A bank stated that 1071 data disclosure
E:\FR\FM\31MYR2.SGM
31MYR2
lotter on DSK11XQN23PROD with RULES2
35276
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
will help address significant racial and
gender gaps but asked that the Bureau
consider the depth and breadth of the
data collected because community
banks are faced with what it referred to
as seemingly continuous data collection
(for HMDA, Bank Secrecy Act, etc.) and
regulatory exams. The bank also asked
that the collection method be ‘‘SMART’’
(specific, measurable, attainable,
realistic, and timely) in order to reduce
burden.
Several banks suggested that HMDA
data yield useful fair lending analyses in
the residential mortgage market because
those loans are underwritten similarly.
In contrast, they stated, small business
loans are more complex and unique and
have to be manually underwritten to
consider numerous variables in
accordance with the individual
institution’s standards, rendering any
fair lending analyses flawed and
unreliable. One of these commenters
suggested that if fair lending analysis is
to be performed using only the data
points proposed, lenders will be forced
to revamp and substantially limit the
inputs used in decision making,
ultimately leading to a smaller number
of product offerings and fewer approvals
for small business loans overall.
Industry commenters also made
several other suggestions and requests
regarding the proposed data points. Two
commenters asked that the Bureau
eliminate or reduce the use of free-form
text to report additional information,
suggesting that the information gathered
would be burdensome, hard to trend,
open to different interpretations, and
unreliable. Two commenters stated that
it was important that applicants provide
their information voluntarily. A trade
association asked for reporting
flexibility when information is not
available, recommending the use of
‘‘declined to answer’’ if the applicant
declined, and ‘‘not available’’ for all
other circumstances in which the
applicant did not provide the
information notwithstanding the
lender’s inquiry.
One commenter asked for a rule
provision stating that the collection and
reporting requirements under the rule
are not intended to limit the range of
data that a financial institution may
collect, use, and share for its own
purposes. That commenter stated that
technology companies currently use
numerous data points when making
credit decisions that enable them to
extend credit to a wider range of
applicants, and limiting their ability to
do so could limit access to credit for
small businesses.
Issues regarding data points proposed
pursuant to ECOA section 704B(e)(2)(H).
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
The Bureau received numerous
comments from lenders, community
groups, and individual commenters
supporting inclusion of the data points
proposed pursuant to ECOA section
704B(e)(2)(H). Several of these
commenters stated that such data points
are important because the dataset must
include key underwriting variables in
order to fulfill section 1071’s fair
lending purpose. One commenter stated
that these data points are necessary to
ensure proper analysis and not allow
lenders, as HMDA reporters have done,
to hide behind data not collected as a
reason for lending disparities. Two
commenters stated that such data points
are necessary because robust data are
needed to illuminate who lenders are
serving and who they are excluding.
Several commenters stated that the
Bureau must require the collection and
public dissemination of a database
detailed enough to meaningfully
achieve section 1071’s fair lending and
community development purposes.
Others suggested that the data points
proposed pursuant to ECOA section
704B(e)(2)(H) will allow comparisons of
small businesses in general with very
small businesses, which they view as
the bedrock of communities. One
commenter said that such data points
will help CDFIs better understand the
small business credit market, especially
in low-income communities, and
whether and how discrimination in
small business lending is occurring.
That commenter and another also stated
that robust data will help policymakers
and the public to better understand
lending gaps and unmet community
needs.
One lender stated that the proposed
data points will provide insight on the
quality of the capital accessed by
different demographic groups of small
business applicants, which will be
useful in not only identifying
potentially discriminatory lending
practices, but also highlight capital gaps
in the marketplace that lenders may be
able to fill. It also said that the data will
show how financial institutions
compare across key metrics and help
determine if an institution has equitable
lending, providing an unprecedented
snapshot of the lending landscape for
small businesses.
The Bureau received a large number
of comments, mainly from industry,
objecting to the inclusion of data points
proposed pursuant to ECOA section
704B(e)(2)(H). Commenters made many
objections, but the most common was
that such data points are not collected
now and would add significantly to the
burden imposed by the rule, raising
costs for borrowers. Many commenters
PO 00000
Frm 00128
Fmt 4701
Sfmt 4700
also stated that several of these data
points would be of little use and some
suggested that they could result in
inaccurate data. Many commenters
suggested that the extra burden would
reduce the availability of small business
credit, and some stated that the extra
burden of such data points would limit
community banks’ survivability and
speed up consolidation and the closing
of branches in rural and underserved
communities. Other commenters also
stated that these data points would be
particularly difficult for institutions that
do not have any reporting requirements
under HMDA, credit unions, auto
finance lenders, CDFIs, and/or smaller
lenders in general. Several commenters
stated that because farm credit
associations are often customer owned,
the increased costs would be imposed
directly on the borrowers. One
commenter stated that the data points
proposed pursuant to ECOA section
704B(e)(2)(H) can fluctuate during loan
processing, and would create tracking
issues and reporting errors. Some
commenters suggested that small
business applicants would not want to
provide so much information, which
would slow down and interfere with the
lending process.
Numerous commenters stated that
small business lending is complex and
nuanced and very different from
residential lending, and the partial
information provided by the data points
would lead to inaccurate interpretations
and potentially interfere with current
credit approval methods. Several of
these commenters stated that if
statistical disparities are detected using
the more straightforward data points
adopted pursuant to ECOA section
704B(e)(2)(A) through (G), those
disparities can be researched on an
institution, transaction, or file basis,
providing the same information that the
Bureau has proposed to collect pursuant
to 704B(e)(2)(H), but within context and
without raising false positive flags.
Those commenters and others stated
that including too many unreliable and
nuanced data point analyses will result
in numerous false positives and
inaccurate and unfair conclusions by
community groups and their members,
and potentially regulators. A State
bankers association stated that these
data could be used against banks as a
competitive advantage for credit unions
and other non-traditional lenders.
Conversely, a credit union trade
association stated that any rule to
implement section 1071 will widen the
competitive gulf between credit unions
and big banks and ‘‘fintechs’’ that have
the economies of scale and the
E:\FR\FM\31MYR2.SGM
31MYR2
lotter on DSK11XQN23PROD with RULES2
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
technological sophistication to automate
complex functions, and the data points
proposed pursuant to ECOA section
704B(e)(2)(H) would make this problem
worse. Another commenter stated that it
would be unfair to compare some such
data points between regulated and nonregulated entities because regulated
entities have additional costs.
Some commenters who objected to
the inclusion of data points pursuant to
ECOA section 704B(e)(2)(H) suggested
that the Bureau should first require the
data points enumerated in 704B(e)(2)(A)
through (G), then add any other
appropriate data points over time. They
explained that this approach would
allow the Bureau to assess the burden
and potential restriction of small
business credit imposed by the data
points in 704B(e)(2)(A) through (G)
before moving forward with further
requirements only if appropriate and
beneficial. Some commenters also
pointed out that HMDA reporting
evolved over many years and the ‘‘all at
once’’ approach in the proposal is a
mistake and will not allow lenders time
to adjust.
Several small lenders and their trade
associations stated that if the Bureau
opts to require some or all of the data
points proposed pursuant to ECOA
section 704B(e)(2)(H), then it should
consider partial collection of data for
community banks and other small
lenders. A trade association for
community banks suggested that the
cost of such data points would include
expensive data quality scrubs to avoid
negative exam findings, which would be
disproportionately borne by smaller
financial institutions. That commenter
was also concerned that the rule could
require the standardization and
homogenization of small business
lending, damaging the customized and
relationship-based lending for which
community banks are valued. The
commenter went on to state that if
community banks are forced to
standardize, it will especially harm the
vulnerable small businesses that most
benefit from the high-touch,
relationship-based lending that they
offer.
Some commenters stated that the data
points proposed pursuant to ECOA
section 704B(e)(2)(H) would create
serious privacy risks. Several
commenters suggested that this was
especially a concern in rural areas
where the applicant might be identified
through certain data points, such as the
combination of the NAICS code and
census tract, and this risk might lead
some small businesses to not apply for
credit. Some of these commenters also
stated that it would be disadvantageous
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
for financial institutions to have access
to pricing terms of their competitors.
One of these commenters stated that
collecting more data points would
increase business borrower perception
that this information is being used in
the credit decision.
One commenter suggested that data
collection mandates in excess of what
the law requires may be found to be
‘‘arbitrary and capricious,’’ if a court
decides that the Bureau has ‘‘relied on
factors which Congress has not intended
it to consider’’ or ‘‘offered an
explanation for its decision that runs
counter to the evidence before the
agency.’’ The commenter did not
explain whether or how the proposed
data points might be viewed this way.
Another commenter stated that the full
scope of data that the rule would require
financial institutions to report is
inconsistent with the operation of
business credit markets, and that
Congress established a limited scope
data collection regime in section 1071.
That commenter further stated that if
Congress intended to require all covered
financial institutions to proactively
deliver the same data required in fair
lending enforcement actions, Congress
would have written that into the law.
Although not specifically mentioning
the relevant legal standard for inclusion
of such data, several industry
commenters argued that some or all of
the data points proposed pursuant to
ECOA section 704B(e)(2)(H) would not
fulfill the purposes of section 1071.
Final Rule
As discussed in the section-by-section
analyses that follow, the Bureau has
made changes to many of the proposed
data points in order to carry out the
purposes of section 1071 more
effectively and to reduce any difficulties
the rule might impose on small business
lenders. In particular, the Bureau has
sought to: (1) improve the usefulness of
the data points for fair lending analysis
and for business and community
development purposes; and (2) facilitate
compliance by, among other things,
focusing on the reporting of information
the financial institution already collects
or possesses. The Bureau’s NPRM
approach, comments received, and final
rule (including changes to specific data
points) are discussed for each data point
in turn. The Bureau notes that proposed
§ 1002.107(a)(19), ‘‘women-owned
business status,’’ has been combined
with proposed § 1002.107(a)(18),
‘‘minority-owned business status,’’ and
the final § 1002.107(a)(18) data point
now addresses ‘‘minority-owned,
women-owned, and LGBTQI+-owned
business statuses.’’ As a result, the data
PO 00000
Frm 00129
Fmt 4701
Sfmt 4700
35277
points in proposed § 1002.107(20) and
(21) have been renumbered as final
§ 1002.107(19) and (20).
The Bureau is finalizing the
introductory text to § 1002.107(a),
regarding data format and itemization,
to reflect the number of data points in
the final rule. Final § 1002.107(a)
provides that a covered financial
institution shall compile and maintain
data regarding covered applications
from small businesses, and that the data
shall be compiled in the manner
prescribed in the individual data point
provisions and the Filing Instructions
Guide for subpart B for the appropriate
year. Furthermore, the data compiled
shall include the items described in
final § 1002.107(a)(1) through (20). The
Bureau believes that these methods will
facilitate compliance and yield quality
data, and did not receive comments on
the specific text of § 1002.107(a) or
associated commentary.
The Bureau is finalizing comment
107(a)–1 to provide general guidance on
complying with § 1002.107(a). Comment
107(a)–1 explains that a covered
financial institution (i) reports the data
enumerated in § 1002.107(a) even if the
credit originated pursuant to the
reported application was subsequently
sold by the institution; (ii) annually
reports data for covered applications for
which final action was taken in the
previous calendar year; and (iii)
annually reports data for a covered
application on its small business
lending application register for the
calendar year during which final action
was taken on the application, even if the
institution received the application in a
previous calendar year. The Bureau
believes that these operational
instructions will clarify a financial
institution’s collection and reporting
requirements and so facilitate
compliance. The Bureau also believes
that these instructions will help to
ensure the accuracy and consistency of
the data collected and reported. The
Bureau did not receive comments on
comment 107(a)–1.
The final rule adds new comment
107(a)–2, which explains that a covered
financial institution may use technology
such as autocorrect and predictive text
when requesting applicant-provided
data under subpart B that the financial
institution reports via free-form text
fields, provided that such technology
does not restrict the applicant’s ability
to write in its own response instead of
using text suggested by the technology.
The Bureau believes that the ability to
use autocorrect and predictive text will
facilitate the use of free-form text boxes.
The Bureau considered commenters’
objections to the use of free-form text
E:\FR\FM\31MYR2.SGM
31MYR2
lotter on DSK11XQN23PROD with RULES2
35278
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
boxes for collecting and reporting data
under this final rule. Although the
Bureau is aware that data collected with
predetermined lists is easier to report
and work with, the Bureau believes that
free-form text responses will provide
useful information that would not
otherwise be collected, as they have
done for HMDA data, and the use of
autocorrect and predictive text will
facilitate use of free-form text boxes and
reduce inadvertent errors or typos.
The Bureau is finalizing comment
107(a)–3 (which was numbered as
comment 107(a)–2 in the proposal) as
proposed, except that the final rule adds
a web address instead of the placeholder
in the proposed rule. Final comment
107(a)–3 explains that additional details
and procedures for compiling data
pursuant to § 1002.107 are included in
the Filing Instructions Guide, which is
available at https://
www.consumerfinance.gov/dataresearch/small-business-lending/filinginstructions-guide/. As explained above,
the Bureau did not receive comments on
the use of the Filing Instructions Guide.
The Bureau is also adding new
comment 107(a)–4, to make clear that
the Bureau may add additional response
options to the lists of responses
contained in certain of the individual
data-point comments, via the Filing
Instructions Guide, and instructs
financial institutions to refer to the
Filing Instructions Guide for any
updates for each reporting year. For
example, a credit purpose provided
frequently in the free-form text box for
that data point could be added to the
response options via listing in the Filing
Instructions Guide. The Bureau believes
that such flexibility will enhance the
quality and currency of the data
collected. In addition, because financial
institutions must refer to the Filing
Instructions Guide when compiling,
maintaining and reporting their data,
the Bureau does not believe that this
flexibility will add operational difficulty
to the reporting of data under this final
rule.
General data point issues. In regard to
the comments suggesting that the
overall data point collection regime is
too burdensome, the Bureau notes that
most of the data points are enumerated
in the statute and the Bureau has
implemented the data points in such a
way as to reduce the burden of
compilation and reporting as much as
feasible while fulfilling the purposes of
section 1071. The Bureau does not
require verification of applicantprovided data, allows responses of ‘‘not
applicable’’ and ‘‘not provided by
applicant and otherwise undetermined’’
when appropriate, and provides several
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
safe harbors to facilitate compliance. In
addition, the Bureau believes that it has
set up the compilation and reporting
system in a way that is specific,
measurable, attainable, realistic and
timely, as requested by a commenter. In
addition, see the discussion below
regarding other data points considered
for further information on the question
of the rule’s burden and the issue of
accuracy of fair lending analysis and
small business credit data.
In regard to the suggestion that the
Bureau use other sources to obtain
information regarding small business
credit instead of via this rulemaking, as
explained above the Bureau does not
believe that currently available sources
are sufficient to carry out the purposes
of section 1071, and Congress required
the Bureau to promulgate a rule to
collect the data. In addition, the Bureau
notes that the data collected under this
rule are not exclusive, and financial
institutions may collect any other data
allowable under current law to use in
processing or underwriting small
business credit. For this reason, the
Bureau does not believe that this final
rule will interfere with online lenders’
business practices, which a commenter
was concerned about, or the business
practices of other entities that offer
small business credit. In addition, the
Bureau does not believe that
compilation of data under this final rule
will interfere with relationship banking
by community banks, because they will
continue to be able to relate to and serve
customers as they have done previously,
and may continue to make credit
decisions in any legally appropriate
fashion that they have done in the past.
As for the commenter’s concern that
applicant responses be voluntary, the
Bureau notes that although financial
institutions are required to have
processes and procedures in place to
collect these data, applicants are free to
choose not to answer their requests. For
the collection of demographic data,
applicants may select an option of ‘‘I do
not wish to respond’’ or similar. For
many of the other data points, so long
as a financial institution maintains
procedures reasonably designed to
collect applicant-provided data, a
financial institution may report ‘‘not
provided by applicant and otherwise
undetermined.’’ In regard to the
commenter’s request that the Bureau
allow responses of ‘‘declined to answer’’
and ‘‘not available,’’ the Bureau believes
that the reporting options of ‘‘not
provided by applicant and otherwise
undetermined’’ and ‘‘not applicable’’ are
more suited to this data collection, and
notes that the commenter did not
PO 00000
Frm 00130
Fmt 4701
Sfmt 4700
explain why the suggested responses
would be better.
Issues regarding data points adopted
pursuant to ECOA section 704B(e)(2)(H).
The Bureau is finalizing its proposed
data points with certain changes as
described in the respective section-bysection analyses of those data points
below. The Bureau is relying on ECOA
section 704B(e)(2)(H), as well as its
authority under 704B(g)(1), to make
clarifications to certain of the data
points set forth in 704B(b) and (e)(2)(A)
through (G), as described in the sectionby-section analyses of those data points
below.
Pursuant to its statutory authority set
forth in ECOA section 704B(e)(2)(H), the
Bureau is adopting data points for
pricing, time in business, NAICS code,
number of workers, application method,
application recipient, denial reasons,
and number of principal owners. The
Bureau has determined that these data
points will serve the purposes of section
1071, improve the utility of the data for
stakeholders, and reduce the occurrence
of misinterpretations or incorrect
conclusions based on analysis of an
otherwise more limited dataset. In
finalizing these data points, the Bureau
considered the additional operational
complexity and potential reputational
harm described by commenters that
collecting and reporting these data
points could impose on financial
institutions. The Bureau seeks to
respond to industry concerns by
adopting a limited number of data
points that will offer the highest value
in light of section 1071’s statutory
purposes. For this reason, the Bureau is
not adopting certain additional data
points suggested by commenters such as
credit score, applicant’s disability
status, or business structure (see the
discussion below).
In addition, the Bureau did not
choose to take an incremental approach
to adding data points, as several
commenters suggested, or permit
collecting and reporting of certain data
points to be phased in over time. The
Bureau believes the information from
the data points adopted pursuant to
ECOA section 704B(e)(2)(H) will
enhance the usefulness of the data
points enumerated in 704B(e)(2)(A)
through (G), and further section 1071’s
purposes for the reasons stated above
and in the descriptions of those data
points in the section-by-section analyses
below, and so should be collected and
reported as soon as possible. In
addition, data from these data points
will be an important part of the privacy
risk assessment that the Bureau will
conduct after the first full year of data
are received. In response to the
E:\FR\FM\31MYR2.SGM
31MYR2
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
lotter on DSK11XQN23PROD with RULES2
commenters who expressed concern
about privacy risks, the Bureau notes
that when making modification and
deletion decisions prior to publication
of the data, it intends to consider reidentification risk and other cognizable
privacy risks. See part VIII below for
additional information.
As explained above, numerous
industry commenters stated that data
points adopted pursuant to ECOA
section 704B(e)(2)(H) would make the
rule more burdensome, result in greater
costs for not only financial institutions
but also their small business customers,
and potentially lead to a reduction in
credit availability. The Bureau does not
believe that the effects on the small
business credit market from the data
points adopted pursuant to ECOA
section 704B(e)(2)(H) will be so
pronounced. Rather, such data points
will add only incremental costs to the
rule,592 and the Bureau has carefully
crafted all the data points in the final
rule to provide flexibility by allowing
reporting of information that is already
present in the credit file or easily
gathered from the applicant. In addition,
the final rule does not require
verification, allows for responses of ‘‘I
do not wish to respond’’ or similar, ‘‘not
applicable,’’ and ‘‘not provided by
applicant and otherwise undetermined’’
when appropriate, and provides several
safe harbors to facilitate compliance and
reduce costs in the compilation and
reporting of the data points.
Numerous industry commenters also
stated that the small business credit
market is different from the residential
housing market disclosed in HMDA
data, and the varied and complex nature
of the small business application,
underwriting and approval processes
will cause the data collected pursuant to
ECOA section 704B(e)(2)(H) to suggest
false positives for discrimination.
Although the potential risk of
misinterpretation exists with all public
data, the Bureau notes that any fair
lending analysis of the public dataset
should be considered preliminary to
meaningful further investigation, and
inferences from the public data alone
are not determinative of unlawful
discrimination.593 Furthermore, the
592 See part IX.F.5 below for a discussion of the
economic impacts of an alternative that only
includes the data points specified in ECOA section
704B(e)(2)(A) through (G).
593 In regard to the HMDA dataset for 2020, the
Bureau publicly stated that ‘‘HMDA data are
generally not used alone to determine whether a
lender is complying with fair lending laws. The
data do not include some legitimate credit risk
considerations for loan approval and loan pricing
decisions. Therefore, when regulators conduct fair
lending examinations, they analyze additional
information before reaching a determination about
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
Bureau believes that the additional
information from these data points is
more likely to eliminate false positives
than to create them. For example,
knowing applicants’ time in business
will help to avoid comparing credit
outcomes for established businesses
with outcomes for riskier start-ups and
expecting them to be similar. In this
way, regulators engaged in fair lending
analysis, and the financial institutions
they are examining or researching, will
be able to avoid unnecessary further
investigation.
Many industry commenters also
suggested that information from data
points adopted pursuant to ECOA
section 704B(e)(2)(H) will be unreliable
and not useful for data users. However,
the Bureau considers the information
required to be reported to be very useful
in fulfilling the fair lending and
business and community development
purposes of section 1071, as explained
in the section-by-section analysis of
each of these data points below.
Although, as one commenter pointed
out, some of these data may change in
the course of credit processing, HMDA
data and the data from the data points
specified in ECOA section 704B(e)(2)(A)
through (G) often do the same. The
Bureau believes that financial
institutions will use the appropriate
information from the credit file and
report accurately, as the overwhelming
majority of HMDA reporters do now.
As explained above, some
commenters stated that many applicants
will not want to provide the requested
information and some may be
concerned that the information will be
used in the credit decision if too much
information is requested. The Bureau
does not believe that these problems
will be widespread, and to the extent
that they do manifest, the financial
institution can use the appropriate
responses to indicate that the applicant
did not wish to provide information.
The Bureau also believes that applicants
for small business credit expect to be
asked for numerous pieces of
information, and the applicant-provided
data points adopted pursuant to ECOA
section 704B(e)(2)(H) (NAICS code,
number of workers, time in business,
and number of business owners) do not
appear likely to raise red flags.
Other commenters were concerned
that different types of financial
institutions would fare differently
regarding the data points adopted
an institution’s compliance with fair lending laws.’’
See CFPB, FFIEC Announces Availability of 2020
Data on Mortgage Lending (June 17, 2021), https://
www.consumerfinance.gov/about-us/newsroom/
ffiec-announces-availability-of-2020-data-onmortgage-lending/.
PO 00000
Frm 00131
Fmt 4701
Sfmt 4700
35279
pursuant to ECOA section 704B(e)(2)(H),
and this difference would create
competitive distortions. The Bureau
does not believe that the structure of a
financial institution will have a large
effect on the difficulty of reporting such
data points. Because all covered
financial institutions have the same
responsibilities under this final rule, the
Bureau believes that the effects on
different financial institution types will
be similar. Numerous commenters also
stated that small financial institutions,
such as community banks and small
credit unions, would be disadvantaged
because they lack the economies of scale
to allow them to readily absorb the
rule’s costs. Several of these
commenters requested an exemption for
these institutions from any data points
adopted pursuant to ECOA section
704B(e)(2)(H), but the Bureau has
determined that such an additional
exemption that focuses specifically on
such data points is not appropriate. As
explained in the section-by-section
analysis of § 1002.105 above, the
proposed exemption for certain
institutions with limited small business
credit originations is now finalized at a
higher transaction level than proposed,
exempting a larger number of small
financial institutions from section
1071’s data collection and reporting
obligations. Furthermore, the usefulness
of the data collected would be reduced
if the dataset is incomplete for some
financial institutions. In addition, the
Bureau will provide assistance to small
institutions and compliance vendors
during the implementation period to
help them transition to the new rule’s
requirements.
In regard to the commenters who
discussed legal issues involved in this
rulemaking, the Bureau notes that each
of the data points adopted pursuant to
ECOA section 704B(e)(2)(H) fulfills the
purposes that Congress stated in section
1071, fair lending and business and
community development, as explained
in the section-by-section analyses that
follow. In addition, the Bureau has
carefully considered the evidence before
it, including from the SBREFA process
and public comments, and has based its
decisions regarding these data points on
that evidence in relation to the factors
that Congress intended it to consider.
Furthermore, as explained above, the
Bureau does not consider that the full
data collected, whether pursuant to
ECOA section 704B(e)(2)(A) through (G)
or pursuant to section 704B(e)(2)(H),
should be used alone to determine
whether a lender is complying with fair
lending laws. When regulators conduct
fair lending examinations, they will
E:\FR\FM\31MYR2.SGM
31MYR2
35280
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
consider additional information before
reaching a determination about an
institution’s compliance. The Bureau
considers the scope of data reported to
be well within the parameters of
congressional intent apparent in section
1071.
lotter on DSK11XQN23PROD with RULES2
Other Data Points Considered
As mentioned above, small entity
representatives and other stakeholders
suggested some additional data points
for the Bureau’s consideration, and the
Bureau considered others in the
development of the proposed rule.
Because of the operational complexities
likely to be posed by each of these
potential data points, as well as the
reasons explained below, the Bureau
chose not to propose to include any of
the following data points in the rule.
Nonetheless, the Bureau sought
comment on whether the following
potential data points or any others
would further the purposes of section
1071 and thus should be considered for
inclusion in the final rule.
Type of business/entity structure (sole
proprietorship, C-corporation, limited
liability company, partnership, etc.).
This information could be useful in
providing context to the ethnicity, race,
and sex data regarding applicants’
principal owners. However, the Bureau
believed that collecting the number of
principal owners, as proposed in
§ 1002.107(a)(21), would better serve
this purpose.
Credit score. Collecting credit score
and other credit information could be
particularly useful for the fair lending
purpose of section 1071. However,
because of the different types of scores
and different situations in which a
financial institution would or would not
access scores, the Bureau believed that
this data point could be quite
complicated and involve complex subfields, which could pose operational
difficulties for financial institutions in
collecting and reporting this
information. These complexities could
also make it difficult for data users to
understand and interpret credit score
data.
Credit reporting information,
including whether credit information
was accessed. This data point could also
be complicated and involve complex
sub-fields, making it difficult for
financial institutions to collect and
report. As with credit score, these
complexities could also make it difficult
for data users to understand and
interpret these data. In addition, it was
not clear that this information would be
useful without also collecting credit
score.
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
Percentage ownership of each
principal owner and percentage
ownership by women and by minorities.
This information could be useful in
providing context to the ethnicity, race,
and sex data regarding applicants’
principal owners. However, the Bureau
was concerned that requesting this type
of percentage data could be confusing to
applicants and could result in
inconsistent responses across applicants
and institutions. The Bureau believed
that collecting the number of principal
owners (those individuals who each
directly own 25 percent or more of the
equity interests of a business), as
proposed in § 1002.107(a)(21), would
better serve this same purpose.
Whether the applicant has an existing
relationship with the financial
institution and the nature of that
relationship. This information could
provide additional context for a
financial institution’s credit decision,
and thus could be useful for both of
section 1071’s statutory purposes.
However, the Bureau believed that the
usefulness of the data collected might
not justify the additional operational
complexity of identifying and tracking
such relationships for reporting.
Customer number, and/or unique (but
anonymous) identification number for
applicants or associated persons for
tracking of multiple applications. This
information could be useful to track
multiple applications by a single small
business within a particular financial
institution, whether submitted at one
time or over the course of the year.
However, the Bureau believed that the
potential difficulties posed by requiring
the reporting of this information—
particularly for applications that have
been withdrawn or abandoned—would
not be warranted in light of the utility
of the data.
Comments Received
Type of business/entity structure. The
Bureau received comments from some
lenders, community groups, and others
requesting the inclusion of a data point
for type of business structure. The
Bureau did not receive any comments
specifically opposing the inclusion of
type of business structure, though the
Bureau understands the overwhelming
industry opposition to all data points
adopted pursuant to ECOA section
704B(e)(2)(H) likely implicates this one.
Commenters stated that collecting
type of business structure would allow
for better analysis of credit outcomes,
because different structures may
indicate varying levels of sophistication
and can be viewed differently by
creditors. One commenter pointed out
that Black and Latino business owners
PO 00000
Frm 00132
Fmt 4701
Sfmt 4700
are more likely to have non-employer
businesses, and type of business
structure could help identify those
businesses and track their access to
credit. That commenter also stated that
without the information about business
structure, it will not be possible to
identify gaps in capital access between
sole proprietorships (often minority
owned) and other forms, and so
collecting business structure will help
ensure that future capital programs,
whether private or public, adequately
include or target business structures.
One commenter stated that business
structure, along with credit score, would
be important for rooting out patterns of
discriminatory or exclusionary lending
practices in the deep South. A CDFI
lender stated that being able to
differentiate between sole proprietors
versus corporations is also key for
philanthropic efforts that may aid the
work of mission-based lenders working
with specific underserved communities,
and added that it already collects this
information for the SBA 7(a) program,
Paycheck Protection Program, and the
CDFI Fund. Discussing the Bureau’s
suggestion that collecting the number of
principal owners would provide the
desired context, a commenter stated that
under the proposal, only a natural
person who directly owns at least 25
percent of a business is counted as a
principal owner, and thus a partnership,
corporation, and sole proprietorship
could appear similarly situated despite
presenting different credit needs.
Credit score. The Bureau received
numerous comments from community
groups, community-oriented lenders,
business advocacy groups, and others
requesting the inclusion of a data point
for credit score. The Bureau did not
receive any comments specifically
opposing the inclusion of credit score,
though the Bureau understands the
overwhelming industry opposition to all
data points adopted pursuant to ECOA
section 704B(e)(2)(H) as likely
implicating this one.
Commenters stated that including a
data point for credit score, along with
other key underwriting criteria, was
important for effective fair lending
analysis. A joint letter from community
and business advocacy groups stated
that the Federal Reserve Banks in their
annual small business surveys have
found large disparities in credit access
even after controlling for credit scores,
and other commenters agreed that this
was the case. Many compared the
situation to HMDA, where credit scores
were only recently required, suggesting
that the lack of credit scores allowed
lenders to avoid accountability. A
number of community groups stated
E:\FR\FM\31MYR2.SGM
31MYR2
lotter on DSK11XQN23PROD with RULES2
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
that, in addition to fair lending, credit
scores allow users to understand the
characteristics of applicants that are
denied credit so as to identify areas of
unmet need. A joint letter from
community groups and community
oriented lenders stated that more than
half of Black individuals and 41 percent
of Latinos have low or no credit scores,
which impacts their ability to access
financing. One community group stated
that since the Bureau implemented the
expanded HMDA data collection rules,
they have determined that in their
county Black mortgage applicants are
more than 10 percent likelier than white
applicants to be denied for credit
history, and that having more robust
information would allow them to better
advocate to their financial partners for
more equitable credit scoring models in
small business lending. A CDFI lender
stated that lenders rely heavily on credit
scores to assess borrower risk and
creditworthiness, and they are used in
many cases to screen for pre-qualified
and/or pre-approved applicants before
moving further in the application
process. Several rural community
groups stated that credit score reporting
would be important for analyzing
potential discrimination in farm credit.
Numerous commenters suggested that
requiring credit scores would not be as
complicated or difficult as the Bureau
stated in the proposed rule, pointing out
that HMDA currently requires credit
score reporting and this rule could use
a similar method. Commenters said
lenders that rely on an individual or
composite credit score of business
owners should be required to report that
score and the scoring model used, as is
currently required under HMDA. A
CDFI lender stated that it would be
straightforward for lenders to disclose
borrower credit scores, type (personal or
business), and scoring model and
version in accordance with HMDA
procedures, including the options to
select not applicable and write in the
name and credit scoring model if not
listed. Once commenter suggested
requiring only personal credit scores
because business scores were not yet
industry standard. A community group
suggested that the Bureau use the
Federal Reserve Bank of Atlanta’s small
business credit survey method, which
they said accommodates a single score
irrespective of how it was used by the
lender. Another CDFI lender stated that
it already collects credit score for the
CDFI Fund. Several commenters stated
that privacy would not be a problem,
and some suggested that credit scores
could be released in ranges or other
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
non-specific methods to avoid any
issue.
Disability status. Although the Bureau
did not propose or seek comment on the
possibility of including the disability
status of applicant owners as a data
point, a number of commenters
requested that the Bureau do so. An
advocacy group for persons with
disabilities stated that this population is
twice as likely as people without
disabilities to be living in poverty, twice
as likely to use costly nonbank lending,
and twice as likely to be unbanked.
They stated further that people with
disabilities that are part of the labor
force are more likely to own small
businesses than those without
disabilities, and that for a growing
number of adults with disabilities,
establishing small businesses has
become a viable path to improve their
economic stability and security. Finally,
they stated that the absence of disability
data renders people with disabilities
invisible and creates an obstacle to
understanding and analyzing potential
discriminatory lending practices and
creates a challenge in advocating for and
designing effective policies. Other
commenters referred to and supported
this organization’s comment letter.
Some commenters stated that
discrimination against people with
disabilities is clearly present in society,
and several suggested that including a
disability data point would further
enforcement and implementation of
section 1071, the Americans with
Disabilities Act, and various bank
vendor procurement programs, amongst
other laws and initiatives. One
commenter stated that people with
disabilities often face significant
economic disparities such as lower net
worth or thinner credit history that may
create barriers to entrepreneurship. A
CDFI lender stated that it already
collects this information for the SBA
7(a) program.
Additional agricultural data.
Although the Bureau did not propose or
seek comment on the issue, two rural
community groups requested that the
final rule include additional data points
regarding agricultural credit. One of
these commenters stated that the Bureau
should require reporting of farm
marketing strategies, years of farmer
experience, and certain kinds of farm
production certifications (USDA
Organic, animal welfare, labor standard
certification, etc.) to help determine if
all farm operations are treated equally in
the lending process. The other requested
that information regarding base acre
payments (farm program benefit
payments) be reported because
information on program benefits
PO 00000
Frm 00133
Fmt 4701
Sfmt 4700
35281
attached to base acres is valuable to
minority farmers’ farm credit loan
making and servicing. That commenter
also asked that the Bureau require
reporting on collateral requirements, on
differences in appraised value or loans
or loan modifications rejected based on
failure to appraise, on refinancings
precipitated by required graduation
from Farm Service Agency loans, and on
all forms of loan modifications that have
historically been a central factor in farm
loss for farmers of color.
Other requested data points. The
Bureau received requests for several
other additional data points that were
not proposed and on which it did not
seek comment. Commenters suggested
that the Bureau require reporting on
veteran status, limited English
proficiency status, and senior citizen
status in order to monitor risks to these
groups. A CDFI lender stated that it
already collects veteran status for SBA
7(a) loans and other programs. They also
stated that it collects information on
low-income owned or controlled status
for the CDFI Fund, though did not
specifically ask the Bureau to require
reporting of that information or veteran
status.
Commenters also requested that the
Bureau require reporting of the
appraised value of collateral in relation
to the loan amount, the origination date,
community of residence (using ZIP
code, school zone or other demographic
data), the type of purchaser of the
originated credit, and a legal entity
identifier (LEI) for the small business
applicant.
Final Rule
The Bureau is adopting a limited
number of data points pursuant to the
authority set forth in ECOA section
704B(e)(2)(H) that it believes will offer
the highest value in light of section
1071’s statutory purposes. The Bureau
believes that the potential additional
data points that it sought comment on
would pose operational complexities, as
would the other data points suggested
by commenters. For these reasons, and
the reasons explained below, the Bureau
is not including any of the following
data points in this final rule.
Type of business/entity structure. The
Bureau believes that collecting the
number of principal owners will be
more useful than type of business
structure in providing additional useful
context to the ethnicity, race, and sex
data regarding applicants’ principal
owners. In addition, the Bureau believes
that the number of workers and gross
annual revenue data points will provide
useful context regarding the size and
sophistication of the applicant, which
E:\FR\FM\31MYR2.SGM
31MYR2
lotter on DSK11XQN23PROD with RULES2
35282
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
appears to address the primary reason
that commenters wanted type of
business structure to be collected.
Credit score. Although the Bureau
agrees with commenters that this data
would be useful for fair lending
analyses, it nonetheless could be quite
complicated and involve complex subfields, which could pose operational
difficulties for financial institutions,
especially given the use of business
credit scores as well as personal credit
scores in small business lending.
Disability status. The Bureau did not
propose or seek comment on including
this data point, and so does not have the
benefit of robust stakeholder input as to
whether and how to implement it. More
importantly, ECOA does not include
disability as one of the enumerated
bases on which discrimination is
prohibited, and so it is not clear that the
Bureau has the legal authority to
include this data point.
Additional agricultural data. The
Bureau did not propose or seek
comment on including these data
points, and so does not have the benefit
of robust stakeholder input as to
whether and how to implement them. In
addition, the Bureau does not have
sufficient other information to assess the
importance or feasibility of requiring
that these data points be reported.
Other requested data points. The
Bureau did not propose or seek
comment on including these data points
regarding veteran, limited English
proficiency, and senior citizen status,
and so does not have the benefit of
robust stakeholder input as to whether
and how to implement them. In
addition, the Bureau does not have
sufficient other information to assess the
importance or feasibility of requiring
that these data points be reported.
Credit reporting information,
including whether credit information
was accessed. Commenters did not
focus on this potential additional data
point that the Bureau sought comment
on, instead focusing their requests on
the related potential credit score data
point discussed above. For the reasons
discussed above, the Bureau is not
including this data point in the final
rule.
Percentage ownership of each
principal owner and percentage
ownership by women and by minorities.
The Bureau did not receive comments
on this potential additional data point
that the Bureau sought comment on. For
the reasons discussed above, the Bureau
is not including this data point in the
final rule.
Whether the applicant has an existing
relationship with the financial
institution and the nature of that
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
relationship. The Bureau did not receive
comments on this potential additional
data point that the Bureau sought
comment on. For the reasons discussed
above, the Bureau is not including this
data point in the final rule.
Customer number, and/or unique (but
anonymous) identification number for
applicants or associated persons for
tracking of multiple applications. The
Bureau did not receive comments on
this potential additional data point that
the Bureau sought comment on. For the
reasons discussed above, the Bureau is
not including this data point in the final
rule.
107(a)(1) Unique Identifier
Proposed Rule
ECOA section 704B(e)(2)(A) requires
financial institutions to collect and
report ‘‘the number of the application
. . . .’’ Regulation C includes a similar
reporting requirement for a universal
loan identifier,594 though some insured
credit unions and depositories whose
lending activity falls below applicable
thresholds are partially exempt and only
need to report a non-universal loan
identifier.595 Both the universal loan
identifier and the non-universal loan
identifier use only alphanumeric
characters, and do not allow use of
identifying information about the
applicant or borrower in the identifier.
The universal loan identifier is
‘‘unique’’ in the national HMDA
reporting market because it uses a
unique LEI for the reporting institution
and then the identifier is required to be
unique within that institution.596 The
universal loan identifier must be no
more than 45 characters and the nonuniversal loan identifier must be no
more than 22 characters.597
The Bureau proposed to require that
financial institutions report an
alphanumeric identifier starting with
the LEI of the financial institution. This
unique alphanumeric identifier would
have been required to be unique within
the financial institution to the specific
covered application and to be usable to
identify and retrieve the specific file
corresponding to the application for or
extension of credit. The Bureau also
594 12
CFR 1003.4(a)(1)(i).
CFR 1003.3(d)(5).
596 12 CFR 1003.4(a)(1)(i)(A), (B)(2). The nonuniversal loan identifier is only required to be
unique within the annual loan/application register
in which the covered loan or application is
included. 12 CFR 1003.3(d)(5)(ii).
597 The universal loan identifier length limit is
included in the Bureau’s yearly HMDA Filing
Instructions Guide. See CFPB, Filing instructions
guide for HMDA Data collected in 2023 (2022),
https://ffiec.cfpb.gov/. The length limit for the nonuniversal loan identifier is in Regulation C
§ 1003.3(d)(5).
595 12
PO 00000
Frm 00134
Fmt 4701
Sfmt 4700
proposed commentary with additional
details, as discussed below.
For clarity, the Bureau included
language in proposed comment
107(a)(1)–1 that would have explained
that the identifier can be assigned at any
time prior to reporting the application.
Proposed comment 107(a)(1)–1 would
also have provided the formatting
requirements for the unique identifier.
The Bureau proposed an identifier of 45
characters or fewer, as is currently
required for HMDA. The Bureau made
clear in the proposal that the unique
identifier would not need to stay
‘‘uniform’’ throughout the application
and subsequent processing. Proposed
comment 107(a)(1)–1 would have also
explained that refinancings or
applications for refinancing must be
assigned a different identifier than the
transaction that is being refinanced.
Proposed comment 107(a)(1)–2 would
have made clear that the unique
identifier must not include any directly
identifying information regarding the
applicant or persons (natural or legal)
associated with the applicant. The
Bureau was aware that internal
identification numbers assigned by the
financial institution to the application
or applicant could be considered
directly or indirectly identifying
information, and requested comment on
this issue. The Bureau also noted that
due to privacy risks the Bureau was
proposing to not publish unique
identifier in unmodified form; the
Bureau sought comment on potential
modifications to or deletion of this data
point in the published application-level
data. Proposed comment 107(a)(1)–2
would have also cross-referenced
proposed § 1002.111(c) and related
commentary, which would have
prohibited any personally identifiable
information concerning any individual
who is, or is connected with, an
applicant, in records retained under
proposed § 1002.111.
As stated above, the Bureau proposed
to require that the unique identifier
begin with the financial institution’s
LEI. Pursuant to proposed
§ 1002.109(b)(1)(vi), any covered
financial institution that did not
currently use an LEI would have been
required to obtain and maintain an LEI
in order to identify itself when reporting
the data. Although a ‘‘check digit’’—a
portion of an identifying number that
can be used to check accuracy—is
required for the HMDA universal loan
identifier, the Bureau did not propose to
require its use in the 1071 unique
identifier.
The Bureau sought comment on its
proposed approach to the unique
identifier data point. In addition, the
E:\FR\FM\31MYR2.SGM
31MYR2
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
Bureau requested comment on the use
of the LEI in the unique identifier and
the possible use of a check digit.
Comments Received
The Bureau received comments on the
unique identifier data point from several
lenders and trade associations. Some
commenters supported the data point as
proposed; several stated that it was a
reasonable and appropriate means of
implementing the statutory requirement.
Another lender noted that it already
reports this type of data for Paycheck
Protection Program and CDFI Fund
lending. A trade association stated that
community banks prefer not to be
required to create this identifier too
early in the credit origination process. A
national auto finance trade association
noted that its members generally assign
application or loan numbers to new
credit applications, but not necessarily
to credit line increases, and suggested
that financial institutions will have this
data without needing the Federal
Reserve to issue a parallel rule to
implement section 1071 for motor
vehicle dealers.598
A community bank stated that the
cost of creating a customer
identification numbering system that
does not use the employer identification
number, taxpayer identification number,
or Social Security number (SSN) would
be passed on to the borrower. That
commenter requested that the Bureau
allow use of the last four digits of the
employer identification number,
taxpayer identification number, or SSN
for identification purposes. They also
expressed confusion as to how an LEI
(which it may not currently have) could
be incorporated with the loan number in
its system for reporting, and stated that
the Bureau did not provide sufficient
guidance on how to incorporate the
unique identifiers into its current
system.
lotter on DSK11XQN23PROD with RULES2
Final Rule
For the reasons set forth herein, the
Bureau is finalizing § 1002.107(a)(1)
with a minor edit for clarity. Financial
institutions will report an alphanumeric
identifier, starting with the LEI of the
financial institution, that is unique
within the financial institution to the
specific covered application. The
identifier must be usable to identify and
retrieve the specific file or files
598 ECOA authority over motor vehicle dealers
lies with the Board, not the Bureau, because
Regulation B does not apply to a person excluded
from coverage by section 1029 of the Consumer
Financial Protection Act of 2010, title X of the
Dodd-Frank Wall Street Reform and Consumer
Protection Act, Public Law 111–203, 124 Stat. 1376,
2004 (2010).
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
corresponding to the application for or
extension of credit.
The Bureau is finalizing comment
107(a)(1)–1 with a minor change. As
apparent from the instructions in
comment 107(a)(1)–1, the Bureau chose
to follow the well-known and workable
HMDA format to avoid introducing new
complications. With respect to the
concerns raised by one commenter
about the unique identifier data point,
the Bureau notes that a customer
identification number is not required.
The unique identifier refers to the
application or origination being
reported, not the customer who applies
for or borrows the funds. In addition,
comment 107(a)(1)–1 makes clear that
financial institutions may assign the
unique identifier at any time prior to
reporting the application, facilitating
compliance. The Bureau believes that
final § 1002.107(a)(1) will accommodate
different institutions’ numbering
systems because the unique identifier
can be created separately from those
internal systems. In order to foster
uniformity of format and avoid
confusion as to what constitutes a
‘‘unique’’ identifier, comment 107(a)(1)–
1 now requires that any alphabetical
characters in the unique identifier be
upper-case.
The Bureau is finalizing comment
107(a)(1)–2 with a minor change
described below. Final comment
107(a)(1)–2 states that the unique
identifier must not include any directly
identifying information regarding the
applicant or persons (natural or legal)
associated with the applicant. In regard
to the use of directly identifying
information, such as an SSN or taxpayer
identification number, the Bureau notes
that section 1071 specifically forbids
financial institutions from using
personally identifiable information
concerning any individual who is, or is
connected with, an applicant in
compiling and maintaining data for
reporting.599 Although the Bureau has
preliminarily determined not to release
unique identifier data reported to the
Bureau in unmodified form in the
public, application-level dataset,
inclusion of a small business’s employer
identification number or a natural
person’s SSN or taxpayer identification
number could present a risk of fraud or
identity theft. Thus, for clarity, the
Bureau is including in comment
107(a)(1)–2 that SSN and employer
identification number, in whole or
partial form, are examples of directly
identifying information that must not be
used.
599 ECOA
PO 00000
section 704B(e)(3).
Frm 00135
Fmt 4701
Sfmt 4700
35283
The final rule requires that the unique
identifier begin with the financial
institution’s LEI. Final
§ 1002.109(b)(1)(vi) requires any
covered financial institution that does
not currently use an LEI to obtain and
maintain an LEI in order to identify
itself when reporting data to the Bureau.
The Bureau does not believe that
including the financial institution’s LEI
in its unique identifiers will pose
particular difficulties for reporting
institutions; as noted above, the unique
identifier can be assigned at any time
prior to reporting an application. The
Bureau also believes that including the
LEI will increase the specificity and
usefulness of the identifier and the
record it identifies.
The Bureau did not receive comments
discussing the possible inclusion of a
‘‘check digit,’’ which is required for the
HMDA universal loan identifier but was
not proposed as part of the 1071 unique
identifier. The Bureau believes that,
based on its expectations for small
business lending data submission
platform, a check digit will be
unnecessary, as well as potentially
complicated for small financial
institutions to implement, and thus it is
not included in the final rule.
107(a)(2) Application Date
Proposed Rule
ECOA section 704B(e)(2)(A) requires
financial institutions to collect and
report the ‘‘date on which the
application was received.’’
The Bureau proposed to require
reporting of application date in
§ 1002.107(a)(2) as the date the covered
application was received by the
financial institution or the date on a
paper or electronic application form.
Proposed comments 107(a)(2)–1 and –2
would have clarified the need for a
financial institution to take a consistent
approach when reporting application
date, and would have provided
guidance on how to report application
date for applications not submitted
directly to the financial institution or its
affiliate (indirect applications). The
Bureau also proposed a safe harbor in
§ 1002.112(c)(4), which would have
provided that a financial institution
does not violate proposed subpart B if
it reports on its small business lending
application register an application date
that is within three calendar days of the
actual application date pursuant to
proposed § 1002.107(a)(2).
The Bureau sought comment on its
approach to collecting application date
in proposed § 1002.107(a)(2) and
associated commentary. The Bureau
also sought comment on how best to
E:\FR\FM\31MYR2.SGM
31MYR2
35284
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
define the ‘‘application date’’ data point
in light of the Bureau’s definition of
‘‘covered application’’ in proposed
§ 1002.103.
lotter on DSK11XQN23PROD with RULES2
Comments Received
The Bureau received feedback on its
proposal to require reporting of
application date in § 1002.107(a)(2) from
several lenders, trade associations, and
a community group. Most commenters
to address this data point supported
proposed § 1002.107(a)(2). A trade
association stated that application date
is currently collected in its financial
institutions’ work flows. A trade
association urged the Bureau to define
application date in a manner that is
consistent with existing Regulation B, so
to avoid inconsistency, though it did not
identify any aspect of proposed
§ 1002.107(a)(2) that would be
inconsistent with existing Regulation B.
Similarly, a bank urged the Bureau to
align application date with HMDA—to
increase efficiency for the customer,
facilitate compliance, and avoid
duplicative collections—but did not
identify whether or how proposed
§ 1002.107(a)(2) would differ from how
financial institutions report application
date under Regulation C. A community
bank urged the Bureau to provide a
concrete definition of application date,
explaining that a subjective definition
would discourage banks from small
business lending, and that application
date is often difficult to pinpoint as
there frequently is no written
application and the application process
may occur over time, both in-person and
by phone.600
Final Rule
For the reasons set forth herein, the
Bureau is finalizing § 1002.107(a)(2) to
require reporting of application date as
the date the covered application was
received or the date on a paper or
electronic application form. The Bureau
believes the flexibility to report either
the date the covered application was
received or the date shown on a paper
or electronic application form will
accommodate institutions’ varied
practices. While several commenters
urged the Bureau to align reporting of
application date with existing
Regulation B and Regulation C, the
commenters did not identify how the
proposed definition would differ from
those regulatory provisions, and the
Bureau believes they do not conflict. For
example, a financial institution may
600 Comments
primarily directed at how to define
an application under section 1071, rather than the
date reported for that application, are discussed in
connection with the section-by-section analysis of
§ 1002.103(a) above.
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
report application date based on the
date a ‘‘covered application’’ was
received, and final § 1002.103(a) defines
a covered application largely based on
Regulation B’s definition of an
application in existing § 1002.2(f).
Similarly, Regulation C § 1003.4(a)(1)(ii)
requires reporting of the date the
application was received or the date
shown on the application form. While a
commenter urged the Bureau to provide
a concrete definition of application date,
the commenter never indicated whether
or how the proposed definition was
vague.601
Final § 1002.107(a)(2) states that
application date may be the date ‘‘the
covered application was received;’’ the
Bureau has removed the phrase that
followed in proposed § 1002.107(a)(2),
which read ‘‘by the financial institution
. . . ’’ to reflect that not all covered
applications will be received directly by
the financial institution. The Bureau is
also adopting new comment 107(a)(2)–
2 to provide guidance on when an
application is ‘‘received’’ for covered
applications submitted directly to the
financial institution or its affiliate.
Comment 107(a)(2)–1 is finalized with
minor revisions for clarity and
consistency, to provide guidance on
maintaining a consistent approach to
reporting application date. Final
comment 107(a)(2)–3 (proposed as
comment 107(a)(2)–2) provides
guidance on how a financial institution
reports application date where a
covered application was not submitted
directly to the financial institution or its
affiliate. Lastly, final comment
107(a)(2)–4 is adopted to note the safe
harbor in final § 1002.112(c)(1), which
provides that a financial institution does
not violate subpart B if it reports on its
small business lending application
register an application date that is
within three business days of the actual
application date pursuant to final
§ 1002.107(a)(2).
107(a)(3) Application Method
Proposed Rule
ECOA section 704B(e)(2)(H)
authorizes the Bureau to require
financial institutions to compile and
maintain ‘‘any additional data that the
Bureau determines would aid in
fulfilling the purposes of [section
1071].’’ The Bureau believes that
application method data will aid in
fulfilling the purposes of section 1071.
601 As discussed in more detail in the section-bysection analysis of § 1002.103(b), if the covered
application is requesting additional credit on an
existing account, all data reported, including
applicable dates, relate to the new request for credit
rather than the initial origination.
PO 00000
Frm 00136
Fmt 4701
Sfmt 4700
The Bureau did not address the
method of application as a potential
data point under consideration in the
SBREFA Outline. However, during the
SBREFA process, one CDFI small entity
representative suggested collecting
information regarding the way an
application was taken (in person, by
phone, or online) in order to monitor for
possible discouragement of
applicants.602 Relatedly, several small
entity representatives that took
applications for credit primarily or
entirely online asserted that such
channels were less likely to result in
discrimination and more likely to
increase access to credit to womenowned and minority-owned small
businesses.
In light of the feedback during the
SBREFA process and further
consideration by the Bureau of
additional data that would aid in
fulfilling the purposes of section 1071,
the Bureau proposed to require financial
institutions to collect and report
application method. The Bureau
proposed § 1002.107(a)(3) to define this
data point as the means by which the
applicant submitted the covered
application directly or indirectly to the
financial institution. The Bureau also
proposed commentary to accompany
proposed § 1002.107(a)(3).
The Bureau believed that data on
application method would improve the
market’s understanding of how
applicants apply for credit which, in
turn, would facilitate fair lending
enforcement and the business and
community development purposes of
section 1071. In addition, the Bureau
believed that collecting data on
application method would aid in
analysis of multiple data points
collected and reported by financial
institutions, including the ethnicity,
race, and sex of applicants’ principal
owners.
Finally, data on application method
would assist in analyzing data reported
under, and assessing compliance with,
proposed § 1002.107(a)(20), which
would have required financial
institutions to collect principal owners’
ethnicity and race via visual observation
or surname in certain circumstances.
The Bureau explained that having
application method reporting would
allow the Bureau and other data users
to determine, for example, which
applications could be subject to data
collection via visual observation or
surname (because the financial
institution met with the applicant in
person) and, together with information
reported under proposed
602 SBREFA
E:\FR\FM\31MYR2.SGM
Panel Report at 30–31.
31MYR2
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
lotter on DSK11XQN23PROD with RULES2
§ 1002.107(a)(20), which of those
applications did and did not have
information collected that way.
The Bureau proposed comment
107(a)(3)–1 to clarify that a financial
institution would comply with
proposed § 1002.107(a)(3) by reporting
the means by which the applicant
submitted the application from one of
the following options: in-person,
telephone, online, or mail. Proposed
comment 107(a)(3)–1 would have
explained how financial institutions are
to choose which application method to
report, including via a ‘‘waterfall
approach’’ when they have contact with
an applicant in multiple ways. Proposed
comments 107(a)(3)–1.i through .iv
would have provided detailed
descriptions and examples of each of
the four proposed application methods.
The Bureau proposed comment
107(a)(3)–2 to provide guidance on what
application method a financial
institution would report for interactions
with applicants both online and by
mail. In short, a financial institution
would have reported application
method based on the method by which
it, or another party acting on its behalf,
requested the ethnicity, race, and sex of
the applicant’s principal owners
pursuant to proposed § 1002.107(a)(20).
Proposed comment 107(a)(3)–2 also
would have provided separate examples
of when the application method should
be reported as ‘‘online’’ and ‘‘mail.’’
The Bureau sought comment on its
proposed approach to this data point.
Comments Received
The Bureau received comments on its
proposed application method data point
from a number of banks, trade
associations, and community groups.
Several commenters supported the
Bureau’s proposal to require financial
institutions to report data on application
method; some noted that such data
would facilitate fair lending
enforcement and/or further the
community development purpose of
section 1071. A community group
asserted that data on the application
method would enable the comparison of
application outcomes based on the
application channel at specific
institutions and could also help assess
whether applicants are receiving
comparable access to comparable credit
across application channels. Another
community group stated that data on
application method would help shed
light on the issue of whether newer,
online lenders are more effective at
reaching underserved populations and
businesses. One commenter suggested
the Bureau create more categories,
particularly to distinguish email from
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
web portal because an application
received by email often reflects a more
personal relationship than does an
application submitted via web portal.
In contrast, several banks and trade
associations opposed the proposed
requirement to collect application
method data and urged the Bureau to
drop it from the final rule. A few
commenters said that this data point
was added ‘‘late’’ in the rulemaking
process or without adequate public
input.
Industry commenters explained that
application method data are not
currently collected nor recorded in the
loan file. A bank stated that it would
need to collect the data manually
because it does not have a way to record
or report the information and asserted
that this data collection requirement
would affect its ability to serve the
credit needs of its community. Several
other commenters noted that this data
point is not a factor in the credit
decision and argued that there is no
information or insight that can be
gleaned from it. Some commenters also
questioned how the data point would
provide value in fair lending analysis.
One commenter suggested the data have
limited value and that the Bureau’s
policy goals can be achieved by
combining publicly available data with
section 1071’s statutory requirements;
for example, collection of census tract
data will indicate whether a loan was
originated in a ‘‘credit desert,’’ thereby
eliminating the need for the application
method data point.
Some commenters asserted that the
proposed waterfall approach was
problematic and would introduce
complexity into reporting application
method data. These commenters
explained that there are multiple
interactions between the lender and the
applicant throughout the application
process and suggested that reporting
application method using the proposed
waterfall approach would require the
financial institution to document each
interaction with an applicant. They
further said that could lead to a
cumbersome process in trying to
determine exactly how an application
was received and could result in
unintentional errors. One industry
commenter stated that an application
may start out as an email request,
followed up by a phone call, and then
be completed in person. This
commenter suggested that there would
be difficulty collecting the data
accurately because the proposal did not
allow for multiple methods of
application, particularly because the
definition of application is at the
financial institution’s discretion. A bank
PO 00000
Frm 00137
Fmt 4701
Sfmt 4700
35285
suggested that the Bureau drop the
waterfall approach and allow financial
institutions to designate the best way to
determine application method. A group
of trade associations likewise requested
that the Bureau drop the waterfall
approach, and instead have financial
institutions report the application
method where the ethnicity, race, and
sex of the applicant’s principal owners
was requested. A few commenters
suggested that the application method
should be based only on the initial
contact. Two of these commenters
indicated that basing the application
method on initial contact would provide
clear requirements in the event that the
applicant provides information via two
methods: for example, when an
applicant applies online but later
provides information by telephone.
A group of trade associations noted
that while the data point is about the
means by which the application was
submitted, the proposed commentary
discusses when a financial institution
meets with the applicant or
communicates with the applicant by
telephone. This commenter stated that
the proposed commentary was
confusing and did not provide clear
guidance on compliance.
Final Rule
For the reasons set forth herein, the
Bureau is finalizing § 1002.107(a)(3)
with a number of revisions to the
associated commentary. Pursuant to its
authority under ECOA section
704B(e)(2)(H), the Bureau believes that
collecting data on application method
would aid in fulfilling the purposes of
section 1071, as explained below.
Initially, the Bureau believes that data
on application method will improve the
market’s understanding of how
applicants apply for credit. In addition,
data on application method will support
1071’s statutory purposes by, inter alia,
providing additional context for the
business and community development
needs of particular geographic regions.
For instance, application method may
help data users analyze the extent to
which financial institutions may be
providing access to credit online or by
telephone in ‘‘credit deserts’’ where
financial institutions do not have
branch operations.
In addition, the Bureau believes that
collecting data on application method
will aid in analysis of multiple data
points collected and reported by
financial institutions, including the
ethnicity, race, and sex of applicants’
principal owners. For example, these
data will assist the Bureau and other
data users in identifying whether
applicants are more or less likely to
E:\FR\FM\31MYR2.SGM
31MYR2
lotter on DSK11XQN23PROD with RULES2
35286
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
provide this (and other) 1071
information in different application
channels. This information may also
assist in determining whether a
financial institution has procedures to
collect applicant-provided data at a time
and in a manner that are reasonably
designed to obtain a response, as
required by § 1002.107(c).
The Bureau explained in the NPRM
that having application method data
would be useful in analyzing data
reported under, and assessing
compliance with, proposed
§ 1002.107(a)(20) related to collecting
the ethnicity and race of principal
owners via visual observation or
surname in certain circumstances.
However, as explained in the sectionby-section analysis of § 1002.107(a)(19)
below, the Bureau has removed the
visual observation or surname
requirement from this final rule.
Consequently, the proposed waterfall
approach is less relevant for assessing
compliance with final § 1002.107(a)(19).
In combination with the concerns
expressed by commenters regarding
compliance complexities, including the
need to document multiple interactions
between the financial institution and
applicant, the Bureau has decided not to
adopt the proposed waterfall approach
for reporting application method.
The Bureau is thus adopting
comments 107(a)(3)–1.i through .iv with
revisions to reflect the removal of the
waterfall. The Bureau believes these
changes will also address a commenter’s
concern regarding potential confusion
about the proposed commentary’s
treatment of meetings and other
interactions with applicants. Relatedly,
the Bureau is not finalizing proposed
comment 107(a)(3)–2, which would
have provided guidance on reporting for
interactions with applicants both via
mail and online under the waterfall
approach.
In addition, the Bureau has added
new guidance in comment 107(a)(3)–1
to clarify what a financial institution
reports if it retains multiple versions of
the application form. The Bureau has
also made a few minor revisions in
comments 107(a)(3)–1.i through .iv for
clarity. Final comment 107(a)(3)–1 lists
the options a financial institution
reports for the means by which an
applicant submitted the application. In
final comment 107(a)(3)–1.i, the Bureau
has clarified that the in-person
application method applies, for
example, to those applications
submitted at a branch office, including
applications hand delivered by an
applicant. In final comment 107(a)(3)–
1.ii, the Bureau has clarified that an
application submitted via telephone call
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
is reported as ‘‘telephone.’’ In final
comment 107(a)(3)–1.iii, the Bureau has
clarified that an application submitted
via website, mobile application
(commonly known as an app), fax
transmission, or text-based electronic
communication is also reported as
‘‘online.’’ The Bureau does not believe
it is appropriate to distinguish between
applications submitted by email and
applications submitted through a web
portal, on the basis that an application
that is emailed reflects a more personal
relationship, as suggested by a
commenter. The Bureau believes that
both application methods are
appropriately reportable as ‘‘online’’
because they reflect an electronic
communication. The Bureau notes that
various electronic communication
methods provided in final comment
107(a)(3)–1.iii can reflect a personal
relationship. For example, an applicant
may have begun communications with
the financial institution through email,
followed by text messages, and then
submitted the application through the
financial institution’s website. All of
these methods can potentially reflect a
personal relationship.
The Bureau removed the hand
delivery at a teller window example in
comment 107(a)(3)–1.iv because, under
the final rule, an application hand
delivered by an applicant at a branch is
reported as ‘‘in-person’’ pursuant to
final comment 107(a)(3)–1.i. Regarding a
suggestion from commenters that the
Bureau use the method by which
ethnicity, race, and sex of the principal
owners are collected for reporting this
data point, the Bureau does not believe
that such an approach is necessary
given that it is not finalizing its
proposed requirement to collect
principal owners’ ethnicity and race via
visual observation or surname in certain
circumstances. In addition, the Bureau
does not believe that application
method should be based on initial
contact, as suggested by a few
commenters. As explained by
commenters, there could be multiple
interactions between the lender and
applicant throughout the preapplication and application process.
Thus, the initial interaction may not
amount to an application submission
because, for example, the initial contact
was simply an inquiry.603 In light of
commenters’ concerns regarding the
potential difficulties in identifying
application method, the Bureau believes
that its approach to final
§ 1002.107(a)(3), which is tied to an
603 Under § 1002.103(b)(2), a covered application
does not include inquiries and prequalification
requests.
PO 00000
Frm 00138
Fmt 4701
Sfmt 4700
applicant submitting an application, is
preferable to the suggestions made by
commenters.
Regarding commenters’ concerns
about the utility of this data point, the
Bureau believes that application method
data will facilitate the fair lending and
business and community development
purposes of section 1071, as explained
above. This information cannot be
replicated by combining data points
specifically enumerated in section 1071,
such as census tract, with other publicly
available data. Application method is
not intended solely to identify ‘‘credit
deserts,’’ as the commenter appeared to
suggest, and although census tract
information might provide information
as to where the proceeds will be applied
(or the location of the applicant’s
headquarters/main office, or another
location), that does not necessarily
indicate where (or how) the financial
institution interacted with the
applicant. With respect to comments
stating that application method is not
currently collected nor is it considered
as part of the credit decision, the Bureau
believes that removal of the proposed
waterfall approach will make collecting
this data easier than contemplated in
the proposed rule.
Finally, this data point was
introduced with sufficient time for the
public to provide feedback and offer
alternatives. The data point was
suggested by small entity
representatives during the SBREFA
process and was included in the
SBREFA Panel Report. It was also
included in the proposed rule and the
Bureau specifically sought—and
obtained—comment on it. As noted, the
Bureau has made changes as a result of
that feedback.
107(a)(4) Application Recipient
Proposed Rule
ECOA section 704B(e)(2)(H)
authorizes the Bureau to require
financial institutions to compile and
maintain ‘‘any additional data that the
Bureau determines would aid in
fulfilling the purposes of [section
1071].’’ The Bureau believes that
information regarding how an
application is received will enhance
small business lending data and aid in
fulfilling the purposes of section 1071.
The Bureau proposed
§ 1002.107(a)(4), which would have
required financial institutions to collect
and report the application recipient,
meaning whether the applicant
submitted the covered application
directly to the financial institution or its
affiliate, or whether the applicant
submitted the covered application
E:\FR\FM\31MYR2.SGM
31MYR2
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
lotter on DSK11XQN23PROD with RULES2
indirectly to the financial institution via
a third party. Proposed comment
107(a)(4)–1 would have clarified that if
a financial institution is reporting
actions taken by its agent consistent
with proposed comment 109(a)(3)–3,
then the agent is considered the
financial institution for the purposes of
proposed § 1002.107(a)(4).
The Bureau sought comment on its
proposed approach to this data point.
Comments Received
The Bureau received comments on the
proposed application recipient data
point from industry and community
groups. A community group expressed
its support, noting that in combination
with the application method data point
under proposed § 1002.107(a)(3), it
would help stakeholders determine
whether traditional banking or online
lending is most effective in reaching
underserved small businesses or
whether the effectiveness of the lending
model depends on local context and
conditions. A trade association also
expressed its support, stating that the
information can help data users
understand the relationship between
lender and applicant. This commenter
further noted that recipient data would
provide context for other collected and
reported data and also improve
transparency around when and whether
an intermediary is considered a
financial institution for the purposes of
this data collection. In addition, a CDFI
lender stated its general support of the
Bureau’s proposal to collect application
recipient data.
In contrast, a number of banks and
trade associations opposed the Bureau’s
proposal to collect application recipient
data for various reasons. One trade
association raised a concern that the
application recipient data point was not
included in the SBREFA Outline and,
along with several other industry
commenters, pointed out it is not one of
the data points expressly enumerated in
ECOA section 704B(e)(2). Several
industry commenters stated that the
data are not currently collected and a
few of these commenters further stated
that such data are not used or
considered in the underwriting
decision. Several industry commenters
argued that the data point is
burdensome and two banks stated they
would need to collect the data manually
because their systems are not equipped
to collect the data. Other industry
commenters questioned the value of the
data point or how it fulfills the statutory
purposes of section 1071. One industry
commenter stated it is not dispositive of
fair lending violations. Two banks urged
the Bureau to drop the data point from
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
the final rule or provide an exemption
for certain institutions. One of these
banks urged the Bureau to drop the data
point from the final rule because it does
not have affiliates nor does it accept
applications indirectly and thus would
not provide any data. The other bank
commented that community banks
should be exempt if they do not use
actual third parties, but instead use a
third-party online application system
within the bank’s firewall, and
suggested that the only reason this data
point should apply is if a bank is truly
working with a third party, not a vendor
who helps manage online tools. A trade
association urged the Bureau to
eliminate the application recipient data
point from the final rule until a later
determination can be made regarding its
necessity.
Final Rule
For the reasons set forth herein, the
Bureau is finalizing § 1002.107(a)(4) and
related commentary with a small
modification for clarity. Final
§ 1002.107(a)(4) requires the financial
institution to report whether the
applicant submitted the covered
application directly to the financial
institution or its affiliate, or whether the
applicant submitted the covered
application indirectly to the financial
institution via a third party. Final
comment 107(a)(4)–1 explains that if a
financial institution is reporting actions
taken by its agent consistent with
comment 109(a)(3)–3, then the agent is
considered the financial institution for
the purposes of § 1002.107(a)(4). The
comment also provides an example. The
Bureau believes data on application
recipient will facilitate fair lending
analysis and enable a better
understanding of business and
community development needs.
Pursuant to ECOA section 704B(e)(2)(H),
the Bureau believes that collecting data
on application recipient will aid in
fulfilling the purposes of section 1071.
Regarding commenters’ concerns that
application recipient data are not
currently collected nor used in
underwriting decisions, the Bureau
anticipates that financial institutions
know and track how they receive
applications for small business loans.
The Bureau does not believe it would be
difficult to track this information, even
if the financial institution does not
currently collect the information.
With respect to the comments
received that question how application
recipient data fulfill the purposes of
section 1071, the Bureau believes that
collecting data on application recipient,
in combination with application
method, as discussed above, will
PO 00000
Frm 00139
Fmt 4701
Sfmt 4700
35287
improve the market’s understanding of
how small businesses interact with
financial institutions when applying for
credit which, in turn, will facilitate fair
lending analysis, including the
identification of risks in small business
lending. Regarding the comment that
application recipient data are not
dispositive of fair lending violations, the
Bureau agrees that such data would not
be dispositive of a violation on their
own, but believes data on application
recipient can be used in combination
with other data points or information to
provide a more robust analysis. With
respect to promoting the business and
community development purposes of
section 1071, the Bureau believes that
data on application recipient will
improve the public’s understanding of
the structure of small business lending
originations across the market, the
methods by which credit is originated
for particular groups or underserved
markets, and trends over time (for
example, to the extent applicant
preferences shift from in-person to
online interactions). In addition,
application recipient data may assist
with an understanding of the business
and community development needs of
an area or applicant. For example, such
data may help data users understand
whether financial institutions making
credit decisions are directly interacting
with the applicant and/or generally
operate in the same community as the
applicant. Moreover, data on
application recipient will allow the
Bureau and data users to better
understand the relationship between the
covered financial institution and the
applicant in the context of certain other
data collected and reported under this
final rule.
The Bureau is not removing the
application recipient data point from
the final rule or providing an
exemption, as suggested by some
commenters, for financial institutions
that do not have affiliates, do not accept
applications indirectly, and/or do not
use third parties. Some financial
institutions employ a wide variety of
lending models in extending credit to
small businesses. They may receive
applications for credit directly from the
applicant and some financial
institutions may receive applications
routed to them through third parties,
such as brokers or vehicle or equipment
dealers. Some financial institutions
issue credit cards branded for particular
retailers, for which applications are
taken in person at the retailer’s store
locations. Some brokers and dealers
may send applications to a single
financial institution, while others may
E:\FR\FM\31MYR2.SGM
31MYR2
35288
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
send them to multiple financial
institutions at the same time. In these
types of application scenarios involving
third parties, the financial institution
may not directly interact with the
applicant at all during the application
process. Information regarding whether
the applicant submitted the application
directly to the financial institution is
necessary to further the purposes of
section 1071, including by improving
the market’s understanding of how
small businesses interact with financial
institutions when applying for credit
and whether the financial institution is
operating in the same community as the
small business. This is true even if a
particular financial institution does not
accept applications indirectly or does
not use third parties, and reporting of
this data point should be simple for
financial institutions in that situation.
Finally, this data point was
introduced with sufficient time for the
public to provide feedback and offer
alternatives. It was also included in the
proposed rule and the Bureau
specifically sought—and obtained—
comment on it. Given the wide variety
of lending models financial institutions
currently use when extending credit to
small businesses, the Bureau believes it
is timely and appropriate to include this
data point in this final rule.
lotter on DSK11XQN23PROD with RULES2
107(a)(5) Credit Type
Proposed Rule
Section 1071 requires financial
institutions to collect and report ‘‘the
type and purpose of the loan or other
credit being applied for.’’ 604 (The credit
purpose data point is discussed in the
section-by-section analysis of
§ 1002.107(a)(6) immediately below.)
For HMDA reporting, Regulation C
requires numerous data points that
indicate the type of credit applied for or
originated: the type of guarantees used;
lien order; loan term; the presence of
nontraditional contract terms including
balloon, interest only, and negative
amortization payments; variable rate
information; open-end status; and
reverse mortgage status.605 Section 1071
provides no additional information or
details regarding what aspects of credit
type should be collected and reported.
The Bureau proposed in
§ 1002.107(a)(5) to require that financial
institutions collect and report the
following information regarding the
type of credit applied for or originated:
(i) The credit product; (ii) The type or
types of guarantees that were obtained
for an extension of credit, or that would
604 ECOA
section 704B(e)(2)(B).
C § 1003.4(a)(2), (14), (25), (27),
(28), (37), and (38).
605 Regulation
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
have been obtained if the covered credit
transaction were originated; and (iii)
The length of the loan term, in months,
if applicable. These aspects of credit
type are discussed in turn below. This
proposal was consistent with the
approach presented in the SBREFA
Outline, and would have required the
financial institution to choose the credit
product and guarantee(s) from a
specified list. (These lists were provided
in the commentary accompanying
proposed § 1002.107(a)(5).) The lists
included choices for ‘‘Other’’ and ‘‘Not
provided by applicant and otherwise
undetermined,’’ as appropriate, to
facilitate compliance.
The Bureau sought comment on its
proposed approach to the credit type
data point, including the lists of
products and guarantees proposed and
the other specific requests for input
below.
Credit product. The first subcategory
the Bureau proposed to include in the
credit type data point was the credit
product (i.e., a commonly understood
category of small business lending like
term loans or lines of credit) which the
Bureau considered to be an integral part
of the statutory requirement to collect
credit type.
Proposed comment 107(a)(5)–1 would
have presented the instructions for
collecting and reporting credit product
and the proposed list of credit products
from which financial institutions would
select. Proposed comment 107(a)(5)–1
would have explained that a financial
institution would comply with
§ 1002.107(a)(5)(i) by selecting the credit
product requested from the list provided
in the comment. It would also have
explained that if an applicant requests
more than one credit product, the
financial institution reports each credit
product requested as a separate
application. Proposed comment
107(a)(5)–1 would have also explained
that if the credit product for an
application does not appear on the list
of products provided, the financial
institution would select ‘‘other’’ as the
credit product and report the specific
product via free-form text.
Proposed comment 107(a)(5)–2 would
have explained that, pursuant to
proposed § 1002.107(c)(1), a financial
institution would be required to
maintain procedures reasonably
designed to collect applicant-provided
data, which includes credit product.
However, if a financial institution was
nonetheless unable to collect or
otherwise determine credit product
information because the applicant did
not indicate what credit product it
sought and the application was denied,
withdrawn, or closed for
PO 00000
Frm 00140
Fmt 4701
Sfmt 4700
incompleteness before a credit product
was identified, the proposed comment
would have explained that the financial
institution would report that the credit
product was ‘‘not provided by applicant
and otherwise undetermined.’’
Proposed comment 107(a)(5)–3 would
have explained how a financial
institution would report a transaction
that involves a counteroffer. The
comment would have stated that if a
financial institution presents a
counteroffer for a different credit
product than the product the applicant
had initially requested, and the
applicant does not agree to proceed with
the counteroffer, a financial institution
would report the application for the
original credit product as denied
pursuant to proposed § 1002.107(a)(9). If
the applicant agrees to proceed with
consideration of the financial
institution’s counteroffer, the financial
institution would report the disposition
of the application based on the credit
product that was offered, and would not
report the original credit product
applied for. In addition, proposed
comment 107(a)(5)–6 would have
explained when ‘‘other sales-based
financing transaction’’ would be used
for reporting.
The Bureau noted that, under its
proposal, line increases would be
reportable so that the small business
lending market could be tracked
accurately. See the section-by-section
analysis of § 1002.103(a) above for
additional details. However, the Bureau
did not propose that line increases be
included as a separate item in the credit
product list.
The Bureau sought comment on its
proposed approach to this subcategory,
including the appropriateness and
usefulness of the products included in
the list, whether there were other
products that should be added, and the
proposed treatment of counteroffers.
The Bureau also sought comment on
how financial institutions currently
handle increases in lines of credit and
whether a line increase should be
considered a credit product, and on
whether an overdraft line of credit
should be considered a product separate
from a line of credit and thus added to
the product list.
Type of guarantee. The second data
field the Bureau proposed to include in
the credit type data point was
guarantee. Proposed comment
107(a)(5)–4 would have presented the
instructions for collecting and reporting
type of guarantee and the proposed list
of guarantees from which financial
institutions would select. Proposed
comment 107(a)(5)–4 would also have
explained that a financial institution
E:\FR\FM\31MYR2.SGM
31MYR2
lotter on DSK11XQN23PROD with RULES2
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
complies with § 1002.107(a)(5)(ii) by
selecting the type or types of
guarantee(s) obtained for an originated
covered credit transaction, or that
would have been obtained if the covered
credit transaction were originated, from
the list provided in the comment.
Proposed comment 107(a)(5)–4 would
have also explained that the financial
institution may select, if applicable, up
to a maximum of five guarantees for a
single application or transaction. Small
business credit may have more than one
guarantee, such as an SBA guarantee
and a personal guarantee, and the
Bureau believed that more complete
information could be collected by
requiring as many as five to be reported.
Proposed comment 107(a)(5)–4 would
have also explained that if the type of
guarantee for an application or
originated transaction does not appear
on the list of guarantees provided, the
financial institution selects ‘‘other
guarantee,’’ and reports the type of
guarantee as free-form text. As with
credit product, the Bureau believed that
allowing financial institutions to choose
‘‘other’’ when a guarantee for the
application does not appear on the
provided list would facilitate
compliance. In addition, collecting this
information on ‘‘other’’ guarantee types
would assist the Bureau in monitoring
trends in usage of other types of
guarantees and key developments in the
small business lending market, which
the Bureau could use to inform any
future iterations of the list.
Finally, proposed comment 107(a)(5)–
4 would have provided that if no
guarantee is obtained or would have
been obtained if the covered credit
transaction were originated, the
financial institution would select ‘‘no
guarantee.’’ Because a small business
credit transaction does not always
involve use of a guarantee, the Bureau
did not propose to include ‘‘not
provided by applicant and otherwise
undetermined’’ as an option. If no
guarantee was identified for an
application, the financial institution
would report ‘‘no guarantee.’’
The Bureau sought comment on its
proposed approach to this subcategory,
including the appropriateness and
usefulness of the items listed, and
whether there are other guarantees that
should be added. The Bureau also
sought comment on whether five is the
appropriate upper limit for reporting
guarantees.
Loan term. The third subcategory the
Bureau proposed to include in the credit
type data point was the loan term.
Proposed comment 107(a)(5)–5 would
have presented the instructions for
collecting and reporting loan term.
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
Specifically, it would have explained
that a financial institution complies
with proposed § 1002.107(a)(5)(iii) by
reporting the number of months in the
loan term for the covered credit
transaction, and that the loan term is the
number of months after which the legal
obligation will mature or terminate. The
comment would have further explained
how to measure the loan term and the
possible use of rounding.
Proposed comment 107(a)(5)–5 would
have also made clear that if a credit
product, such as a credit card, does not
have a loan term, the financial
institution would report loan term as
‘‘not applicable.’’ The financial
institution would also report ‘‘not
applicable’’ if the application is denied,
withdrawn, or determined to be
incomplete before a loan term has been
identified.
The Bureau sought comment on its
proposed approach to this subcategory.
Comments Received
The Bureau received comments on its
proposed approach to the credit type
data point from a number of banks,
community-oriented lenders, trade
associations, community groups, and
others.
Several commenters, including
community-oriented lenders,
community groups, a trade association,
and a business advocacy group,
supported the credit type data point as
proposed, though some suggested small
changes to the three individual
subcategories discussed below. One
commenter stated that to avoid the
pitfalls that limited the use of HMDA
data for spotting predatory trends in
mortgages, the Bureau must collect
sufficiently granular data on applicants
and credit terms, including credit type.
That commenter further stated that this
information is critical because
discrimination is not just evidenced in
loan denials, but also less favorable
credit terms. A community group stated
that the information collected for the
credit type data point would allow for
more effective analysis than the current
CRA small business information. A
trade association stated that despite the
added complexity of requiring three
‘‘data points’’ for the one listed in the
statute, the Bureau has accounted for
and addressed some of the concerns that
community banks have raised related to
credit type. That commenter went on to
state its approval of the simple reporting
of counteroffers and the ability to mark
fields as ‘‘not provided by applicant’’ in
the case of incomplete applications.
Finally, a lender stated that it already
collects the credit type information for
the CDFI Fund.
PO 00000
Frm 00141
Fmt 4701
Sfmt 4700
35289
Only one commenter opposed the
credit type data point as a whole, stating
that credit type and other data points
would be a waste of time and efficiency.
Credit product. Two community
groups and an auto finance trade
association expressed support for the
product list the Bureau proposed. The
community groups stated that the list
was nuanced and would provide useful
differentiation between products. One
explained that being able to determine
which products were accessed could
help in understanding bias in the credit
market more accurately than CRA data
currently allows for. An auto finance
trade association specifically expressed
support for the inclusion of ‘‘other’’ and
‘‘unknown’’ to facilitate compliance.606
One commenter stressed the
importance of providing detail in
distinguishing credit products, and
several commenters requested changes
to the credit products list. A joint letter
from community groups and business
advocacy groups stated that there might
be value in separating out mortgages,
auto loans and equipment financing as
discrete secured loan types but treating
all other term loan applications
together, rather than treating secured
term loans as one category and
unsecured term loans as another. A
community group asked that refinances
and renewals be added to the product
list, stating that this information would
help demonstrate community credit
needs. That commenter went on to state
that listing refinances in the credit
purpose data point, as proposed, would
be confusing, and that the Bureau
should look at the ways refinances are
reported under HMDA and CRA.
Several minority business advocacy
groups, along with a joint letter from
community groups, community oriented
lenders, and business advocacy groups,
responded to the Bureau’s request for
comment by encouraging the Bureau to
include ‘‘overdraft line of credit’’ in the
list of credit products. These
commenters stated that overdraft can
contain hidden costs, so having a way
to monitor lenders who provide it could
be useful.. A trade association opposed
the inclusion of overdraft line of credit
in the credit products list, though it did
not provide a reason. Several
community groups commented that the
Bureau should require reporting of
collateral requirements and value,
instead of simply requiring ‘‘secured’’
and ‘‘unsecured’’ for items in the credit
product list. One of these commenters
suggested that collateral info would
606 The proposed rule used the terms ‘‘other’’ and
‘‘not provided by applicant and otherwise
undetermined.’’
E:\FR\FM\31MYR2.SGM
31MYR2
lotter on DSK11XQN23PROD with RULES2
35290
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
shed light on underwriting changes and
approaches during various economic
conditions, allow stakeholders to
understand why pricing might be lower
on some loans and the risk that some
loans might pose to borrowers.
A joint letter from community and
business advocacy groups objected to
the requirement to report each credit
product requested as a separate
application, stating that this would
seem to require the lender to report each
credit type requested as a separate
application even when the applicant is
seeking only one transaction but is open
to alternative structures, and even
though there would be only one action
taken and one set of terms.
Type of guarantee. Several
community groups expressed support
for including guarantees as part of the
credit type data point. These
commenters stated that data on
government guarantee programs would
allow for better analysis of their usage,
including whether minority and women
owned businesses are being steered to
these loans. One of these commenters
stated that requiring reporting on all
types of guarantees would facilitate
analysis of whether minority and
women owned businesses were
receiving more costly or onerous credit.
That commenter also stated that
personal guarantees can at times be
abusive, and reporting of those would
allow better monitoring of this issue.
Although it did not specifically express
support for requiring reporting of
guarantees, a trade association for auto
finance lenders stated that its members
will have this information for reporting.
Two industry commenters objected to
the collection of guarantees as part of
the credit type data point on the
grounds that the statute does not require
reporting of guarantees and asking that
the credit type data point be limited to
credit product and loan term. Those
commenters, and several others who did
not object to the general guarantee
reporting requirement, were concerned
in particular about the requirement to
report what guarantees would have been
obtained if the transaction had been
originated. Some commenters stated
that such a requirement extends into
mere speculation, and would
undermine the accuracy, reliability, and
consistency of the data. Another
commenter stated that it would not be
possible to report what guarantees
would have been obtained, and joint
letter from community groups and
business advocacy groups stated that the
requirement could be problematic in the
case of a declined application because
the lender would be speculating as to
potential guarantees, such as personal
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
guarantees, from owners or non-owners.
That comment went on to recommend
that the Bureau either limit the
reporting of this field to offers and
counteroffers that are made (i.e., allow
financial institutions to report type of
guarantee as ‘‘not applicable’’ for
declined applications, as is permitted
with respect to the loan term and loan
pricing data fields) or, for declined
applications, require reporting only if
the requested guarantee were a
government or programmatic guarantee
(such as SBA, USDA or some other
third-party guarantee program).
A community group and two CDFI
lenders requested that the list of
guarantees be changed in certain ways.
The community group stated that the
data should distinguish whether the
guarantee is offered by the natural
person(s) owning the business or the
business itself, because it matters
whether a creditor can seize assets of a
person or the business. One of the CDFI
lenders requested that the guarantee
categories be broken down further to
detail collateral coverage, which is often
the deciding factor on approval or
denial, and because people of color own
homes (and amass wealth) at much
lower rates than whites. That
commenter went on to suggest that these
details could shed light on the credit
needs of minority small business
owners and whether financial
institutions are applying collateral
requirements equitably. The other
lender requested that State guarantee
and local guarantee be separated on the
list, rather than the combined ‘‘state or
local guarantee’’ that was proposed.
That commenter stated that
differentiating between the performance
of these two levels of government would
be critical for understanding the focus of
future reforms or capital flows through
these entities. The commenter also
provided statistics suggesting that
conflating State and local guarantees
would not be as informative as
separating them.
Loan term. A community group and a
community-oriented lender stated their
support for the proposed loan term
provision. The community group stated
that loan term length influences pricing
and other terms and conditions, and
would help in explaining differences in
these features. That commenter also
suggested that loan term should be
straightforward to report for lenders. In
addition, a national auto finance trade
association stated that its members
would have this information to report.
A number of banks and a trade
association objected to the proposal to
have the loan term measured from the
first payment period rather than the date
PO 00000
Frm 00142
Fmt 4701
Sfmt 4700
of origination. These commenters stated
that they do not measure loan term in
this way, and having to do so for
reporting would cause unnecessary and
significant compliance difficulties. They
asked to be able to measure loan term
from the date of origination of the
credit. Another bank objected to the
reporting of loan term for applications,
stating that applicants seldom make an
application that specifies the desired
loan term.
Although the proposed rule did not
discuss how or whether merchant cash
advance providers would report loan
term, the Bureau did seek comment on
proposed § 1002.107(a)(12)(v) and its
commentary, the pricing provision for
merchant cash advances, including
whether to require additional pricing
information for merchant cash
advances, and whether merchant cash
advances could be structured in ways
that evade the proposed reporting
requirement. Two commenters urged
the Bureau to make clear that merchant
cash advance providers must report loan
term, and must not use the proposed
rule’s provision stating that ‘‘not
applicable’’ could be reported for a
product that has no loan term. These
commenters discussed the importance
of loan term in comparing different
credit pricing and stated that merchant
cash advances are sometimes abusive
and are used disproportionately by
minority businesses. These commenters
also stated that loan term can be readily
ascertained for merchant cash advances
and they described different methods
for doing so. One method suggested was
that when a merchant cash advance is
paid off before reporting, the provider
should report the actual length of time
to repayment. In addition, they
suggested that for a partially paid
merchant cash advance the provider
could project the amount of time to
repayment based on the amount already
paid. One of these commenters, a crosssector group of lenders, community
groups, and small business advocates,
stated that merchant cash advance
providers establish an estimated loan
term when they underwrite an advance,
and that most merchant cash advance
contracts have an estimated payment
amount.
Final Rule
The Bureau is finalizing
§ 1002.107(a)(5) certain changes to
facilitate compliance and enhance the
quality and usefulness of the data
reported. Final § 1002.107(a)(5) requires
that financial institutions collect and
report the following information
regarding the type of credit applied for
or originated: (i) the credit product; (ii)
E:\FR\FM\31MYR2.SGM
31MYR2
lotter on DSK11XQN23PROD with RULES2
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
the type or types of guarantees that were
obtained for an extension of credit, or
that would have been obtained if the
covered credit transaction were
originated; and (iii) the length of the
loan term, in months, if applicable.
The Bureau believes that it is
reasonable to interpret the statutory
term ‘‘credit type’’ to comprise the three
required subcategories, because they are
critical to understanding the nature of
small business credit applied for and
provided, as explained below. For the
reasons discussed herein, the Bureau
believes that the subcategories of credit
product (including collateral), guarantee
type, and loan term will aid in fulfilling
the purposes of section 1071. Financial
institutions generally have all of the
information required for this data point
when they process applications (and the
reporting regime is sufficiently flexible
when they do not), so the Bureau does
not believe there is anything in this
approach that will impose particular
operational difficulty. Additionally, the
Bureau believes it is reasonable to
interpret type of credit ‘‘applied for’’ to
include the type of credit actually
originated when an application results
in an extension of credit.
The statutory term ‘‘type . . . of the
loan’’ is ambiguous, and the Bureau
reasonably interprets the term to
include the credit product, any
guarantee obtained, and the term of a
loan because an accurate and useful
record of the ‘‘type’’ of loan or credit
would include those data fields. In the
alternative, ECOA section 704B(e)(2)(H)
authorizes the Bureau to require
inclusion of ‘‘any additional data that
the Bureau determines would aid in
fulfilling the purposes of [section
1071],’’ and for the reasons discussed
herein, the Bureau has also determined
that the subcategories of credit product
(including collateral), guarantee type,
and loan term will aid in fulfilling those
purposes.
Credit product. The Bureau is
finalizing the credit product subcategory
with certain changes to the associated
commentary to facilitate compliance
and enhance the quality and usefulness
of the data reported. Final
§ 1002.107(a)(5)(i) requires financial
institutions to compile and maintain
data on the credit product applied for or
originated. The Bureau continues to
consider credit product to be an integral
part of the statutory requirement to
collect credit type. The Bureau believes
information about the various products
sought by applicants will further the
purposes of section 1071 by
demonstrating, for example, how small
businesses of different sizes or in
different sectors choose to pursue, or
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
ultimately access, different forms of
credit.
The Bureau distinguishes between
secured and unsecured term loans and
lines of credit in its list of credit
products because it believes that
whether a term loan or line of credit is
collateralized can have such a
significant effect on things like approval
rates and pricing that secured and
unsecured products fundamentally
differ in kind. For this reason, the
Bureau believes that including
information on the use of collateral in
the credit product subcategory will help
data users to avoid inaccurate
interpretations of data. The Bureau
believes that whether a loan is secured
or unsecured will be part of an
application or loan file and, as a result,
will not be operationally difficult to
report once a financial institution’s
section 1071 compliance system is set
up.
Final comment 107(a)(5)–1 presents
the instructions for collecting and
reporting credit product and the list of
credit products from which financial
institutions will select. Comment
107(a)(5)–1 explains that a financial
institution complies with
§ 1002.107(a)(5)(i) by selecting the credit
product applied for or originated from
the list provided in the comment. The
Bureau believes that the list of credit
products provided in final comment
107(a)(5)–1 aligns with the most
common types of credit products in
small business lending. Final comment
107(a)(5)–1 also explains that if the
credit product for an application does
not appear on the list of products
provided, the financial institution
selects ‘‘other’’ as the credit product and
reports the specific product via freeform text. The Bureau believes that
allowing financial institutions to choose
‘‘other’’ when the credit product for the
application does not appear on the
provided list will facilitate compliance.
In addition, collecting this information
on ‘‘other’’ credit products will assist
the Bureau in tracking product trends
and key developments in the small
business lending market, which the
Bureau can use to inform any future
iterations of the list.
Comment 107(a)(5)–1 also explains
that if an applicant requests more than
one credit product at the same time, the
financial institution reports each credit
product requested as a separate
application. The issue of how to collect
and report multiple products applied for
at the same time affects several data
points, but is most salient for credit
type. The Bureau believes that requiring
a separate application to be reported for
each credit product requested will yield
PO 00000
Frm 00143
Fmt 4701
Sfmt 4700
35291
more complete and useful data, and that
a financial institution will not
experience operational difficulties in
copying the relevant information,
identical for most data points, to
separate lines in the small business
lending application register. However,
the Bureau has changed the language
regarding this requirement from the
proposed rule, in order to clarify that
when the applicant is seeking only one
transaction but is open to alternative
product types, the financial institution
reports only one application. Comment
107(a)(5)–1 now includes instructions
on how to report credit product when
the applicant only requests a single
covered credit transaction, but has not
decided which particular product to
request. The Bureau believes that this
new language will facilitate compliance
and lead to the collection of more
accurate data. The issue of reporting
requests for multiple covered credit
transactions at one time is discussed
more fully in the section-by-section
analysis of § 1002.103(a) above.
As explained above, many
commenters suggested changes to the
list of products in comment 107(a)(5)–
1. In regard to the requests to separate
out mortgages, auto loans and
equipment financing as discrete secured
loan types, to include additional
information about collateral, and to
make ‘‘refinancing’’ a credit product
rather than a credit purpose, the Bureau
believes that its credit product
taxonomy presents a clear,
uncomplicated framework using the
basic forms of credit extended to small
businesses. Including types of collateral
and different refinancings as part of
credit products would complicate the
taxonomy and introduce categorization
difficulties, for example with partial
refinancings. Under the final rule, these
types of credit will be reported using the
credit product applied for or originated,
from the list in comment 107(a)(5)–1,
and the extra information suggested may
or may not be appropriately included in
the credit purpose data point under
§ 1002.107(a)(6), depending on the
situation. Similarly, the Bureau believes
that the overdraft aspect of overdraft
lines of credit will best be reported
using the credit purpose ‘‘overdraft,’’
and that the credit product will then be
reported as a line of credit, secured or
unsecured. The Bureau believes that
this arrangement will help preserve the
uncomplicated framework of the credit
products list. See the section-by-section
analysis of § 1002.107(a)(6) below for
further discussion.
As a result of further analysis and
consideration, the Bureau has made one
change from the proposal to the final
E:\FR\FM\31MYR2.SGM
31MYR2
lotter on DSK11XQN23PROD with RULES2
35292
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
credit products list in comment
107(a)(5)–1. The proposed ‘‘credit card
account’’ product has now been
separated into ‘‘credit card account, not
private-label,’’ and ‘‘private-label credit
card account.’’ The Bureau believes that
private-label credit cards form a distinct
and important market segment that
operates differently from other credit
cards, and this distinction will facilitate
robust data analysis and better further
the purposes of section 1071. The
Bureau also believes that financial
institutions will have the information
needed for reporting these different
types of accounts readily available, and
so separating the two types will not
cause operational difficulty. In addition
to the change in the credit product list
in comment 107(a)(5)–1, the Bureau has
added new comments 107(a)(5)–2 and
–3 to explain the difference between
these card products and facilitate
compliance. Final comment 107(a)(5)–2
provides a definition of credit card
accounts that are not private-label and
includes instructions on reporting these
products. Final comment 107(a)(5)–3
provides a definition of private-label
credit card accounts and includes
instructions on reporting these
products.
The Bureau is also finalizing
comments 107(a)(5)–4, –5 (which were
numbered as comments 107(a)(5)–2 and
–3 in the proposal) and comment
107(a)(5)–6 as proposed. Final comment
107(a)(5)–4 describes the situation in
which a financial institution reports that
the credit product was ‘‘not provided by
applicant and otherwise
undetermined.’’ The Bureau believes
that permitting this response will
facilitate compliance and enhance the
quality of data collected. As discussed
above, commenters supported the
flexibility afforded by this kind of
response.
Final comment 107(a)(5)–5 provides
instructions on how a financial
institution reports a transaction that
involves a counteroffer. The comment
states that if a financial institution
presents a counteroffer for a different
credit product than the product the
applicant had initially requested, and
the applicant does not agree to proceed
with the counteroffer, a financial
institution reports the application for
the original credit product as denied
pursuant to § 1002.107(a)(9). If the
applicant agrees to proceed with
consideration of the financial
institution’s counteroffer, the financial
institution reports the disposition of the
application based on the credit product
that was offered, and does not report the
original credit product applied for. The
Bureau believes that, in the complex
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
circumstances created by counteroffers,
the meaning of the type of credit
‘‘applied for’’ is ambiguous, and it is
reasonable to interpret the credit
product ‘‘applied for’’ to mean the credit
product considered via the applicant’s
response to the counteroffer. For a
discussion of the Bureau’s treatment of
counteroffers more generally, see the
section-by-section analysis of
§ 1002.107(a)(9) below.
Final comment 107(a)(5)–6 explains
that for an extension of business credit
incident to a factoring arrangement that
is otherwise a covered credit
transaction, a financial institution
selects ‘‘other sales-based financing
transaction’’ as the credit product, and
provides a cross reference to comment
104(b)–1. The Bureau believes that this
explanation will facilitate reporting of
applications involving this important
market segment.
Type of guarantee. The Bureau is
finalizing the requirement to report
guarantees as a subcategory of the credit
type data point with changes to enhance
the quality of the data collected and
facilitate compliance. The final rule
requires a financial institution to report
the type or types of guarantees that were
obtained for an extension of credit, or
that would have been obtained if the
covered credit transaction were
originated.
The Bureau considers the guarantee
obtained for an extension of credit to be
part of the credit ‘‘type’’ because it is
fundamental to the nature of the
transaction in that it meaningfully
impacts terms such as interest rates,
such that guarantee information can
help to explain potential disparities in
outcomes and reduce inaccurate
conclusions, aiding in fulfilling the fair
lending purpose of section 1071.
Indeed, in common parlance, small
business credit transactions are often
referred to using the name of the
guarantee (e.g., ‘‘a 7(a) loan,’’ referring
to the SBA 7(a) guarantee). Because
various types of guarantees are available
for different credit products, the Bureau
believes that guarantee type should
constitute a separate subcategory within
the credit type data point, so that data
users can conduct separate analyses
with respect to credit product and
guarantees, and to avoid excessive
complexity in the credit product data
field. The Bureau further believes that
information on the distribution of
government loan guarantees (such as
those provided in SBA programs) across
different geographic areas and applicant
groups will allow a better understanding
of how those programs function on the
ground, aiding in fulfilling the business
and community development purpose
PO 00000
Frm 00144
Fmt 4701
Sfmt 4700
of section 1071. As with collateral,
information on guarantees is generally a
part of an application or loan file and
the Bureau does not believe it will be
operationally difficult to report once a
financial institution’s 1071 compliance
system is set up.
Final comment 107(a)(5)–7 (which
was numbered as comment 107(a)(5)–4
in the proposal) presents the
instructions for collecting and reporting
type of guarantee and the list of
guarantees from which financial
institutions will select. The Bureau
believes the list of guarantee types
provided in comment 107(a)(5)–7 aligns
with the most common types of
guarantees used in small business
lending. Final comment 107(a)(5)–7 also
explains that a financial institution
complies with § 1002.107(a)(5)(ii) by
selecting the type or types of
guarantee(s) obtained for an originated
covered credit transaction, or that
would have been obtained if the covered
credit transaction were originated, from
the list provided in the comment.
The Bureau agrees with the
commenters who suggested that clarity
was needed on how to report guarantee
type when the covered credit
transaction is not originated.
Consequently, comment 107(a)(5)–7
now states that if an application is
denied, withdrawn, or closed for
incompleteness before any guarantee
has been identified, the financial
institution selects ‘‘no guarantee.’’ The
Bureau believes that this reporting
option will facilitate compliance and
result in the collection of more reliable
data. The Bureau also agrees that
separating State and local guarantees, so
that they can be tracked individually,
will enhance the quality of the data
collected. Comment 107(a)(5)–7 now
includes separate items for these
guarantee types, and states that the
financial institution chooses State
government guarantee or local
government guarantee, as applicable,
based on the entity directly
administering the program, not the
source of funding. The Bureau believes
that this instruction will facilitate
compliance and enhance the quality of
the data collected. The Bureau also
believes that differentiating between
State and local guarantees will not cause
operational difficulty for reporters
because the financial institution will
have the information in the loan file.
The Bureau understands that there
may be some value in collecting the
additional information suggested by
commenters on whether a natural
person or business makes a guarantee
and the nature of the collateral backing
a guarantee. However, the Bureau
E:\FR\FM\31MYR2.SGM
31MYR2
lotter on DSK11XQN23PROD with RULES2
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
believes that these items will increase
the complexity and operational
difficulty of compliance in reporting the
type of guarantee and has not included
them in the final rule.
Loan term. The Bureau is finalizing
the requirement to report loan term as
part of the credit type data point with
certain changes to the associated
commentary to facilitate compliance
and enhance the quality of the data
collected. Final § 1002.107(a)(5)(iii)
requires a financial institution to report
the length of the loan term, in months,
if applicable.
As with the consumer lending market,
the pricing and sustainability of closedend credit transactions for small
businesses are associated with term
length, and without awareness of the
term of the loan, data users will have
less of an understanding of the types of
credit being made available to
applicants. Credit with a one-month
term may differ not just in degree but in
kind from credit with a 60-month term.
The Bureau thus believes that the length
of the loan term is a fundamental
attribute of the type of credit that
applicants are seeking such that it
should be treated as a separate
subcategory within credit type. As with
other elements of the credit type data
point, loan term information will allow
data users to reduce inaccurate
conclusions or misinterpretations of the
data, aiding in fulfilling both the fair
lending and business and community
development purposes of section 1071.
Likewise, the loan term will be part of
the application or loan file and should
not be operationally difficult to report
once a financial institution’s 1071
compliance system is set up.
Final comment 107(a)(5)–8 (which
was numbered as comment 107(a)(5)–5
in the proposal) presents the
instructions for collecting and reporting
loan term. Specifically, it explains that
a financial institution complies with
§ 1002.107(a)(5)(iii) by reporting the
number of months in the loan term for
the covered credit transaction, and that
the loan term is the number of months
after which the legal obligation will
mature or terminate. In the proposed
rule, this comment included language
that would have required financial
institutions to measure the loan term in
the way that loan terms are generally
described in real property transactions.
However, the Bureau agrees with those
commenters who stated that such a
provision would create compliance
difficulties. Although the final comment
continues to allow the loan term to be
measured for real property transactions
in the way the Bureau proposed, it
makes clear that loan term for small
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
business credit is generally measured
from the date of origination and should
be reported that way.
Final comment 107(a)(5)–8 also makes
clear that if a credit product, such as a
credit card, does not have a loan term,
the financial institution reports loan
term as ‘‘not applicable.’’ The Bureau
believes that permitting the use of ‘‘not
applicable’’ in these situations will
facilitate compliance and aid in the
collection of appropriate data. However,
the Bureau does not consider products
that have an estimated loan term, such
as certain merchant cash advances and
other sales-based financing transactions,
as products that do not have a loan
term. The Bureau agrees with those
commenters who suggested that
merchant cash advance providers
should report loan term so that
appropriate comparisons can be made
with other products. Consequently,
comment 107(a)(5)–8 now provides that
for merchant cash advances and other
sales-based financing transactions, the
financial institution complies with
§ 1002.107(a)(5)(iii) by reporting the
loan term, if any, that the financial
institution estimated, specified, or
disclosed in processing or underwriting
the application or transaction. The
Bureau notes that loan term for a
merchant cash advance or other salesbased financing transaction can also be
the estimated loan term disclosed in a
State or locally required disclosure, if
applicable. The comment also explains
that if more than one loan term is
estimated, specified, or disclosed, the
financial institution reports the one it
considers to be the most accurate, in its
discretion. The Bureau believes that
these instructions will enhance the
quality of the data collected and
facilitate compliance by providing clear
guidance on these providers’ reporting
responsibilities. The Bureau chose not
to use the other loan term measurements
that commenters suggested because they
would likely have introduced
significant operational difficulty. The
Bureau believes that merchant cash
advance and other sales-based financing
providers will not have operational
difficulty reporting an estimate that they
already possess. If a merchant cash
advance or other sales-based financing
provider does not estimate, specify, or
disclose a loan term as part of the
processing or underwriting of the
application or transaction, the provider
may report that the loan term is ‘‘not
applicable.’’
The proposed rule’s loan term
comment would have also provided that
the financial institution would report
‘‘not applicable’’ if the application is
denied, withdrawn, or determined to be
PO 00000
Frm 00145
Fmt 4701
Sfmt 4700
35293
incomplete before a loan term has been
identified. However, in order to
facilitate compliance, enhance the
quality of information collected, and for
consistency with the other data points
in the final rule, final comment
107(a)(5)–8 now provides that for a
credit product that generally has a loan
term, the financial institution reports
‘‘not provided by applicant and
otherwise undetermined’’ if the
application is denied, withdrawn, or
determined to be incomplete before a
loan term has been identified. The
Bureau believes that the availability of
this response will facilitate the reporting
of the loan term subcategory for
applications in these situations.
107(a)(6) Credit Purpose
Proposed Rule
Section 1071 requires financial
institutions to collect and report ‘‘the
type and purpose of the loan or other
credit being applied for.’’ 607 (The credit
type data point is discussed in the
section-by-section analysis of
§ 1002.107(a)(5) immediately above.)
The Bureau proposed in
§ 1002.107(a)(6) to require that financial
institutions collect and report the
purpose or purposes of the credit
applied for or originated. Proposed
comment 107(a)(6)–1 would have
presented instructions for collecting and
reporting credit purpose and would
have provided the proposed list of
credit purposes from which financial
institutions would select.
The proposed list of credit purposes
was similar to the list in the SBREFA
Outline, with certain adjustments. First,
the items on the SBREFA list that
described types of collateral, such as
commercial real estate, were updated to
more clearly reflect that the financial
institution would be collecting and
reporting the purpose of the loan, and
not the form of collateral, though the
form of collateral might be referred to in
describing that purpose. In addition, the
proposed listed purposes involving real
property would have differentiated
between dwelling and non-dwelling real
property. The Bureau believed that this
distinction would help in collecting
more precise and useful data. To
facilitate compliance the Bureau
proposed to include ‘‘not applicable’’ in
the purposes list for use when an
application is for a credit product that
generally has indeterminate or
numerous potential purposes, such as a
credit card. Proposed comment
107(a)(6)–5 would have also explained
607 ECOA
E:\FR\FM\31MYR2.SGM
section 704B(e)(2)(B).
31MYR2
lotter on DSK11XQN23PROD with RULES2
35294
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
the use of ‘‘not applicable’’ as a
response.
Proposed comment 107(a)(6)–2 would
have explained that if the applicant
indicated or the financial institution
was otherwise aware of more than one
purpose for the credit applied for or
originated, the financial institution
would have reported those purposes, up
to a maximum of three, using the list
provided, in any order it chose.
Proposed comment 107(a)(6)–3 would
have explained that if a purpose of the
covered credit transaction did not
appear on the list of purposes provided,
the financial institution would report
‘‘other’’ as the credit purpose and report
the purpose as free-form text. For
efficiency and to facilitate compliance,
proposed comment 107(a)(6)–3 would
have also explained that if the
application had more than one ‘‘other’’
purpose, the financial institution would
choose the most significant ‘‘other’’
purpose, in its discretion, and would
report that ‘‘other’’ purpose. The
comment would have then explained
that a financial institution would report
a maximum of three credit purposes,
including any ‘‘other’’ purpose reported.
Proposed comment 107(a)(6)–4 would
have explained that, pursuant to
proposed § 1002.107(c)(1), a financial
institution would maintain procedures
reasonably designed to collect
applicant-provided information, which
would include credit purpose. However,
if a financial institution was nonetheless
unable to collect or determine credit
purpose information, the financial
institution would have reported that the
credit purpose was ‘‘not provided by
applicant and otherwise
undetermined.’’
In order to facilitate compliance, the
Bureau also proposed comments
107(a)(6)–6 and –7. Proposed comment
107(a)(6)–6 would have clarified that, as
explained in proposed comment 104(b)–
4, subpart B did not apply to an
extension of credit that was secured by
1–4 individual dwelling units that the
applicant or one or more of the
applicant’s principal owners did not, or
would not, occupy. Proposed comment
107(a)(6)–7 would have clarified the
collection and reporting obligations of
financial institutions with respect to the
credit purpose data point, explaining
that the financial institution would be
permitted, but not required, to present
the list of credit purposes provided in
comment 107(a)(6)–1 to the applicant.
Proposed comment 107(a)(6)–7 would
have further explained that the financial
institution would also be permitted to
ask about purposes not included on the
list provided in proposed comment
107(a)(6)–1. Finally, proposed comment
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
107(a)(6)–7 would have clarified that if
an applicant chose a purpose or
purposes that were similar to purposes
on the list provided, but used different
language, the financial institution
would report the purpose or purposes
from the list provided.
The Bureau sought comment on its
proposed approach to the credit purpose
data point. In addition, the Bureau
sought comment on whether there were
any purposes that should be added to or
modified on its proposed list. In
particular, the Bureau sought comment
on the potential usefulness of including
‘‘agricultural credit’’ and ‘‘overdraft line
of credit’’ in the credit purposes list.
Finally, the Bureau requested comment
on whether further explanations or
instructions with respect to this data
point would facilitate compliance.
Comments Received
The Bureau received comments on its
proposed approach to the credit purpose
data point from a number of lenders,
trade associations, and community
groups, along with a minority business
advocacy group. Several community
groups expressed support for the credit
purpose data point as proposed by the
Bureau, and a CDFI lender explained
that it already collects this information.
A community group stated that the
proposal accurately captured the wide
variety of credit purposes and then
expressed specific support for
distinguishing dwellings from nondwellings, allowing reporting of three
credit purposes, and inclusion of the
‘‘other’’ category with a free-form text
box. In addition, this commenter
suggested that the proposed method for
credit purpose collection could work
well with the CRA.
A trade association representing
community banks also supported the
proposal for credit purpose, especially
the flexibility provided by the ‘‘not
applicable’’ and ‘‘not provided by
applicant and otherwise undetermined’’
options, and the provision allowing a
financial institution to report the credit
purposes in any order it chooses, when
the institution is aware of more than one
purpose. That commenter said that
these accommodations would facilitate
compliance while still achieving the
policy goals of the law. A trade
association representing auto finance
lenders also stated support for the
flexibility provided by the ‘‘not
applicable’’ and ‘‘not provided by
applicant and otherwise undetermined’’
options. Two banks opposed the credit
purpose proposal, explaining that it
would require extensive changes and
burdensome ongoing operations, and
that the interplay with other regulatory
PO 00000
Frm 00146
Fmt 4701
Sfmt 4700
requirements was unclear. One of these
commenters also questioned the
usefulness of the data collected.
However, neither commenter suggested
alternative ways to implement the
statutorily required credit purpose data
point.
Several commenters asked that the
Bureau clarify certain aspects of the
credit purpose proposal. Two industry
commenters requested clarification of
the circumstances when institutions
should use ‘‘not provided by applicant
and otherwise undetermined’’ as
opposed to ‘‘not applicable.’’ Several
industry commenters requested
guidance on when to use ‘‘owneroccupied’’ versus ‘‘non-owner
occupied’’ for non-dwelling real
property. Another asked about how to
report when the loan is mixed-use
(business and consumer purpose). A
joint letter from community groups and
community oriented lenders requested
that the Bureau clarify that the category
‘‘Working capital (includes inventory or
floor planning)’’ also includes salaries,
rents, and other daily expenses. A credit
union trade association suggested that
the Bureau clarify how transactions
should be reported when made directly
to a sole proprietor, not to the business
directly, explaining that credit unions
may find it confusing to report a loan
purpose that implies that the business
itself is the recipient.
Several commenters requested more
substantial changes in the proposed
credit purpose data point. Two joint
comment letters, each representing
multiple community groups and other
entities, requested that the Bureau
require more granular reporting in
certain situations, especially with regard
to real property loans. These comments
suggested collecting real property loan
data on rental purpose, whether
buildings are mixed-use, the number
and type of units in buildings, as well
as a way to easily connect to a HMDA
record for any loan that is reported
under both regimes. One of these
comments asked that the Bureau make
it easier to determine if a capital
expense loan is used to maintain a
business or expand it. Another
community group requested that the
Bureau disaggregate the purchaseconstruction-repair purpose from
refinancing for things like real estate,
vehicles, and equipment, perhaps by
adding a separate data point. Another
requested that refinancings (along with
renewals) should be listed as a credit
product in the credit type data point,
rather than as a credit purpose. That
same commenter requested that
financial institutions not be allowed to
use their own list of purposes, as
E:\FR\FM\31MYR2.SGM
31MYR2
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
lotter on DSK11XQN23PROD with RULES2
proposed, and suggested that the Bureau
consider providing a sample application
form, which would include the rule’s
list of credit purposes, to facilitate data
collection.
Several industry commenters
responded to the Bureau’s request for
comment on including ‘‘agricultural
credit’’ as a credit purpose. These
commenters mostly requested that new
purposes specifically geared to
agricultural lending be included, though
they did not offer any examples of such
purposes. The commenters emphasized
that agricultural lending is different
from other business lending and
suggested that choosing from the credit
purposes listed would be difficult for
this market. A community group stated
that it might be confusing to list
agricultural credit as a credit purpose as
the credit product data point would
collect that they are farm loans.608
Several community groups and a
minority business advocacy group
responded to the Bureau’s request for
comment on whether the final rule
should include ‘‘Overdraft line of
credit’’ as a credit purpose. These
commenters supported inclusion of
overdraft as a purpose, stating that it
should be monitored for potential
abuses, especially abuses in
communities of color. No industry
commenters discussed the possible
inclusion of overdraft lines of credit as
a credit purpose.
Final Rule
For the reasons set forth herein, the
Bureau is finalizing § 1002.107(a)(6) and
associated commentary with certain
revisions for clarity, to improve the
usefulness of the data collected, and to
accommodate a new coverage exclusion
for HMDA-reportable transactions. Final
§ 1002.107(a)(6) requires that financial
institutions collect and report the
purpose or purposes of the credit
applied for or originated.
Final comment 107(a)(6)–1 provides
instructions for collecting and reporting
credit purpose and presents the list of
credit purposes from which financial
institutions will select. The final list of
purposes is very similar to the proposed
list but deletes two purposes that
describe credit likely to be HMDA
reportable, includes one additional
purpose (‘‘overdraft’’) and makes minor
edits to accommodate those changes and
for clarity. The Bureau believes that the
list of credit purposes provided in
comment 107(a)(6)–1 appropriately
aligns with the purposes of credit
608 The Bureau notes that the proposed rule did
not expressly list agricultural loans (or similar) on
either the credit products list or credit purposes list.
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
sought in the small business credit
market.
Because the Bureau is adopting an
exclusion for HMDA-reportable credit,
the proposed purposes list’s
differentiation between dwelling and
non-dwelling real property is no longer
necessary. In addition, the purposes in
the list that pertained to dwellings were
very likely to be HMDA-reportable, and
so have been removed in the final rule.
See the section-by-section analysis of
§ 1002.104(b) above for further
discussion of this exclusion.
The Bureau agrees with the
commenter who suggested that
‘‘Working capital (includes inventory or
floor planning)’’ will often also include
salaries, rents, and other daily expenses.
However, the final rule does not include
these items in the credit purposes list
description of working capital because
the Bureau believes the term is already
clear, and listing these items may cause
confusion as to other working capital
items that are not listed.
The Bureau has not added
‘‘Agricultural credit’’ or specific
purposes associated with agricultural
credit to the list of credit purposes in
the final rule. First, although ‘‘farm
loans’’ are not listed as a credit product
in the credit type data point, the NAICS
data point in final § 1002.107(a)(15) will
make clear when the small business
borrower is an agricultural business. In
addition, other business types are not
included in the credit purposes list and
doing so with agriculture could cause
confusion. As far as including specific
agricultural purposes in the purposes
list, the commenters who suggested this
did not provide examples, and the
Bureau did not propose such purposes.
Going forward, the Bureau may learn of
specific agricultural credit purposes
from the ‘‘Other’’ free-form text box, and
if appropriate, potentially add them to
the rule later.
The Bureau agrees that overdraft
should be separately identified as a
credit purpose in the list in comment
107(a)(6)–1 in order to observe its use in
the market. Rather than ‘‘Overdraft line
of credit’’ as referenced in the proposal’s
preamble, the Bureau is using the term
‘‘Overdraft.’’ In order to facilitate
compliance regarding overdraft as a
credit purpose, the Bureau is adding
new comment 107(a)(6)–8 to the final
rule, which makes clear that when
overdraft is an aspect of the covered
credit transaction applied for or
originated, the financial institution
reports ‘‘Overdraft’’ as a purpose of the
credit. The new comment also explains
that the financial institution reports
credit type pursuant to
§ 1002.107(a)(5)(i) as appropriate for the
PO 00000
Frm 00147
Fmt 4701
Sfmt 4700
35295
underlying covered credit transaction,
such as ‘‘Line of credit—unsecured.’’
The Bureau does not believe that
reporting overdraft as a credit purpose
will create operational difficulties for
financial institutions because the
information will be readily apparent as
an aspect of the credit. Finally, new
comment 107(a)(6)–8 makes clear that
providing occasional overdraft services
as part of a deposit account offering
would not be reported for the purpose
of subpart B.
The Bureau is finalizing comments
107(a)(6)–2 through –5 with minor edits
to accommodate the removal of
purposes related to the exclusion for
HMDA-reportable transactions and for
clarity. Final comment 107(a)(6)–2
explains that if the applicant indicates
or the financial institution is otherwise
aware of more than one purpose for the
credit applied for or originated, the
financial institution reports those
purposes, up to a maximum of three,
using the list provided, in any order it
chooses. Since applicants may have
more than one purpose for a credit
transaction, the Bureau believes it is
appropriate to require collection and
reporting of more than one credit
purpose for this data point in that
situation. The Bureau believes that
having financial institutions report up
to three credit purposes will provide
useful data. The Bureau also believes
that allowing financial institutions
discretion as to the order of the credit
purposes reported will facilitate
compliance.
Final comment 107(a)(6)–3 explains
that if a purpose of an application does
not appear on the list of purposes
provided, the financial institution
reports ‘‘other’’ as the credit purpose
and reports the credit purpose as freeform text. The Bureau believes that
allowing financial institutions to choose
‘‘other’’ when a credit purpose for the
application did not appear on the
provided list will facilitate compliance.
In addition, the Bureau believes that
collecting this information on ‘‘other’’
credit purposes will assist in monitoring
trends in this area and key
developments in the small business
lending market, which the Bureau can
use to inform any future changes to the
list.
Final comment 107(a)(6)–4 makes
clear that, pursuant to final
§ 1002.107(c)(1), a financial institution
shall maintain procedures reasonably
designed to collect applicant-provided
data, which includes credit purpose.
However, the comment further explains
that if a financial institution is
nonetheless unable to collect or
determine credit purpose information,
E:\FR\FM\31MYR2.SGM
31MYR2
lotter on DSK11XQN23PROD with RULES2
35296
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
the financial institution reports that the
credit purpose is ‘‘not provided by
applicant and otherwise
undetermined.’’ The Bureau agrees with
the industry commenters who stated
that this provision would provide
flexibility and believes that permitting
use of this response will facilitate
compliance and enhance the quality of
data reported.
In order to facilitate compliance, final
comment 107(a)(6)–5 explains that if the
application is for a credit product that
generally has indeterminate or
numerous potential purposes, such as a
credit card, the financial institution may
report credit purpose as ‘‘not
applicable.’’ As with the ‘‘not provided
by applicant and otherwise
undetermined’’ purpose, the Bureau
agrees with the industry commenters
who felt that this provision would
provide appropriate flexibility. The
Bureau does not believe that there will
be confusion about the situations for
which ‘‘not provided by applicant and
otherwise undetermined’’ (as explained
in final comment 107(a)(6)–4) and ‘‘not
applicable’’ (as explained in final
comment 107(a)(6)–5) are appropriate to
use. The commenters who suggested
that such confusion might occur did not
explain why the proposed language
would not be sufficient.
Final comment 107(a)(6)–6 provides
details on the collection of credit
purposes by financial institutions. The
comment states that, pursuant to
§ 1002.107(c)(1), a financial institution
shall maintain procedures reasonably
designed to collect applicant-provided
data, including credit purpose. In
addition, the financial institution is
permitted, but not required, to present
the list of credit purposes provided in
comment 107(a)(6)–1 to the applicant.
The financial institution is also
permitted to ask about credit purposes
not included on the list provided in
comment 107(a)(6)–1. If the applicant
chooses a purpose or purposes not
included on the provided list, the
financial institution follows the
instructions in comment 107(a)(6)–3
regarding reporting of ‘‘other’’ as the
credit purpose. If an applicant chooses
a purpose or purposes that are similar
to purposes on the list provided, but
uses different language, the financial
institution reports the purpose or
purposes from the list provided. The
Bureau believes that the explanations
and instructions in the final
commentary accompanying
§ 1002.107(a)(6) will reduce any
confusion as to how a financial
institution reports this data point when
an application involves multiple credit
purposes, and in other situations.
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
The Bureau believes that prohibiting
financial institutions from using their
own credit purpose lists, as one
commenter suggested, would not be
appropriate because the Bureau does not
have sufficient information to create a
definitively comprehensive credit
purposes list and wishes to provide
institutions the flexibility appropriate to
their market segment. In regard to that
commenter’s suggestion that the Bureau
provide a sample application form, this
issue is discussed in the section-bysection analysis of appendix E below. In
addition, the Bureau does not believe
additional clarification regarding how to
report credit purpose for business loans
made to sole proprietors is necessary.
Because the Bureau is providing a
complete exclusion for HMDAreportable transactions in the final rule,
the Bureau is not finalizing proposed
comment 107(a)(6)–6, which would
have provided a cross-reference to the
partial exclusion for dwelling-secured
credit in the proposed rule.
New comment 107(a)(6)–7 explains
that real property is owner-occupied if
any physical portion of the property is
used by the owner for any activity,
including storage. The Bureau adds this
explanation in response to comments
asking for clarity on this issue. The
Bureau believes that the language
provided clearly indicates the meaning
of ‘‘owner-occupied’’ for reporting
purposes and will facilitate compliance
and help in the collection of uniform
data.
In regard to the commenters that
objected to the entire credit purpose
data point as excessively burdensome
and not providing useful information,
the Bureau notes that this data point
was specified by Congress in section
1071 as one that financial institutions
must collect and report; these
commenters did not suggest a different
method of collection. The Bureau also
believes, along with the national trade
association representing small banks
whose comment is described above, that
the reporting accommodations included
in the credit purpose provision will
facilitate compliance while still
achieving the policy goals of section
1071.
Although some additional useful
information might be collected if the
Bureau were to expand the credit
purpose data point to include the more
granular reporting requested by
community groups, such changes would
make the collection more difficult for
financial institutions as well as
potentially confusing for small business
applicants; the Bureau does not believe
that further granularity is necessary at
this time, especially at the risk of
PO 00000
Frm 00148
Fmt 4701
Sfmt 4700
obtaining potentially less accurate or
complete data overall. In regard to
making ‘‘refinancing’’ a credit product
rather than a credit purpose as
proposed, the Bureau believes that its
credit product taxonomy presents a
clear, uncomplicated framework using
the basic forms of credit extended.
Making refinancing a product would
complicate the taxonomy and introduce
categorization difficulties, for example
with partial refinancings. As for
including renewals, the section-bysection analysis of § 1002.103(b) above
discusses this issue.
107(a)(7) Amount Applied For
Proposed Rule
Section 1071 requires financial
institutions to collect and report ‘‘the
amount of the credit or credit limit
applied for, and the amount of the credit
transaction or the credit limit
approved.’’ 609 The Bureau stated in the
SBREFA Outline that it was considering
requiring financial institutions to report
the amount applied for data point using
the initial amount of credit or credit
limit requested by the applicant at the
application stage, or later in the process
but prior to the financial institution’s
evaluation of the credit request.610
The Bureau proposed § 1002.107(a)(7)
to require a financial institution to
collect and report ‘‘the initial amount of
credit or the initial credit limit
requested by the applicant.’’ Proposed
comment 107(a)(7)–1 would have
explained that a financial institution is
not required to report credit amounts or
limits discussed before an application is
made, but must capture the amount
initially requested at the application
stage or later. In addition, proposed
comment 107(a)(7)–1 would have stated
that if the applicant does not request a
specific amount, but the financial
institution underwrites the application
for a specific amount, the financial
institution reports the amount
considered for underwriting as the
amount applied for. Finally, proposed
comment 107(a)(7)–1 would have
instructed that if the applicant requests
an amount as a range of numbers, the
financial institution reports the
midpoint of that range.
To address the situation where the
financial institution requests an amount
applied for but the applicant
nonetheless does not provide one,
proposed comment 107(a)(7)–2 would
have explained that, in compliance with
proposed § 1002.107(c)(1), a financial
institution shall maintain procedures
reasonably designed to collect
609 ECOA
section 704B(e)(2)(C).
Outline at 28.
610 SBREFA
E:\FR\FM\31MYR2.SGM
31MYR2
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
lotter on DSK11XQN23PROD with RULES2
applicant-provided information, which
includes the credit amount initially
requested by the applicant. However, if
a financial institution is nonetheless
unable to collect or otherwise determine
the amount initially requested, the
financial institution would have been
required to report that the amount
applied for is ‘‘not provided by
applicant and otherwise
undetermined.’’
Proposed comment 107(a)(7)–3 would
have provided instructions for reporting
the amount applied for in regard to firm
offers. Proposed comment 107(a)(7)–3
would have explained that when an
applicant responds to a ‘‘firm offer’’ that
specifies an amount or limit, which may
occur in conjunction with a preapproved credit solicitation, the
financial institution reports the amount
applied for as the amount of the firm
offer, unless the applicant requests a
different amount. If the firm offer does
not specify an amount or limit and the
applicant does not request a specific
amount, proposed comment 107(a)(7)–3
would have explained that the amount
applied for is the amount underwritten
by the financial institution.
Proposed comment 107(a)(7)–4 would
have explained that when reporting a
covered application that seeks
additional credit amounts on an existing
account, the financial institution reports
only the additional credit amount
sought, and not any previous amounts
sought or extended. The Bureau noted
that a request to withdraw additional
credit amounts at or below a previously
approved credit limit amount on an
existing open-end line of credit would
not be a covered application, and so
proposed comment 107(a)(7)–4 would
not have applied to such a situation.
The Bureau sought comment on its
proposed approach to the amount
applied for data point. The Bureau also
requested comment on how best to
require reporting of amount applied for
in situations involving multiple
products or credit lines under a single
credit limit. The Bureau also requested
comment on potential methods for
avoiding misinterpretations of
disparities between the amount applied
for and the amount approved or
originated. Finally, the Bureau
requested comment on its proposed
approach to reporting when a range of
numbers is requested.
Comments Received
The Bureau received comments from
lenders, trade associations, community
groups, and others regarding this
proposed data point. Community groups
and a CDFI lender supporting the
Bureau’s approach to the collection of
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
the amount applied for data point. One
commenter said that it works with
minority farmers whose loans are
approved for far less than what they
originally applied for and that the data
would give them information regarding
lending practices involving minority
farm businesses. Several commenters
stated that amount applied for and
amount approved or originated are key
data for fair lending purposes. One said
that Black-, Latino-, and Asian-owned
businesses have been substantially less
likely to receive the full small business
loan amount requested than whiteowned small businesses. Another
commenter requested that the Bureau
scrutinize lenders when the application
and approval amounts are
conspicuously close, especially if there
is a disproportionate impact on women
and minority-owned businesses,
because some lenders may dissuade
applicants from making a specific
request and steer them to the considered
underwriting amount that is lower than
the financing need of the small
business.
A community group noted that
amounts should not be reported in
ranges since the statute requires
reporting of amounts and furthermore,
that ranges are not useful for assessing
whether lenders are responding
adequately to credit needs. This
community group also commented that
with respect to line increases, it makes
sense for the lender to report the
additional amount instead of the
additional and original amount because
it is more precise in terms of being able
to assess whether credit needs are being
met.
Several industry commenters and a
group of State banking regulators
expressed concerns about collecting the
data in light of the lending process
where the ‘‘amount applied for’’ can
fluctuate throughout the application
stage. One trade association commented
that financial institutions should not be
required to report amounts stated before
an application is made because
applicants state a loan amount early on
but that loan amount usually changes
throughout the process for various
reasons. Another stated that many
business credit applications include
offers, counteroffers, and negotiations.
One commenter stated that even though
the initial amount requested appears
useful it does not reflect the true
dynamic of the small business lending
process. The commenter reasoned that it
is not uncommon during the application
process to see the actual loan amount
fluctuate as the entrepreneur further
refines their capital needs, and that
makes tracking this type of information
PO 00000
Frm 00149
Fmt 4701
Sfmt 4700
35297
not particularly relevant or reflective of
the process. A credit union trade
association recommended that financial
institutions have the discretion to report
an ‘‘amount applied for’’ that is
determined at a later stage, rather than
at the first request of the applicant,
because reporting the initial credit
request could inaccurately represent the
lending process. A group of state
banking regulators commented that
some applicants may not request an
amount or may request a range, and
some financial institutions will not
require such information at the outset.
They stated that mandating reporting of
a requested loan amount would impose
increased compliance burdens and has
the potential to disrupt the relationship
aspect of small business lending.
Two industry commenters requested
the Bureau clarify how financial
institutions should report the amount
applied for when a firm offer of credit
specifies a range of possible amounts,
for example, amounts between $20,000
and $40,000. These commenters stated
they believe such offers should be
deemed not to specify an amount or
limit and that institutions should be
able to report the amount underwritten
as the amount applied for. They
reasoned that reporting the top of the
range as the amount applied for in these
circumstances could be misleading
because many applicants likely will not
qualify for amounts at the top of the
range. A bank suggested that when an
applicant indicates a range, each
financial institution should be able to
decide whether to report the low,
midpoint, or high end of the range so
long as it is consistent for the financial
institution’s entire small business
lending application register.
Two business advocacy groups noted
that uncertainty regarding key
definitions could create compliance
challenges and requested that the
Bureau provide additional clarity as to
the meaning of ‘‘applied for.’’ A bank
stated that its systems do not have a way
to collect and record this data point and
that it would need to collect it
manually, which would affect its ability
to serve its customers and community.
The Bureau did not receive comments
on how best to require reporting for
situations involving multiple products
or credit lines under a single credit limit
or potential methods for avoiding
disparities between amount applied for
and amount originated or approved.
Final Rule
For the reasons set forth herein, the
Bureau is finalizing § 1002.107(a)(7) and
associated commentary with revisions
and an addition in the commentary for
E:\FR\FM\31MYR2.SGM
31MYR2
lotter on DSK11XQN23PROD with RULES2
35298
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
clarity. The Bureau notes that for
HMDA, Regulation C § 1003.4(a)(7)
requires reporting of ‘‘the amount of the
covered loan or the amount applied for,
as applicable,’’ which requires reporting
of the amount applied for only when the
credit is not originated. Because section
1071 uses the conjunction ‘‘and’’ rather
than ‘‘or,’’ the Bureau reads section
1071 to require collection and reporting
of the amount applied for regardless of
whether the application is ultimately
approved or originated.611 The Bureau
believes its interpretation of ‘‘the
amount of the credit or credit limit
applied for’’ pursuant to ECOA section
704B(e)(2)(C) is reasonable and
appropriate.
With respect to the commenter that
indicated that some lenders may
dissuade applicants from making a
specific request and steer them to the
considered underwriting amount, which
may be lower than their financing
needs, the Bureau believes that it is
necessary to capture both the amount
applied for and amount approved or
originated to fulfill the statutory
purposes of section 1071, including
facilitating fair lending enforcement.
The Bureau believes the amount applied
for and the amount approved data
points are necessary to identify
potentially discriminatory practices,
such as discouragement or steering, in
the lending process. For example,
greater differences between amount
applied for and amount originated
among protected groups could indicate
a fair lending concern. The Bureau notes
that if a financial institution were to
seek to unduly influence or alter the
amount requested by the applicant in
order to avoid reporting it, such conduct
would violate the requirement in final
§ 1002.107(c) to not discourage an
applicant from responding to requests
for applicant-provided data and to
maintain procedures to collect such data
at a time and in a manner that are
reasonably designed to obtain a
response.
Regarding commenters’ concerns that
the amount applied for can change
throughout the lending process, the
Bureau acknowledges that there could
be complexity in pinpointing the
specific initial amount requested by an
applicant in the fluid process of a small
business credit application. The Bureau
acknowledges that this complexity
could make this data point challenging
for financial institutions to collect and
report. Nonetheless, the statute requires
that the amount applied for be reported,
611 The amount approved or originated data point
is addressed in the section-by-section analysis of
§ 1002.107(a)(8).
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
and the information is important for
both of section 1071’s statutory
purposes. The Bureau is finalizing
comment 107(a)(7)–1 with minor edits
for clarification. Final comment
107(a)(7)–1 provides that the financial
institution reports the initial amount of
credit or the credit limit initially
requested by the applicant at the
application stage and is not required to
report credit amounts or limits
discussed before an application is made.
The Bureau believes that this guidance
will provide a flexible compliance
regime that will accommodate different
business practices. A financial
institution will not be required to report
amounts discussed before the
application is made, which will
accommodate preliminary informal
interactions. Regarding the
recommendation that financial
institutions have the discretion to report
an amount determined at a later stage
rather than the initial request of the
applicant, the Bureau notes that the
statute requires the amount applied for
to be reported even though a small
business credit application process can
be fluid. Therefore, a financial
institution should report the initial
request of the applicant if the lending
process has already reached the
application stage. In regard to ranges of
amounts requested, the Bureau does not
believe that permitting financial
institutions to decide whether to report
the low, midpoint, or high end of the
range, as requested by a commenter,
would yield data that will be
comparable to the other data collected
for this data point because different
financial institutions will be applying
different rules for what to report. The
Bureau believes that more uniform
information will be more useful and
should not create extra difficulty for
financial institutions to collect.
Therefore, to facilitate compliance, final
comment 107(a)(7)–1 provides that for
amounts that were requested as a range
of numbers, the financial institution
reports the midpoint of the range. In
addition, for clarity, the Bureau moved
guidance on what to report if an
applicant does not request a specific
amount to final comment 107(a)(7)–2, as
explained below.
With respect to the comment that an
amount may not be initially required or
that some applicants may not request an
amount or may request a range, the
Bureau understands that a specific
amount may not be provided by the
applicant and that a specific amount is
often not required by many financial
institutions for products such as credit
cards, as the financial institution assigns
PO 00000
Frm 00150
Fmt 4701
Sfmt 4700
the credit limit as part of the credit
evaluation process. Final comment
107(a)(7)–2 provides that in situations
where the applicant does not request a
specific amount at the application stage,
but the financial institution underwrites
the application for a specific amount,
the financial institution reports the
amount that was considered in
underwriting. Final comment 107(a)(7)–
2 also provides that if a particular type
of credit product does not involve a
specific amount requested, then the
financial institution reports ‘‘not
applicable.’’ The Bureau believes this
method will aid compliance with
section 1071 and yield appropriate data
by avoiding the need to report a
preliminary number when a financial
institution’s business practices do not
result in there being such a number to
report. For clarity, the Bureau moved
guidance regarding amounts that are
otherwise undetermined that was
addressed in proposed comment
107(a)(7)–2 to final comment 107(a)(7)–
5, as explained below.
Regarding the request that the Bureau
clarify how institutions should report
the amount applied for when a firm
offer of credit specifies a range of
possible amounts, the Bureau added
guidance in final comment 107(a)(7)–3
that addresses this situation. ‘‘Firm
offers’’ involve solicitations to small
businesses when they have been preapproved for a term loan, line of credit,
or credit card.612 The Bureau
understands that financial institutions
often provide an amount in such
solicitations and the Bureau believes
that when the applicant knows the
amount of the pre-approval before
responding, that figure could
appropriately be considered as the
amount applied for. However, if no
amount appears in the pre-approved
solicitation, the Bureau considers that
an applicant responding to the firm offer
has not requested a specific amount,
and reporting of the amount
underwritten would be appropriate.
Final comment 107(a)(7)–3 provides
that when an applicant responds to a
firm offer, a financial institution reports
the amount applied for as the amount of
the firm offer, unless the applicant
requested a different amount. If, on the
other hand, the firm offer did not
contain a specified amount and the
applicant did not request one, then the
financial institution reports the amount
applied for as the amount that was
underwritten. The Bureau did not
propose guidance that addresses what
financial institutions report when a firm
612 See 15 U.S.C. 1681a(l); see also Regulation B
comment 12(b)(7)–1 (describing offers of credit).
E:\FR\FM\31MYR2.SGM
31MYR2
lotter on DSK11XQN23PROD with RULES2
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
offer specifies a range of possible
amounts. The Bureau agrees with the
commenters that such offers should be
treated similarly to those situations
where a firm offer did not specify an
amount. To address this scenario, final
comment 107(a)(7)–3 states that if the
firm offer specifies an amount or limit
as a range of numbers and the applicant
does not request a specific amount, the
amount applied for is the amount
underwritten by the financial
institution. The Bureau believes that
this guidance will aid compliance and
yield useful data.
The Bureau is finalizing comment
107(a)(7)–4 as proposed. The comment
explains that when reporting a covered
application that seeks additional credit
amounts on an existing account, the
financial institution reports only the
additional credit amount sought, and
not any previous amounts extended.
The Bureau added final comment
107(a)(7)–5 to address situations where
the initial amount applied for cannot be
determined. Specifically, the comment
provides that under § 1002.107(c)(1), a
financial institution shall maintain
procedures reasonably designed to
collect applicant-provided data, which
includes the credit amount initially
requested by the applicant (other than
for products that do not involve a
specific amount requested). However,
the Bureau understands that there may
be situations in which amount applied
for was not collected and could not be
otherwise determined. Thus, final
comment 107(a)(7)–5 provides that if a
financial institution is unable to collect
or otherwise determine the amount
initially requested, the financial
institution reports that the amount
applied for is ‘‘not provided by
applicant and otherwise
undetermined.’’ The Bureau believes
that providing this reporting flexibility
will facilitate compliance by
accommodating different business
practices.
With respect to the commenter that
indicated that its systems do not have a
way to collect this data point, the
Bureau believes that the data on the
amount applied for will generally be
available in the loan files and should
not present particular difficulties in
reporting. Regarding the request from
commenters that the Bureau provide
additional clarity as to the meaning of
applied for, the commenters did not
indicate specific issues in the amount
applied for data point that require
clarification. The Bureau believes it has
addressed in this final rule the requests
for clarity from other commenters as
well as other clarifications the Bureau
believes are appropriate.
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
107(a)(8) Amount Approved or
Originated
Proposed Rule
Section 1071 requires financial
institutions to collect and report ‘‘the
amount of the credit transaction or the
credit limit approved.’’ 613
Proposed § 1002.107(a)(8) would have
required that the amount approved or
originated data point be collected and
reported as follows: (i) for an
application for a closed-end credit
transaction that is approved but not
accepted, the financial institution
collects and reports the amount
approved by the financial institution;
(ii) for a closed-end credit transaction
that is originated, the financial
institution collects and reports the
amount of credit originated; and (iii) for
an application for an open-end credit
transaction that is originated or
approved but not accepted, the financial
institution collects and reports the
amount of the credit limit approved.
Proposed comment 107(a)(8)–1 would
have provided general instructions for
the amount approved or originated data
point, explaining that a financial
institution reports the amount approved
or originated for credit that is originated
or approved but not accepted. For
applications that the financial
institution, pursuant to proposed
§ 1002.107(a)(9), would have reported as
denied, withdrawn by the applicant, or
incomplete, the financial institution
would have reported that the amount
approved or originated is ‘‘not
applicable.’’
Proposed comment 107(a)(8)–2 would
have explained that when a financial
institution presents multiple approval
amounts from which the applicant may
choose, and the credit is approved but
not accepted, the financial institution
reports the highest amount approved.
Proposed comments 107(a)(8)–3 and –4
would have provided specific
instructions for identifying and
reporting the amount approved or
originated for closed-end transactions,
including refinancings.
Proposed comment 107(a)(8)–5 would
have provided instructions regarding
counteroffers and the amount approved
or originated data point, explaining that
if an applicant agrees to proceed with
consideration of a counteroffer for an
amount or limit different from the
amount for which the applicant applied,
and the covered credit transaction is
approved and originated, the financial
institution reports the amount granted.
Proposed comment 107(a)(8)–5 would
have further explained that if an
613 ECOA
PO 00000
section 704B(e)(2)(C).
Frm 00151
Fmt 4701
Sfmt 4700
35299
applicant does not agree to proceed with
consideration of a counteroffer or fails
to respond, the institution reports the
action taken on the application as
denied and reports ‘‘not applicable’’ for
the amount approved or originated. The
proposed comment would have
provided a reference to proposed
comment 107(a)(9)–2, which discusses
the action taken data point in relation to
counteroffers.614
The Bureau sought comment on its
proposed approach to the amount
approved or originated data point. The
Bureau also requested comment on
potential methods for avoiding
misinterpretations of disparities
between the credit amount or limit
applied for and the credit amount or
limit originated or approved and on the
possible use of ranges of numbers for
reporting the amount applied for and
amount approved or originated data
points. In addition, the Bureau
requested comment on whether it would
be useful and appropriate to require
reporting of the amount approved as
well as the amount originated for
closed-end credit transactions.
Comments Received
The Bureau received comments on the
amount approved or originated data
point from lenders, trade associations,
and community groups. Almost all of
the comments received supported the
Bureau’s proposal. A bank and a trade
association commented that the
Bureau’s proposal is a reasonable and
appropriate means of implementing the
statutory requirement. A community
group and a CDFI lender highlighted the
usefulness of the data for fair lending
purposes, including identifying
potentially discriminatory lending
practices. The CDFI lender suggested
that the data can help show how
financial institutions compare across
key metrics and reveal capital gaps in
the market that lenders may be able to
fill. Two commenters supported the
proposal’s requirement that data
collection on amount approved or
originated be required for transactions
that are approved but not accepted, not
just those that are originated. A trade
association commented that different
standards are appropriate for closed-end
and open-end products, while a
community group noted that it is
appropriate to report the credit limit in
cases of open-end credit. Another trade
association emphasized the Bureau’s
proposal regarding counteroffers and
614 See the section-by-section analysis of
§ 1002.107(a)(9) for a complete discussion of how
the final rule treats reporting obligations for
applications involving counteroffers.
E:\FR\FM\31MYR2.SGM
31MYR2
35300
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
lotter on DSK11XQN23PROD with RULES2
that it appropriately allows for
negotiations prevalent in small business
lending. A community group requested
that the Bureau not permit reporting of
amounts in ranges, stating that the
statute requires reporting of specific
amounts and that ranges are not useful
for assessing whether lenders are
responding to credit needs adequately.
Two banks expressed concerns about
the overall proposed requirement to
collect data on amount approved or
originated. One suggested that the data
are meaningless because the majority of
loan requests at a community bank are
not submitted formally and in most
cases the amount approved is what was
requested. That bank also noted that it
would be rare for the amount to change
and it does not have a way to currently
track the information, thus adding
burden. Another bank recommended
that financial institutions should not be
generally required to report information
on applications where no credit was
extended, such as applications that were
not completed by the applicant or where
the applicant did not accept the terms.
This bank reasoned that the amount
approved data point is irrelevant
because the loan was not originated and
that it does not further the purposes of
section 1071 because the information
would not help the Bureau materially
understand credit opportunities nor
help ensure fair lending laws are
enforced.
Final Rule
For the reasons set forth herein, the
Bureau is finalizing § 1002.107(a)(8) and
associated commentary as proposed.
The Bureau is also adding new
comment 107(a)(8)–6. The Bureau reads
the statutory language ‘‘the amount of
the credit transaction or the credit limit
approved’’ to require the amount of the
credit limit approved to be reported for
open-end applications, and the amount
of the credit transaction to be reported
for closed-end applications. The Bureau
believes the phrase ‘‘the amount of the
credit transaction or the credit limit
approved’’ to be ambiguous in regard to
closed-end transactions because the
most common meaning of the word
‘‘transaction’’ in the context for closedend credit transactions would be an
originated loan. Thus, the Bureau
reasonably interprets the statute as
requiring reporting of the amount
originated for closed-end credit
transactions. In the alternative, section
1071 authorizes the Bureau to include
any ‘‘additional data that the Bureau
determines would aid in fulfilling the
purposes of [section 1071].’’ The Bureau
believes that it is appropriate to use its
exception authority under ECOA section
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
704B(g)(2) to require the amount
originated, rather than the amount
approved, for originated closed-end
credit transactions, because excluding
the amount approved for originated
closed-end transactions, and requiring
collection of the amount originated
instead, would enhance the utility and
quality of the data being reported, thus
further the fair lending and business
and community development purposes
of section 1071.
In response to the commenters’
suggestion that data on applications
should not be reported in situations
where the application is withdrawn or
incomplete as well as the commenter’s
suggestion that the data are
meaningless, the Bureau believes there
is value in the data to be reported, even
if no amount is reported for the amount
approved or originated data point. Other
information to be reported for the
application that was, pursuant to
§ 1002.107(a)(9), withdrawn by the
applicant or incomplete, can help
further the fair lending and community
development purposes of section 1071.
For example, data from applications that
are withdrawn or incomplete can help
identify potential discriminatory
practices in the application process and
also indicate demand for credit by small
business applicants. This would not be
possible if data on applications that are
withdrawn or incomplete are not
reported. Accordingly, final comment
107(a)(8)–1 explains that for
applications a financial institution,
pursuant to § 1002.107(a)(9), reports as
denied, withdrawn by the applicant, or
incomplete, the financial institution
reports that the amount originated or
approved is ‘‘not applicable.’’ The
Bureau also believes that reporting ‘‘not
applicable’’ for amount approved or
originated in certain circumstances will
facilitate compliance for this data point.
The Bureau does not believe, as
suggested by one commenter, that data
on applications where the applicant did
not accept the terms would not further
the statutory purposes of section 1071.
The data will help facilitate fair lending
enforcement by indicating the credit
that had been offered to different types
of applicants when the transaction does
not close and there is no amount
originated to report. Reporting data with
respect to the amount approved will
also aid in fulfilling the business and
community development purpose of
section 1071 by providing a more
complete picture of the credit being
offered to different businesses and
communities.615
615 The Bureau similarly believes that reporting
the amount originated on closed-end credit
PO 00000
Frm 00152
Fmt 4701
Sfmt 4700
As stated above, the Bureau is
finalizing the commentary to
§ 1002.107(a)(8) as proposed. Final
comment 107(a)(8)–2 provides guidance
on reporting the amount approved or
originated data point when the
transaction involves multiple approval
amounts. The Bureau believes that
reporting the highest amount approved
when credit is approved but not
accepted will most accurately reflect the
amount of credit that was made
available to the applicant in this
situation. Final comments 107(a)(8)–3
and –4 provide guidance on reporting
amount approved or originated for
closed-end transactions and
refinancings, respectively. Final
comment 107(a)(8)–5 provides guidance
on reporting amount approved or
originated when the transaction
involves counteroffers.
The Bureau is adding comment
107(a)(8)–6 to provide guidance on
reporting amount approved or
originated with respect to existing
accounts. Comment 107(a)(8)–6
provides that the financial institution
reports only the additional credit
amount approved or originated for an
existing account, and not any previous
amounts that were extended. The
Bureau believes this will help facilitate
compliance for this data point.
The Bureau did not receive specific
comments with respect to this data
point on methods for avoiding
misinterpretations of disparities
between credit amount or limit applied
for and credit amount or limit originated
or approved and whether it would be
useful and appropriate to require
reporting of amount approved as well
amount originated for originated closedend credit transactions. The Bureau is
therefore not requiring reporting of that
additional data.
107(a)(9) Action Taken
Proposed Rule
ECOA section 704B(e)(2)(D) requires
financial institutions to report the ‘‘type
of action taken’’ on an application.
The Bureau proposed in
§ 1002.107(a)(9) to require reporting of
the action taken by the financial
institution on the covered application,
reported as originated, approved but not
transactions that are originated also fulfills the
purposes of section 1071. For these transactions,
reporting of the amount originated would aid in
fulfilling the enforcement of fair lending laws by
indicating the credit that had been provided to
different types of applicants in actual transactions.
It would also aid in fulfilling the business and
community development purpose of section 1071
by providing a more complete and accurate picture
of the credit actually being provided to different
businesses and in different communities.
E:\FR\FM\31MYR2.SGM
31MYR2
lotter on DSK11XQN23PROD with RULES2
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
accepted, denied, withdrawn by the
applicant, or incomplete. In addition,
the Bureau proposed to categorize all
incomplete applications as a single
category of ‘‘incomplete,’’ rather than
following the approach in Regulation C
of separately reporting denials based on
incompletes and notices of
incompleteness. Although the Bureau
considered expanding the action taken
codes to those currently used in
Regulation C (including preapprovals or
purchased loans), the Bureau did not
believe those additional fields would
have been appropriate or necessary in
the context of section 1071 given the
diversity of processes and other
complexities in the small business
lending space and because section 1071,
unlike HMDA, does not expressly
reference loan purchases.
Proposed comment 107(a)(9)–1 would
have provided additional clarity on
when a financial institution should
select each of the proposed action taken
codes. The financial institution would
have identified the applicable action
taken code based on final action taken
on the covered application.
Proposed comment 107(a)(9)–2 would
have provided instructions for reporting
action taken on covered applications
that involve a counteroffer, along with
examples. The Bureau’s proposed
treatment of counteroffers would have
aligned with how counteroffers are
treated under existing § 1002.9
notification procedures and how they
are reported under Regulation C.616 The
Bureau also considered, but did not
propose, adding an action taken
category or flag for counteroffers. The
Bureau believed the addition of a
counteroffer flag or field would have
provided limited useful information
beyond what would have been captured
under the proposal.
Proposed comment 107(a)(9)–3 would
have discussed reporting action taken
for rescinded transactions. Proposed
comment 107(a)(9)–4 would have
clarified that a financial institution
reports covered applications on its small
business lending application register for
the year in which final action is taken.
Finally, proposed comment 107(a)(9)–5
would have provided guidance for
reporting action taken if a financial
institution issues an approval that is
subject to the applicant meeting certain
conditions.
The Bureau sought comment on
proposed § 1002.107(a)(9) and its
associated commentary.
616 Regulation
VerDate Sep<11>2014
C comment 4(a)(8)(i)–9.
18:47 May 30, 2023
Jkt 259001
Comments Received
The Bureau received comment on its
proposal in § 1002.107(a)(9) to require
reporting of action taken from a wide
range of lenders, trade associations, and
community groups.
Action taken categories in general. A
number of commenters, including
community groups, lenders, and a trade
association supported the action taken
reporting categories in proposed
§ 1002.107(a)(9). Two industry
commenters agreed that proposed
§ 1002.107(a)(9) was a reasonable and
appropriate means of implementing
section 1071. One community group
stated that the action taken codes are an
essential metric to enforce fair lending
laws and that the proposed action taken
categories are substantially similar to
those used for HMDA reporting, and so
will be familiar to lenders. A joint letter
from community groups, community
oriented lenders, and business advocacy
groups similarly supported use of the
action taken fields that are also used for
HMDA reporting. A trade association
noted that action taken information is
not typically collected by motor vehicle
dealers in indirect vehicle finance
transactions, but may be included by the
finance source as part of the credit
application decision.
Some commenters focused on
particular proposed action taken
categories, urging the Bureau to retain a
proposed action taken category and not
combine categories. For example, a
several lenders and community groups
specifically supported collection on
incomplete and withdrawn
applications. They asserted that it is
important to collect data on applications
that do not go through the full lending
process (i.e., through loan decisioning)
in order to identify potential
discouragement. Several commenters
further explained that capturing
incomplete and withdrawn applications
would be important for fair lending
assessments, as it would identify
potential disparities in treatment,
discouragement, and steering. In
response to the Bureau’s request for
comment on whether to combine the
‘‘withdrawn by applicant’’ and
‘‘incomplete’’ categories, a community
group supported the Bureau’s proposed
approach to keep the categories
separate. The commenter asserted that
data analysis and fair lending
assessments would be more accurate if
the withdrawn and incomplete
categories are kept separate, as they
represent different actions by the
applicant. Another community group
commenter supported distinct action
taken categories for approvals and
PO 00000
Frm 00153
Fmt 4701
Sfmt 4700
35301
denials, noting, for example, research
finding disparities in credit denials for
Black, Latino, and Asian small
businesses.617 A lender, however, urged
the Bureau to use caution in interpreting
and analyzing data collected under
section 1071, noting for example that a
high denial rate for different types of
businesses (e.g., small or minorityowned businesses) could be reflective of
a financial institution’s high volume of
applications from such small businesses
and not of a pattern of discriminatory
lending.
In response to the Bureau’s request for
comment on whether to retain the
‘‘approved but not accepted’’ category,
two community groups urged the
Bureau to include this category among
the available action taken options. The
commenters argued that the approved
but not accepted category could be used
to identify instances where an applicant
was offered loan terms that did not meet
the needs of the small business (such as
high pricing or other unfavorable terms),
and could be tracked to identify
potential disparities among womenowned or minority-owned small
businesses, or other vulnerable
populations. Another commenter argued
that data may be misconstrued if
approved but not accepted loans are
treated as ‘‘denials.’’
In contrast, several community banks
urged the Bureau to remove certain
proposed action taken categories. For
example, a community bank argued
against use of withdrawn by applicant
or denied action taken codes, stating
that there was no reason to report such
applications and it would violate the
applicant’s trust. A different community
bank urged the Bureau to remove the
incomplete category, noting that
financial institutions treat
incompleteness as a denial under
existing Regulation B (because it
requires an adverse action notice or a
notice of incompleteness), and that such
events are better captured as denials or
withdrawals.
In the NPRM, the Bureau also sought
comment on whether the Bureau’s
proposal to categorize all incomplete
applications as a single category of
‘‘incomplete’’ (closed or denied) should
instead be reported consistent with the
approach in Regulation C, which
provides separate categories for denials
(including on the basis of
incompleteness) and files closed for
incompleteness (if the financial
institution sent a written notice of
617 See Fed. Rsrv. Bank of Atlanta, Small Business
Loan Turndowns, Personal Wealth and
Discrimination (July 2002), https://
www.federalreserve.gov/pubs/feds/2002/200235/
200235pap.pdf.
E:\FR\FM\31MYR2.SGM
31MYR2
lotter on DSK11XQN23PROD with RULES2
35302
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
incompleteness). A few industry and
community group commenters
specifically supported diverging from
Regulation C and reporting denials
based on incompleteness as
‘‘incomplete’’ applications, rather than
‘‘denied’’ applications. A CDFI lender
and a community group stated that
doing so would be in line with the
intent of section 1071 and would lead
to more accurate data by reserving the
denied category exclusively for
creditworthiness and underwriting
factors. One trade association stated that
such reporting would be easier to
comply with and provide less
opportunity for data errors, while
another trade association noted that
additional subcategories of incomplete
would create confusion and add
difficulty for financial institutions.
In contrast, several banks and a group
of bank trade associations urged the
Bureau to align reporting of incomplete
applications with HMDA reporting. A
bank commented that aligning with
HMDA would increase efficiency for the
customer, facilitate compliance, and
ensure that financial institutions only
need to collect data once. Similarly,
several commenters argued that
misalignment with HMDA would add
substantial difficulty for financial
institutions required to report under
HMDA. However, some of those same
commenters also stated that they were
sympathetic to the Bureau’s underlying
reasons for wanting to report all
incomplete applications in one category,
and argued that this was further reason
to exclude all HMDA transactions. A
bank asked for clarification on how to
report an application that results in
adverse action based on incompleteness.
Treatment of counteroffers. The
majority of commenters to address the
issue, including several lenders, trade
associations, and a community group,
supported the Bureau’s proposal as
related to counteroffers. In response to
the Bureau’s request for comment on
whether counteroffers that are not
accepted should be reported as
‘‘approved but not accepted,’’ rather
than ‘‘denied,’’ several commenters,
including a community group and a
CDFI lender, supported the Bureau’s
proposal that declined counteroffers
would be recorded as denials and
accepted counteroffers would be
reported as originations. Several CDFI
lenders further commented that this
proposal would avoid lenders seeking to
game the system and avoid reporting
denials by giving unreasonable
counteroffers likely to be denied by the
applicant. In contrast, a trade
association argued that counteroffers
that are not accepted should be reported
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
as ‘‘approved but not accepted’’ as it
would better reflect the availability of
credit. A bank asked how to report an
accepted counteroffer that does not
ultimately lead to an origination, and
urged consistency with HMDA.
In response to the Bureau’s request for
comment on whether to specifically
capture data on counteroffers, several
industry commenters supported the
Bureau’s proposal to not separately
track counteroffers. One of these
commenters urged the Bureau to not
separately track counteroffer terms
(such as the amount requested and
approved) as it would create burden for
financial institutions, and if the offer
was ultimately accepted, would not
provide meaningful data. Similarly,
other industry commenters argued that
determining what is a counteroffer
would be difficult and it would be
infeasible to capture all data points for
each counteroffer. A bank said that
small business lending involves many
discussions between the lender and the
applicant, and so capturing
counteroffers would be extraordinarily
complex and require additional training.
The industry commenters also stated
that capturing counteroffers could lead
to confusion and data errors. One of the
commenters further urged the Bureau to
align with Regulation C, which it
asserted does not require reporting of
counteroffers.
On the other hand, a CDFI lender and
a joint letter from community and
business advocacy groups urged the
Bureau to require reporting of any
counteroffers and their terms. These
commenters suggested the Bureau
modify the action taken fields to add
‘‘counteroffer accepted’’ and
‘‘counteroffer rejected,’’ and require
reporting of pricing information on
these options. The joint letter argued
that separate reporting of counteroffers
would provide visibility into pricing of
credit offers made but not accepted or
offers that otherwise do not result in an
origination. The commenter further took
issue with the aspect of the proposal
that would require a lender to report it
has denied an application, when it has
in fact it had approved it on different
terms. A CDFI lender similarly argued
that the proposal provides a loophole
for financial institutions, and urged the
Bureau to require reporting of pricing on
the initial request and any counteroffers
to prevent exploitative lending. The
commenter acknowledged, however,
that the Bureau’s proposal does not
penalize entities seeking to provide
assistance to businesses, which often
entails multiple counteroffers to best
meet the business’s needs.
PO 00000
Frm 00154
Fmt 4701
Sfmt 4700
Finally, the joint letter from
community and business advocacy
groups asserted that the proposed
definition of a counteroffer is
problematic. Under the proposal, a
counteroffer was described to occur
when a financial institution offers to
grant credit on terms other than those
originally requested by the applicant.
The commenter stated, however, that
nothing requires a lender to initially
solicit from applicants what terms they
are seeking (other than amount applied
for and credit type), and so it would not
be clear when to treat an offer as a
‘‘counteroffer’’ for purposes of the rule.
Final Rule
For the reasons set forth herein, the
Bureau is finalizing § 1002.107(a)(9)
with a minor revision for consistency, to
require reporting of the action taken by
the financial institution on the covered
application, reported as originated,
approved but not accepted, denied,
withdrawn by the applicant, or
incomplete. Most commenters to
address this issue generally supported
the Bureau’s proposed action taken
categories, noting that the approach was
a reasonable one and would assist in fair
lending enforcement.
Although the Bureau sought comment
on whether to remove or combine
certain of the action taken categories,
the Bureau is finalizing the list of
categories as proposed in
§ 1002.107(a)(9). The Bureau is not
eliminating the ‘‘approved but not
accepted category’’; data collected under
this category would reflect demand for
credit, and as noted by some
commenters, could potentially be used
to identify offers made that do not meet
the needs of small businesses.
Moreover, no commenter expressly
urged the Bureau to remove the
‘‘approved but not accepted’’ category.
The Bureau is also retaining the
‘‘withdrawn by the applicant’’ and
‘‘incomplete’’ action taken categories.
As noted by some commenters,
capturing data on incomplete and
withdrawn applications is important to
identifying potential discrimination and
discouragement during the application
process, and thus consistent with the
purposes of section 1071. Next, the
Bureau is keeping ‘‘withdrawn by the
applicant’’ and ‘‘incomplete’’ as
separate action taken categories; the
categories represent different actions by
the applicant, and so keeping them
distinct will lead to more accurate data
analysis, including better fair lending
analysis. Moreover, the Bureau believes
a high incidence of incomplete
applications could potentially indicate
that there is an issue with the level of
E:\FR\FM\31MYR2.SGM
31MYR2
lotter on DSK11XQN23PROD with RULES2
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
assistance provided by a financial
institution (for example, not providing
reasonable support or assistance to
ensure an applicant satisfies all credit
conditions; or providing more support
to some applicants than others).
Although a couple of community banks
urged the Bureau to remove the
‘‘denied,’’ ‘‘withdrawn by applicant,’’ or
‘‘incomplete’’ action taken categories as
unnecessary or inconsistent with
current lender practice, the Bureau
believes retaining those categories
further the purposes of section 1071, as
described above.
The Bureau is also finalizing
§ 1002.107(a)(9) to require a financial
institution to report all incomplete
applications—whether the application
is closed or denied based on
incompleteness—as the ‘‘incomplete’’
action taken category. While this
proposed approach is not consistent
with Regulation C comments 4(a)(8)(i)–
4 and –6, there could be potential errors
in the data if financial institutions
report incomplete denials separate from
notices of incompleteness. As noted by
commenters, grouping all incomplete
applications together would lead to
more useful data by reserving the
denied category solely for
creditworthiness and underwriting
decisions. Moreover, as noted by several
commenters, grouping all incomplete
applications in one category would be
easier for financial institutions to
implement. Although several industry
commenters urged the Bureau to align
reporting of incomplete applications
with Regulation C in order to increase
efficiency and facilitate compliance,
those concerns are mitigated by the
Bureau’s decision to exclude reporting
of all HMDA-reportable transactions, as
set forth in final § 1002.104(b)(2).
Indeed, one of the commenters
advocating for alignment with
Regulation C also stated that they were
sympathetic to the Bureau’s reasons for
wanting all incomplete applications
reported under a single category. In
response to a commenter’s question
regarding the reporting of applications
where an adverse action notice is
provided based on incompleteness,
under final § 1002.107(a)(9), the
financial institution would report such
an application as ‘‘incomplete,’’ rather
than ‘‘denied.’’ In response to another
commenter’s concern that data may be
misconstrued if approved but not
accepted loans are treated as ‘‘denials,’’
the Bureau notes that there is a separate
action taken category for ‘‘approved but
not accepted’’ (see final § 1002.107(a)(9)
and associated commentary for
reporting of that action code).
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
The Bureau is also finalizing as
proposed its treatment of counteroffers
in final comment 107(a)(9)–2. The
Bureau agrees with commenters that
this approach (requiring that
counteroffers that are not accepted to be
reported as ‘‘denied,’’ rather than
‘‘approved but not accepted’’) would
prevent lenders from trying to
improperly influence how their data are
reported by extending unreasonable
counteroffers that are likely to be
denied. This approach is also consistent
with existing § 1002.9 notification
procedures and reporting of
counteroffers under Regulation C,618
and so will be familiar to financial
institutions. In response to a
commenter’s concern that this approach
would not capture the availability of
credit (as rejected counteroffers would
be reported as ‘‘denials’’), the Bureau
believes the considerations noted
above—preventing gamesmanship and
consistency with existing Regulation B
and Regulation C—outweigh the
potential benefit of alternate reporting.
In response to a commenter’s question
about how a financial institution reports
an accepted counteroffer that does not
ultimately lead to an origination, the
Bureau directs the commenter to final
comment 103(a)(9)–2, which provides
that if an applicant agrees to proceed
with consideration of the financial
institution’s counteroffer, the financial
institution reports the action taken as
the disposition of the application based
on the terms of the counteroffer.
The Bureau is also finalizing
comment 107(a)(9)–2 to not separately
track counteroffers as an additional
action taken category or flag. As noted
by some commenters, it would be
potentially infeasible to capture all data
points for every back-and-forth
counteroffer with an applicant, and
attempting to do so would likely lead to
confusion, heightened complexity, and
data errors. The Bureau also believes
that even without a counteroffer flag or
field, the data will capture many of the
terms of an accepted counteroffers (such
as pricing, guarantee, etc.), as well as
the amount initially requested by the
applicant. Therefore, the addition of a
counteroffer flag or field would provide
limited useful information beyond what
will already be captured under section
1071. Moreover, while a counteroffer
flag or field might be useful as a
screening tool for potential
discrimination (for example, if womenowned businesses or minority-owned
businesses are provided higher rates of
counteroffers or denials compared to
male- or non-Hispanic white-owned
618 Regulation
PO 00000
Frm 00155
C comment 4(a)(8)(i)–9.
Fmt 4701
Sfmt 4700
35303
businesses), a flag alone would lack any
specificity that could be leveraged for
further fair lending analysis.
While several commenters urged the
Bureau to require reporting of accepted
and rejected counteroffers, as well as
their pricing terms, the Bureau does not
believe the benefits of additional
reporting would outweigh the added
complexity, logistical challenges, and
potential data accuracy issues involved
in reporting counteroffers. For example,
while some commenters suggested
adding counteroffer rejected and
counteroffer accepted action taken
categories, and to require reporting of
pricing, the commenter does not explain
how a financial institution would report
multiple back-and-forth counteroffers
connected to a single covered
application, which some commenters
report is typical in small business
lending. Moreover, focusing solely on
the pricing term of a counteroffer would
leave unknown other material terms of
a counteroffer, such the amount offered,
duration, or a requirement to have a cosigner or guarantor. In response to
commenters’ concerns that not
capturing counteroffers would mean a
lack of visibility into counteroffers that
are made but not accepted, the Bureau
agrees that such information would not
be captured, however, as described
above, the Bureau believes that
reporting of such data would add
significant complexity, could
undermine data quality, and would
provide only limited additional benefits.
Regarding some commenters’ criticism
that the definition of a counteroffer is
flawed because it presumes a lender has
solicited all requested terms from the
applicant, the Bureau believes the
description of a counteroffer in final
comment 107(a)(9)–2 as an offer to grant
credit or terms other than those
originally requested by the applicant is
a reasonable one: an applicant will
likely specifically request the terms
most important to the applicant, the
definition is consistent with existing
Regulation B and Regulation C and so
will be familiar to financial institutions,
and the commenters do not propose an
alternative.
The Bureau is finalizing the
commentary to § 1002.107(a)(9) with
minor revisions for clarity and
consistency. Final comment 107(a)(9)–1
provides additional clarity on when a
financial institution should select each
of the proposed action taken codes. The
comment further clarifies that a
financial institution identifies the
applicable action taken code based on
final action taken on the covered
application.
E:\FR\FM\31MYR2.SGM
31MYR2
35304
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
Final comment 107(a)(9)–2 provides
instructions for reporting action taken
on covered applications that involve a
counteroffer, along with examples. As
described above, final comment
107(a)(9)–2 provides that if a financial
institution makes a counteroffer to grant
credit on terms other than those
originally requested by the applicant
and the applicant declines to proceed
with the counteroffer or fails to respond,
the institution reports the action taken
as a denial on the original terms
requested by the applicant. If the
applicant agrees to proceed with
consideration of the financial
institution’s counteroffer, the financial
institution reports the action taken as
the disposition of the application based
on the terms of the counteroffer.
Final comment 107(a)(9)–3 discusses
reporting action taken for rescinded
transactions. Final comment 107(a)(9)–4
clarifies that a financial institution
reports covered applications on its small
business lending application register for
the year in which final action is taken.
Finally, final comment 107(a)(9)–5
provides guidance for reporting action
taken if a financial institution issues an
approval that is subject to the applicant
meeting certain conditions.
107(a)(10) Action Taken Date
lotter on DSK11XQN23PROD with RULES2
Proposed Rule
In addition to requiring financial
institutions to collect and report the
type of action they take on an
application, ECOA section 704B(e)(2)(D)
requires financial institutions to collect
and report the ‘‘date of such action.’’
The Bureau proposed
§ 1002.107(a)(10) to require action taken
date to be reported as the date of the
action taken by the financial institution.
Proposed comments 107(a)(10)–1
through –5 would have provided
additional details on how to report the
action taken date for each of the action
taken categories in proposed
§ 1002.107(a)(9). For example, proposed
comment 107(a)(10)–1 would have
explained that for denied applications,
the financial institution reports either
the date the application was denied or
the date the denial notice was sent to
the applicant.
Proposed comment 107(a)(10)–4
would have explained that for covered
credit transactions that are originated, a
financial institution generally reports
the closing or account opening date.
That proposed comment also stated that
if the disbursement of funds takes place
on a date later than the closing or
account opening date, the institution
may, alternatively, use the date of initial
disbursement.
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
The Bureau sought comment on its
proposed approach to the action taken
date data point as well as whether it
should adopt data points to capture
application approval date and/or the
date funds are disbursed or made
available.
Comments Received
The Bureau received comments on the
proposed action taken date data point
from lenders, trade associations, and
consumer groups. One commenter
expressed its support for the data points
regarding an application, including
action taken date, noting that the data
will provide insight regarding the
quality of the capital accessed and that
it will be useful in identifying
potentially discriminatory lending
practices, as well as highlight capital
gaps in the marketplace that lenders
may be able to fill. Furthermore, this
commenter noted that the data will
show how financial institutions
compare across key metrics and help
determine if the institution has
equitable lending. Industry commenters
expressed their support for the proposed
data point as a reasonable and
appropriate means of implementing the
statutory requirement. A CDFI lender
noted that defining ‘‘action taken date’’
as the one in which the financial
institution acts is correct.
Several commenters provided
feedback on whether the Bureau should
adopt separate data points for
application approval date and the date
funds were disbursed or made available.
A trade association opposed adoption of
separate data points for the date the
application was approved and the date
the funds were disbursed or made
available. This trade association
reasoned that it would add degrees of
complexity to the compliance process
and the Bureau would be chasing de
minimis data points that have
diminishing value. A bank also opposed
the separate data points explaining that
the Bureau would already gather enough
information from gathering the
application date and the action taken
date to find timing discrepancies and
suggested the Bureau focus more on
underwriting data to determine
discriminatory and other fair lending
issues. A CDFI lender explained that in
many cases the gap between an approval
and disbursal of funds can be affected
by several factors outside a lender’s
control, such as an applicant’s
availability to sign closing documents.
On the other hand, three commenters
urged the Bureau to adopt separate data
points for application approval date and
the date funds were disbursed or made
available. A community group
PO 00000
Frm 00156
Fmt 4701
Sfmt 4700
commented that separate data fields
would be important for fair lending and
community development purposes
because if any institutions are delaying
the availability of funds for
unreasonable periods of time after loan
approval, they would not be serving
community needs, and it could also
possibly indicate fair lending problems
if protected classes disproportionately
experience delays. Another community
group suggested that discrimination in
the agricultural industry occurs when
loan approvals are delayed or not
approved in a timely manner. This
community group noted that untimely
disbursement of funds could drastically
impact the opportunity for a small
business to succeed. They further noted
that farmers lose entire seasons of
income when the operating loans which
they timely applied for are not approved
in a timely manner. A third community
group stated that lenders have a history
of delaying loan approvals for farmers of
color compared to white farmers.
Final Rule
For the reasons set forth herein, the
Bureau is finalizing § 1002.107(a)(10)
and its associated commentary with
minor edits for clarity and consistency.
The Bureau believes the action taken
date data point is a reasonable
interpretation of ECOA section
704B(e)(2)(D), which requires financial
institutions to collect and report the
‘‘date of such action’’ taken on an
application. The Bureau notes that its
approach for this data point largely
mirrors the Regulation C approach for
action taken date in § 1003.4(a)(8)(ii)
and related commentary, with
modifications to align with the action
taken categories in final
§ 1002.107(a)(9).
Final § 1002.107(a)(10) requires
financial institutions to report the date
of the action taken by the financial
institution on the application. Final
comments 107(a)(10)–1 through –5
provide guidance on how to report the
action taken date for each of the action
taken categories provided in final
§ 1002.107(a)(9). For applications that
were denied, final comment 107(a)(10)–
1 provides that a financial institution
reports either the date the application
was denied or the date the denial notice
was sent to the applicant. For
applications that were withdrawn by the
applicant, final comment 107(a)(10)–2
provides that a financial institution
reports either the date the express
withdrawal was received or the date
shown on the notification form in the
case of a written withdrawal. For
applications that were approved but not
accepted by the applicant, final
E:\FR\FM\31MYR2.SGM
31MYR2
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
Proposed Rule
institutions to collect and report the
principal reason or reasons an
application was denied.
Proposed § 1002.107(a)(11) would
have required reporting of the principal
reason or reasons the financial
institution denied the covered
application. Proposed comment
107(a)(11)–1 would have explained that
a financial institution complies with
proposed § 1002.107(a)(11) by reporting
the principal reason or reasons it denied
the application, indicating up to four
reasons, and the financial institution
would report only the principal reason
or reasons it denied the application,
even if there are fewer than four
reasons. The proposed comment
provided an example to illustrate. The
proposed comment would have also
stated that the reason(s) reported must
accurately describe the principal reason
or reasons the financial institution
denied the application. Finally, the
proposed comment provided a list of
denial reasons from which financial
institutions would select the principal
reason or reasons for denying a covered
application.
Proposed comment 107(a)(11)–1
would also have explained that a
financial institution would have
reported the denial reason as ‘‘other’’
where none of the enumerated denial
reasons adequately describe the
principal reason or reasons it denied the
application, and the institution would
report the denial reason or reasons as
free-form text. Proposed comment
107(a)(11)–2 would have clarified that a
financial institution complies with
proposed § 1002.107(a)(11) by reporting
that the requirement is not applicable if
the action taken on the application,
pursuant to § 1002.107(a)(9), is not a
denial.
The Bureau sought comment on its
proposed approach to the denial reasons
data point, including whether the denial
reason categories listed in proposed
comment 107(a)(11)–1 sufficiently cover
the common credit denial reasons in the
small business lending industry. The
Bureau also sought comment on the
potential utility of denial reason data as
well as on the potential burdens to
industry in reporting denial reasons, in
light of the proposed denial reason
categories and the data’s ability to aid in
fulfilling the purposes of section 1071.
ECOA section 704B(e)(2)(H)
authorizes the Bureau to require
financial institutions to compile and
maintain ‘‘any additional data that the
Bureau determines would aid in
fulfilling the purposes of [section
1071].’’ The Bureau proposed
§ 1002.107(a)(11) to require financial
Comments Received
The Bureau received comments on the
denial reasons data point from lenders,
trade associations, and community
groups. A number of these commenters
supported the Bureau’s proposal to
collect data on denial reasons, stating
that it would aid in fair lending analysis
comment 107(a)(10)–3 provides that a
financial institution reports any
reasonable date, such as the approval
date, the deadline for accepting the
offer, or the date the file was closed. The
comment notes, however, that the
financial institution should generally be
consistent in its approach.
The Bureau is finalizing comments
107(a)(10)–4 and –5 with minor edits for
clarity and consistency to facilitate
compliance. Final comment 107(a)(10)–
4 provides that for applications that
result in an extension of credit, a
financial institution generally reports
the closing or account opening date.
However, if the disbursement of funds
takes place on a date later than the
closing or account opening date, the
institution may, alternatively, use the
date of initial disbursement. The
comment further provides that the
financial institution should generally be
consistent in its approach. Final
comment 107(a)(10)–5 provides that for
applications that are closed for
incompleteness, a financial institution
reports either the action taken date or
the date the denial or incompleteness
notice was sent to the applicant.
The Bureau is not adopting in this
final rule a requirement that financial
institutions report both the date the
application was approved and the date
the funds were disbursed. Two of the
commenters who requested this change
specifically focused on loan approval
delays, which seems to indicate the
issue is with delays in the loan approval
process rather than the timing of the
fund disbursements or credit
availability. The application date and
action taken date together will provide
information about the length of time it
takes for an application to reach the
credit decision. In addition, the Bureau
believes that the time between a loan’s
approval and the date of funds
availability is dependent on many
factors, some of which may not be
within the control of the financial
institution, as suggested by a
commenter. Accordingly, the Bureau is
not adopting a requirement that
financial institutions report, in all cases,
the date the funds were disbursed or
made available.
lotter on DSK11XQN23PROD with RULES2
107(a)(11) Denial Reasons
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
PO 00000
Frm 00157
Fmt 4701
Sfmt 4700
35305
and further the community
development purpose of section 1071. A
community group said that an analysis
of different types of lenders could
determine whether industry-wide
practices could be creating unnecessary
barriers, and denial reason data could
help to illuminate those practices. Some
commenters noted that denial reasons
can help policymakers and the public
determine legitimate reasons that small
businesses do not qualify for certain
forms of credit and will, in turn, enable
policymakers to work towards solutions.
A trade association commented that the
data has the potential to help identify
ways to improve service in underserved
communities and agreed this is an
opportunity to provide financial
institutions with data to evaluate their
business underwriting criteria and
address potential gaps as needed.
Another community group stated that
this data point is one of the single most
important items the Bureau can collect
in its aim to carry out section 1071 and
illuminate the reasons behind disparate
results in small business lending. A
bank commented that reporting of
denial reasons would help identify
roadblocks to gaining access to credit.
Commenters generally agreed with the
Bureau’s approach to collecting reasons
for denial. Community groups
supported the range of the Bureau’s
proposed list of reasons for denial as
well as the Bureau’s proposal for a
financial institution to select up to four
reasons. A trade association commented
that the proposed list of reasons for
denial adequately cover the potential
reasons and noted that the list largely
aligns with the HMDA/Regulation C
denial reasons. This commenter also
noted the importance of the option for
financial institutions to select ‘‘other’’
and report additional denial reason
information as free-form text.
Several community groups suggested
that personal credit score must be
included as an option as it is often cited
as the reason for denial. They asserted
that if low credit scores or other reasons
for denial correlate with a business
owner’s race or location, but do not
correlate with loan performance, then it
would be important for lenders to use
alternative methods for assessing
creditworthiness that do not have a
disparate impact on business owners of
color or certain communities. Another
commenter suggested that the Bureau
consider clarifying the government
criteria option, recommending that the
option should only be used if no other
principal reason applies and should
come after other reasons to ensure that
it does not mask those other reasons. A
trade association suggested that the
E:\FR\FM\31MYR2.SGM
31MYR2
lotter on DSK11XQN23PROD with RULES2
35306
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
Bureau allow financial institutions the
discretion to choose whether to report
the data; however, that commenter also
indicated that if the Bureau were to
require the denial reasons data point
then the proposed denial reasons did
represent a full picture of the typical
reasons for denial. Other commenters
suggested the Bureau follow the flexible
approach of financial institutions
providing denial reasons in ECOA
adverse action notices. Two banks asked
the Bureau to compare the reporting
requirement against other reporting
regimes, such as HMDA and CRA, to
avoid duplicative and inconsistent
reporting.
Some industry commenters opposed
the Bureau’s proposal to collect denial
reasons. A few commenters stated that
these data are not tracked or
maintained. A bank said stated they will
need to build a new and independent
tracking system if the data are
mandated. A joint trade association
letter noted that in indirect vehicle
financing transactions, dealerships are
not often provided and do not have
access to reasons why a third-party
financing source denied a credit
application. A bank questioned what the
Bureau intends to do with the data and
stated that it is not necessary to meet the
goals and requirements of section 1071.
The bank further asserted that it would
eventually result in additional
regulatory requirements that continue to
push small and mid-size lenders from
the small business lending market.
Another bank raised concerns about
reporting denial reason data, asserting
that there are multiple factors involved
in the decisions and the use of raw data
without any other means to evaluate the
individual decisions made could lead to
allegations of discrimination against
banks based solely upon data that reflect
disparate impact based on ethnicity,
race, or gender. Another commenter
expressed a similar concern that
requiring denial reasons under certain
categories could lead to damaging
misinterpretations. A trade association
urged the Bureau to drop the denial
reasons data point from the final rule,
stating that the requirement is drafted in
a rigid manner that is unlikely to
produce accurate or reliable data. That
commenter also stated that the Bureau
and other regulatory agencies already
have access to these data because
financial institutions are already
providing denial reasons under the
ECOA adverse action notice
requirement. In addition, commenters
further noted that the proposed denial
reason data point is incompatible with
the Bureau’s flexible approach to
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
providing adverse action reasons in
ECOA adverse action notices.
Final Rule
For the reasons set forth herein, the
Bureau is finalizing § 1002.107(a)(11)
and associated commentary with minor
revisions. The final rule requires that
financial institutions collect and report,
for denied applications, the principal
reason or reasons the financial
institution denied the covered
application. The Bureau believes data
regarding denial reasons will further the
fair lending and business and
community development purposes of
section 1071. Data on denial reasons
will allow data users to better
understand the rationale behind denial
decisions, help identify potential fair
lending concerns, and provide financial
institutions with data to evaluate their
business underwriting criteria and
address potential gaps as needed.
Robust data on application denial
reasons across applicants, financial
institutions, products, and communities
should help target limited resources and
assistance to applicants and
communities, thus furthering section
1071’s business and community
development purpose. Furthermore,
data on denial reasons will help data
users analyze potential denial
disparities, and could facilitate more
efficient and less burdensome fair
lending examinations. Therefore,
pursuant to ECOA section 704B(e)(2)(H),
the Bureau determines that collecting
data on denial reasons would aid in
fulfilling the purposes of section 1071.
Final comment 107(a)(11)–1 explains
that a financial institution reports the
principal reason or reasons it denied the
application, indicating up to four
reasons and makes clear that the
financial institution reports only the
principal reason or reasons it denied the
application. Final comment 107(a)(11)–
1 also provides a list of denial reasons
from which financial institutions select
the principal reason or reasons for
denying a covered application. In
addition, final comment 107(a)(11)–1
explains that a financial institution
reports the denial reason as ‘‘other’’
when none of the enumerated denial
reasons adequately describes the
principal reason or reasons it denied the
application, and reports the denial
reason or reasons as free-form text. The
Bureau believes that including the
option to select ‘‘other’’ will facilitate
compliance and that collecting such
information will enable the Bureau to
observe trends and key developments in
the small business lending market. In
addition, the Bureau may use the
PO 00000
Frm 00158
Fmt 4701
Sfmt 4700
information to inform any future
iterations of the list.
The Bureau is making a revision in
comment 107(a)(11)–1.iii to change ‘‘use
of loan proceeds’’ to ‘‘use of credit
proceeds’’ to reflect commonly
understood categories of small business
lending like term loans or lines of
credit. The Bureau is also making a
clarification in comment 107(a)(11)–1.iii
to broaden the scope of the ‘‘use of
credit proceeds’’ denial reason. Final
comment 107(a)(11)–1.iii explains that a
financial institution reports the denial
reason as ‘‘use of credit proceeds’’ if it
denies an application because, as a
matter of policy or practice, it places
limits on lending to certain kinds of
businesses, products, or activities it has
identified as high risk. The Bureau is
removing the example provided in the
proposed rule because the Bureau does
not believe an example is necessary and
financial institutions know what they
consider to be high risk to them.
Moreover, financial institutions may
have different policies on credit
activities or products they consider high
risk such that a high risk activity or
product to one financial institution may
not be considered high risk to another.
The Bureau is also making a minor
revision in comment 107(a)(11)–1.v to
clarify that a denial reason based on
collateral refers to collateral that was
insufficient or otherwise unacceptable
to the financial institution. The Bureau
also removed the example that appeared
in proposed comment 107(a)(11)–1.vi.
The Bureau is making a minor change
in comment 107(a)(11)–1.vii to clarify
that a denial reason based on
‘‘government criteria’’ refers to
government loan program criteria.
Government loan program criteria for
this purpose refers to those loan
programs backed by government
agencies that have specific eligibility
requirements. Accordingly, final
comment 107(a)(11)–1.vii lists
‘‘government loan program criteria’’ as a
denial reason option.
The Bureau does not share the
concerns raised by commenters that
denial reason data may lead to
unjustified conclusions that do not
necessarily meet the goals and purposes
of section 1071. Rather, as explained
above, the Bureau believes data on
denial reasons can help identify
potential lending concerns and help
data users analyze potential denial
disparities. In fact, the Bureau believes
that including denial reasons in 1071
data should reduce the risk of
inaccurate accusations of fair lending
violations, as it would allow financial
institutions to point to potentially
legitimate reasons for disparities.
E:\FR\FM\31MYR2.SGM
31MYR2
lotter on DSK11XQN23PROD with RULES2
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
With respect to the comments that
denial reasons are not currently tracked
or maintained, the Bureau believes that
most financial institutions already have
information on denial reasons, or at
least should be prepared to provide the
information. The Bureau understands
from commenters that there may be
creditors that are not subject to the
adverse action notice requirements
under Regulation B and such
institutions may face greater challenges
in implementing the denial reason data
reporting requirement than those
institutions that are already subject to
Regulation B requirements.619
Nevertheless, the Bureau believes that
data on denial reasons will further the
fair lending and business and
community development purposes of
section 1071 by helping to identify
potential fair lending concerns and
providing financial institutions with
data to evaluate their lending criteria
and address potential gaps. Moreover,
data on denial reasons not only help
identify potential fair lending concerns,
but are critical to understanding the
rationale behind a financial institution’s
decision to deny credit, which can
provide small business applicants the
information they need to be able to
access capital.
For transactions involving indirect
vehicle financing where the dealership
may not have the reasons why a thirdparty financing source denied a credit
application, the Bureau believes that the
entity that makes the final credit
decision will be able to provide or
obtain the reasons for denying a credit
application. See section-by-section
analysis of § 1002.109(a)(3) for a
discussion of which institutions have a
reporting obligation in transactions
involving multiple financial
institutions.
With respect to the suggestion from a
commenter that the Bureau should
allow financial institutions to report
denial reason data voluntarily, the
Bureau believes optional reporting is
not the appropriate approach, given the
need for consistent and meaningful data
to further the purposes of section 1071.
Regarding the suggestion that the
denial reason data point in the final rule
should mirror the HMDA reporting
requirements or other reporting regimes,
the Bureau’s approach to the final rule
is to largely mirror the Regulation C
reporting requirements but with
modifications that better reflect the
business or agricultural lending (rather
619 Existing § 1002.9(a)(3) requires creditors to
provide the specific reasons for adverse action
taken or to notify business credit applicants of their
right to request the reasons for denying an
application or taking other adverse action.
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
than mortgage lending) context. The
Bureau believes that aligning closely to
a known regulatory scheme, such as
Regulation C, will facilitate compliance.
Regarding the suggestion that the
Bureau provide more flexibility so that
financial institutions can report the
reasons that were provided in an
adverse action notice, the Bureau
believes, and as a commenter noted, the
denial reasons proposed and finalized
in this rule are a comprehensive list and
represent a full picture of the common
denial reasons for small business credit.
In addition, the Bureau believes the
inclusion of ‘‘other’’ as a reason for
denial and the free-form text field,
which will enable financial institutions
to report a denial reason that is not
otherwise listed, will provide flexibility,
and will facilitate compliance.
107(a)(12) Pricing Information
Proposed Rule
ECOA section 704B(e)(2)(H)
authorizes the Bureau to require
financial institutions to compile and
maintain ‘‘any additional data that the
Bureau determines would aid in
fulfilling the purposes of [section
1071].’’ The Bureau proposed, in
§ 1002.107(a)(12), to require financial
institutions to report certain pricing
information for covered credit
transactions. Specifically, proposed
§ 1002.107(a)(12)(i)(A) would have
required financial institutions to report
the interest rate that is or would be
applicable to the covered credit
transaction; proposed
§ 1002.107(a)(12)(ii) would have
required financial institutions to report
the total origination charges for a
covered credit transaction; proposed
§ 1002.107(a)(12)(iii) would have
required financial institutions to report
the broker fees for a covered credit
transaction; proposed
§ 1002.107(a)(12)(iv) would have
required financial institutions to report
the total amount of all non-interest
charges that are scheduled to be
imposed over the first annual period of
the covered credit transaction; proposed
§ 1002.107(a)(12)(v) would have
required financial institutions to report,
for merchant cash advances or other
sales-based financing transactions, the
difference between the amount
advanced and the amount to be repaid;
and proposed § 1002.107(a)(12)(vi)
would have required financial
institutions to report information about
any prepayment penalties applicable to
the covered credit transaction.
Proposed comment 107(a)(12)–1
would have clarified that, for
applications that the financial
PO 00000
Frm 00159
Fmt 4701
Sfmt 4700
35307
institution reports as denied, withdrawn
by the applicant, or incomplete, the
financial institution reports pricing
information as ‘‘not applicable.’’
Proposed § 1002.107(a)(12) would have
applied only to credit transactions that
either have been originated or have been
approved by the financial institution but
not accepted by the applicant.
Comments Received
The Bureau sought comment on
proposed § 1002.107(a)(12) and its
commentary, including on additional
information that could help reduce
misinterpretations of disparities in
pricing, such as more information about
the nature of the collateral securing the
credit. The Bureau also sought comment
on ways to reduce burden on financial
institutions with respect to overlaps or
conflicts between State law disclosure
requirements and the Bureau’s proposal.
Numerous commenters addressed the
proposed pricing data point in their
feedback. The Bureau addresses
feedback on proposed § 1002.107(a)(12)
generally in this section; feedback on
specific aspects of proposed
§ 1002.107(a)(12)(i) through (vi) is
addressed in the section-by-section
analyses that follow.
Many commenters expressed views
on whether the Bureau should require
financial institutions to report any
pricing data. Some commenters,
including community groups, trade
associations, a lender, and a technology
service provider, supported the
inclusion of pricing information. These
commenters stated pricing information
will help data users understand not
simply whether credit is available to
certain borrowers, but the terms of such
credit. Several community groups said
that pricing information would help
with fair lending analysis, with one
community group stating that academic
research and mystery shopping tests
suggested the presence of
discrimination in the small business
lending market. Other community
groups said that pricing information
would allow users to identify unmet
business needs. A community group
commented that lenders were already
collecting much of the proposed pricing
data for SBA and CDFI programs, while
a trade association supported the
proposal but noted that CDFIs would
need more time to comply than larger
financial institutions.
Industry commenters generally
opposed including pricing information
in the final rule. These commenters
made several arguments in support of
their position. First, they asserted that
the final rule should include only data
points specifically enumerated in the
E:\FR\FM\31MYR2.SGM
31MYR2
lotter on DSK11XQN23PROD with RULES2
35308
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
statute. One commenter suggested that
because pricing was not expressly
enumerated in the statute, Congress
therefore did not intend for the data
collected and reported pursuant to
section 1071 to include pricing
information. Other commenters said
that pricing data (along with other data
points adopted pursuant to ECOA
section 704B(e)(2)(H)) would increase
the burden on financial institutions
because, for example, pricing
information can change throughout the
application and underwriting process.
And several industry commenters who
generally objected to the inclusion of
any data points pursuant to section
704B(e)(2)(H) claimed that lenders lack
systems that can calculate or collect all
the proposed pricing data.
Second, these commenters stated that
commercial financing is less
standardized than consumer financing,
such that pricing is influenced by a
wide variety of factors that they
believed would not be adequately
reflected in the 1071 data. Factors cited
included the credit score of the
applicant, the nature and value of
collateral, the loan purpose and type,
the presence of bundled services, the
applicant’s cash flow, the type of
business, the size of any down payment,
the strength of any guarantee, and debt
service coverage ratio. Commenters
elaborated on certain factors specific to
certain financial institutions or
transaction types. For example, a few
commenters stated that community
banks might make loans with higher
interest rates than other lenders to
comply with safety and soundness
requirements. Some agricultural lenders
and a trade association commented that
farm credit borrowers periodically
receive patronage dividends from
lenders, which effectively lowers the
cost of credit. And a group of trade
associations representing the insurance
premium financing industry stated that
the pricing of insurance premium
financing is determined almost entirely
by the value of the unearned premiums,
negating the benefit of pricing data for
these transactions.
The absence of information about
these other factors affecting the price of
credit, commenters argued, would cause
data users to draw inaccurate
conclusions when analyzing pricing in
the 1071 data. As a result, commenters
claimed, financial institutions would
suffer reputational harm from erroneous
accusations of fair lending violations or
other harmful pricing practices.
However, a community group
commented that advocates knew how to
responsibly use pricing data and
typically approach regulators or
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
industry before publicizing pricing
discrepancies. Industry commenters
also argued that misleading data would
reduce financial institutions’
willingness to consider individualized
factors in the lending process,
restricting the availability of credit to
small business applicants.
Many industry commenters also
opposed the disclosure of any pricing
information because of competition and
privacy concerns. These commenters
claimed that disclosure would reveal
confidential information that would put
financial institutions at a disadvantage.
For example, competitors could attract
borrowers with loans that were cheaper
but inferior in other respects. These
commenters also asserted that
disclosure of pricing information would
harm the privacy interests of applicants,
especially in small communities where
users could re-identify borrowers.
Instead of including pricing
information in the final rule, several
industry commenters suggested that
analysis of pricing data was more
appropriate in the supervision and
examination context. One trade
association asserted that requiring
pricing data in the rule would be
redundant of, or usurp, the supervisory
activities of the prudential regulators
because those agencies also collect and
use pricing information in their exams.
Another group of trade associations said
the Bureau could use information it
gathers in the course of exercising its
supervision authority to determine
whether pricing data could further fair
lending purposes before requiring such
data in the rule.
In contrast to industry commenters,
who generally objected to reporting any
pricing information, community groups
requested additional pricing
information. Specifically, numerous
community groups and a minority
business advocacy group, as well as
some lenders and a technology service
provider, asked the Bureau to require
financial institutions to report the
annual percentage rate (APR) for a
covered credit transaction. These
commenters stated that APR was the
only easily understandable, uniform,
and comprehensive single pricing
measure for comparing diverse
transactions. These commenters
generally did not argue that the
proposed pricing data point lacked
value, but that APR would provide
additional information that was superior
in certain respects. For example, a crosssector group of lenders, community
groups, and small business advocates
asserted that the diversity of
transactions in the small business
lending market increased the value of
PO 00000
Frm 00160
Fmt 4701
Sfmt 4700
APR, because comparing loan pricing
would be difficult without a single
measure. This group further stated that
unlike the proposed pricing data, which
lacked a time period, APR standardizes
the cost of a transaction over a year.
A few commenters believed that APR
would make the pricing data easier for
data users to understand. Some stated
that although sophisticated data users
might be able to estimate APR from the
proposed data points, the 1071 data
should allow anyone to gain
information about small business loan
pricing. Also, the cross-sector group’s
comment discussed above noted that
many small business owners are
familiar with APR from their consumer
financing transactions.
Regarding burden, several of these
commenters asserted that calculating
APR was feasible in the small business
lending market, with many noting that
APR is a formula amenable to
calculation through an automated
process using generally available
software. For non-traditional
transactions such as merchant cash
advances, commenters suggested
estimating the term length from
repayment data or from the term, if any,
that the financial institution calculated
during the underwriting process.
Indeed, some of these commenters also
believed that the market was evolving
toward the use of APR for commercial
finance transactions. They cited the
New York and California commercial
financing disclosure laws, as well as
private disclosure initiatives that
include the APR, such as the SMART
Box and Small Business Borrower’s Bill
of Rights.620 A CDFI lender predicted
that financial institutions would
eventually use a single disclosure to
comply with all State disclosure laws,
which would resolve any issues with
differing APR methodologies among the
states. A bank commented that if the
Bureau required pricing information, it
should adopt only APR because
reporting APR was simpler than
reporting multiple pieces of pricing
information.
A few commenters suggested
alternatives if the Bureau did not adopt
APR, including requiring APR for a
subset of transactions for which
620 See Cal. S.B. 1235 (Sept. 30, 2018), https://
leginfo.legislature.ca.gov/faces/
billTextClient.xhtml?bill_id=201720180SB1235;
N.Y. S.B. S5470B (July 23, 2020), https://
legislation.nysenate.gov/pdf/bills/2019/S5470B;
Innovative Lending Platform Ass’n, The SMART
Box Model Disclosure—In Depth, https://
innovativelending.org/smart-box-model-disclosuredepth/ (last visited Mar. 20, 2023); Responsible Bus.
Lending Coal., Small Business Borrower’s Bill of
Rights (2021), https://www.borrowersbillofrights.org/
bill-of-rights.html.
E:\FR\FM\31MYR2.SGM
31MYR2
lotter on DSK11XQN23PROD with RULES2
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
calculating APR was feasible or having
the Bureau calculate and publish APR
data itself.
Although industry commenters
largely did not address APR, a few
offered arguments against its inclusion
in the final rule. A group of trade
associations questioned the existence of
a trend toward the use of APR in
commercial financing, noting that only
California and Virginia had adopted
commercial financing disclosure laws at
the time of the NPRM. This group also
speculated that Congress believed APR
may be inappropriate for the small
business lending market because it did
not extend TILA to commercial credit in
the Dodd-Frank Act. Other commenters
discussed the burden of reporting APR.
Several banks stated that lenders would
need to change their systems to
calculate APR for small business loans.
A State bankers association asserted that
the terms of small business loans did
not allow APR to be calculated. And a
CDFI lender stated that APR
calculations are infeasible for loans
made under the SBA’s 7(a) program.621
Such loans, the commenter explained,
have fees that may vary based on the
type or purpose of the loan, which
makes the APR difficult to determine
accurately.
Finally, some commenters directed
their feedback to the scope of the
proposed pricing data point. Some
community groups asked the Bureau to
require pricing information for all
counteroffers because, they asserted,
such information would illuminate
situations where lenders are prepared to
extend credit on less desirable terms
than those requested by the applicant.
An industry commenter recommended
limiting the pricing information to
originated transactions because it
believed pricing information for
approved applications held no fair
lending value. But some community
groups commented that including
approved applications in reported
pricing data would further fair lending
purposes, such as allowing data users to
evaluate whether financial institutions
are offering high-priced loans to
minority applicants that the applicants
do not accept. A trade association
commented that the pricing information
should include only interest rate and
origination charges but offered no
explanation for its position.
621 See Cong. Rsch. Serv., Small Business
Administration 7(a) Loan Guaranty Program,
https://fas.org/sgp/crs/misc/R41146.pdf (updated
June 30, 2022) (discussing the SBA’s flagship 7(a)
loan guarantee program).
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
Final Rule
For the reasons set forth herein, the
Bureau is finalizing § 1002.107(a)(12)
and associated commentary with certain
adjustments. Final § 1002.107(a)(12)(i)
through (vi) require reporting of the
following for covered credit transactions
that are originated or approved by the
financial institution but not accepted by
the applicant: interest rate; total
origination charges; broker fees; the total
amount of all non-interest charges that
are scheduled to be imposed over the
first annual period; for a merchant cash
advance or other sales-based financing
transaction, the difference between the
amount advanced and the amount to be
repaid; and information about any
applicable prepayment penalties. The
details of final § 1002.107(a)(12)(i)
through (vi) are discussed in turn in the
section-by-section analyses that follow;
the discussion here focuses on the
Bureau’s overall approach to the pricing
data point.
The Bureau is finalizing comment
107(a)(12)–1 as proposed, which
clarifies that, for applications that the
financial institution reports as denied,
withdrawn by the applicant, or
incomplete, the financial institution
reports pricing information as ‘‘not
applicable.’’
As discussed in the NPRM, the
Bureau believes that pricing data will
further both the fair lending purpose
and the business and community
development purpose of section 1071.
The majority of small businesses are run
by a single owner without extensive
financial experience or expert staff to
navigate the commercial credit
marketplace, which lacks many of the
Federal protections found in consumer
lending.622 Heightened risks to fair
lending and small business
development may arise from different
pricing for the same products and the
selective marketing of higher-priced or
even predatory and unsustainable
products. Because price-setting is
integral to the functioning of any
market, any analysis of the small
business lending market—including to
enforce fair lending laws or identify
community and business development
opportunities—would be less
meaningful without this information.
Research conducted for the
Department of Commerce has found that
minority-owned businesses tend to pay
higher interest rates on business loans
622 For example, TILA’s standardized disclosure
requirements for residential mortgage loans and
limits on linking compensation to mortgage loan
terms, including pricing, do not apply to business
loans. See, e.g., 15 U.S.C. 1639b, Regulation Z
§ 1026.36 (TILA’s prohibition on basing mortgage
loan originator compensation on loan terms).
PO 00000
Frm 00161
Fmt 4701
Sfmt 4700
35309
than those that are not minorityowned,623 and a report by the Federal
Reserve Bank of Atlanta found that
minority-owned firms more frequently
applied for potentially higher-cost credit
products, and were also more likely to
report challenges in obtaining credit,
such as being offered high interest
rates.624 In addition, research conducted
for the SBA has found that Black- and
Hispanic-owned businesses were less
likely to have business bank loans and
more likely to use more expensive credit
card financing.625 The 2020 Small
Business Credit Survey by a
collaboration of Federal Reserve Banks
found that small business applicants to
nonbank lenders, such as online lenders
and finance companies, were more
likely to report high interest rates or
unfavorable terms than applicants to
depository institutions.626 To the extent
that the recovery from the lingering
economic disruptions following the
COVID–19 pandemic is still ongoing
when covered financial institutions
begin collecting data under this final
rule, and in regard to emergencies
affecting small business access to credit
that may occur in the future, tracking
pricing in this segment of the market is
particularly important.
The Bureau believes pricing data are
important because they offer useful
insight into underwriting disparities
and are necessary for data users to
examine predatory pricing or pricing
disparities. For example, they might
show that a particular market segment is
expanding and apparently filling an
important need, but the new credit
offered might be predatory in nature.
Pricing information will allow the
Bureau and others to understand the
situation more accurately. Data
collection without pricing information
623 Minority Bus. Dev. Agency, U.S. Dep’t of
Com., Disparities in Capital Access between
Minority and Non-Minority-Owned Businesses: The
Troubling Reality of Capital Limitations Faced by
MBEs, at 3, 5, 21, 36–37 (2010), https://
archive.mbda.gov/page/executive-summarydisparities-capital-access-between-minority-andnon-minority-businesses.html.
624 Fed. Rsrv. Bank of Atlanta, Report on Minority
Owned Firms: Small Business Credit Survey (Dec.
2019), https://www.fedsmallbusiness.org/-/media/
project/smallbizcredittenant/fedsmallbusinesssite/
fedsmallbusiness/files/2019/20191211-cedminority-owned-firms-report.pdf.
625 Alicia Robb, Financing Patterns and Credit
Market Experiences: A Comparison by Race and
Ethnicity for U.S. Employer Firms, at 47 (2018)
(prepared for Off. of Advocacy, Small Bus. Admin.),
https://advocacy.sba.gov/2018/02/01/financingpatterns-and-credit-market-experiences-acomparison-by-race-and-ethnicity-for-u-s-employerfirms/.
626 However, the survey noted that online lenders
tended to receive applications with lower credit
scores so applicant risk could play a role in higher
interest rates for nonbank lenders. See 2020 Small
Business Credit Survey at 15.
E:\FR\FM\31MYR2.SGM
31MYR2
lotter on DSK11XQN23PROD with RULES2
35310
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
could have the unintended consequence
of incentivizing irresponsible lending,
as providers seeking to increase
representation of underserved groups
could be encouraged to adopt high-cost
models of lending.
Without information on pricing, data
users would be unable to screen for fair
lending pricing risks, and regulators
would be less able to focus their
enforcement and supervision resources
appropriately on situations of greater
possibility for questionable activities. In
addition, if potential discriminatory
conduct is monitored effectively in
regard to credit approvals, but not in
regard to pricing, industry compliance
systems may focus solely on approvals
and denials and ignore potential pricing
disparities. Having pricing data
available will also increase transparency
and help demonstrate to lenders where
business opportunities exist to offer
sustainable credit to underserved
markets. In addition, it could
demonstrate to small businesses the
availability of more affordable credit.
Pricing information that is separately
enumerated as the interest rate and
general categories of fees will allow data
users to more precisely analyze the
components of a credit transaction’s
price. For example, data users will be
able to identify potentially
discriminatory price disparities within
upfront fees charged to borrowers at
origination that may not be visible in a
single pricing metric. Similarly,
information about which components of
a transaction’s price may be relatively
more expensive should allow data users
to better identify business and
community development initiatives
because they will be able to target their
initiative at the particular component,
such as the interest rate, that may be
most responsible for the relatively high
price of the transaction. The Bureau’s
decision not to require reporting of APR,
as requested by some commenters, is
discussed in more detail below.
The Bureau disagrees with
commenters who suggested the pricing
data point lacks congressional
authorization. ECOA section
704B(e)(2)(H) authorizes the Bureau to
require financial institutions to compile
and maintain ‘‘any additional data that
the Bureau determines would aid in
fulfilling the purposes of [section
1071].’’ This provision reflects
Congress’s understanding that certain
information not explicitly identified in
section 1071 may advance the statutory
purposes. As described herein, the
pricing data point satisfies this
standard.
The Bureau understands that the
small business lending market is
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
flexible and tailored to the situations of
small business applicants and
borrowers. For this reason, pricing for
small business credit is affected by
numerous factors, some of which are not
reflected in the 1071 data. For example,
the final rule does not require financial
institutions to report applicants’ credit
scores, which would provide useful
information for explaining pricing
differences between transactions. But
the Bureau believes that commenters
have understated the amount of
information the final rule includes
about factors relevant to pricing. For
example, the final rule includes
information about the existence and
nature of collateral; 627 the credit
purpose and type; 628 the applicant’s
industry,629 size,630 and history; 631 the
type of guarantee; 632 and the type of the
lender.633 This information will provide
important context for pricing data.
More broadly, the 1071 data need not
reflect every determinant of credit
pricing to provide value to users. The
pricing data will further fair lending
enforcement by allowing regulators to
better understand fair lending risks and
allocate their resources accordingly. As
explained in the NPRM, HMDA data
have long served a similar function.
Some commenters questioned the
analogy to HMDA data, citing greater
standardization in the mortgage market.
But the same basic utility—signaling fair
lending risk—exists even if the nature of
the signal differs. Indeed, with respect
to entities it supervises, the Bureau
similarly uses pricing data, when
available in small business
examinations, to help identify fair
lending risk.
Regarding suggestions that the Bureau
consult supervisory and examination
data before adopting any pricing data
requirements, the Bureau has relied on
its experience in these areas while
developing the final rule. The Bureau
does not believe this rule is redundant
627 See final § 1002.107(a)(5) (indicating whether
credit is secured or unsecured); final
§ 1002.107(a)(6) (suggesting, along with the credit
type data point, whether a loan is secured by a
dwelling).
628 See final § 1002.107(a)(5) (credit type); final
§ 1002.107(a)(6) (credit purpose). The Bureau also
notes that insurance premium finance transactions
are not covered by the final rule (see final
§ 1002.104(b)(3)). Thus, the unique challenges of
interpreting pricing information cited by
commenters for those transactions will not affect
data users.
629 See final § 1002.107(a)(15) (NAICS code).
630 The gross annual revenue and number of
workers data points are related to the applicant’s
size. See final § 1002.107(a)(14) and (16).
631 See final § 1002.107(a)(17) (time in business).
632 See final § 1002.107(a)(5)(ii) (guarantees).
633 See final § 1002.109(b) (financial institution
identifying information).
PO 00000
Frm 00162
Fmt 4701
Sfmt 4700
of the supervision and examination
activities of any Federal agency.
Moreover, confidential supervisory
information available only to Federal
regulators is no substitute for a publicly
available dataset.
Furthermore, comments that focus
narrowly on comparisons between
applicants ignore the business and
community development purpose of
section 1071. Data users can examine
pricing data at a more general level to
further this purpose. For example,
government entities could develop loan
programs designed to increase the
availability of credit to certain small
businesses whose existing financing
options carry high prices.
Regarding comments about the
harmful consequences of potentially
misleading data, the Bureau anticipates
noting when disclosing the 1071 data
that the data alone generally do not offer
proof of compliance with fair lending
laws.634 And the Bureau expects
community groups to use the data
responsibly, with knowledge of these
limitations, which such groups say they
have. The Bureau does not believe, as
suggested by commenters, that pricing
data would reduce the availability of
credit to small business applicants.
Instead, by helping to reduce fair
lending risk and identify business and
community development opportunities,
the pricing data will help expand access
to credit. Privacy and confidentiality
concerns about the pricing data are
discussed in part VIII.B.6.x below.
The Bureau understands that many
financial institutions will incur costs to
collect and report pricing information.
The Bureau has attempted to reduce the
difficulty of collecting and reporting
these data in several ways. For example,
final § 1002.107(a)(12) is limited to
approved applications and originated
transactions. These are transactions for
which financial institutions generally
would have to determine the price to
approve (or originate) the transaction.
Other transactions—i.e., those that are
denied, withdrawn by the applicant, or
incomplete—are likely to have pricing
information that is subject to change or
that has not yet been determined. In
addition, final § 1002.107(a)(12)
generally takes a broad, functional
approach to the reportability of pricing
information, rather than defining
reportability according to complex
factors such as how a fee is
634 For example, the FFIEC cautions users of
HMDA data that ‘‘HMDA data are generally not
used alone to determine whether a lender is
complying with fair lending laws.’’ CFPB, Summary
of 2021 Data on Mortgage Lending (2022), https://
www.consumerfinance.gov/data-research/hmda/
summary-of-2021-data-on-mortgage-lending/.
E:\FR\FM\31MYR2.SGM
31MYR2
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
lotter on DSK11XQN23PROD with RULES2
denominated or the nature of the
collateral securing a transaction. The
Bureau believes this will simplify the
collection and reporting process.
Despite any remaining burden for
financial institutions, the Bureau
believes that pricing data are important
for achieving both of section 1071’s
purposes.
Further reducing the potential
difficulty of reporting pricing data, the
Bureau has decided against requiring
financial institutions to report APR at
this time. Calculating and reporting APR
across the diverse types of commercial
transactions covered by the final rule
may require complex estimates to
generate necessary variables for the APR
formula. Many merchant cash advances,
for example, lack a disclosed periodic
payment amount. Thus, financial
institutions would have to estimate this
term, if they do not do so now, to
calculate an APR. Although financial
institutions may estimate some of the
necessary information during
underwriting, they may not estimate it
according to the same formula, and may
not maintain such information in a
system designed for data reporting. The
Bureau understands that many financial
institutions will calculate APR to
comply with State commercial financing
disclosure laws.635 But many financial
institutions are not currently subject to
such State laws, or are subject to State
laws that do not require APR
disclosure.636 As noted in the NPRM,
the Bureau will continue to monitor
regulatory developments in the small
business lending market. The Bureau
considered requiring reporting of APR
only for transactions where it is less
complex to calculate, as some
commenters suggested. But a limitedtransaction APR reporting requirement
would negate two important benefits
that commenters cited for APR: using it
to compare diverse types of transactions
and to apply a single intuitive pricing
measure for nontraditional types of
financing.
The Bureau understands commenters’
concerns over the accessibility and
comparability of rate and fees versus
APR. Final § 1002.107(a)(5)(iii) requires
635 Cal. Dep’t of Fin. Prot. & Innovation,
Commercial Financing Disclosures (2022), https://
dfpi.ca.gov/wp-content/uploads/sites/337/2022/06/
PRO-01-18-Commercial-Financing-DisclosureRegulation-Final-Text.pdf; N.Y. Dep’t of Fin. Servs.,
Proposed Disclosure Requirements for Certain
Providers of Commercial Financing Transactions
(2022), https://www.dfs.ny.gov/system/files/
documents/2022/09/rp_23nycrr600_text_
20220914.pdf.
636 Utah Dep’t of Fin. Insts., Commercial
Financing Registration and Disclosure Act (2022),
https://le.utah.gov/xcode/Title7/Chapter27/C7-27_
2022050420220504.pdf.
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
financial institutions to report loan
term; the Bureau has added to final
comment 107(a)(6)–8 a requirement that
financial institutions report, for
merchant cash advances and other salesbased financing, the loan term, if any,
that the financial institution estimated,
specified, or disclosed in processing or
underwriting the application or
transaction. This information will
provide important context for data users
comparing the pricing of different
transactions and help address the
criticism over the lack of a time period
for pricing data. Regarding accessibility,
the Bureau believes the pricing data will
be generally understandable by data
users. Most of the pricing data are
similar to information found on existing
consumer and commercial credit
disclosures, including the State
commercial financing disclosures cited
by commenters. Additionally, the
Bureau anticipates that government
agencies, researchers, press
organizations, community groups, and
others will publish research and reports
using the small business lending data,
just as they do now with HMDA data.
These publications may render pricing
information in a form more accessible to
other users.
Finally, the Bureau is not adopting
modifications to the scope of the pricing
data point. As discussed above, limiting
the pricing data to approved and
originated transactions reduces the
difficulty of reporting while providing
important information about the pricing
decisions of financial institutions. The
Bureau does not believe, as suggested by
a commenter, that approved but not
accepted applications lack value for fair
lending analysis. Rather, these
applications are similarly valuable
because they also reflect transactions for
which the lender has made a credit
decision and set the pricing for the
transaction. Lastly, limiting final
§ 1002.107(a)(12) to interest rate and
origination charges would deprive data
users of the benefits of other pricing
information. The importance of each
aspect of the pricing data point is
discussed in the section-by-section
analyses that follow.
107(a)(12)(i) Interest Rate
Proposed Rule
Proposed § 1002.107(a)(12)(i)(A)
would have required financial
institutions to report the interest rate
that is or would be applicable to the
covered credit transaction. If the interest
rate is adjustable, proposed
§ 1002.107(a)(12)(i)(B) would have
required the submission of the margin,
index value, and index name that is or
PO 00000
Frm 00163
Fmt 4701
Sfmt 4700
35311
would be applicable to the covered
credit transaction at origination.637
Proposed comment 107(a)(12)(i)–1
would have clarified that if a covered
credit transaction includes an initial
period with an introductory interest
rate, after which the interest rate
adjusts, a financial institution complies
by reporting information about the
interest rate applicable after the
introductory period. Proposed comment
107(a)(12)(i)–2 would have explained
that a financial institution reports the
interest rate applicable to the amount of
credit approved or originated reported
in proposed § 1002.107(a)(8) if a covered
credit transaction includes multiple
interest rates applicable to different
credit features. Lastly, proposed
comment 107(a)(12)(i)–3 listed a
number of indices to report and directed
that if the index used does not appear
on the list of indices provided, the
financial institution reports ‘‘other’’ and
provides the name of the index via freeform text field.
Proposed § 1002.107(a)(12)(i)(B)
would have provided that, for adjustable
interest rates based upon an index, a
financial institution must report the
margin, index value, and index name
that is or would be applicable to the
covered credit transaction at origination.
Proposed comment 107(a)(12)(i)–4
would have clarified that a financial
institution complies with proposed
§ 1002.107(a)(12)(i)(B) by reporting the
index value at the time the application
is approved by the financial institution.
The Bureau sought comment on
whether the index value should be
reported based on a different time
period or whether the index value
should be reported at the time of
approval.
The Bureau sought comment on
proposed § 1002.107(a)(12)(i) and its
commentary, including whether a
different measure of pricing would
provide more accurate data, whether
additional information about pricing
(for example, amortization type or
adjustment frequency) would provide
beneficial data to help ascertain fair
lending risk and further the business
and community development purpose
of section 1071, and whether there are
additional indices that should be
included in the list from which
financial institutions choose to report
the applicable index on adjustable rate
transactions. Lastly, the Bureau sought
637 It should be noted that not all covered credit
transactions include an interest rate. Final
§ 1002.107(a)(12)(v) applies to certain covered
credit transactions that do not include an interest
rate. The discussion of final § 1002.107(a)(12)(iv)
below also addresses other covered credit
transactions that may not include an interest rate.
E:\FR\FM\31MYR2.SGM
31MYR2
35312
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
lotter on DSK11XQN23PROD with RULES2
comment on whether there may be
covered credit transactions where the
interest rate may change after
origination based on factors such as if
the borrower maintains an account at
the financial institution or if some other
condition is met, and if so, whether
additional commentary would be
helpful to provide more guidance on
which rate to report in that
circumstance.638
Comments Received
The Bureau received comments
specifically regarding the collection of
interest rate from banks and trade
associations, among others. While some
commenters supported the Bureau’s
proposal, several industry commenters
had questions regarding how the
provision would work. The community
group stated that interest rate
information is beneficial as long as data
users have access to both the initial
interest rate and the interest rate after a
potential initial rate reset. An industry
commenter agreed that interest rate
information would be helpful in
conducting fair lending analyses. In
contrast, a bank commenter asserted
that interest rate information is of
limited value.
Regarding the details of the Bureau’s
proposal to collect interest rate, a bank
commenter noted that commercial loans
may have more than one interest rate.
With respect to indices for variable rate
transactions and the Bureau’s
solicitation of comment on whether the
index value should be reported based on
a different time period or if at approval
is the most appropriate time to measure,
a group of trade associations asserted in
their comment that the index value is
often not related to the timing of
approval or origination, and will not
provide useful data, while a bank
commented that it would be less
burdensome to report the index value
used to establish the interest rate rather
than the value at the time of approval.
A State bankers association asserted that
the index value at approval may not
have any connection to the price of the
loan, providing the example of
agricultural lending where the rate and
terms are set after the financial
institution approves the loan. Two
industry commenters noted that the
index value could change between
approval and origination. Another bank
requested that Constant Maturity
Treasury (CMT) rate be included in the
list of indices. Two trade associations
inquired as to how to report an internal
index used to set the rate on a variable
638 The Bureau did not receive any comments on
this solicitation.
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
rate transaction, while a bank
commenter stated that use of internal
indices that are unique to a financial
institution would make interest rate
data difficult to interpret.
A bank requested clarification of the
term ‘‘introductory period.’’ Another
bank asserted that for a variable interest
rate transaction with a five-year
introductory period, the interest rate
data reported at approval will be
outdated and inaccurate when the
period ends. Finally, a trade association
inquired as to how a financial
institution would report an interest rate
that is unknown at origination, such as
a line of credit whose interest rate
changes based on the amount advanced.
Final Rule
For the reasons set forth herein, the
Bureau is finalizing § 1002.107(a)(12)(i)
with one addition, as well as with other
adjustments and additions to the
commentary to address comments
received regarding introductory interest
rate periods and adjustable interest
rates. Final § 1002.107(a)(12)(i) requires
financial institutions to report the
interest rate that is or would be
applicable to the covered credit
transaction. If the interest rate is
adjustable, final § 1002.107(a)(12)(i)(B)
requires the submission of the margin,
index value, introductory rate period
expressed in months (if applicable), and
the index name that is or would be
applicable to the covered credit
transaction. As with all aspects of
pricing within § 1002.107(a)(12), this
requirement applies to credit
transactions that either have been
originated or have been approved by the
financial institution but not accepted by
the applicant.
The Bureau believes that collection of
the interest rate on the covered credit
transaction furthers both the fair lending
purpose and the business and
community development purpose of
section 1071 by allowing regulators,
small business advocates, and industry
to conduct fair lending reviews and
monitor the market for emerging highcost products. In addition, the
availability of this pricing metric will
provide pricing transparency and will
encourage the development of
successful lending models because
policymakers, community
organizations, investors, banks seeking
partnerships, and others will have better
visibility into which business models
are successful at providing sustainable
credit to minority-owned, womenowned, and other underserved small
businesses.
Furthermore, research has found that
minority-owned businesses tend to
PO 00000
Frm 00164
Fmt 4701
Sfmt 4700
obtain, or be offered, higher interest
rates on business credit than nonminority-owned businesses.639 The
collection of interest rate (along with
fees) will allow the Bureau, other
government agencies, and other data
users to have insight into the existing
market, monitor the market for
potentially troubling trends, and
conduct fair lending analyses that
adequately take into account this
important metric.
In general, interest rate information
should be in or readily determinable
from the credit file, and thus available
for reporting. To the extent that it is not,
the Bureau notes that certain State-level
commercial lending disclosures, notably
those of California and New York,
require the disclosure of APR.640
Because the interest rate must be known
to calculate APR, the Bureau believes
that final § 1002.107(a)(12)(i) imposes
little burden on financial institutions
that already include the interest rate on
such disclosures required by State law,
as well as on the contract between the
financial institution and the applicant.
As noted above, final
§ 1002.107(a)(12)(i) remains largely the
same as proposed § 1002.107(a)(12)(i).
However, the Bureau has added to final
§ 1002.107(a)(12)(i)(B) a requirement
that financial institutions report the
initial rate period expressed in months
(if applicable) (along with the margin,
index value, and the index name that is
or would be applicable to the covered
credit transaction, as proposed). The
Bureau agrees with commenters that for
transactions with a variable interest rate
where there is an initial rate and the
interest rate resets after a certain period,
at the time the financial institution
approves the transaction and sets the
interest rate, the financial institution
will not know the future value of the
index used to create the interest rate. By
collecting the number of months of the
initial period (if any), the rule will allow
data users to determine the accurate
interest rate applicable to the
transaction because they will have the
name of the index and the timing of the
index value. For example, as written in
final comment 107(a)(12)(i)–2, if a
639 U.S. Dep’t of Com., Minority Business
Development Agency, Disparities in Capital Access
between Minority and Non-Minority-Owned
Businesses: The Troubling Reality of Capital
Limitations Faced by MBEs, at 3, 5, 21, 36–37
(2010), https://archive.mbda.gov/page/executivesummary-disparities-capital-access-betweenminority-and-non-minority-businesses.html.
640 See N.Y. S.898, section 803(c) (signed Jan. 6,
2021) (amending S.5470–B), https://legislation
.nysenate.gov/pdf/bills/2021/s898; Cal. S.B. 1235
(Sept. 30, 2018), https://leginfo.legislature.ca.gov/
faces/billTextClient.xhtml?bill_
id=201720180SB1235.
E:\FR\FM\31MYR2.SGM
31MYR2
lotter on DSK11XQN23PROD with RULES2
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
financial institution originates a covered
credit transaction with a fixed initial
interest rate of 0 percent for six months
following origination, after which the
interest rate will adjust according to a
Prime index rate plus a 3 percent
margin, the financial institution reports
the 3 percent margin, the number ‘‘6’’
for the length of the initial rate period,
Prime as the name of the index used to
adjust the interest rate, and ‘‘not
applicable’’ for the index value.
New comment 107(a)(12)(i)–1 clarifies
that a financial institution complies
with § 1002.107(a)(12)(i) by reporting
the interest rate applicable to the
amount of credit approved or originated
as reported pursuant to final
§ 1002.107(a)(8). The Bureau is adopting
this comment to address the issue raised
by a commenter as to how a financial
institution would report an interest rate
that is unknown at origination or where
the rate changes based on the amount
advanced, such as with some lines of
credit.
The Bureau is adopting comment
107(a)(12)(i)–2 (renumbered from
107(a)(12)(i)–1 in the proposal) with
several alterations. Final comment
107(a)(12)(i)–2 clarifies that if a covered
credit transaction includes an initial
period with an introductory interest rate
of 12 months or less, after which the
interest rate adjusts upwards or shifts
from a fixed to a variable rate, a
financial institution complies with the
provision by reporting information
about the interest rate applicable after
the introductory period. If a covered
transaction includes an initial rate
period of more than 12 months after
which the interest rate resets, a financial
institution complies with the provision
by reporting information about the
interest rate applicable prior to the reset
period. Final comment 107(a)(12)(i)–2
also provides two examples to illustrate
these scenarios. The Bureau’s revisions
to this comment address a commenter’s
request to clarify the term ‘‘introductory
period’’ (which the Bureau has done by
clarifying that an introductory period
includes an initial period of 12 months
or less after which the interest rate
adjusts upward or shifts from a fixed to
a variable rate), as well as another
commenter’s concern that in a
transaction with a five-year introductory
period, the interest rate reported at
approval will be outdated and
inaccurate when the period ends.
Final comment 107(a)(12)(i)–3
(renumbered from proposed comment
107(a)(12)(i)–2 with one non-substantive
adjustment) clarifies that if a covered
credit transaction includes multiple
interest rates applicable to different
credit features, a financial institution
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
complies with § 1002.107(a)(12)(i) by
reporting the interest rate applicable to
the amount of credit approved or
originated reported pursuant to final
§ 1002.107(a)(8). The comment also
provides an example.
Final comment 107(a)(12)(i)–4
(renumbered from proposed comment
107(a)(12)(i)–3) includes a list of indices
for reporting the appropriate index for
variable rate transactions, and also
specifies that a financial institution
reports ‘‘other’’ and reports the index
name in free-form text if the applicable
index is not listed. The Bureau has
added CMT to the list of indices in the
comment, as requested by a commenter.
In response to requests from a number
of commenters for clarification as to
how a financial institution should
report internal indices, the Bureau has
also added ‘‘Internal Index’’ to the list
of indices in the comment. The Bureau
believes that allowing financial
institutions to choose ‘‘other’’ when an
index used does not appear on the
provided list will facilitate compliance.
In addition, collecting this information
on ‘‘other’’ indices will assist the
Bureau in monitoring trends in this area
and key developments in the small
business lending market, which the
Bureau could use to inform any future
iterations of the list.
Final comment 107(a)(12)(i)–5
(renumbered from proposed comment
107(a)(12)(i)–4) clarifies that a financial
institution complies with
§ 1002.107(a)(12)(i) by reporting the
index value used to set the rate that is
or would be applicable to the covered
transaction. Proposed comment
107(a)(12)(i)–4 would have required
financial institutions to report, for
covered transactions with an adjustable
interest rate, the index value applicable
at the time the application was
approved by the financial institution.
Some commenters stated that the index
value at the time of approval may have
no relationship to the index value used
to set the interest rate and that it would
be less burdensome to report the index
value used to establish the interest rate
rather than the value at the time of
approval. To address these concerns, the
Bureau has adjusted final comment
107(a)(12)(i)–5 to require reporting of
the index value used to set the rate that
is or would be applicable to the covered
transaction. In most cases, this will be
the index value at the time of approval,
because the financial institution will set
the pricing when the credit decision is
made, but in cases where there might be
a difference, this comment as revised
will ensure that financial institutions
are reporting the index value actually
used to establish the interest rate, rather
PO 00000
Frm 00165
Fmt 4701
Sfmt 4700
35313
than the value that otherwise exists at
the time of approval.
107(a)(12)(ii) Total Origination Charges
Proposed Rule
Proposed § 1002.107(a)(12)(ii) would
have required financial institutions to
report the total origination charges for a
covered credit transaction. Total
origination charges are the total amount
of all charges payable directly or
indirectly by the applicant and imposed
directly or indirectly by the financial
institution at or before origination as an
incident to or a condition of the
extension of credit, expressed in dollars.
Proposed comment 107(a)(12)(ii)–1
would have clarified that charges
imposed uniformly in cash and credit
transactions are not reportable.
Proposed comment 107(a)(12)(ii)–2
would have provided guidance on
reporting charges imposed by third
parties. Proposed comment
107(a)(12)(ii)–3 would have clarified
that broker fees are included in the total
origination charges.641 Proposed
comment 107(a)(12)(ii)–4 would have
provided guidance on reporting charges
for other products or services paid at or
before origination. And proposed
comment 107(a)(12)(ii)–5 would have
listed examples of reportable charges.
The Bureau sought comment on
proposed § 1002.107(a)(12)(ii) and its
commentary, including whether
concepts and guidance adapted from
Regulation Z, such as proposed
comment 107(a)(12)(ii)–1 on comparable
cash transactions, were applicable in the
small business lending context such that
they should be incorporated as drafted.
The Bureau also sought comment on
whether to enumerate certain types of
charges separately in the 1071 data, and
whether to include or exclude certain
types of charges in the total origination
charges.
Comments Received
The Bureau received comments
specifically regarding total origination
charges from several banks and trade
associations, along with a community
group and a joint letter from a crosssector group of lenders, community
groups, and small business advocates.
A few industry commenters
questioned the utility of information
about total origination charges. For
example, several commenters asserted
that proposed § 1002.107(a)(12)(ii)
would not provide useful data because
the amount of origination charges may
vary based on factors not captured by
641 For more information on broker fees, see the
section-by-section analysis of § 1002.107(a)(12)(iii)
below.
E:\FR\FM\31MYR2.SGM
31MYR2
lotter on DSK11XQN23PROD with RULES2
35314
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
the 1071 data, such as geographical
differences in appraisal fees. A group of
trade associations stated that including
broker fees while itemizing them
separately in another data field would
inflate the amount of origination
charges. And a bank preferred to report
only origination points but believed that
such data would provide only limited
value. This commenter did not define
origination points but the Bureau
understands the term to refer to one way
that financial institutions denote fees
paid to the lender for originating the
loan. However, the cross-sector group
commented that total origination
charges would be especially helpful for
data users examining the cost of
merchant cash advances because these
transactions include upfront fees not
otherwise captured in the pricing data.
A few commenters asserted that
reporting total origination charges
would be burdensome. For example,
several industry commenters stated that
calculating the finance charge under
Regulation Z, which defines certain
charges similar to the proposed total
origination charges data field, is
complex and not performed for
commercial credit transactions. And a
trade association suggested that the
proposed treatment of certain charges,
such as a borrower’s premium for
property insurance, was unclear.
Several commenters addressed
specific aspects of total origination
charges. For example, a community
group stated that charges imposed
uniformly in cash and credit
transactions should be reportable
because, they asserted, such charges are
rare and the existence of such an
exclusion may encourage fee shifting.
Conversely, a trade association stated
that any charge imposed uniformly on
all applicants should be excluded
because such a charge could not be the
source of a pricing disparity. Several
industry commenters stated that thirdparty charges should be excluded
because the imposition of such fees is
often outside a financial institution’s
control, while a group of trade
associations found the treatment of such
charges confusing. Finally, another
trade association stated that aligning the
definition of total origination charges to
Regulation C’s definition of origination
charges used to report data under
HMDA 642 would provide helpful clarity
because the Regulation C definition is
understood to include only charges
retained by the financial institution.
642 12
CFR 1003.4(a)(18).
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
Final Rule
For the reasons set forth herein, the
Bureau is finalizing § 1002.107(a)(12)(ii)
with additional clarifying commentary.
Final § 1002.107(a)(12)(ii) requires
financial institutions to report the total
amount of all charges payable directly
or indirectly by the applicant and
imposed directly or indirectly by the
financial institution at or before
origination as an incident to or a
condition of the extension of credit,
expressed in dollars. As with all aspects
of pricing within § 1002.107(a)(12), this
requirement applies to credit
transactions that either have been
originated or have been approved by the
financial institution but not accepted by
the applicant.
The Bureau is finalizing comments
107(a)(12)(ii)–1 through –5 as proposed.
In addition, the Bureau is adopting final
comment 107(a)(12)(ii)–6, which
clarifies the reporting of a net lender
credit provided by a financial
institution to an applicant at
origination.
As discussed in the NPRM, total
origination charges provide information
about an important component of
pricing for small business credit: the
upfront cost of originating and
extending credit. This relatively specific
information enables insight into credit
pricing that would be obscured by more
general information, such as the tradeoffs between the interest rate and the
upfront charges. Indeed, new comment
107(a)(12)(ii)–6 enhances users’ ability
to examine the relationship between
components of credit pricing by
clarifying how to report net lender
credits provided to the applicant. For
example, without information about net
lender credits, transactions where a
borrower accepted a lender credit at
origination in exchange for a higher
interest rate would appear to have
inflated prices. Moreover, by generally
covering all upfront fees and credits
regardless of how they are structured
and denominated, final
§ 1002.107(a)(12)(ii) limits financial
institutions’ opportunity to shift fees to
excluded charges by giving similar fees
different names. Thus, final
§ 1002.107(a)(12)(ii) will enable users to
better understand pricing disparities
and identify potential business and
community development opportunities.
The Bureau disagrees with
commenters who claimed that
information about total origination
charges would not have value. Although
such charges are affected by factors not
included in the 1071 data, final
§ 1002.107(a)(12)(ii) will still provide
insight into pricing in the small
PO 00000
Frm 00166
Fmt 4701
Sfmt 4700
business lending market. General
information about upfront charges will
enable users to better understand fair
lending disparities, even if they cannot
conclusively determine the existence of
unlawful disparities from the data
alone. And users need not attempt to
make precise comparisons among
individual applicants to identify
business and community development
needs and opportunities. Regarding
broker fees, the Bureau believes that
such charges are an important
component of the upfront cost of credit
and notes that Regulation Z also
includes them in the finance charge.643
Also, broker fees are separately itemized
in final § 1002.107(a)(12)(iii) so that
users who are concerned about the
impact of including broker fees can
deduct them from the total origination
charges.
Regarding commenters’ concerns
about burden, the Bureau understands
that some financial institutions find
calculation of the finance charge in
Regulation Z § 1026.4—which is similar
to final § 1002.107(a)(12)(ii)’s
description of total origination
charges—to be complex. But final
§ 1002.107(a)(12)(ii) is simpler in
several important respects. First, final
§ 1002.107(a)(12)(ii) excludes all credit
costs occurring after origination of a
covered credit transaction, such as
interest and time-price differential. And
final § 1002.107(a)(12)(ii) adopts a more
inclusive approach to upfront charges
than Regulation Z’s finance charge,
which has numerous provisions
addressing specific fees.644 This
simplified approach should make the
total origination charges less
burdensome to calculate than the
finance charge. Regarding a
commenter’s question about the
treatment of a borrower’s premium for
property insurance, this charge is
handled using the general approach to
charges for other products or services
described in comment 107(a)(12)(ii)–4:
such charges are included in the total
origination charges only if the financial
institution requires the purchase of such
other product or service as a condition
of or an incident to the extension of
credit.
The Bureau is not making certain
specific changes to the total origination
charges data field suggested by
commenters. First, final
§ 1002.107(a)(12)(ii) maintains the
643 Compare final comment 107(a)(12)(ii)–3, with
Regulation Z § 1026.4(a)(3).
644 For example, the finance charge excludes
application fees charged to all applicants for credit,
and numerous fees in transactions secured by real
property. See Regulation Z § 1026.4(c)(1)
(application fees) and (7) (real estate-related fees).
E:\FR\FM\31MYR2.SGM
31MYR2
lotter on DSK11XQN23PROD with RULES2
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
exclusion for charges imposed
uniformly in cash and credit
transactions, similar to the exclusion in
Regulation Z’s finance charge, because
the Bureau believes that pricing data
better serves section 1071’s statutory
purposes when it focuses on the cost of
credit that the lender is imposing rather
than capturing all costs that may be
associated with a particular transaction
(whether financed or not). Furthermore,
the Bureau is not excluding charges
simply because a financial institution
imposes them uniformly on all
applicants for credit. Even if such
charges—given their uniformity—were
to hold no value for fair lending
analysis, they would still be part of the
upfront cost of credit that data users
may wish to examine in identifying
business and community development
needs and opportunities. Final
§ 1002.107(a)(12)(ii) also adopts the
proposal’s treatment of third-party
charges, with such charges being
reportable only if a financial institution
either requires the use of a third party
as a condition of or an incident to the
extension of credit, even if the applicant
can choose the third party; or retains a
portion of the third-party charge, to the
extent of the portion retained.645 This
approach focuses final
§ 1002.107(a)(12)(ii) on those upfront
third-party charges that are effectively
set by the lender as a cost of credit. The
Bureau believes this approach is
consistent with that requested by
commenters who did not want thirdparty charges to be reportable if they
were outside of a financial institution’s
control. Regulation Z’s finance charge
definition uses a similar standard for
third-party charges, and the Bureau is
not aware of significant confusion over
its applicability. Finally, Regulation C’s
definition of total origination charges,
which is taken directly from the amount
disclosed to borrowers of closed-end
consumer credit transactions secured by
real property,646 is limited in ways that
the Bureau believes would reduce the
value of final § 1002.107(a)(12)(ii) in the
small business lending context. For
example, new comment 107(a)(12)(ii)–6
clarifies that financial institutions may
report a negative amount to reflect a net
credit provided by the lender, but such
credits could not be included in
Regulation C’s total origination charges
data point.
645 See
final comment 107(a)(12)(ii)–2.
Z § 1026.38(f)(1).
646 Regulation
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
107(a)(12)(iii) Broker Fees
Proposed Rule
Proposed § 1002.107(a)(12)(iii) would
have required financial institutions to
report the broker fees for a covered
credit transaction. Broker fees are the
total amount of all charges included in
the total reportable origination charges
that are fees paid by the applicant
directly to a broker or to the financial
institution for delivery to a broker,
expressed in dollars. Proposed comment
107(a)(12)(iii)–1 would have provided
an example of reporting different types
of broker fees. Proposed comment
107(a)(12)(iii)–2 would have clarified
that financial institutions would use a
‘‘best information readily available’’
standard regarding fees paid directly to
a broker by an applicant.
The Bureau sought comment on
proposed § 1002.107(a)(12)(iii) and its
commentary, including on the
knowledge that financial institutions
might have about direct broker fees and
the challenges of reporting such
information.
Comments Received
The Bureau received comments
specifically regarding broker fees from
several lenders, trade associations, and
community groups. A community group
stated that information about broker fees
would help data users monitor for
abusive practices. Conversely, a group
of trade associations asserted that the
Bureau had not established that broker
fees were inflating the cost of credit in
the small business lending market. This
commenter also speculated that
Congress was unconcerned with broker
fees in this market because it had not
extended certain TILA protections to
commercial transactions or explicitly
identified broker fees in section 1071.
Several commenters addressed the
reporting of broker fees paid directly to
the broker. A trade association
commented that the amount of such fees
may be difficult for a financial
institution to obtain, while a bank said
that documenting efforts to verify direct
broker fees would be burdensome. A
community group said that the Bureau’s
proposed ‘‘best information readily
available’’ standard was reasonable,
while a joint letter from community
groups and business advocacy groups
asked the Bureau to separately itemize
indirect broker fees in order to provide
more information about charges that are
imposed by the lender.
Final Rule
For the reasons set forth herein, the
Bureau is finalizing
§ 1002.107(a)(12)(iii) and associated
PO 00000
Frm 00167
Fmt 4701
Sfmt 4700
35315
commentary as proposed. As with all
aspects of pricing within
§ 1002.107(a)(12), this requirement to
report broker fees applies to credit
transactions that either have been
originated or have been approved by the
financial institution but not accepted by
the applicant.
As discussed in the NPRM, loan
brokers play an important role in the
small business lending market. The
market has shifted to include more
nonbank and nontraditional lenders
offering different types of financial
products, which creates opportunities
for intermediaries, such as brokers, who
might assist applicants in navigating
among potential lenders or products.647
These intermediaries offer benefits to
applicants but also create risks for those
applicants arising from misaligned
incentives.648 Indeed, the small
business lending market lacks certain
substantive protections against
misconduct that are found in the
consumer credit market, such as the
prohibition on basing certain loan
originator compensation on the terms of
a transaction.649
Information about broker fees will
help data users better understand the
small business lending market in
general and the impact broker fees have
on credit pricing in particular. Although
broker fees are included in final
§ 1002.107(a)(12)(iii)’s definition of total
origination charges, separately
enumerating the total broker fees will
allow data users to better understand
the role that brokers play in the price of
647 See, e.g., 2022 Small Business Credit Survey
(reporting that 40 percent of respondents applied
for credit at either an online lender or a finance
company in 2021).
648 See Fin. Stability Oversight Council, 2016
Annual Report, at 126 (2016), https://
home.treasury.gov/system/files/261/FSOC-2016Annual-Report.pdf (discussing intermediaries in
alternative lending arrangements and explaining
that ‘‘[i]n other markets, business models in which
intermediaries receive fees for arranging new loans
but do not retain an interest in the loans they
originate have, at times, led to incentives for
intermediaries to evaluate and monitor loans less
rigorously’’). Because of the potential risks involved
in multi-party business arrangements, the FFIEC’s
Interagency Fair Lending Examination Procedures
emphasize the importance of understanding the role
that brokers play in a financial institution’s lending
process. Fed. Fin. Insts. Examination Council,
Interagency Fair Lending Examination Procedures,
at 3 (2009), https://www.ffiec.gov/PDF/fairlend.pdf
(instructing examiners to consider an institution’s
organization of its credit decision-making process,
including identification of the delegation of
separate lending authorities and the extent to which
discretion in pricing or setting credit terms and
conditions is delegated to various levels of
managers, employees, or independent brokers or
dealers and an institution’s loan officer or broker
compensation program).
649 Regulation Z § 1026.36 (implementing TILA’s
prohibition on basing residential mortgage loan
originator compensation on loan terms).
E:\FR\FM\31MYR2.SGM
31MYR2
lotter on DSK11XQN23PROD with RULES2
35316
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
small business credit. For example, data
users will be able to analyze whether
broker fees specifically appear to be
creating fair lending risk or higherpriced transactions for certain
communities. Empowering data users to
engage in this level of analysis will aid
in fulfilling both the fair lending
enforcement and business and
community development purposes of
the statute.
The Bureau acknowledges the lack of
data regarding the extent to which
broker fees may or may not be inflating
the cost of credit. This insufficiency,
however, is exactly what 1071 data are
intended to help address. Moreover,
final § 1002.107(a)(12)(iii) is valuable to
data users even in the absence of any
problematic pricing practices regarding
brokers because it will help shed light
on an important aspect of commercial
financing arrangements. The final rule
includes numerous data points,
including much of the pricing data
point, that do not capture information
that about intrinsically or especially
abusive conduct, but that will help data
users identify fair lending concerns and
identify business and community
development needs and opportunities.
Regarding Congress’s intent, the Bureau
notes that section 1071 expressly
authorizes the Bureau to require
financial institutions to compile and
maintain ‘‘any additional data that the
Bureau determines would aid in
fulfilling the purposes of [section
1071].’’ 650 As discussed herein, final
§ 1002.107(a)(12)(iii) satisfies this
requirement.
The Bureau understands that financial
institutions often may not have
complete access to information
regarding the amount of broker fees that
an applicant pays directly to a broker.
Thus, final comment 107(a)(12)(iii)–2
clarifies that a financial institution may
rely on the best information readily
available to the financial institution at
the time final action is taken.
Information readily available can
include, for example, information
provided by an applicant or broker that
the financial institution reasonably
believes regarding the amount of fees
paid by the applicant directly to the
broker. The Bureau believes
commenters may be overestimating the
burden associated with this standard,
which contemplates only consulting
information ‘‘readily’’ available rather
than performing a searching inquiry into
the amount of direct broker fees. As
noted in the NPRM, the same standard
is used for reporting certain HMDA data
under Regulation C, and it does not
650 ECOA
section 704B(e)(2)(H).
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
appear to be unduly burdensome in that
context.651 Additionally, many nonbank
financial institutions will need to
determine the amount of broker fees in
certain circumstances to comply with
State commercial financing disclosure
laws.652
Finally, the Bureau is not requiring
separate itemization of indirect broker
fees at this time. Such fees could be
imposed for a variety of reasons and in
a variety of ways; the Bureau believes
that additional information and
stakeholder feedback would be
beneficial before adopting such a
requirement.
107(a)(12)(iv) Initial Annual Charges
Proposed Rule
Proposed § 1002.107(a)(12)(iv) would
have required financial institutions to
report the total amount of all noninterest charges that are scheduled to be
imposed over the first annual period of
the covered credit transaction,
expressed in dollars.
Proposed comment 107(a)(12)(iv)–1
would have provided an example of
how to calculate the amount to report.
Proposed comment 107(a)(12)(iv)–2
would have highlighted that a financial
institution should exclude interest
expenses from the initial annual charges
reported. Proposed comment
107(a)(12)(iv)–3 would have noted that
a financial institution should not
include any charges for events that are
avoidable by the applicant, including
for example, charges for late payment,
for exceeding a credit limit, for
delinquency or default, or for paying
items that overdraw an account.
Proposed comment 107(a)(12)(iv)–4
would have provided examples of initial
annual charges that may be scheduled to
be imposed during the initial annual
period, including monthly fees, annual
fees, and other similar charges. Finally,
proposed comment 107(a)(12)(iv)–5
would have clarified that a financial
institution complies with the provision
by reporting as the default the highest
amount for a charge scheduled to be
imposed, and provides an example of
651 See Regulation C comments 4(a)(31)–4 and
4(a)(32)–5.
652 For example, California’s commercial
financing disclosure law requires lenders to
determine the finance charge, which includes ‘‘any
charge that would be a finance charge under 12 CFR
part 1026.4.’’ Cal. Code Regs. tit. 10, section
943(a)(1), https://dfpi.ca.gov/wp-content/uploads/
sites/337/2022/06/PRO-01-18-CommercialFinancing-Disclosure-Regulation-Final-Text.pdf. In
turn, Regulation Z § 1026.4(a)(3) generally includes
fees charged by a mortgage broker, whether paid
directly or indirectly. California law also requires
separate disclosure of broker fees that are included
in the amount financed by the borrower. Cal. Code
Regs. tit. 10, section 956(a)(5).
PO 00000
Frm 00168
Fmt 4701
Sfmt 4700
how to calculate the amount reported
when the scheduled fee to be imposed
may be reduced based upon a specified
occurrence.
The Bureau sought comment on
proposed § 1002.17(a)(12)(iv) and its
commentary, including whether to
include or exclude certain types of
charges as reportable under initial
annual charges. The Bureau also sought
comment on the likelihood that
financial institutions would schedule
charges in the second year of a covered
credit transaction and beyond
specifically in an effort to avoid
reporting the charges for purposes of
section 1071. Finally, the Bureau sought
comment on how it should treat
situations where the applicant has
informed the financial institution that it
expects to regularly incur ‘‘avoidable
charges,’’ and whether such charges
should be reported as a scheduled
charge.
Comments Received
The Bureau received comments
specifically regarding the collection of
initial annual charges from lenders,
trade associations, and community
groups.
A community group stated that the
Bureau should finalize the provision as
proposed, but that the Bureau should
conduct research to determine if lenders
are shifting fees beyond the first year.
Several community groups and a lender
requested that the Bureau require
financial institutions to also report
charges scheduled to be imposed after
the first year to avoid encouraging
lenders to impose charges
disproportionately in the later years of
the loan’s term.
With respect to avoidable fees, a
community group stated that the Bureau
should include all fees that could be
imposed at the lender’s discretion in
order to avoid evasion. A bank and a
joint letter from bank trade associations
argued that including avoidable fees
that the applicant intends to incur
would unfairly inflate the prices of
some loans and create documentation
problems for lenders. One commenter
asserted that, for loans with terms
shorter than one year, financial
institutions should not be made to
speculate as to what constitutes the
initial period on short term loans and
what could occur during the initial
annual period regarding charges.
A State bankers association expressed
concern that the terms ‘‘scheduled’’ and
‘‘initial period following origination’’
were not defined in the NPRM. That
commenter and a bank asserted that
many charges that may be incurred
during the first year may be uncertain,
E:\FR\FM\31MYR2.SGM
31MYR2
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
lotter on DSK11XQN23PROD with RULES2
such as an inspection fee for a
construction project where the timing of
inspections is determined by events
occurring after origination. The State
bankers association also stated that
some loans may have multiple
transactions within a one-year period,
such as a line of credit that was
originated and then increased, and
asserted that it is unclear whether
associated charges would be reported
twice or combined.
Final Rule
For the reasons set forth herein, the
Bureau is adopting § 1002.107(a)(12)(iv)
and associated commentary with
additions and adjustments to
commentary to address comments
regarding speculative charges and
transactions with terms of less than one
year. Final § 1002.107(a)(12)(iv)
provides that a financial institution
reports only charges scheduled to be
imposed over the first annual period of
the covered credit transaction. The
Bureau understands that there are a
variety of ways that small business
credit transactions may be structured.
This includes, for example, whether
there is an interest rate imposed on the
transaction, whether there are finance
charges, and whether there are a myriad
of other fees that may be scheduled to
be paid or are contingent upon some
occurrence. In addition, the Bureau
understands that scheduled fees may
constitute a substantial part of the cost
of a covered credit product, and without
knowledge of those fees, the cost of the
credit would be incomplete. The Bureau
believes that final § 1002.107(a)(12)(iv)
enables data users to have a more
accurate understanding of the cost of the
covered credit transaction than if the
data lacked information about
scheduled fees.
There may be small business credit
transactions that do not include an
interest rate, but do include a monthly
finance charge. If the financial
institution were only required to report
the interest rate on these types of
transactions, the true cost of credit
would be obscured because the monthly
finance charge would not be reported. In
addition, small business credit, like
consumer credit, may include a number
of other fees, such as annual fees and
other similar charges. The information
collected and reported under final
§ 1002.107(a)(12)(iv) allows data users
to have a more complete picture of the
cost of the covered credit transaction
and promotes market transparency, thus
furthering the business and community
development purpose of section 1071.
In addition, this pricing data furthers
the fair lending purpose of section 1071
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
as it enhances the ability to understand
the cost of credit and any disparities
that may exist.
The Bureau believes that by requiring
only scheduled charges to be reported
(rather than the submission of all
potential charges, some of which could
be speculative), the data reported will
be more accurate than if a financial
institution were to make an educated
guess as to what unscheduled charges
will be imposed over the first annual
period. Final § 1002.107(a)(12)(iv) does
not require a financial institution to
itemize the charges reported thereunder.
The Bureau also believes that requiring
charges to be itemized would add a
considerable amount of complexity for
financial institutions in collecting and
reporting the initial annual charges,
given the range of fees that could be
charged and the variations in how they
might be imposed.
A financial institution complies with
final § 1002.107(a)(12)(iv) by not
including charges for events that are
avoidable by the applicant; this
restriction is explained more fully in
final comment 107(a)(12)(iv)–3
(unchanged from the proposal), which
provides examples of types of avoidable
charges. As noted above, the Bureau
believes that the accuracy of the data
reported is enhanced by only including
charges that are scheduled to be
imposed and not including potential
charges that are contingent upon an
action (or inaction) by the borrower. The
Bureau also believes that only requiring
financial institutions to report such
charges for the first year, and not the life
of the loan, will reduce any burden
associated with reporting the data. This
information should be included in the
contract and, at most, would require a
simple calculation to arrive at the total
charges for the initial annual period. An
example of how to calculate the initial
annual charges for the first annual
period is found in final comment
107(a)(12)(iv)–1. Additionally, to
address comments received regarding
uncertain or speculative charges, the
Bureau has revised final comment
107(a)(12)(iv)–1 to state explicitly that,
in a transaction where there will be a
charge in the initial annual period
following origination but the amount of
that charge is uncertain at the time of
origination, a financial institution
complies by not reporting that charge as
scheduled to be imposed during the
initial annual period following
origination.
The Bureau is finalizing comments
107(a)(12)(iv)–2 (providing that a
financial institution complies with the
provision by excluding any interest
expense from the initial annual charges
PO 00000
Frm 00169
Fmt 4701
Sfmt 4700
35317
reported) and –4 (providing examples of
charges scheduled to be imposed during
the initial annual period) as proposed.
The Bureau is also finalizing comment
107(a)(12)(iv)–5 as proposed. This
comment provides additional
explanation about what amount to
report when the financial institution
provides a discount on the charge if
certain conditions are met. The Bureau
understands that some financial
institutions may provide a discount on
specific charges when certain
conditions are met. For example, a
financial institution may provide a
discount on a monthly charge if the
borrower maintains a checking account
at the financial institution. In such a
circumstance, final
§ 1002.107(a)(12)(iv)–5 requires the
financial institution to report the nondiscounted amount to maintain
consistency across the data that are
reported by all financial institutions.
The Bureau is adopting new comment
107(a)(12)(iv)–6 to clarify that, for a
transaction with a term less than one
year, a financial institution complies
with the provision by reporting all
charges scheduled to be imposed during
the term of the transaction. This
comment was added to address requests
for clarification regarding how to report
the data for transactions with terms less
than one year as well as what is meant
by initial annual period.
107(a)(12)(v) Additional Cost for
Merchant Cash Advances or Other
Sales-Based Financing
Proposed Rule
Proposed § 1002.107(a)(12)(v) would
have required financial institutions to
report additional cost data for merchant
cash advances or other sales-based
financing transactions. Specifically, this
cost is the difference between the
amount advanced and the amount to be
repaid, expressed in dollars. Proposed
comment 107(a)(12)(v)–1 would have
provided an example of the difference
between the amount advanced and the
amount to be repaid for a merchant cash
advance.
The Bureau sought comment on
proposed § 1002.107(a)(12)(v) and its
commentary, including whether to
require additional pricing information
for merchant cash advances, and
whether merchant cash advances could
be structured in ways that evade the
proposed reporting requirement, such as
by omitting or making variable the
amount to be repaid.
Comments Received
The Bureau received comments
specifically regarding this aspect of the
E:\FR\FM\31MYR2.SGM
31MYR2
35318
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
lotter on DSK11XQN23PROD with RULES2
proposal from several industry and
community group commenters. Several
joint letters from community groups,
community oriented lenders, and
business advocacy groups, as well as a
trade association, asked the Bureau to
require reporting the loan term for
merchant cash advances or other salesbased financing transactions. These
commenters stated that the loan term
was necessary to compare the pricing of
merchant cash advances, and offered
potential methodologies for estimating
unknown loan terms, including those
from State commercial financing
disclosure laws. A lender asked the
Bureau to accommodate future
transaction types by allowing financial
institutions to report amounts under
§ 1002.107(a)(12)(v) even if the
transaction is not a merchant cash
advance or other sales-based financing
transaction. Finally, a cross-sector group
of lenders, community groups, and
small business advocates agreed that
§ 1002.107(a)(12)(v), along with the
other pricing data, would capture the
cost of merchant cash advances.
Final Rule
For the reasons set forth herein, the
Bureau is finalizing § 1002.107(a)(12)(v)
and comment 107(a)(12)(v)–1 as
proposed. Final § 1002.107(a)(12)(v)
requires financial institutions to report
the difference between the amount
advanced and the amount to be repaid,
expressed in dollars, for merchant cash
advances or other sales-based financing
transactions. As with all aspects of
pricing within final § 1002.107(a)(12),
this requirement applies to credit
transactions that either have been
originated or have been approved by the
financial institution but not accepted by
the applicant.
As discussed in the NPRM, some
types of commercial financing contain
pricing terms that are difficult to reflect
in data about interest rate and fees. For
example, under a typical merchant cash
advance, a merchant receives a cash
advance and promises to repay it (plus
some additional amount) to the
merchant cash advance provider.
Merchant cash advance providers
generally do not provide an interest rate,
and while they may charge fees at
origination or during the first year, the
majority of a merchant cash advance’s
cost to the merchant comes from the
additional amount repaid by the
merchant on top of the amount
advanced. This additional amount may
be expressed as a multiple of the
amount advanced in the form of a factor
rate or percentage, or it may be derived
by comparing the total payback amount
to the amount actually advanced. This
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
additional amount is typically not
characterized as interest, so it would not
be reported under final
§ 1002.107(a)(12)(i). Nor is this
additional amount characterized as a fee
charged at origination or scheduled to
be imposed during the first year after
the transaction, so it would not be
reported under final
§ 1002.107(a)(12)(ii) or (iv). Without an
additional pricing data field to capture
this additional amount along with any
other fees the merchant cash advance
provider charges, data users attempting
to analyze merchant cash advance
pricing would miss most of the cost of
credit associated with these
transactions. Therefore, the inclusion of
this data field aids in fulfilling both the
fair lending enforcement and business
and community development purposes
of the statute.
The Bureau believes that collecting
and reporting this data will impose
relatively little burden on financial
institutions, because they can determine
the additional amount repaid by
computing the difference between the
amount of revenue purchased and the
purchase price typically found in the
merchant cash advance contract.
Commenters generally did not make
assertions to the contrary.
As discussed in the section-by-section
analysis of § 1002.107(a)(5) above, the
Bureau is requiring, for merchant cash
advances and other sales-based
financing transactions, that financial
institutions report the loan term, if any,
that the financial institution estimated,
specified, or disclosed in processing or
underwriting the application or
transaction. This information will allow
data users to better understand and use
the information reported pursuant to
final § 1002.107(a)(12)(v). However, the
Bureau is not adopting one commenter’s
suggestion regarding future transaction
types that may resemble merchant cash
advances or other sales-based financing,
as the Bureau believes such transactions
should be adequately covered by the
‘‘other sales-based financing’’ label and
thus this information would be
reportable for such transactions.
107(a)(12)(vi) Prepayment Penalties
Proposed Rule
Proposed § 1002.107(a)(12)(vi)(A)
would have required financial
institutions to report whether the
financial institution could have
included a prepayment penalty under
the policies and procedures applicable
to the covered credit transaction.
Proposed § 1002.107(a)(12)(vi)(B) would
have required financial institutions to
report whether the terms of the covered
PO 00000
Frm 00170
Fmt 4701
Sfmt 4700
credit transaction include a charge
imposed for paying all or part of the
transaction’s principal before the date
on which the principal is due. Proposed
comment 107(a)(12)(vi)–1 would have
provided additional information on how
to determine whether the applicable
policies and procedures allow a
financial institution to include
prepayment penalties in the loan
agreement.
The Bureau sought comment on
proposed § 1002.107(a)(12)(vi) and its
commentary, including whether to
enumerate other types of contingent
charges separately in the 1071 data to
more accurately reflect the cost of
covered credit transactions. The Bureau
also sought comment on whether there
are alternative data that would provide
similar insight into whether certain
borrowers are being steered into covered
credit transactions containing
prepayment penalty terms or other
similar contingent terms.
Comments Received
The Bureau received comments
regarding the reporting of prepayment
penalty information from lenders, trade
associations, and community groups. A
number of community groups supported
the proposal to collect prepayment
penalty information. One asserted that
information on prepayment penalties is
important for data users to determine
whether such charges are targeting
underserved borrowers. Another noted
that research by the Federal Reserve
Board shows that many small business
borrowers do not expect the balloon
finance charge that many merchant cash
advances and other transactions impose
for prepayment.653 A joint letter from
community and business advocacy
groups requested that the Bureau ensure
that financial institutions cannot evade
the reporting requirement by changing
how prepayment penalties are
described.
A number of trade associations and
banks questioned the necessity of
prepayment penalty data and claimed
that it would be misleading. A group of
trade associations stated that the Bureau
offered no evidence that these penalties
impact community development or are
used in a discriminatory fashion. The
same commenter also asserted that
nearly all merchant cash advance
providers collect a charge for prepaying
the amount advanced, but this charge
would not be reflected in the proposed
653 Barbara Lipman & Ann Marie Wiersch, Bd. of
Governors of the Fed. Rsrv. Sys., Browsing to
Borrow: ‘‘Mom & Pop’’ Small Business Owners’
Perspectives on Online Lenders and Products (June
2018), https://www.federalreserve.gov/publications/
files/2018-small-business-lending.pdf.
E:\FR\FM\31MYR2.SGM
31MYR2
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
lotter on DSK11XQN23PROD with RULES2
prepayment penalty data point, leading
to the data appearing to inflate the
apparent cost of non-merchant cash
advance credit. A State bankers
association asserted that
nondiscriminatory reasons exist for
certain loans to have prepayment
penalties even if a lender’s general
policies and procedures do not provide
for them, so the reported data could not
be used to detect steering. A bank stated
that the proposal would not detect
steering because it does not clarify
whether the prepayment penalty applies
to the transaction requested or the
transaction approved.
Two trade association comments
asserted that lending policies are
written in general terms and do not
address prepayment penalties. Another
trade association commented that it is
possible that every loan ‘‘could’’ have a
prepayment penalty.
A number of commenters requested
that the Bureau change the scope of the
data collection. A lender stated that the
data collection should be limited to a
binary flag and not require details on
the potential penalties themselves. Two
banks and a State bankers association
stated that the data collection should be
limited to whether a prepayment
penalty was actually charged because a
lender’s policies might change during
the reporting year and are dependent on
external factors, such as the
requirements of a third-party guarantor.
A joint letter from community and
business advocacy groups asserted that
the Bureau should require reporting of
the amount of any prepayment penalty
and the term over which the penalty
could be imposed. Finally, a crosssector group of lenders, community
groups, and small business advocates
stated that the data collection should be
modified to capture the balloon finance
charge that nearly all merchant cash
advances, and many other small
business loans, charge on prepayment.
This commenter stated that, because
this charge is the finance charge that
would be paid over the original term of
the loan, it would not be considered a
‘‘penalty.’’
Final Rule
For the reasons set forth herein, the
Bureau is adopting final
§ 1002.107(a)(12)(vi) with one technical
correction, adopting comment
107(a)(12)(vi)–1 as proposed, and
adding new comment 107(a)(12)(vi)–2
regarding charges that become due
immediately on prepayment. Final
§ 1002.107(a)(12)(vi)(A) requires a
financial institution to report whether it
could have included a charge to be
imposed for paying all or part of the
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
transaction’s principal before the date
on which the principal is due under the
policies and procedures applicable to
the covered credit transaction
(notwithstanding whether such a
provision was in fact included in this
specific credit transaction). Final
§ 1002.107(a)(12)(vi)(B) requires
financial institutions to report whether
the terms of the covered credit
transaction do in fact include such a
charge. These provisions allow data
users to determine what percentage of
covered credit transactions could
contain a prepayment penalty term,
what percentage of such transactions
actually contain such a term, and,
together with other data points, the
demographic profile of borrowers whose
contracts do and do not include the
term. The two provisions work together
to allow data users to better determine
whether certain borrowers are being
steered towards covered credit
transactions containing prepayment
penalty terms.
Final comment 107(a)(12)(vi)–1
elaborates on the requirement to report
whether financial institutions could
have included a prepayment penalty in
the covered credit transaction to clarify
that the applicable policies and
procedures are those that the financial
institution follows when evaluating
applications for the specific credit type
and credit purpose requested. The
Bureau believes this provision will
ensure that similar credit products are
being analyzed together and reduces the
possibility that potential fair lending
risk is incorrectly identified. In response
to commenters who said that financial
institutions’ policies may change during
the reporting year, the Bureau notes that
comment 107(a)(12)(vi)–1 explains that
the relevant policies and procedures are
those in effect at the time of the covered
credit transaction. A financial
institution would not report based on
different policies and procedures that
might be adopted later in the reporting
period.
New comment 107(a)(12)(vi)–2
explains that a financial institution
complies with final § 1002.107(a)(12)(vi)
by reporting as a prepayment penalty
any balloon finance charge that may be
imposed for paying all or part of the
transaction’s principal before the date
on which the principal is due and
provides an example which illustrates a
balloon finance charge that should be
reported. As explained above, one
commenter stated that most merchant
cash advances and many other
transactions have finance charges that
would be paid over the entire term of
the loan but that immediately become
due on prepayment. The Bureau agrees
PO 00000
Frm 00171
Fmt 4701
Sfmt 4700
35319
that it was not sufficiently clear that
these balloon finance charges would
have been covered under the proposed
description of a prepayment penalty. In
addition, another commenter asked the
Bureau to make clear that financial
institutions cannot evade the reporting
requirement by changing how
prepayment penalties are described.
New comment 107(a)(12)(vi)–2 was
added to address both of these concerns.
In response to commenters asserting
that prepayment penalty data are
unnecessary or misleading, the Bureau
notes that small business loan contracts
may include prepayment penalties and
the penalties can be sizable and
structured as a percent of the remaining
outstanding balance. The Bureau also
understands that there may be concern
among stakeholders, including
community groups, that certain small
business applicants may be steered
toward loans containing prepayment
penalty terms. The collection of data
regarding which contracts contain a
prepayment penalty and whether a
prepayment penalty could have been
imposed on specific contract types
allows the data to be analyzed for fair
lending purposes to see if certain groups
are more frequently entering into
contracts containing prepayment
penalties. From a market competition
standpoint, financial institutions may
want to know how frequently their
competitors are using prepayment
penalties, and collection of these data
could improve market transparency and
new product development
opportunities. The Bureau is not
convinced by commenters’ assertions
that the data will not be valuable nor
that it should require reporting of
additional data related to prepayment
penalties. The Bureau believes the type
of data required to be reported pursuant
to final § 1002.107(a)(12)(vi) strikes the
right balance between collecting
information helpful to analyze for the
purposes mentioned above and not
requiring financial institutions to
provide information regarding
prepayment penalties.
107(a)(13) Census Tract
Proposed Rule
Section 1071 requires financial
institutions to collect and report ‘‘the
census tract in which is located the
principal place of business of the . . .
applicant.’’ 654 This provision is similar
to Regulation C, which requires
reporting of the census tract in certain
circumstances if the property securing
the loan (or proposed to secure the loan,
654 ECOA
E:\FR\FM\31MYR2.SGM
section 704B(e)(2)(E).
31MYR2
lotter on DSK11XQN23PROD with RULES2
35320
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
if the transaction was not originated) is
in a county with a population of more
than 30,000.655 Under Regulation C, the
financial institution generally finds the
census tract by geocoding using the
address of the property. Geocoding is
the process of using a particular
property address to locate its
geographical coordinates, and from
those coordinates one can identify the
corresponding census tract.
CRA reporting of business loans by
depository institutions also requires
reporting of census tract. The Bureau
understands that CRA allows reporting
of a census tract based on the address
or location where the proceeds of the
credit will be principally applied.656
The Bureau proposed
§ 1002.107(a)(13) to require financial
institutions to collect and report the
census tract data point using a
‘‘waterfall’’ approach. The proposed
rule would have required a financial
institution to collect and report the
census tract in which is located: (i) The
address or location where the proceeds
of the credit applied for or originated
will be or would have been principally
applied; or (ii) If the information in (i)
is unknown, the address or location of
the main office or headquarters of the
applicant; or (iii) If the information in
both (i) and (ii) is unknown, another
address or location associated with the
applicant. In addition, the proposed rule
would have required that the financial
institution also indicate which one of
the three types of addresses or locations
listed in (i), (ii), or (iii) the census tract
is based on. Although the proposed rule
did not specifically require it, the
Bureau assumed that financial
institutions or their vendors would
generally use a geocoding tool to
analyze the appropriate address to
identify a census tract number.
The proposed approach would have
required a financial institution to report
the census tract of the proceeds address
if it was available but would not have
required a financial institution to ask
about it specifically. Financial
institutions would have been able to
apply the waterfall approach to the
addresses they were currently
collecting; they would not have been
required to specifically ask for the
proceeds or headquarters addresses. In
addition, the proposed method would
have allowed a financial institution to
report that it was unsure about the
nature of the address if it had no
655 Regulation C § 1003.4(a)(9)(ii)(C). Regulation C
also requires reporting of the property address for
all applications.
656 See 2015 FFIEC CRA Guide at 16.
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
information as to the nature or function
of the business address it possessed.
Proposed comment 107(a)(13)–1
would have provided general
instructions on using the waterfall
reporting method, with examples for
guidance. The Bureau believed that this
comment would facilitate compliance
and sought comment on whether any
additional instructions or examples
would be useful.
Proposed comment 107(a)(13)–2
would have explained that a financial
institution would comply with
proposed § 1002.107(a)(13) by
identifying the appropriate address or
location and the type of that address or
location in good faith, using appropriate
information from the applicant’s credit
file or otherwise known by the financial
institution. The comment would also
have made clear that a financial
institution would not be required to
investigate beyond its standard
procedures as to the nature of the
addresses or locations it collects.
Proposed comment 107(a)(13)–3
would have explained that pursuant to
proposed § 1002.107(c)(1) a financial
institution would be required to
maintain procedures reasonably
designed to collect applicant-provided
information, which would include at
least one address or location for an
applicant for census tract reporting.
However, the comment would have
further explained that if a financial
institution was nonetheless unable to
collect or otherwise determine any
address or location for an application,
the financial institution would report
that the census tract information was
‘‘not provided by applicant and
otherwise undetermined.’’
The Bureau proposed a safe harbor in
§ 1002.112(c)(1) (renumbered as
§ 1002.112(c)(2) in the final rule), which
would have stated that an incorrect
entry for census tract would not be a
violation of ECOA or subpart B if the
financial institution obtained the census
tract by correctly using a geocoding tool
provided by the FFIEC or the Bureau.
Proposed comment 107(a)(13)–4 would
have cross-referenced that provision.
See the section-by-section analysis of
§ 1002.112(c)(2) below for additional
discussion of this safe harbor.
During the SBREFA process, some
small entity representatives explained
that they generally collect the main
office address of the small business,
which for sole proprietorships will often
be a home address, and were generally
not aware of the proceeds address. The
Bureau’s proposed waterfall approach
would accommodate this situation by
allowing financial institutions to report
census tract using the address that they
PO 00000
Frm 00172
Fmt 4701
Sfmt 4700
currently collect. While several small
entity representatives were already
geocoding applicants’ addresses, others
were concerned about the burden
associated with geocoding for HMDA
and one expressed a preference for the
CRA method of geocoding, as did
several other stakeholders. Accordingly,
the Bureau sought comment on the
difference between geocoding for
HMDA and for CRA, and any specific
advantages or disadvantages associated
with geocoding under either method. In
regard to a small entity representative’s
request for a Federal government tool
capable of batch processing for
geocoding of addresses, the Bureau
noted that it was considering the utility
of such a tool. As the SBREFA Panel
recommended, the Bureau sought
comment on the feasibility and ease of
using existing Federal services to
geocode addresses in order to determine
census tract for section 1071 reporting
purposes (such as what is offered by the
FFIEC for use in reporting HMDA and
CRA data).
The Bureau sought comment on its
proposed approach to the census tract
data point. In addition to the specific
requests for input above, the Bureau
noted that the waterfall method was
intended to allow CRA reporters to
provide the same data for both reporting
regimes, but requested comment on
whether the proposed method would
achieve this goal and, if not, whether
and how this data point should be
further coordinated with CRA.
Comments Received
The Bureau received comments on
this aspect of the proposal from
numerous lenders, trade associations,
community groups, and others. Several
commenters supported the inclusion of
the census tract data point, and many
specifically discussed and supported
the proposed waterfall approach to
reporting. One CDFI lender stated that it
currently collects this information for
the CDFI Fund. Several community
groups discussed the importance of
knowing where loans were made to
combat redlining and ensure that
socially disadvantaged farmers and
other small businesses can have
appropriate access to credit. A
community group and a trade
association agreed with the Bureau’s
proposal that the waterfall method
would allow section 1071 reporting to
match CRA requirements. Another trade
association said that financial
institutions would be able to use an
address provided by the applicant and
agreed that reporting of the proceeds
address would allow coordination with
CRA, though it did not comment on the
E:\FR\FM\31MYR2.SGM
31MYR2
lotter on DSK11XQN23PROD with RULES2
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
proposed waterfall. Although they
supported the waterfall approach, two
community groups requested that
financial institutions be required to ask
for the location where the proceeds of
the credit would be used, stating that
this method would allow for better
coordination with CRA and better
fulfillment of the purposes of section
1071.
Several industry commenters stated
that the census tract data point would
be confusing and difficult to report. One
commenter pointed out that multiple
applicant addresses and address
changes for applicants would
complicate reporting. A national auto
finance trade association stated that its
members do not work with census tracts
and that technical and process changes
would be necessary to deliver this data.
A trade association stated that
geocoding will be a significant burden
for many credit unions, the vast
majority of which do not collect census
tract information for small business
loans. That commenter further stated
that although some CDFI credit unions
collect census tract information, many
are completely unfamiliar with census
tracts—particularly credit unions that
are not HMDA reporters. The
commenter also said that the FFIEC
geocoder does not permit batch inputs,
which it said further slows application
processes. Finally, the commenter
requested that the Bureau develop a free
tool that permits batch inputs and better
enables efficient and cost-effective
compliance.
Two banks and a trade association
commented that many banks that are
not HMDA reporters are unfamiliar with
census tracts. Commenters also stated
that the FFIEC geocoder works
efficiently for addresses in and close to
metro areas, but not as easily for more
rural addresses, and in relation to new
subdivisions and developments. They
further pointed out that when an
address is not ‘‘matched’’ in the FFIEC
system, it requires manual plotting,
which is time-consuming and difficult,
and stated that a bank that makes
strictly agricultural loans might find
many non-matching addresses. Finally,
two of these commenters suggested that
reporting the State and county codes
should be sufficient when there is no
match in the FFIEC geocoder.
Several industry commenters
specifically objected to the waterfall
reporting method, which they stated
was confusing and difficult, and many
suggested it should not be mandatory.
Some of these commenters requested
clarification on how to report if there
are multiple proceeds addresses, or if
the bank learns of a different proceeds
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
address after the loan closes. In
addition, two commenters asked that
the Bureau clarify whether the census
tract should match the mailing address
of the applicant or the physical address.
Numerous banks and trade
associations stated that section 1071
reporting requirements, especially the
census tract data point, overlapped or
conflicted with HMDA and CRA
reporting requirements, creating
unnecessary difficulties. Most of these
commenters asked that the Bureau
coordinate these requirements and
provide a complete exemption from
section 1071, HMDA, or CRA for loans
that overlap. Commenters requesting
exemptions did not explain why the use
of the proceeds address would not allow
coordination between section 1071 and
CRA census tract reporting.
Some industry commenters expressed
concern that census tract information,
especially when combined with the
NAICS business type and other reported
data, could facilitate reidentification of
small business applicants. These
commenters stated that this risk would
be greater in rural areas.
Comments addressing the Bureau’s
proposed safe harbor for use of certain
geocoders are addressed in the sectionby-section analysis of § 1002.114(c)(1)
below.
Final Rule
For the reasons set forth herein, the
Bureau is finalizing § 1002.107(a)(13)
and associated commentary with a
minor edit for clarity. Final
§ 1002.107(a)(13) requires that financial
institutions collect and report the
census tract data point using the
‘‘waterfall’’ approach described above.
In regard to the comments expressing
concern about the burden associated
with collecting and reporting census
tract information using a geocoder and
by other means, the Bureau notes that
census tract is specifically enumerated
as a data point in the statute. In
addition, the Bureau believes that its
reporting method for the census tract
data point leverages existing industry
information collection practices and
will result in useful information to
further section 1071’s purposes while
avoiding imposing much additional
burden on financial institutions. The
waterfall method allows a financial
institution to report census tract using
an address it already has, with no
further investigation; allows a financial
institution to avoid further investigation
when it is unsure about the nature of the
address reported; and allows current
CRA reporters to report the same
address for this rule as they do for
PO 00000
Frm 00173
Fmt 4701
Sfmt 4700
35321
CRA.657 In addition, the waterfall
method prioritizes the proceeds address,
which the Bureau considers to be
particularly useful for both the fair
lending and business and community
development purposes of section 1071.
The waterfall approach adopted in the
final rule requires a financial institution
to report the census tract of the proceeds
address if it is available, but does not
require a financial institution to ask
about it specifically. This provision is
meant to address potential concerns
about reporters spending time on
complex, fact-specific questions and
unintentionally misreporting this data
point, which could occur if financial
institution staff have to determine what
kind of address they are reporting based
on insufficient information. The Bureau
believes that this option will be
particularly helpful if the application is
denied or withdrawn early in the
application process before the nature of
any address provided by the applicant
is clear.
Requiring financial institutions to
inquire as to the address where the
proceeds will be applied, as some
commenters requested, might result in
slightly more proceeds addresses being
reported. However, the Bureau does not
believe that the extra information
reported in certain instances would be
worth the extra difficulty across all
small business applications. In addition,
the Bureau believes that the waterfall
approach in collecting census tract data
provides sufficient flexibility; making
use of the waterfall voluntary, as some
commenters suggested, would result in
less useful information being collected
while only reducing difficulty by a
small amount. In regard to the comment
asking whether the physical or mailing
address or location should be used, the
Bureau notes that the credit proceeds
will be applied at a physical location,
and the main office or headquarters of
a business will also occupy a physical
location. The third option in the
waterfall, ‘‘another address or location,’’
does not suggest the nature of such an
address, but the financial institution
will need to have enough information to
determine a census tract for that
location.
As explained above, the Bureau
understands that CRA currently requests
reporting of a census tract based on the
657 As explained below, the current CRA
rulemaking envisions replacing small business and
small farm CRA data collection with the 1071 data
collection, but in the event CRA data is still
reported under the current regime for some period
of time after compliance with this rule is required,
the Bureau believes that the ability to report the
same data in the interim should reduce any
operational difficulties related to census tract. See
87 FR 33884, 33997, 34005 (June 3, 2022).
E:\FR\FM\31MYR2.SGM
31MYR2
35322
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
lotter on DSK11XQN23PROD with RULES2
address or location where the proceeds
of the credit will be principally
applied.658 The Bureau also believes
that CRA reporting on this data point is
reasonably flexible, and a financial
institution will be able to coordinate the
two compliance regimes to report the
same census tract. The commenters who
stated that this data point would
conflict with CRA reporting did not
explain why they believed this to be so,
and other industry commenters agreed
that the census tract data point for
section 1071 would allow coordinated
reporting with CRA. The Bureau also
notes that the recent CRA interagency
proposed rule, if finalized, would
eventually replace CRA small business
and small farm data with data collected
pursuant to section 1071, in which case
this issue would likely be moot.659
Although the Bureau sought comment
on the differences between HMDA and
CRA census tract reporting, no
commenters provided information on
this issue. In regard to commenter
concerns about overlaps or conflicts
with HMDA reporting, the Bureau notes
that the final rule excludes HMDAreportable transactions from coverage,
as discussed in the section-by-section
analysis of § 1002.104(b)(2) above, so
that concern is now moot as well.
The Bureau notes that section 1071’s
description of the census tract data
point refers to the census tract for the
applicant’s ‘‘principal place of
business.’’ 660 The Bureau considers the
waterfall approach in final
§ 1002.107(a)(13) to be a reasonable
interpretation of the undefined statutory
term ‘‘principal place of business,’’
which the Bureau understands not to
have a standard definition, and thus
believes to be ambiguous. First, the
Bureau believes that the address or
location of the main office or
headquarters of the applicant fits easily
into one of the common meanings of
‘‘principal place of business.’’ In
addition, the Bureau anticipates that,
generally, the address where the loan
proceeds will be applied will also be the
main office or headquarters address.661
658 See, e.g., Off. of the Comptroller of Currency,
Fed. Rsrv. Sys., Fed. Deposit Ins. Corp., Community
Reinvestment Act; Interagency Questions and
Answers Regarding Community Reinvestment;
Guidance, 81 FR 48506, 48551–52 (July 25, 2016).
659 See 87 FR 33884, 33997, 34005 (June 3, 2022).
660 ECOA section 704B(e)(2)(E).
661 According to U.S. Census 2019 SUSB data,
there are 6,081,544 firms with fewer than 500
employees (which will be used, for this purpose, as
a rough proxy for a ‘‘small business’’); those firms
collectively have 6,588,335 establishments (i.e.,
locations). This means that, at most, approximately
8 percent of firms with fewer than 500 employees
could have more than one location. See U.S. Census
Bureau, 2019 SUSB Annual Datasets by
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
The primary exception to this principle
will be in the case of credit intended for
purchase, construction/improvement, or
refinancing of real property; under these
circumstances, the Bureau reasonably
interprets the term ‘‘principal place of
business’’ to mean the principal location
for business activities relating to the
extension of credit at issue. Although
‘‘another address or location associated
with the applicant’’ might not always be
the principal place of business of the
applicant, the Bureau considers this
information to be the financial
institution’s best option for reporting
data on the principal place of business
when the nature of a location is
unknown.
In the alternative, section 1071
authorizes the Bureau to include any
‘‘additional data that the Bureau
determines would aid in fulfilling the
purposes of [section 1071].’’ The Bureau
has determined that requiring reporting
of the proceeds address will aid in
fulfilling both the fair lending and
business and community development
purposes of section 1071 by providing
more useful information on the location
of the activity financed for fair lending
analysis and understanding where the
business and community development
is occurring. Requiring reporting of
another address or location associated
with the applicant when both the
proceeds address and the main office or
headquarters address are not available
will provide location data when
otherwise none would be present, thus
also aiding in fulfilling both the fair
lending and business and community
development purposes of section 1071
by providing more useful information
on location for fair lending analysis and
understanding where the business and
community development will likely be
occurring. In addition, requiring data on
the nature of the address reported will
aid in fulfilling both the fair lending and
business and community development
purposes of section 1071 by facilitating
accurate analyses of the data reported.
Also, in the alternative, to the extent
that ‘‘the principal place of business of
Establishment Industry (Feb. 2022), https://
www.census.gov/programs-surveys/susb/data/
tables.html. According to the U.S. Census Bureau’s
Non-employer Statistics, there are 27,104,006 nonemployer establishments (regardless of revenue
size). Non-employer firms account for fewer than 4
percent of all sales, though, and the vast majority
are sole proprietorships. While not impossible, the
Bureau believes it is very unlikely that nonemployer firms would have more than one location.
See U.S. Census Bureau, All Sectors: Nonemployer
Statistics by Legal Form of Organization and
Receipts Size Class for the U.S., States, and
Selected Geographies: 2019 (2019), https://
data.census.gov/cedsci/table?q=NONEMP2019.
NS1900NONEMP&tid=NONEMP2019.
NS1900NONEMP&hidePreview=true.
PO 00000
Frm 00174
Fmt 4701
Sfmt 4700
the . . . applicant’’ is understood to
mean only ‘‘main office or headquarters
address’’ (which, as explained above,
the Bureau does not adopt as its
interpretation of the statutory term) the
Bureau believes it is appropriate to use
its exception authority under ECOA
section 704B(g)(2) to provide that
financial institutions in certain
situations may report the proceeds
address or ‘‘another address or location
associated with the applicant,’’ because
the Bureau believes those addresses will
carry out the purposes of section 1071
more appropriately than requiring the
main office or headquarters address in
every situation.
The Bureau is finalizing comment
107(a)(13)–1 through –4 with a minor
edit for consistency. Comment
107(a)(13)–1 provides general
instructions on using the waterfall
reporting method, with examples for
guidance, which will facilitate
compliance.
Final comment 107(a)(13)–2 explains
that a financial institution complies
with § 1002.107(a)(13) by identifying the
appropriate address or location and the
type of that address or location in good
faith, using appropriate information
from the applicant’s credit file or
otherwise known by the financial
institution. The comment also makes
clear that a financial institution is not
required to investigate beyond its
standard procedures as to the nature of
the addresses or locations it collects.
The Bureau believes that this guidance
strikes the right balance by allowing
flexibility in reporting, and also
requiring appropriate good faith
compliance in exercising that flexibility,
thereby yielding quality data. In regard
to commenters’ concerns about
reporting census tract when there are
multiple proceeds addresses, the Bureau
notes that the rule requires reporting
using the address where the proceeds
will be or would have been principally
applied, and allows for other addresses
to be used if that address is unknown.
As final comment 107(a)(13)–2 makes
clear, as long as a financial institution
determines which address to use in
good faith, it will be in compliance with
the rule. The Bureau believes that
including detailed instructions on how
to determine which proceeds address to
report would increase the difficulty of
reporting while only marginally
enhancing the quality of the data
reported. In regard to the comment
about what to report when the proceeds
or other address changes, because
comment 107(a)(13)–2 requires that the
address/location be identified in good
faith, an address that the financial
institution knows is no longer accurate
E:\FR\FM\31MYR2.SGM
31MYR2
lotter on DSK11XQN23PROD with RULES2
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
would not be appropriate to use in
determining the census tract when a
more accurate address is available.
Final comment 107(a)(13)–3 explains
that pursuant to final § 1002.107(c)(1) a
financial institution is required to
maintain procedures reasonably
designed to collect applicant-provided
data, which includes at least one
address or location for an applicant for
census tract reporting. However, the
comment further explains that if a
financial institution is nonetheless
unable to collect or otherwise determine
any address or location for an
application, the financial institution
reports that the census tract information
was ‘‘not provided by applicant and
otherwise undetermined.’’ Based on the
Bureau’s understanding of financial
institutions’ application procedures, the
Bureau believes it is highly unlikely that
a financial institution will not obtain
some type of address for the applicant.
Nonetheless, the Bureau permits
financial institutions to report this data
point using the ‘‘not provided by
applicant and otherwise undetermined’’
response in order to facilitate
compliance in those rare instances
when the financial institution does not
have the data requested. The reference
in the comment to final § 1002.107(c)(1)
makes clear, however, that a financial
institution must maintain procedures
reasonably designed to collect at least
one address. As with the previous
comment, the Bureau believes that this
comment strikes the right balance by
facilitating compliance and also
emphasizing the requirement to collect
appropriate data.
Final comment 107(a)(13)–4 crossreferences a safe harbor the Bureau is
finalizing in § 1002.112(c)(2), which
states that an incorrect entry for census
tract will not be a violation of ECOA or
subpart B if the financial institution
obtains the census tract by correctly
using a geocoding tool provided by the
FFIEC or the Bureau. See the section-bysection analysis of § 1002.112(c)(2)
below for additional discussion of this
safe harbor. In regard to commenters’
requests for a new Federal geocoding
tool that allows for batch processing, the
Bureau continues to explore this option.
Finally, as discussed above, some
commenters were concerned about
reidentification risk in regard to census
tract reporting, especially when
combined with NAICS industry codes
and other data, and especially in rural
areas. The Bureau appreciates concerns
regarding the potential re-identification
risk posed by the publication of
unmodified census tract data.
Accordingly, the Bureau believes that, if
it decides to publish census tract,
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
modification may be appropriate to
mitigate potential re-identification risk
to small business applicants and related
natural persons. The Bureau notes that
it will consider carefully what data will
be publicly released, and will carefully
protect applicant privacy, while
preserving the utility of the dataset. See
part VIII.B.6.xi below for discussion of
this issue.
107(a)(14) Gross Annual Revenue
Proposed Rule
Section 1071 requires financial
institutions to collect and report ‘‘the
gross annual revenue of the business in
the last fiscal year of the . . . applicant
preceding the date of the
application.’’ 662
Proposed § 1002.107(a)(14) would
have required reporting of the gross
annual revenue of the applicant for its
preceding full fiscal year prior to when
the information is collected. The Bureau
proposed to require reporting of a
specific value for gross annual
revenue—rather than a range—to
simplify the reporting of gross annual
revenue information for financial
institutions and because it believed that
a precise value would be more useful for
data users, including the Bureau.
Proposed comment 107(a)(14)–1
would have clarified that a financial
institution need not verify gross annual
revenue information provided by the
applicant to comply with proposed
§ 1002.107(a)(14), as some small entity
representatives and other stakeholders
suggested. The proposed comment
would have explained that the financial
institution may rely on statements of or
information provided by the applicant
in collecting and reporting gross annual
revenue. The proposed comment would
have also stated, however, that if the
financial institution verifies the gross
annual revenue provided by the
applicant, it must report the verified
information. The Bureau believed that a
requirement to verify gross annual
revenue could be operationally difficult
for many financial institutions,
particularly in situations in which the
financial institution does not collect
gross annual revenue currently. The
Bureau also did not believe that such a
requirement was necessary in fulfilling
either of section 1071’s statutory
purposes. However, the Bureau believed
that reporting verified gross annual
revenue when the financial institution
already possesses that information
would not be operationally difficult and
would enhance the accuracy of the
information reported.
662 ECOA
PO 00000
section 704B(e)(2)(F).
Frm 00175
Fmt 4701
Sfmt 4700
35323
Proposed comment 107(a)(14)–1
would have also provided specific
language that a financial institution
could use to ask about an applicant’s
gross annual revenue and would have
explained that a financial institution
could rely on the applicant’s answer.
The Bureau believed this language
would facilitate compliance for
financial institutions that currently do
not collect gross annual revenue, collect
it only in limited circumstances, or
would otherwise find its collection
challenging, as some small entity
representatives and other stakeholders
suggested.
Overall, the Bureau believed that this
approach in proposed comment
107(a)(14)–1—clarifying that a financial
institution need not verify applicantprovided gross annual revenue
information and providing language that
a financial institution may use to ask for
such information—should reduce the
complexity and difficulty of collecting
gross annual revenue information.
The Bureau believed that situations
could arise in which the financial
institution has identified that an
applicant is a small business for the
purposes of proposed § 1002.106(b)
through, for example, an initial
screening question asking whether the
applicant’s gross annual revenue is
below $5 million, but then the specific
gross annual revenue amount could not
be collected. Therefore, the Bureau
proposed comment 107(a)(14)–2, which
would have first clarified that pursuant
to proposed § 1002.107(c)(1), a financial
institution shall maintain procedures
reasonably designed to collect
applicant-provided information,
including the gross annual revenue of
the applicant. The proposed comment
would have then stated that if a
financial institution is nonetheless
unable to collect or determine the
specific gross annual revenue of the
applicant, the financial institution
reports that the gross annual revenue is
‘‘not provided by applicant and
otherwise undetermined.’’ The Bureau
believed that permitting this reporting
flexibility would reduce the complexity
and difficulty of reporting gross annual
revenue information, particularly when
an application has been denied or
withdrawn early in the process and the
gross annual revenue could not be
collected.
Proposed comment 107(a)(14)–3
would have clarified that a financial
institution is permitted, but not
required, to report the gross annual
revenue for the applicant that includes
the revenue of affiliates as well. The
proposed comment would have stated
that, for example, if the financial
E:\FR\FM\31MYR2.SGM
31MYR2
lotter on DSK11XQN23PROD with RULES2
35324
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
institution does not normally collect
information on affiliate revenue, the
financial institution reports only the
applicant’s revenue and does not
include the revenue of any affiliates
when it has not collected that
information. The Bureau believed that
permitting, but not requiring, a financial
institution to include the revenue of
affiliates will carry out the purposes of
section 1071 while reducing undue
burden on financial institutions in
collecting gross annual revenue
information. Proposed comment
107(a)(14)–3 would have concluded by
explaining that in determining whether
the applicant is a small business under
proposed § 1002.106(b), a financial
institution may rely on an applicant’s
representations regarding gross annual
revenue, which may or may not include
affiliates’ revenue. This approach
regarding affiliate revenue in proposed
comment 107(a)(14)–3 was consistent
with the approach regarding affiliate
revenue for purposes of determining
whether an applicant is a small business
under proposed § 1002.106(b). The
Bureau believed that this operational
equivalence between proposed
§ 1002.107(a)(14) and proposed
§ 1002.106(b) would facilitate
compliance and enhance the
consistency of the data.
In the NPRM, the Bureau expressed
skepticism regarding some small entity
representatives’ suggestions to allow
estimation or extrapolation of gross
annual revenue based on partially
reported revenue, noting, for example,
that a seasonal business’s bank
statements for its busy season would
likely yield an inflated gross annual
revenue when extrapolated to a full
year. The Bureau sought comment on
whether financial institutions should be
permitted to estimate or extrapolate
gross annual revenue from partially
reported revenue or other information,
and how such estimation or
extrapolation would be carried out. The
Bureau also noted that estimation or
extrapolation of gross annual revenue
would be sufficient for the purposes of
determining small business status under
proposed § 1002.106(b), subject to the
requirement under proposed comment
107(a)(14)–1 that a financial institution
must report verified gross annual
revenue information if available.
The Bureau sought comment on its
proposed approach to the gross annual
revenue data point, as well as the
specific requests for comment above. As
the SBREFA Panel recommended, the
Bureau also sought comment on how
the timing of tax and revenue reporting
can best be coordinated with the
collection and reporting of gross annual
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
revenue. In addition, the Bureau sought
comment on the effect of cash flow
versus accrual accounting on reporting
of gross annual revenue.
Comments Received
The Bureau received comments on its
proposed approach to the gross annual
revenue data point from a range of
lenders, trade associations, and
community groups. With the exception
of several agricultural lenders, industry
commenters generally did not object to
the Bureau’s proposal to require the
collection and reporting of gross annual
revenue as required by ECOA section
704B(e)(2)(F) and three commenters
(two community groups and a lender)
expressed support for the proposed
gross annual revenue data point. One of
the community groups asserted that the
gross annual revenue of the small
business is a critical data element since
research shows that smaller businesses
are less likely to receive loans and that
this data point is needed to assess
whether banks are meeting credit needs
of small businesses. The other
community group remarked that it was
critically important to allow for analysis
looking at smaller buckets of small
businesses based on gross revenue.
Several agricultural lenders, echoing
comments from a major agricultural
credit trade association, argued that the
Bureau should not require the collection
or reporting of gross annual revenue
information for agricultural credit and
urged the Bureau to use its exception
authority to eliminate this data point for
agricultural credit. The commenters
argued that collecting gross annual
revenue information would pose
substantial challenges for them given
the prevalence of the ‘‘non-standard’’
agricultural borrower, including the
majority of farmers who only farm on a
part-time basis, and because many
agricultural loans are currently
decisioned with principal reliance on
credit scoring systems, without
considering revenue from farming or offfarm income. One agricultural lender
explained that its underwriting
standards include personal W–2 and
other off-farm income, arguing that
inclusion of that information in
reporting this data point would be
misleading as to the size of the business
applying for a loan because off-farm
income is not truly business income.
The same commenter asserted that if, on
the other hand, the off-farm income is
not reported, the data would be
misleading as they would show many
loans approved to farmers with low
business revenue (where they have
sufficient personal income) and other
loans denied to farmers with higher
PO 00000
Frm 00176
Fmt 4701
Sfmt 4700
business revenue (because of
insufficient personal income). Another
commenter noted it was unclear how to
calculate gross annual revenue for many
agricultural credit transactions because
for both estate planning and asset
preservation purposes, many family
farms are set up using complex business
entities consisting of multiple trusts,
corporations, partnerships, and limited
liability entities, and that this means
that the applicant signing the note may
differ from the denoted mortgagors and
guarantors, but all of whom are family
members or business entities they own.
Many of these agricultural lenders
suggested that instead of gross annual
revenue information, the appropriate
metric for agricultural credit should be
‘‘gross sales of agricultural or aquatic
products’’ as defined by the Farm Credit
Administration in the prior year.
Some bank commenters suggested the
Bureau align with other reporting
regimes (such as HMDA and CRA) by
adopting a definition of gross annual
revenue based on annual revenue relied
upon to make the credit decision.
Several explained inconsistencies
among regulatory approaches to gross
annual revenue, pointing out the
Bureau’s proposal would require
collecting gross annual revenue from the
preceding fiscal year, whereas HMDA
reporting requires use of the income
considered in making the credit
decision and the CRA utilizes gross
annual revenue used to make the credit
decision. Several commenters asserted
that using a prior year’s gross annual
revenue would be problematic for many
small businesses that cannot produce
usable financial statements, including
tax returns, immediately upon the close
of a fiscal year. One such commenter
elaborated that tax returns, which are
often the only available income
statements, may not be ready until
September, resulting in many lenders
relying on a tax return from two years
ago or using a pro forma revenue
outline. Another bank commenter
asserted that using similar, but
differently defined, data points between
section 1071 and CRA would
complicate the reporting process and
could be avoided by aligning the
definitions. One commenter
recommended aligning with CRA for
originated loans by using gross annual
revenue used to make the credit
decision, but for non-originated loans
(which are not reported under the CRA)
using gross annual revenue information
that has been provided by applicants
absent credit decisions (such as in cases
of some withdrawn or incomplete
applications).
E:\FR\FM\31MYR2.SGM
31MYR2
lotter on DSK11XQN23PROD with RULES2
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
Some commenters provided market
intelligence related to the collection of
gross annual revenue data. A trade
association stated that collecting gross
annual revenue information can be
complicated because many small
businesses have loan guarantors and coborrowers. Another trade association
explained that in the vehicle financing
context, the borrower employee who is
responsible for acquiring the vehicle
may not be familiar with the total
revenue of the company and the
owner(s) of the company may not want
to share this information with all
employees. A few industry commenters
stated that there are many instances
where gross annual revenue information
is not collected in the normal course of
business because underwriting may be
based on other factors such as a cash
flow analysis, net income, or debt-toservice ratio. For this reason, one of
these commenters stated that it should
be clear that applicants have no
obligation to provide gross annual
revenue information. Another asserted
that where an applicant declines to
provide gross annual revenue
information, the Bureau is creating a
significant regulatory challenge for the
financial institution by requiring it to
submit application-level information
when it will not know for certain
whether the business is a small business
nor have any reliable way of obtaining
gross annual revenue information absent
a third-party provider, which do not
exist for many industries. Conversely, a
community group stated that gross
annual revenue was likely to be
collected as part of the underwriting
process.
A number of industry commenters
requested clarification regarding how to
report gross annual revenue
information. A few commenters
requested guidance regarding
appropriate sources for gross annual
revenue information. One bank
commenter requested consistency in
what defines gross annual revenue and
asked whether gross sales listed on a tax
return constitute an acceptable source
for this information. Another
commenter asked the Bureau to
delineate whether tax returns,
accountant prepared financial
statements, or internal profit and loss
statements constitute acceptable source
documentation.
Several industry commenters asked
for guidance or made suggestions
regarding how to calculate gross annual
revenue. One asked whether the Bureau
intends for gross annual revenue to be
defined as the total of all income
(account credits) for the year before
subtracting any expenses (account
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
debits). Another asked whether, in the
case of a business that uses a calendar
year for its fiscal year and applies for a
loan early in the next fiscal year with
many unknown numbers related to the
prior fiscal year, the applicant should
provide an estimate or whether the
applicant should provide the
information from the next preceding
fiscal year. Two commenters suggested
that the Bureau clarify that different
business units within the financial
institution may use different methods to
determine gross annual revenue, as long
as the methods are used consistently
within each business unit. Another
asked if, in the case of an applicant that
owns two or more businesses, the
financial institution should only collect
and report the gross annual revenue of
the business being financed and not
combined revenues of all owned
businesses.
A number of industry commenters
asked for clarification and made
suggestions regarding how to report
gross annual revenue for a startup
business, a new line of business, or a
business with a change in structure or
ownership. A few commenters asked
whether ‘‘zero’’ and/or ‘‘not available’’
is an acceptable response for a startup
business. One commenter urged the
Bureau to define gross annual revenue
in a straightforward manner that does
not impact credit opportunities (nor
compliance) for newly formed
businesses that do not have historical
gross annual revenue. Another
commenter suggested the Bureau
address or exempt new businesses from
section 1071 reporting. Two
commenters asked whether ‘‘zero’’ or
‘‘not provided by applicant and
otherwise undetermined’’ should be
reported when a borrower is
establishing a new line of business but
already has revenue in other businesses;
one also asked if treatment should differ
based on whether or not the new
business line was in the same industry
as the existing businesses. A bank
commenter opined that for a start-up
business, the financial institution
should use the actual gross annual
revenue to date (including the reporting
of $0 if a new business has had no
revenue to date) and that pro-forma
projected revenue figures should not be
reported since these figures do not
reflect actual gross revenue. Another
bank commenter suggested the Bureau
develop FAQs and other documents that
applicants can consult to help them
determine what number to supply for
gross annual revenue, particularly when
a business is starting up or establishing
a new business line. Another industry
PO 00000
Frm 00177
Fmt 4701
Sfmt 4700
35325
commenter asked how to handle
situations where there is a change in
structure or ownership of the business
and it is unclear how the gross annual
revenue should apply to the applicant.
Two industry commenters specifically
suggested changes related to how to
report the gross annual revenue of single
purpose entities and other real estate
financing vehicles. Both suggested
allowing a financial institution to rely
on the gross annual revenue generated
by the property or the applicant’s
projected gross annual revenue for
purposes of determining the small
business status of the applicant. One
also suggested specific revisions to the
commentary to incorporate its
suggestions.
The Bureau also received some
general comments regarding the
treatment of gross annual revenue
information from an applicant’s affiliate.
A trade association expressed support
for the Bureau’s proposal to clarify that
a financial institution need not verify
gross annual revenue information
provided by the applicant and is
permitted—but not required—to report
the gross annual revenue for the
applicant that includes the revenue of
affiliates as well. Two community group
comments urged the Bureau to require
reporting on the gross annual revenue of
parent companies and beneficial owners
of limited liability companies in order
to avoid obfuscating extensive property
ownership.
Some industry commenters provided
suggestions regarding how to handle
gross annual revenue information from
the parent companies or affiliates of
applicants. A bank inquired whether
revenue or income relied upon from cosigners or guarantors that are not
affiliates of the borrower should be
factored into the gross annual revenue
determination. A group of trade
associations suggested specific technical
revisions to the commentary for clarity.
Two bank commenters noted there may
be inconsistencies in the data where one
institution looks like it is lending more
to small(er) businesses because it opts
not to include gross annual revenue of
affiliates. Two other commenters asked
that reportable gross annual revenue be
the gross annual revenue of both the
applicant and all of its affiliates. A bank
recommended the Bureau further
explain how to handle situations where
the applicant is using multiple owned
businesses/affiliates to support
sufficient cashflow, and whether there
are repercussions for excluding/
including multiple revenues used in the
credit decision. A group of trade
associations representing the
commercial real estate industry asked
E:\FR\FM\31MYR2.SGM
31MYR2
lotter on DSK11XQN23PROD with RULES2
35326
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
the Bureau to provide additional
guidance on what types of entities may
be affiliates of an applicant, e.g., as a
result of common ownership or
common control. Another trade
association suggested that the Bureau
make minor revisions to commentary to
clarify that a lender that does not collect
affiliate revenue in all transactions is
not precluded from collecting affiliate
revenue in some transactions.
A few commenters specifically asked
for clarity regarding the treatment of real
estate affiliate revenue. These
commenters explained that many of
their loans are to real estate investors
who often form and apply through a
single-purpose limited liability
company that has no gross annual
revenue (and therefore would meet the
proposed definition of a small business)
but that may be affiliates of many other
single-purpose limited liability
companies and individual owners.
These commenters noted that they
typically underwrite these loans based
on a schedule of other real estate in
which the single purpose entity (or its
sponsor) has an ownership interest and
by using a global debt coverage
calculation that considers the combined
income of the applicant and all
affiliated businesses, which can often
exceed $5 million annually. A group of
trade associations representing the
commercial real estate industry stated
that under the SBA’s general principles
of affiliation, the single purpose entities
that own that other real estate would be
affiliates of the applicant single purpose
entity, because of the overlapping
ownership interest. They also stated that
the single purpose entities on the
schedule of real estate could
additionally be affiliates of the applicant
single purpose entity where one or more
officers, directors, managing members,
or partners controls the board of
directors or management of both the
applicant single purpose entity and the
single purpose entities on the schedule
of real estate. A bank asked the Bureau
to clarify that such businesses should be
determined to be ‘‘small businesses’’ for
which data collection and reporting is
required only if the combined income of
the business and its related affiliates
does not exceed the threshold set. The
group of trade associations suggested
revisions to the commentary that, in the
case of single purpose entities, would
allow a financial institution to consider
the owners of any real property listed on
a schedule of real estate as affiliates of
the applicant and would also, under
certain circumstances, allow a financial
institution to estimate the gross annual
revenue of any income-producing real
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
property for purposes of determining an
applicant’s small business status. They
also suggested that for an applicant that
is a newly created single purpose entity,
a financial institution should be
permitted to apply the $5 million gross
annual revenue threshold to either the
gross annual revenue of the property for
its most recent fiscal year under its prior
owner or the single purpose entity’s
projected gross annual revenue.
Some commenters asked for guidance
or argued in favor of using estimates and
extrapolations when exact gross annual
revenue information is unavailable. A
bank asked if using an estimate was
permitted when the applicant does not
have prior fiscal year information
completed. Another commenter
suggested that when an applicant does
not provide information regarding its
gross annual revenue but that
applicant’s revenue is tracked through a
technology company’s online platform
(e.g., its sales on the company’s online
marketplace), a covered financial
institution should be able to report gross
annual revenue based on revenue
information obtained from the platform
data. The commenter argued that
permitting use of this alternative data
point would serve the purposes of
section 1071 by enabling technology
companies to collect and report
information on a greater number of
applications, while also reducing the
compliance burden for financial
institutions. Two commenters argued
that for consistency, the Bureau should
allow financial institutions to
extrapolate or estimate an applicant’s
gross annual revenue, claiming that the
Bureau proposed to allow institutions
(not just applicants) to rely on
extrapolated or estimated revenue data
for determining whether or not a
business is a small business.
Many industry commenters supported
the Bureau’s proposal to permit
financial institutions to rely upon gross
annual revenue information provided by
the applicant without any requirement
to verify. Many of these commenters
noted that they do not currently collect
gross annual revenue information with
every application and even if it is
collected, they do not always verify the
amount provided, as underwriting is
often based on other factors such as a
cash flow analysis or debt-to-service
ratio. One commenter noted that the
flexibility to use the gross annual
revenue provided by the applicant and
without verification allows financial
institutions to continue using current,
proven underwriting practices and does
not add to the compliance burden by
requiring additional revenue
verification steps.
PO 00000
Frm 00178
Fmt 4701
Sfmt 4700
The Bureau received some general
comments regarding its proposal to not
require verification of gross annual
information but to require reporting of
verified information when available.
Two banks requested further
clarification regarding the meaning of
‘‘verification,’’ one of whom argued that
neither the identification and
assessment of income figures (not the
same as gross annual revenue) by a
financial institution during the
underwriting and credit decision
process nor the post-origination
independent testing and validation of
the small business data file should be
considered ‘‘verification.’’ The other
bank stated that exact gross annual
revenue information is not always
known until a tax return is completed
and asked if the self-reported gross
annual revenue information should be
reported or the information found later
on the tax return.
Two community groups urged the
Bureau to require the verification of
gross annual revenue information. One
noted that tax returns are generally
available and can be used to confirm the
applicant’s gross annual revenue
information. The other asserted that
because the accuracy of determining
whether credit needs of small
businesses are being met hinges on the
accuracy of collecting and reporting the
revenue size of the business and
because using tax documents or cash
flow information makes it feasible for
the lender to verify annual revenue, the
Bureau should require the verification
of gross annual revenue information.
This community group argued that if
affiliates are not accounted for in data
collection, the data could include
businesses that exceed the revenue
limits established by the Bureau,
thereby reducing the efficacy of the data
in reporting on the experiences of small
businesses in the lending marketplace.
The commenter suggested that the
Bureau thus investigate this issue and
determine whether there are feasible
methods a lender can use to identify the
presence of affiliates.
Some industry commenters suggested
the Bureau provide a safe harbor and/or
remove its proposed requirement to
report verified gross annual revenue
information. Commenters requested the
Bureau specify that the financial
institution has no responsibility to
verify the number supplied by the
applicant. A few commenters also
suggested the Bureau institute a safe
harbor to ensure that whatever gross
annual revenue number is supplied by
the applicant can be reported.
Commenters urged the Bureau to clarify
that a financial institution is not liable
E:\FR\FM\31MYR2.SGM
31MYR2
lotter on DSK11XQN23PROD with RULES2
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
for misinterpretation in answering
questions or providing information to
the applicant beyond the proposed gross
annual revenue question. One
commenter suggested that if it is the
lender’s practice to revise the
application information in its system to
reflect what it believes to be a verified
number, the Bureau should permit the
lender to report the verified number
retained in its system, rather than
requiring the lender to maintain both
numbers in its system. This commenter
also argued that a lender’s verification
of revenue should not result in the
lender being required to change the
applicant’s self-classification as being a
small business or not being a small
business because the determination of
whether or not an applicant is a ‘‘small
business’’ needs to be made by the
applicant at the time of application.
Several community groups and a
CDFI lender expressed support for
reporting gross annual revenue as a
specific dollar amount rather than in
ranges. These commenters emphasized
the importance of having precise and
accurate data on gross annual revenue
because this information is a
fundamental determinant of whether a
business is deemed to be small and all
of its attendant information is captured
and collected as part of the 1071 dataset.
One commenter argued gross annual
revenue in discrete units rather than
bands was needed to assess the
availability of credit to the smallest
businesses, especially those owned by
women and people of color. Another
commenter asserted that revenue
categories should be more detailed than
those in the CRA small business loan
data because research revealed the
inadequacies with the CRA
classifications since businesses with
revenues below $500,000 had markedly
less access to loans than businesses with
revenues above this amount. This
commenter argued in the alternative
that should the Bureau adopt a range for
gross annual revenue, it should select
the mid-point with $10,000 increments
as a continuous variable as the most
accurate for capturing experiences of the
range of small businesses in the lending
marketplace.
With regard to the time frame for
usability of gross annual revenue
information, a bank stated that gross
annual revenue information should only
be usable for one fiscal year. A trade
association suggested that financial
institutions not be required to re-request
gross annual revenue for new credit
applications when they can rely on their
records from previous transactions.
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
Final Rule
For the reasons set forth herein, the
Bureau is finalizing § 1002.107(a)(14)
and associated commentary with
revisions for clarity and consistency.
Final § 1002.107(a)(14) requires
reporting of the applicant’s gross annual
revenue for its preceding fiscal year.
The Bureau is requiring that financial
institutions report a specific value for
gross annual revenue—rather than a
range—to simplify the reporting of gross
annual revenue information for
financial institutions and because it
believes a precise value is more useful
for data users, including the Bureau.
However, the Bureau has not yet
determined how it will publish gross
annual revenue data in the dataset. The
Bureau will consider whether
modification techniques, such as ranges,
may be appropriate after it conducts its
full privacy analysis. See part VIII below
for further discussion about the privacy
analysis and public disclosure of data.
The Bureau is not categorically
exempting agricultural credit from the
requirement to collect and report gross
annual revenue, as requested by some
commenters. The Bureau understands,
as noted by commenters, that most
farmers in this country farm on a parttime basis and that the gross annual
revenue data point may pose challenges
given the prevalence of ‘‘non-standard’’
agricultural borrowers such as
customers applying jointly despite
having separate farming operations. The
Bureau also understands from
commenters that many Farm Credit
System lenders decision applications
without either considering off-farm
income or revenue from farming;
instead, lenders rely principally on
credit scoring systems. Nevertheless, the
Bureau believes that omitting the gross
annual revenue data point for
agricultural credit transactions would
introduce inconsistency in data
collected across different industries and
would not support section 1071’s
statutory purposes. The Bureau notes
that data users will be able to identify
agricultural credit transactions using the
reported 3-digit NAICS code and make
any necessary adjustments in their
analyses to account for particularities
unique to agricultural industries. The
Bureau also believes, as discussed
below, that the suggested gross annual
revenue question in final comment
107(a)(14)–1 will facilitate compliance
for agricultural lenders that currently do
not collect gross annual revenue,
particularly because the financial
institution may rely on the applicant’s
answer. As discussed above in the
section-by-section analysis of
PO 00000
Frm 00179
Fmt 4701
Sfmt 4700
35327
§ 1002.106(b), the Bureau does not
believe that ‘‘gross sales of agricultural
or aquatic products’’ in the prior year
would be an appropriate metric for
agricultural credit in this final rule, nor
that this should form the basis for a
separate small business definition for
agricultural businesses.
The Bureau has considered the
comments regarding the collection and
reporting of gross annual revenue and it
believes its approach in final comment
107(a)(14)–1—clarifying that a financial
institution need not verify applicantprovided gross annual revenue
information, and providing language
that a financial institution may use to
ask for such information—will reduce
commenters’ concerns regarding
complexity and difficulty of collecting
gross annual revenue information.
Final comment 107(a)(14)–1 clarifies
that a financial institution reports the
applicant’s gross annual revenue for the
fiscal year preceding when the
information was collected. The Bureau
believes this will clarify the timing
requirements for collection of the gross
annual revenue data point. The final
comment provides specific language
that a financial institution may use to
ask about an applicant’s gross annual
revenue and explains that a financial
institution may rely on the applicant’s
answer (unless subsequently verified or
updated), even if the applicant’s
statements or information is based on
estimation or extrapolation. The Bureau
believes this language will facilitate
compliance for financial institutions
that currently do not collect gross
annual revenue, collect it only in
limited circumstances, or would
otherwise find its collection
challenging, as some commenters
suggested.
Final comment 107(a)(14)–1 also
clarifies that a financial institution need
not verify gross annual revenue
information provided by the applicant
to comply with final § 1002.107(a)(14).
The comment explains that the financial
institution may rely on the applicant’s
statements or on information provided
by the applicant in collecting and
reporting gross annual revenue. The
comment also states, however, that if
the financial institution verifies the
gross annual revenue provided by the
applicant it must report the verified
information. The Bureau understands,
as noted by industry commenters, that
a requirement to verify gross annual
revenue would be operationally difficult
for many financial institutions,
particularly in situations in which the
financial institution does not currently
collect gross annual revenue. The
Bureau does not believe that such a
E:\FR\FM\31MYR2.SGM
31MYR2
lotter on DSK11XQN23PROD with RULES2
35328
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
requirement is necessary to fulfill either
of section 1071’s statutory purposes.
However, the Bureau believes that
reporting verified revenue when the
financial institution already possesses
that information will not be
operationally difficult and will enhance
the accuracy of the information
collected. For the same reasons and for
the reasons outlined in its discussion of
final comment 107(c)–5, the Bureau is
clarifying in final comment 107(a)(14)–
1 that a financial institution reports
updated gross annual revenue data if it
obtains more current data from the
applicant during the application
process. The comment states that if this
updated information is on data the
financial institution has already
verified, the financial institution reports
the information it believes to be more
accurate, in its discretion.
With respect to the suggestions that
the Bureau further clarify the meaning
of ‘‘verify,’’ the Bureau believes that
additional specificity in the rule itself
could unnecessarily constrain financial
institutions. The Bureau interprets the
word ‘‘verification’’ to mean the
intentional act of determining the
accuracy of information provided, in
this case for the purpose of processing
and underwriting the credit application,
and potentially changing that
information to reflect the determination.
Gross annual revenue information that
may or may not be more accurate than
applicant-provided data and is not part
of a financial institution’s verification of
the file’s applicant-provided data or
used by the institution in processing or
underwriting the application need not
be reported. The Bureau agrees with the
commenter who stated that postorigination independent testing and
validation of the small business data file
does not constitute ‘‘verification.’’ In
situations where a financial institution
verifies only a portion of the small
business’s provided gross annual
revenue figure (perhaps because the
institution is relying on that portion for
its credit decision), the financial
institution has not verified the entire
gross annual revenue amount provided
by the applicant, and it may continue to
rely on the applicant’s statement or
information, and it need not report the
partially verified information.
The Bureau does not believe it would
be appropriate to use a definition of
gross annual revenue for this rule based
on the annual revenue relied upon to
make the credit decision. Given both the
statutory language requiring the
collection and reporting of ‘‘the gross
annual revenue of the business in the
last fiscal year’’ and section 1071’s
statutory purposes, the Bureau believes
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
that using the small business’s entire
gross annual revenue, which may differ
from revenue relied upon in making the
credit decision, is the better approach to
implement this data point in final
§ 1002.107(a)(14). Moreover, the Bureau
notes that—unlike for this final rule—a
business’s gross annual revenue is not
determinative of either HMDA or CRA
coverage. Here, the Bureau believes it is
important to obtain the applicant’s
entire gross annual revenue for more
accurate identification of business and
community development needs and
opportunities. The Bureau thus agrees
with commenters that gross annual
revenue data are important to assess the
availability of credit to the smallest
firms, especially those owned by
women, minorities, and LGBTQI+
individuals. Moreover, for credit
transactions that are underwritten
without consideration or collection of a
small business’s gross annual revenue,
no information would be reported for
this data point under a relied-upon
standard. Lastly, the Bureau believes it
important to ensure that the gross
annual revenue figure used to determine
small business status is the same total
figure as the gross annual revenue
reported for the data point. Using
different figures could create data
discrepancies and disconnects and
would ultimately result in greater
compliance risk for financial
institutions.
In addition, the Bureau does not
believe that financial institutions need a
safe harbor to ensure that whatever
gross annual revenue number is
supplied by the applicant can be
reported or that it would be appropriate
to remove the requirement to report
verified gross annual revenue
information when the financial
institution in fact verifies it. Final
comment 107(a)(14)–1 already clarifies
that a financial institution need not
verify gross annual revenue information
provided by the applicant to comply
with final § 1002.107(a)(14) and thus a
safe harbor is not necessary to allow
reporting of the gross annual revenue
number supplied by the applicant. As
one commenter explained, some
financial institutions already revise
application information in their systems
with a verified gross annual revenue
number and thus the Bureau does not
believe that reporting verified revenue
when the financial institution already
possesses that information will be
operationally difficult. In such
situations, the financial institution may
report the verified number retained in
its system and is not required to
maintain both numbers in its system.
PO 00000
Frm 00180
Fmt 4701
Sfmt 4700
Moreover, the Bureau agrees with the
commenter who stated that the accuracy
of determining whether the credit needs
of small businesses are being met hinges
on collecting and reporting the revenue
size of the business and thus the Bureau
believes that reporting verified revenue
when available will enhance the
accuracy of the information collected.
With respect to requests for guidance
from commenters regarding acceptable
sources of gross annual revenue
information, the Bureau does not
believe it would be appropriate to
require the use of any specific
documentation. However, the Bureau
notes that gross annual revenue
information can be reasonably derived
from a variety of sources including tax
returns, accountant-prepared financial
statements, internal profit and loss
statements, cash flow analyses, or any
type of business income documentation
that the financial institution reasonably
relies on in the normal course of
business.
With respect to comments regarding
how to calculate gross annual revenue,
the Bureau notes that the suggested
applicant question in final comment
107(a)(14)–1 states that gross annual
revenue is the amount of money the
business earned before subtracting taxes
and other expenses. The comment
further states that an applicant may
provide gross annual revenue calculated
using any reasonable method. Different
business units within the financial
institution may use different methods to
ascertain gross annual revenue, as long
as the methods are used consistently
within each business unit.
The Bureau believes that situations
could arise in which the financial
institution has identified that an
applicant is a small business for the
purposes of final § 1002.106(b) through,
for example, a screening question asking
whether the applicant’s gross annual
revenue is $5 million or less, but then
the financial institution is unable to
collect or determine a specific gross
annual revenue amount. Therefore, the
Bureau is finalizing comment
107(a)(14)–2 substantively as proposed.
The comment first clarifies that
pursuant to final § 1002.107(c), a
financial institution shall maintain
procedures reasonably designed to
collect applicant-provided data,
including the gross annual revenue of
the applicant. The final comment then
states that if a financial institution is
nonetheless unable to collect or
determine the specific gross annual
revenue of the applicant, the financial
institution reports that the gross annual
revenue is ‘‘not provided by applicant
and otherwise undetermined.’’ The
E:\FR\FM\31MYR2.SGM
31MYR2
lotter on DSK11XQN23PROD with RULES2
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
Bureau believes that permitting this
reporting flexibility will reduce the
complexity and difficulty of reporting
gross annual revenue information,
particularly when an application has
been denied or withdrawn early in the
process and gross annual revenue could
not be collected.
The Bureau is finalizing comment
107(a)(14)–3 with minor revisions for
clarity and consistency. The Bureau is
adopting commenters’ suggestions to
add a cross reference to comment
106(b)(1)–3 and to remove an example
provided in the proposed commentary
for additional clarity. This example
would have provided that if the
financial institution does not normally
collect information on affiliate revenue,
the financial institution reports only the
applicant’s revenue and does not
include the revenue of any affiliates
when it has not collected that
information. The Bureau shares the
commenter’s concern that this comment
may be interpreted to preclude a
financial institution that does not
collect affiliate revenue in all
transactions from collecting affiliate
revenue in some transactions and
believes the comment is sufficiently
clear without this example.
Final comment 107(a)(14)–3 also
clarifies that a financial institution is
permitted, but not required, to report
the gross annual revenue for the
applicant that includes the revenue of
affiliates as well. For example, if the
financial institution has not collected
information on affiliate revenue, the
financial institution reports only the
applicant’s revenue and does not
include the revenue of any affiliates.
The Bureau is adopting suggested
revisions to comment 107(a)(14)–3 and
additionally notes that a financial
institution that does not collect affiliate
revenue in all transactions is not
precluded from collecting affiliate
revenue in some transactions. The
Bureau believes this comment is
responsive to one commenter’s question
about how to report gross annual
revenue for an applicant with two
businesses because it permits, but does
not require, reporting of gross annual
revenue for an applicant that includes
the revenue of affiliates, which may
include a business with common
ownership. Final comment 107(a)(14)–3
concludes by explaining that in
determining whether the applicant is a
small business under proposed
§ 1002.106(b), a financial institution
may rely on an applicant’s
representations regarding gross annual
revenue, which may or may not include
affiliates’ revenue. The Bureau noted
that final comment 106(b)–3 follows the
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
same approach to affiliate revenue for
purposes of determining whether an
applicant is a small business under final
§ 1002.106(b). The Bureau believes that
this operational equivalence between
final § 1002.107(a)(14) and final
§ 1002.106(b) will facilitate compliance
and enhance data consistency.
The Bureau recognizes, as noted by
commenters, that there may be
inconsistencies in the data where one
financial institution looks like it is
lending more to small(er) businesses as
it opts not to include gross annual
revenue of affiliates versus another
financial institution that opts to include
such revenue when it reports the gross
annual revenue of an applicant.
However, the Bureau is not requiring
reporting of the gross annual revenue of
both the applicant and all of its
affiliates, nor is it requiring reporting of
revenue for parent companies and
beneficial owners of limited liability
companies. The Bureau believes that
permitting, but not requiring, a financial
institution to include the revenue of
affiliates will carry out the purposes of
section 1071 while reducing undue
burden on financial institutions in
collecting gross annual revenue
information. The Bureau considered
whether there are feasible methods to
identify the presence of affiliate
revenue, as a commenter suggested, but
ultimately has determined that such an
identifier could interfere with allowing
a financial institution to rely on an
applicant’s self-reported gross annual
revenue information and, in any case,
would introduce additional complexity
into reporting. In response to a question
about whether revenue or income relied
upon from co-signers or guarantors that
are not affiliates of the applicant should
be factored into the gross annual
revenue determination, the Bureau
notes that the final rule only requires
the collection and reporting of gross
annual revenue of the applicant.
The Bureau understands there may
also be instances, as indicated by one
commenter, where the applicant may
use multiple owned businesses/affiliates
to support sufficient cashflow, and in
those instances, a financial institution
may rely on an applicant’s
representations regarding gross annual
revenue that include affiliates’ revenue.
For additional guidance on what types
of entities may be affiliates of an
applicant, e.g., as a result of common
ownership or common control, see the
section-by-section analyses of
§§ 1002.102(a) and 1002.106(b).
The Bureau has considered the
comments regarding the treatment of
real estate affiliate revenue, but is not
adopting revisions to, in the case of
PO 00000
Frm 00181
Fmt 4701
Sfmt 4700
35329
single purpose entities, allow a financial
institution to categorize all owners of
any real property listed on an
applicant’s Schedule Of Real Estate
Owned as affiliates of the applicant. The
Bureau is likewise not adopting
revisions to allow a financial institution
to estimate or project the gross annual
revenue of any income-producing real
property for purposes of determining
the applicant’s small business status.
The Bureau agrees that under the SBA’s
general principles of affiliation,
‘‘common investments’’ affiliation can
be based on shared investments in or
joint ownership of real estate.663 Thus,
the owners of real estate that is also
owned by the applicant may be affiliates
of the applicant. However, the Bureau is
not adopting the suggested revisions to
commentary because affiliate
determinations are inherently factspecific and rebuttable,664 and the
Bureau does not believe it would be
appropriate to categorize all entities as
affiliates based on a form listing.
The Bureau has considered the
comments regarding whether financial
institutions should be permitted to
estimate or extrapolate gross annual
revenue from partially reported revenue
or other information, and is making a
minor revision in final comment
107(a)(14)–1 to emphasize a manageable
method for collecting full gross annual
revenue when a financial institution
does not already do so. Specifically,
final comment 107(a)(14)–1 clarifies that
a financial institution may rely on the
applicant’s statements or on information
provided by the applicant in collecting
and reporting gross annual revenue,
even if the applicant’s statement or
information is based on estimation or
extrapolation, and that an applicant may
provide gross annual revenue calculated
using any reasonable method. As such,
when an applicant does not yet have
fiscal year information completed (a
hypothetical provided by a commenter),
the applicant may choose to provide its
gross annual revenue using any
reasonable method, including
663 See 13 CFR 121.103(f) (‘‘Individuals or firms
that have identical or substantially identical
business or economic interests (such as family
members, individuals or firms with common
investments, or firms that are economically
dependent through contractual or other
relationships) may be treated as one party with such
interests aggregated.’’) (emphasis added); Small
Bus. Admin., Small Business Compliance Guide: A
Guide to the SBA’s Size Program and Affiliation
Rules (July 2020), https://www.sba.gov/sites/
default/files/2020-10/AFFILIATION%20GUIDE_
Updated%20%28004%29-508.pdf.
664 See, e.g., 13 CFR 121.103(f) (‘‘Where SBA
determines that such interests should be aggregated,
an individual or firm may rebut that determination
with evidence showing that the interests deemed to
be one are in fact separate.’’).
E:\FR\FM\31MYR2.SGM
31MYR2
lotter on DSK11XQN23PROD with RULES2
35330
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
estimating or extrapolating based on a
prior fiscal year’s tax return. The Bureau
believes that this flexibility will help
address concerns from commenters that
tax returns may not be immediately
available upon the close of a fiscal year.
As noted by another commenter, an
applicant may alternatively wish to
provide revenue figures generated by a
technology company’s online platform
(e.g., through sales on the company’s
online marketplace). The Bureau notes
that under final § 1002.107(b), however,
a financial institution must report
verified gross annual revenue
information if available. Moreover, as
provided by new comment 107(c)–5, a
financial institution reports updated
applicant-provided data if it obtains
more current data during the
application process; if this updated
information is on data the financial
institution has already verified, the
financial institution reports the
information it believes to be more
accurate, in its discretion.
The Bureau also wishes to clarify
some apparent confusion among some
commenters who claimed that the
proposal would have allowed financial
institutions to extrapolate or estimate an
applicant’s revenue to determine
whether or not a business is a small
business. The proposal indicated that
financial institutions could rely on
extrapolated or estimated revenue
information provided by applicants.
The Bureau is making this position clear
with final comment 107(a)(14)–1. The
Bureau sought comment on whether
financial institutions should be
permitted to estimate or extrapolate
gross annual revenue from partially
reported revenue or other information,
and how such estimation or
extrapolation would be carried out. On
this issue, the Bureau does not believe
that it would be appropriate to permit
such estimation or extrapolation for the
identification of small businesses about
whom data collection and reporting is
required, and thus financial institutions’
own extrapolation or estimation should
likewise not be used in reporting gross
annual revenue in order to maintain
consistency.
With respect to comments asking how
to report gross annual revenue for a
startup business, a new line of business,
and/or a business with a change in
structure or ownership, the Bureau is
adding new comment 107(a)(14)–4,
which notes that in a typical startup
business situation, the applicant will
have no gross annual revenue for its
fiscal year preceding when the
information is collected because either
the startup existed but had no gross
annual revenue or it simply did not
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
exist in the preceding fiscal year. In
these situations, the financial institution
reports that the applicant’s gross annual
revenue in the prior fiscal year is
‘‘zero.’’ The Bureau agrees with the
commenter that suggested, for a start-up
business, the financial institution
should use the actual gross annual
revenue for its preceding fiscal year
(including the reporting of $0 if a new
business has had no revenue to date)
and that pro forma projected revenue
figures should not be reported since
these figures do not reflect actual gross
revenue.
In situations where an applicant is
establishing a new line of business but
already has revenue in other businesses,
such as in the case of a sole proprietor
with an established in-home child-care
center who now seeks financing to start
a new line of business offering housecleaning services, the Bureau notes that
final comment 107(a)(14)–3 clarifies that
a financial institution is permitted, but
not required, to report the gross annual
revenue for the applicant that includes
the revenue of affiliates as well. This
comment may also apply to situations
where there is a change in structure or
ownership of the business. In response
to a question from a commenter, the
Bureau does not believe that treatment
of affiliate gross annual revenue
information should differ based on
whether or not the new business line
was in the same industry as the existing
businesses. The Bureau notes that
according to the definition of affiliate
provided in final § 1002.102(a), which
refers to the SBA’s rules for determining
affiliation (13 CFR 121.103), affiliation
is not limited to businesses in the same
industry. The Bureau also notes that
final § 1002.106(a) defines a business as
having the same meaning as the term
‘‘business concern or concern’’ in 13
CFR 121.105, which expressly provides
that a firm will not be treated as a
separate business concern if a
substantial portion of its assets and/or
liabilities are the same as those of a
predecessor entity and that the annual
receipts and employees of the
predecessor will be taken into account
in determining size. This successor-ininterest rule would apply to situations
where a business reorganized, and a
new entity emerges with essentially the
same assets and liabilities as the old
concern.665
The Bureau is not exempting new
businesses from having application data
reported, as suggested by one
commenter, because the Bureau believes
that doing so would contravene section
665 See Size Appeal of Willowheart, LLC, SBA No.
SIZ–5484, at *4 (July 10, 2013).
PO 00000
Frm 00182
Fmt 4701
Sfmt 4700
1071’s statutory purposes. The Bureau
does not believe that the final rule will
disproportionately impact credit
opportunities (or compliance) for newly
formed businesses that do not have the
historical gross annual revenue.
However, as suggested by a commenter,
the Bureau will track questions related
to collecting and reporting gross annual
revenue information and may develop
FAQs or other materials as necessary to
help financial institutions help
applicants determine what number to
supply for gross annual revenue,
particularly when a business is starting
up or establishing a new business line.
The final rule does not permit
financial institutions the option to use
the gross annual revenue figures
provided by an applicant for up to three
years from the date of an application for
which the information was gathered, as
requested by one commenter. However,
under final § 1002.107(d), discussed
below, the Bureau is permitting
financial institutions to reuse previously
collected gross annual revenue
information when the data were
collected within the same calendar year
as the current covered application. The
statutory requirement is for the
applicant’s gross annual revenue in the
last fiscal year preceding the date of the
application; the Bureau does not believe
that revenue information from years
prior to the last fiscal year would satisfy
this requirement.
107(a)(15) NAICS Code
Proposed Rule
The SBA customizes its size standards
on an industry-by-industry basis using
1,012 6-digit NAICS codes.666 The first
two digits of a NAICS code broadly
capture the industry sector of a
business. The third digit captures the
industry’s subsector, the fourth captures
the industry group, the fifth captures the
industry code, and the sixth captures
the national industry. The NAICS code
thus becomes more specific as digits
increase and the 6-digit code is the most
specific.
ECOA section 704B(e)(2)(H)
authorizes the Bureau to require
financial institutions to compile and
maintain ‘‘any additional data that the
Bureau determines would aid in
fulfilling the purposes of [section
1071].’’ The Bureau proposed in
§ 1002.107(a)(15) to require that
666 See U.S. Census Bureau, North American
Industry Classification System, at 41 (2022) https://
www.census.gov/naics/reference_files_tools/2022_
NAICS_Manual.pdf. At the time of the NPRM, there
were 1,057 6-digit NAICS codes. See U.S. Census
Bureau, North American Industry Classification
System, at 26 (2017) https://www.census.gov/naics/
reference_files_tools/2017_NAICS_Manual.pdf.
E:\FR\FM\31MYR2.SGM
31MYR2
lotter on DSK11XQN23PROD with RULES2
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
financial institutions collect and report
an applicant’s 6-digit NAICS code.
Proposed comment 107(a)(15)–1 would
have provided general background on
NAICS codes and would have stated
that a financial institution complies
with proposed § 1002.107(a)(15) if it
uses the NAICS codes in effect on
January 1 of the calendar year covered
by the small business lending
application register that it is reporting.
Proposed comment 107(a)(15)–2 would
have clarified that, when a financial
institution is unable to collect or
determine the applicant’s NAICS code,
it reports that the NAICS code is ‘‘not
provided by applicant and otherwise
undetermined.’’
The Bureau also proposed that
financial institutions be permitted to
rely on NAICS codes obtained from the
applicant or certain other sources,
without having to verify that
information itself. Specifically,
proposed comment 107(a)(15)–3 would
have clarified that, consistent with
proposed § 1002.107(b), a financial
institution may rely on applicable
applicant information or statements
when collecting and reporting the
NAICS code and would have provided
an example of an applicant providing a
financial institution with the applicant’s
tax return that includes the applicant’s
reported NAICS code. Proposed
comment 107(a)(15)–4 would have
provided that a financial institution may
rely on a NAICS code obtained through
the financial institution’s use of
business information products, such as
company profiles or business credit
reports, which provide the applicant’s
NAICS code.
The Bureau believed that collecting
the full 6-digit NAICS code (as opposed
to the 2-digit sector code) would better
enable the Bureau and other
stakeholders to drill down and identify
whether disparities arise at a more
granular level and would also enable the
collection of better information on the
specific types of businesses that are
accessing, or struggling to access, credit.
For example, a wide variety of
businesses, including those providing
car washes, footwear and leather goods
repair, and nail salons, all fall under the
2-digit sector code 81: Other Services
(except Public Administration). With a
2-digit NAICS code, all of these business
types would be combined into one
analysis, potentially masking different
characteristics and different outcomes
across these business types.
To address concerns related to the
complexity of determining a correct
NAICS code, the Bureau proposed a safe
harbor to indicate that an incorrect
NAICS code entry is not a violation of
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
subpart B if the first two digits of the
NAICS code are correct and the
financial institution maintains
procedures reasonably adapted to
correctly identify the subsequent four
digits (see proposed § 1002.112(c)(2)).
The proposed NAICS-specific safe
harbor would have been available to
financial institutions in addition to the
general bona fide error exemption under
proposed § 1002.112(b).
The Bureau sought comment on its
proposal to collect 6-digit NAICS codes
together with the safe harbor described
in proposed § 1002.112(c)(2). The
Bureau also sought comment on
whether requiring a 3-digit NAICS code
with no safe harbor would be a better
alternative.
Comments Received
The Bureau received comments from
a wide range of lenders, trade
associations, community groups, and
others regarding the reporting of a
6-digit NAICS code as proposed in
§ 1002.107(a)(15). Numerous
community groups as well as a few
lenders supported the Bureau’s proposal
and urged collection of a 6-digit NAICS
code. Several commenters emphasized
that 1071 data would adequately
achieve a fair lending purpose only if
they contain key variables that are used
in underwriting and enable meaningful
fair lending analysis. Commenters stated
that NAICS codes provide critical
context to understanding credit
underwriting decisions and help ensure
that fair lending analysis is focused on
similarly situated businesses. A few
commenters stated that these data must
be reported so that lenders cannot hide
behind data not collected as the
justification for their lending disparities.
A bank and a bank trade association
stated that NAICS code could
potentially be helpful in demonstrating
a non-discriminatory basis for credit
decisions with respect to applicants in
different industries. The trade
association stated that, at most, the
Bureau should only add limited data
points pursuant to ECOA section
704B(e)(2)(H) that are considered by the
financial institution in the credit
underwriting process, citing NAICS
code and time in business as examples.
Another trade association said that
NAICS codes have the advantage of
being independently defined and
available for reference. The commenter
stated that if a NAICS code is supplied
by the applicant and published by the
Bureau only in the aggregate, the NAICS
code can contribute useful information
without unduly burdening lenders.
Some commenters stated that a 2- or
3-digit NAICS code would be too high
PO 00000
Frm 00183
Fmt 4701
Sfmt 4700
35331
a level of aggregation to facilitate fair
lending analysis. A CDFI lender stated
that a 6-digit code will offer the most
precise insight into the industries that
lenders serve, whereas a 3-digit NAICS
code will leave unnecessary ambiguity
in the data. The commenter provided
the example of a dry cleaner sharing the
same 3-digit NAICS code as a mortuary
and a parking lot.
Furthermore, a number of community
groups and several lenders stated that
6-digit NAICS codes are useful for
identifying certain industries’ ability to
access small business credit and to
identify areas of unmet need. For
example, one community group asserted
that the ability to identify needs and
opportunities for small businesses
requires the ability to compare lending
by sector to the total number of
businesses in that sector based on other
public data sources.
Moreover, some lenders and
community groups said that it is already
standard practice for many small
business lenders to collect NAICS
codes. For example, these commenters
noted that lenders already collect
NAICS codes for SBA loans, Equal
Employment Opportunity Commission
certifications, and CDFI loans.
In contrast, many industry
commenters, along with several
business advocacy groups and other
commenters, generally opposed the data
points proposed pursuant to ECOA
section 704B(e)(2)(H), including NAICS
code, as discussed in the section-bysection analysis of § 1002.107(a) above.
In addition, the majority of industry
commenters to address this issue
specifically opposed collection of
6-digit NAICS codes. These commenters
expressed concerns about the burden on
both lenders and applicants and the
complexity of determining the
appropriate NAICS code. Concerns
raised by commenters included, for
example, that collecting NAICS codes
would slow the loan application
process; most lenders are unfamiliar
with NAICS codes or do not currently
collect them; lenders would have to
change their operating procedures
significantly which would create strain
on staff and resources; and it would add
more costs to the lending process which
may be passed on to small business
borrowers.
Many industry commenters also
voiced concern regarding accuracy and
data integrity, explaining that small
businesses often do not know their
NAICS code or may operate in multiple
NAICS sectors. Other challenges cited
by commenters included the business
changing over time; codes having
overlapping definitions; and
E:\FR\FM\31MYR2.SGM
31MYR2
lotter on DSK11XQN23PROD with RULES2
35332
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
classifications being prone to human
error. For example, two trade
associations noted that their members
who made Paycheck Protection Program
loans reported that many applicants
were unfamiliar with NAICS codes.
Additionally, some industry
commenters expressed concern about
verifying applicant-provided data and
potential liability if the NAICS code is
incorrect. One commenter noted that
NAICS code classifications could be
subject to change based on SBA
rulemaking and thus financial
institutions would need to monitor such
developments. A credit union trade
association stated that the identification
of business and credit needs can be
accomplished without explicit reference
to NAICS codes, such as by leveraging
already existing data sources and
voluntary surveys of business owners.
In addition, the trade association
asserted that sector-specific analysis of
business credit supply and demand is
best left to the SBA, which already
collects NAICS information through its
lending programs.
Several commenters raised concerns
that requiring NAICS codes would add
confusion to the lending process. A
trade association argued that requiring
NAICS codes will create frustration for
the small business borrower, including
delayed application processing, and
additional time and operational burden
by banks to ensure the information is
gathered and entered. They asserted that
while NAICS codes are generally
provided with some tax documents,
lenders found borrower confusion when
making Paycheck Protection Program
loans, particularly when certain NAICS
codes allowed for a more generous loan
amount and certain small businesses
were unable to benefit from higher loan
amounts for certain sectors due to
mismatched NAICS codes. Another
commenter stated that applicants may
struggle to determine which code to
report, especially if the nature of the
business changes over time or falls
under multiple categories.
A number of industry commenters
also expressed concern regarding
privacy risks in collecting the 6-digit
NAICS code. These commenters
highlighted the risk of borrower reidentification, particularly in rural areas
and smaller communities. Some
commenters stated that NAICS code
combined with census tract would make
it easy to re-identify a small business. In
addition, while a community group
supported collection of a 6-digit code, it
stated that the public database should
provide only 4-digit NAICS codes to
address privacy concerns.
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
In addition, a few commenters
asserted that collecting NAICS codes
would not advance the purposes of
section 1071, arguing that collecting
NAICS codes does not provide
information that would inform fair
lending analysis. For example, one bank
stated that NAICS code would be of
minimal value to fair lending analytics
given the complexity of small business
lending, such as the scope and size of
the business. Moreover, several banks
stated that they do not currently collect
NAICS codes and that NAICS codes are
not used in underwriting or financial
analysis purposes.
A few industry commenters
supported collection of a 2-digit NAICS
code, stating that this would achieve the
intended policy goal without creating
unnecessary burdens and heightened
costs, as well as protect the privacy of
market participants. A trade association
for online lenders supported collection
of a 4-digit NAICS code, stating it would
provide sufficient information while
mitigating risk of re-identification and
avoiding potential impacts and delays to
the borrower during the application
process. A joint letter from community
and business advocacy groups urged the
Bureau to permit the submission of a
3-digit code where the applicant does
not provide a 6-digit code. Finally, one
commenter suggested that the Bureau
coordinate with the U.S. Census Bureau
to create a suffix to a business’s NAICS
code that would identify its minorityowned or women-owned status. The
commenter stated that this would create
efficiencies across organizations and
provide an easier and more neutral
method of collecting demographic
information on applications. The
commenter further noted that this suffix
could be easily masked when loans are
sent to underwriters to ensure it does
not impact their decisions.
Final Rule
For the reasons set forth herein, the
Bureau is revising § 1002.107(a)(15) to
require that financial institutions collect
a 3-digit NAICS code for the applicant.
The Bureau is also finalizing proposed
comments 107(a)(15)–1, –2, and –5,
with minor adjustments for consistency.
Final comment 107(a)(15)–1 explains
what a NAICS code is, and final
comment 107(a)(15)–2 addresses what
to report if a financial institution is
unable to collect or otherwise determine
the applicant’s NAICS code. Proposed
comments 107(a)(15)–3 and –4, which
addressed a financial institution’s
reliance on information from the
applicant and from other sources, have
been removed as those issues are now
addressed in final comment 107(b)–1.
PO 00000
Frm 00184
Fmt 4701
Sfmt 4700
Final comment 107(a)(15)–3 (proposed
as comment 107(a)(15)–5) crossreferences the safe harbor in final
§ 1002.111(c)(3) for incorrect 3-digit
NAICS code entries. The Bureau has
considered commenters’ concerns
regarding the difficulties in obtaining an
accurate NAICS code as well as the
importance of NAICS codes for fair
lending and community development
analysis. The Bureau believes that
collecting the 3-digit NAICS code will
achieve the right balance between
minimizing burden on financial
institutions and small business
applicants, while also providing
valuable data to analyze fair lending
patterns and identify industry
subsectors with unmet credit needs.
The Bureau believes that NAICS code
data will considerably aid in fulfilling
both section 1071’s fair lending purpose
and its business and community
development purpose, even if the
NAICS code is not necessary for
determining whether an applicant is a
small business. While it will not
provide the same level of detail as a
6-digit code, the 3-digit code will still
help ensure that fair lending analysts
are comparing applicants with similar
profiles, thereby controlling for factors
that might provide non-discriminatory
explanations for disparities in
underwriting and pricing decisions.
Moreover, NAICS subsector codes are
useful for identifying business and
community development needs and
opportunities of small businesses,
which may differ widely based on
industry, even controlling for other
factors. For example, 3-digit NAICS
codes will help data users identify
subsectors where small businesses face
challenges accessing credit and
understand how small businesses in
different industries use credit.
Furthermore, the Bureau believes that
publication of NAICS codes (subject to
potential modification and deletion
decisions by the Bureau, as discussed in
part VIII below) will help provide for
some consistency and compatibility
with other public datasets related to
small business lending activity, which
generally use NAICS codes. This ability
to synthesize 1071 data with other
datasets may help the public use the
data in ways that advance both the
business and community development
and fair lending purposes of section
1071. The Bureau agrees with
commenters’ concerns that the 2-digit
NAICS code would not provide
sufficiently detailed information to aid
regulators and the public in monitoring
particular industries’ access to small
business credit.
E:\FR\FM\31MYR2.SGM
31MYR2
lotter on DSK11XQN23PROD with RULES2
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
The Bureau recognizes that covered
financial institutions not currently using
NAICS codes will need to gain
familiarity with the NAICS code system
and refer to NAICS subsector
classifications for all relevant
applications before reporting 3-digit
NAICS codes to the Bureau. To address
concerns related to the complexity of
determining a correct NAICS code,
particularly for covered financial
institutions that do not currently use
NAICS codes, the Bureau is permitting
a financial institution to rely on
applicable applicant information or
statements when compiling and
reporting the NAICS code, as well as
permitting a financial institution to rely
on a NAICS code obtained through the
financial institution’s use of business
information products, such as company
profiles or business credit reports (see
final comment 107(b)–1). In other
words, a financial institution may rely
on oral or written statements from an
applicant, other information provided
by an applicant such as a tax return, or
third-party sources such as business
information products. The Bureau
believes that being able to rely on
NAICS codes obtained from the
applicant or third-party sources
significantly eases potential difficulties
for financial institutions in collecting
and reporting a 3-digit NAICS code and
mitigates concerns about inadvertently
reporting an inaccurate code.
In response to industry concerns
regarding the accuracy of the NAICS
code and the burden of verifying
applicant-provided data, the Bureau
emphasizes that financial institutions
are permitted to rely on NAICS codes
obtained from the applicant or thirdparty sources, without having to verify
that information. Furthermore, the
Bureau has expanded the NAICS code
safe harbor in final § 1002.112(c)(3),
which makes clear that the safe harbor
extends to financial institutions that
rely on an applicant’s representations or
on other information regarding the
NAICS code. Final § 1002.112(c)(3) also
provides a safe harbor for incorrect
3-digit NAICS code entries, where the
financial institution identifies the
NAICS code itself, provided that it
maintains procedures reasonably
adapted to correctly identify a 3-digit
NAICS code. The Bureau has also
removed the term ‘‘appropriate’’ from
the regulatory text of § 1002.107(a)(15).
The Bureau believes the term is
unnecessary, particularly in light of the
revisions to the NAICS code safe harbor
in final § 1002.112(c)(3), and removing
it may help avoid potential confusion
regarding NAICS codes the financial
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
institution obtains from the applicant or
other sources.
Additionally, the Bureau understands
that multiple NAICS codes may apply to
a single business. While this may be
more of a concern with 6-digit codes, if
more than one 3-digit code applies to a
single business, only one 3-digit NAICS
code should be reported.
The Bureau acknowledges community
groups’ concern that collecting anything
less than 6-digit NAICS codes will result
in less precise data about industry
classification. The Bureau nonetheless
believes that its final rule requiring
collection and reporting of 3-digit
NAICS codes (along with the expanded
safe harbor) strikes an appropriate
balance in addressing the concerns
raised by industry and the importance
of NAICS code information in fair
lending and community development
analysis. The Bureau will monitor the
utility of the NAICS code data point
and, if warranted, may revisit the
required number of digits in the future.
Although the Bureau will address reidentification concerns generally by
modifying or deleting data upon
publication, the Bureau notes that its
shift to 3-digit NAICS codes will
decrease the risk of re-identification of
small business borrowers and related
natural persons in rural areas and
smaller communities. See part VIII
below for further discussion about the
privacy analysis and public disclosure
of data.
107(a)(16) Number of Workers
Proposed Rule
ECOA section 704B(e)(2)(H)
authorizes the Bureau to require
financial institutions to compile and
maintain ‘‘any additional data that the
Bureau determines would aid in
fulfilling the purposes of [section
1071].’’ In the proposed rule, the Bureau
stated that it believed that data
providing the number of persons
working for a small business applicant
would aid in fulfilling the business and
community development purpose of
section 1071. These data would allow
users to better understand the job
maintenance and creation that small
business credit is associated with and
help track that aspect of business and
community development.
Proposed § 1002.107(a)(16) would
have required financial institutions to
report the number of non-owners
working for the applicant.
Proposed comment 107(a)(16)–1
would have discussed the collection of
the number of workers. The proposed
comment would have stated that in
collecting the number of workers from
PO 00000
Frm 00185
Fmt 4701
Sfmt 4700
35333
an applicant, the financial institution
would explain that full-time, part-time,
and seasonal workers, as well as
contractors who work primarily for the
applicant, would be counted as workers,
but principal owners of the business
would not. The proposed comment
would have further stated that if the
financial institution was asked, it would
explain that volunteers would not be
counted as workers. This treatment of
part-time, seasonal, contract, and
volunteer workers would follow the
SBA’s method for counting
employees,667 with minor
simplifications. The Bureau sought
comment on whether further
modifications to the number of workers
data point were needed to facilitate this
operational simplification.
Proposed comment 107(a)(16)–1
would have also explained that workers
for affiliates of the applicant would only
be counted if the financial institution
were also collecting the affiliates’ gross
annual revenue.
The proposed comment would have
further explained that the financial
institution could rely on statements of
or information provided by the
applicant in collecting and reporting
number of workers, but if the financial
institution verifies the number of
workers provided by the applicant, it
must report the verified information.
Proposed comment 107(a)(16)–1
would have also provided sample
language that a financial institution
could use to ask about the number of
workers, if it does not collect the
number of workers by another method.
The Bureau provided the sample
language in the proposed comment,
which implements the simplified
version of the SBA definition referenced
above. The Bureau sought comment on
this method of collection, and on the
specific language proposed.
Proposed comment 107(a)(16)–2
would have first clarified that a
financial institution shall maintain
procedures reasonably designed to
collect applicant-provided information,
including the number of workers of the
applicant. The proposed comment
would have then stated that if a
financial institution is nonetheless
unable to collect or determine the
number of workers of the applicant, the
financial institution reports that the
number of workers is ‘‘not provided by
applicant and otherwise
undetermined.’’
The Bureau sought comment on its
proposed approach to the number of
workers data point, as well as on the
specific requests for comment above.
667 See
E:\FR\FM\31MYR2.SGM
13 CFR 121.106(a).
31MYR2
35334
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
lotter on DSK11XQN23PROD with RULES2
The Bureau also sought comment on
whether financial institutions collect
information about the number of
workers from applicants using
definitions other than the SBA’s, and
how the collection of this data point
could best be integrated with those
collections of information.
Comments Received
The Bureau received comments on its
proposed number of workers data point
from lenders, trade associations, and
community groups. A number of
commenters supported the Bureau’s
proposal. A few commenters urged the
Bureau to adopt the number of workers
data point, suggesting that it is
important for business and community
development purposes. A CDFI lender
and community group commenter said
that the number of workers data point
will help provide a greater
understanding of owner-operated and
microbusiness needs and accessibility to
affordable credit. Another community
group commented that the data point
provides insight into the number of jobs
created, retained and/or supported by
access to credit. This community group
further noted that the data point would
also assist in analysis of whether
businesses of various sizes fare
differently in the lending marketplace.
Many community groups expressed
support for collecting data on the
number of workers because they believe
it will help indicate whether smaller
businesses of various sizes will require
more support and technical assistance
when it comes to credit access. A
minority business advocacy group
commented that the data will help
determine various levels of economic
development and impact across the
country. A few commenters agreed with
the Bureau’s proposed method of
collecting the number of non-owner
workers and including part-time staff,
seasonal staff, and contractors that work
primarily for the business.
A trade association commented that
the important considerations are that
the Bureau provide language for lenders
to provide to applicants to help
applicants correctly answer the question
and that the Bureau emphasize that
financial institutions may rely on
statements made by the applicant
without incurring risk. Another industry
commenter suggested that the final rule
enable principal owners to count
themselves as workers because this
method is more common in industry
and would avoid confusion. A bank
recommended that the final rule
expressly permit covered financial
institutions to collect required data from
applicants through a variety of means,
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
including on the application form,
supplemental documents or forms, or
the sample data collection form. A CDFI
lender suggested that the Bureau require
financial institutions to report the
breakdown of full-time and part-time
workers.
The Bureau received many comments
from industry opposing the proposal to
collect data on the number of workers.
Some commenters stated that data on
the number of workers is not currently
collected and that some customers do
not readily have this information
available, though several noted they had
collected it for Paycheck Protection
Program loans. A trade association
stated that the data are unfamiliar to the
applicant or difficult to obtain and will
result in additional complexity,
confusion, and significant operational
and regulatory costs. Several
commenters indicated that it is not a
factor in the credit decision. A bank
stated that it is not in the banker’s role
to determine this information and there
is no reason to collect and monitor this
data point if the small business is a
creditworthy borrower.
A few industry commenters
questioned the value of this data point,
arguing that it would not aid in
fulfilling the fair lending purpose of
section 1071. Two asserted that without
context (for example, separating fulltime versus part-time and contract
workers) there seems to be little value
in collecting the information. One
suggested that collection is further
complicated when the gross annual
revenue of an affiliate is considered,
because then the number of workers for
the affiliate must be included. Several
industry commenters also stated that the
proposed general exclusion of affiliate
employees is problematic because some
of these employees may perform
substantial services for the applicant.
A bank commented that the CRA
already considers the impact of adding
jobs through small business and
community development loans. Another
bank commented that SBA uses either
the gross annual revenue or number of
workers, depending on the type of
business, to qualify businesses as small
and because the Bureau’s proposal
already contains a gross annual revenue
size test, it would be unnecessary to
collect the number of workers because
it is irrelevant to the credit decision and
determining the size of the business.
Final Rule
For the reasons set forth herein, the
Bureau is finalizing § 1002.107(a)(16)
with an addition and a minor revision
to the associated commentary. Pursuant
to its authority under ECOA section
PO 00000
Frm 00186
Fmt 4701
Sfmt 4700
704B(e)(2)(H), the Bureau believes that
data on the number of workers will aid
in fulfilling the business and
community development purpose of
section 1071. Data on the number of
persons working for a small business
applicant will provide data users and
relevant stakeholders with a better
understanding of the job maintenance
and creation that small business credit
provides.
In response to comments regarding
the complexity and difficulty in
collecting information about the number
of workers, the Bureau is adding a new
comment to require that financial
institutions report the number of
workers using ranges rather than
reporting the specific number of
workers. Final comment 107(a)(16)–1
provides that a financial institution
complies with § 1002.107(a)(16) by
reporting the number of people who
work for the applicant using the ranges
prescribed in the Filing Instructions
Guide. The Bureau believes that
reporting the number of workers in
ranges rather than a specific numerical
value will eliminate some of the
collection difficulties expressed by
commenters, such as determining the
exact number of employees when that
number varies throughout the year.
The Bureau is finalizing comment
107(a)(16)–2 (renumbered from
comment 107(a)(16)–1 in the proposed
rule) with some revisions as well as
additional guidance on how a financial
institution may collect information
about the number of workers in light of
final comment 107(a)(16)–1.
Specifically, a financial institution may
collect the number of workers from an
applicant using the ranges specified by
the Bureau in the Filing Instructions
Guide (as indicated in final comment
107(a)(16)–1) or as a numerical value.
Final comment 107(a)(16)–2 retains
from proposed comment 107(a)(16)–1
the discussion on collecting the number
of workers, including the sample
language to provide to applicants to ask
about the number of workers and the
statement that a financial institution
may rely on the applicant’s response,
but the Bureau is making minor edits for
clarity. The Bureau agrees with
commenters that these provisions are
helpful, and is including them to
facilitate compliance.
The Bureau agrees with commenters’
recommendations that financial
institutions should be able to rely on
statements made by the applicant and
should be permitted to collect required
data from applicants through a variety
of means. First, the rule does not limit
the means by which the number of
workers data can be collected, and
E:\FR\FM\31MYR2.SGM
31MYR2
lotter on DSK11XQN23PROD with RULES2
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
though it provides optional language to
use, it does not require the use of that
language. The Bureau believes that
allowing financial institutions to rely on
applicant-provided data will sufficiently
safeguard accuracy such that the
resulting data will aid in fulfilling the
purposes of section 1071. The Bureau
also believes that reporting the verified
number of workers when the financial
institution already possesses that
information will not be operationally
difficult, and will enhance the accuracy
of the information collected. To
facilitate compliance with the
regulation, the Bureau provides
guidance related to reliance on all
applicant-provided data, including
number of workers, in final comment
107(b)–1. Generally, that comment
permits reliance on statements of the
applicant or information provided by an
applicant; however, if a financial
institution verifies information, it
reports the verified data. For more
information on relying on statements
made by or provided by an applicant,
see the section-by-section analysis of
§ 1002.107(b).
The Bureau is finalizing comment
107(a)(16)–3 (renumbered from
proposed comment 107(a)(16)–2) with a
minor edit for clarity. Final comment
107(a)(16)–3 cites to § 1002.107(c),
which provides that a financial
institution shall maintain procedures
reasonably designed to collect
applicant-provided data, which
includes the number of workers of the
applicant. Comment 107(a)(16)–3
further explains that a financial
institution reports that the number of
workers is ‘‘not provided by applicant
and otherwise undetermined’’ if, despite
such procedures, the financial
institution is unable to collect or
determine the information. The Bureau
believes that allowing this response will
facilitate compliance when an applicant
does not provide the requested data.
The final rule does not require
financial institutions to report the
distinction between various worker
categories such as full time versus part
time, as recommended by some
commenters. The Bureau believes that
requiring distinctions between various
worker categories could introduce
unnecessary complexity and
compliance challenges. The final rule
also does not include principal owners
in the number of workers, as
recommended by a commenter. The
final rule requires the separate
collection of the number of principal
owners in final § 1002.107(a)(20), and
the Bureau believes that this
differentiation will improve the
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
granularity and usefulness of the data
collected.
The Bureau acknowledges comments
noting that some financial institutions
do not collect or maintain data on
number of workers nor is the
information used in their credit
decisions. However, the Bureau believes
that number of workers is critical to
further the business and community
development purpose of section 1071
and the Bureau does not believe it will
be particularly difficult for financial
institutions to obtain this information if
they do not do so already. The Bureau
has also provided sample language in
final comment 107(a)(16)–2 that a
financial institution may use to ask an
applicant about the number of workers.
With respect to questions from
commenters about how the number of
workers data point meets section 1071’s
purposes, as discussed above the Bureau
believes the data will provide insight
into small business credit that
contributes to job creation and
maintenance, as well as other trends in
the small business market’s ability to
grow and maintain workers, and the full
set of data required to be collected and
reported under this final rule should
provide sufficient context for
meaningful understanding of this data
point. Regarding the comment that the
CRA already considers the impact of
adding jobs through small business and
community development loans, the
Bureau notes that data collected under
section 1071 vary from data collected
under CRA and the institutions subject
to section 1071 are not necessarily
subject to CRA. Regarding the concerns
raised by commenters that the number
of workers for an applicant’s affiliates
must be counted if the affiliates’ gross
annual revenues are considered, the
Bureau notes that the applicant is
already providing information on
affiliate(s) in this situation, and the
financial institution can simply ask a
question regarding number of workers,
perhaps using the language provided in
final comment 107(a)(16)–2, and tell the
applicant to include affiliate
information.
107(a)(17) Time in Business
Proposed Rule
ECOA section 704B(e)(2)(H)
authorizes the Bureau to require
financial institutions to compile and
maintain ‘‘any additional data that the
Bureau determines would aid in
fulfilling the purposes of [section
1071].’’ In the proposed rule, the Bureau
stated that it believed that data
providing the time in business of a
small business applicant would aid in
PO 00000
Frm 00187
Fmt 4701
Sfmt 4700
35335
fulfilling both the business and
community development and fair
lending purposes of section 1071.
The Bureau proposed
§ 1002.107(a)(17) to require a financial
institution to collect and report the time
the applicant has been in business,
described in whole years, as relied on or
collected by the financial institution.
Proposed § 1002.107(a)(17) would have
required the data be reported in whole
years, rather than ranges of time,
because a financial institution would
have a definite number of years if it
collects this information presently, and
the Bureau believed that time in
business reported in whole years would
make the data more granular and useful.
Proposed comment 107(a)(17)–1
would have provided guidance on how
to report one of the two methods (relied
on or collected) for reporting the timein-business data point. The proposed
comment would have explained that,
regardless of which method is used, the
financial institution must report the
time in business in whole years, or
indicate if a business has not begun
operating yet, or has been in operation
for less than a year. Proposed comment
107(a)(17)–1 would have explained that
when the financial institution relies on
an applicant’s time in business as part
of a credit decision, it reports the time
in business relied on in making the
credit decision. However, the comment
would have further explained that
proposed § 1002.107(a)(17) would not
require the financial institution to rely
on an applicant’s time in business in
making a credit decision.
Proposed comment 107(a)(17)–1
would have also explained that the
financial institution may rely on
statements or information provided by
the applicant in collecting and reporting
time in business; however, pursuant to
proposed § 1002.107(b), if the financial
institution verifies the time in business
provided by the applicant, it must
report the verified information. This
guidance would have applied whether
the financial institution relies on the
time in business in making its credit
decision or not, although the Bureau
believed that verification would be very
uncommon when the financial
institution is not relying on the
information.
Proposed comment 107(a)(17)–2
would have provided instructions on
how to report the time in business relied
on in making the credit decision. The
proposed comment would have stated
that when a financial institution
evaluates an applicant’s time in
business as part of a credit decision, it
reports the time in business relied on in
making the credit decision. For
E:\FR\FM\31MYR2.SGM
31MYR2
lotter on DSK11XQN23PROD with RULES2
35336
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
example, the proposed comment would
have further explained, if the financial
institution relies on the number of years
of experience the applicant’s owners
have in the current line of business, the
financial institution reports that number
of years as the time in business.
Similarly, if the financial institution
relies on the number of years that the
applicant has existed, the financial
institution reports the number of years
that the applicant has existed as the
time in business. Proposed comment
107(a)(17)–2 would have then
concluded by stating that a financial
institution reports the length of business
existence or experience duration that it
relies on in making its credit decision,
and is not required to adopt any
particular definition of time in business.
Proposed comment 107(a)(17)–3
would have stated that a financial
institution relies on an applicant’s time
in business in making a credit decision
if the time in business was a factor in
the credit decision, even if it was not a
dispositive factor. The proposed
comment would have provided the
example that if the time in business is
one of multiple factors in the financial
institution’s credit decision, the
financial institution has relied on the
time in business even if the financial
institution denies the application
because one or more underwriting
requirements other than the time in
business are not satisfied.
Proposed comment 107(a)(17)–4
would have clarified that if the financial
institution does not rely on time in
business in considering an application,
pursuant to proposed § 1002.107(c)(1) it
shall still maintain procedures
reasonably designed to collect
applicant-provided information, which
includes the applicant’s time in
business. The proposed comment would
have explained that in collecting time in
business from an applicant, the
financial institution complies with
proposed § 1002.107(a)(17) by asking for
the number of years that the applicant
has been operating the business it
operates now. The proposed comment
would have further explained that when
the applicant has multiple owners with
different numbers of years operating
that business, the financial institution
collects and reports the greatest number
of years of any owner. Proposed
comment 107(a)(17)–4 would have then
concluded by making clear that the
financial institution does not need to
comply with the instruction if it collects
and relies on the time in business by
another method in making the credit
decision.
Proposed comment 107(a)(17)–5
would have explained that pursuant to
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
proposed § 1002.107(c)(1) a financial
institution shall maintain reasonable
procedures to collect information
provided by the applicant, which
includes the time in business of the
applicant, but if the financial institution
is unable to collect or determine the
time in business of the applicant, the
financial institution reports that the
time in business is ‘‘not provided by
applicant and otherwise
undetermined.’’
The Bureau sought comment on its
proposed approach to this data point.
The Bureau also sought comment on
whether time-in-business information
may be less relevant or collectable for
certain products or situations (such as
retailer-branded credit cards acquired at
point of sale) and whether reporting
‘‘not applicable’’ should be allowed in
those instances. In addition, the Bureau
sought comment on whether there
should be an upper limit on time in
business—for example, to allow
reporting of ‘‘over 20 years’’ for any
applicant of that duration, rather than
requiring reporting of a specific number
of years.
Comments Received
The Bureau received comments on its
proposed time in business data point
from a number of lenders, trade
associations, and community groups. A
number of commenters supported the
Bureau’s proposal to collect time in
business data with some pointing out
the importance of time in business for
the fair lending and community
development purposes of section 1071.
A trade association noted that time in
business data are potentially useful for
lenders, policymakers, regulators, and
communities and that this is a common
credit consideration for the type of
small business lending undertaken by
certain financial institutions. This trade
association asserted that the data can
help explain differences in underwriting
risk among small business applicants
and avoid misinterpretation of the
dataset by distinguishing potentially
riskier new businesses from established
businesses. A community group stated
that this data point is needed to assess
if access to credit is reasonably available
and whether there are geographical
barriers that do not seem present in
other areas based on analysis of the
data. This commenter further stated that
such analysis can help stakeholders
identify and ameliorate any access to
credit barriers for younger firms.
A bank and a trade association
commented that this data point could be
helpful in demonstrating a nondiscriminatory basis for different credit
decisions and may provide helpful
PO 00000
Frm 00188
Fmt 4701
Sfmt 4700
context for evaluating the basis for
credit decisions and conducting an
accurate, fact-based fair lending
analysis. A community group stated that
lenders already collect or consider the
number of years a small business has
been in operation as it is an element of
loan risk and underwriting. This
commenter further stated that time-inbusiness data would allow the
assessment of whether businesses of
similar duration are likely to receive
credit at comparable terms, such as by
comparing Black-owned, Latino-owned,
and Asian-owned start-ups with whiteowned start-ups. A number of
commenters noted in discussing data
points, including time in business, that
fair lending analysis requires a robust
set of key variables that are used in
underwriting. Relatedly, other
commenters stated that data collected
under the Bureau’s rule must be
sufficient to allow data users to
understand the characteristics of
applicants that are denied credit so as
to identify areas of unmet need and also
to be able to compare declined
applicants with those who are approved
for credit to look for evidence of
discrimination.
Commenters specifically pointed out
the importance of collecting information
regarding whether a business is a startup. A community group noted start-ups
and younger businesses generally have
more difficulties qualifying for credit,
and other commenters pointed out that
it is well known that start-ups often
struggle to access financing.
In contrast, the Bureau received many
comments from lenders and trade
associations generally opposing the
Bureau’s proposal to collect time in
business. One trade association
questioned how asking how long a
company has been in operation furthers
fair lending purposes. A few banks
stated that the information is not
considered for underwriting purposes or
relevant to the creditworthiness of the
applicant. An agricultural lender
asserted that time in business data can
be unknown, misleading, or not
relevant. A few industry commenters
asserted that time in business data are
not currently collected or maintained by
lenders. Some commenters said
collecting time in business data would
impose compliance burden and one also
said that it would add friction to the
application process. A bank stated that
customers do not have this type of
information readily available when
applying for a commercial loan. Another
bank noted that the data point adds a
layer of complexity, will not provide
useful information that advances section
1071, and goes beyond what other laws,
E:\FR\FM\31MYR2.SGM
31MYR2
lotter on DSK11XQN23PROD with RULES2
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
such as HMDA, require financial
institutions to collect. A trade
association commented that time in
business is unfamiliar to the applicant
or difficult to obtain and will result in
additional complexity, confusion, and
significant operational and regulatory
costs. Another trade association said
this data point involves complexities
because many small businesses cannot
provide an exact amount of time in
business due to name changes, mergers
and acquisitions, and other routine
events that complicate this calculation.
A bank stated that its borrowers rarely
keep good enough records to properly
state the date they began doing business.
An agricultural lender stated that time
in business can be difficult to determine
for a farming operation that may have
begun as a lifestyle venture or arose
from multiple generations of farming.
Some commenters expressed concerns
with the data to be collected as well as
the method of reporting. A bank stated
that it makes loans for startup
companies and relies on the applicant’s
experience in the given industry rather
than the length of time they have
operated their current business;
however, underwriting for an
established business uses the length of
time that specific business has been in
operation. Although the Bureau’s
proposal allows for the consideration of
business experience or business
longevity, this commenter and several
others asserted that the resulting data
gathered will not be comparable and
analysis of that data will be
meaningless. Another bank stated that
in most cases, the credit decision is a
combination of the number of years the
applicant has been in business and the
number of years the principals have
been in the industry, but if one
institution reports the number of years
the applicant has been in business and
another reports the number of years of
experience of the principals, they would
not appear to be as similarly situated as
they are; therefore, it will be impossible
to make comparisons or draw accurate
conclusions with respect to the
information submitted. Another bank
pointed out this same issue and stated
that the mixture of responses would
lead to unreliable information,
unjustifiable conclusions, and
unjustified burden on applicants and
financial institutions. Other banks and a
trade association also indicated that the
credit decision can be based on a
combination of the number of years the
applicant has been in business and the
number of years the principals have
been in the industry. Two of these
commenters also said that the Bureau
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
did not provide guidance on how to
report the data in these circumstances.
A bank trade association commented
that many small business borrowers
create new entities for various reasons
and expressed concern that the data
collected could suggest lenders are
giving more favorable treatment to new
small businesses as opposed to existing
ones. Another trade association stated
that collecting time in business using
management or owner experience rather
than the age of the business itself
undercuts the Bureau’s rationale that
time in business could explain the
difference in underwriting risk among
small business applicants and avoid
misinterpretation of data. This
commenter recommended that time in
business be collected at the financial
institution’s option. A bank was
concerned that time in business data
may make it appear to discriminate
against start-up businesses, explaining
that its practice has been to avoid
providing financing for start-up
businesses unless it can secure
government guaranties because in
distressed areas where the bank
generally lends, start-up businesses
have historically been unable to sustain
a repayment history for the loan term
due to business closure and liquidation.
Therefore, the bank explained, if
comparing this information for fair
lending, it will appear that they are
discriminating against start-up
businesses when there are studies
showing that minority-owned
businesses are under-financed as startups.
Several commenters requested the
Bureau provide clarification on certain
aspects of reporting the data point or
made recommendations for reporting
the data. A bank suggested that the
Bureau collect the time the business has
been active regardless of ownership
experience or time the current owners
have owned this business. A community
group recommended that financial
institutions be required to report the
time in business used when
underwriting the loan because time in
business could refer to either the time
period since the business was formally
incorporated or the time period of
operation. A bank requested
clarification on temporary lapses in
business and how to report seasonal
businesses. Several agricultural lenders
and a trade association suggested that if
this data point is not dropped then the
Bureau should tie it to the established
Farm Credit data point, ‘‘Year began
Farming,’’ because Farm Credit
associations already collect ‘‘Year began
farming.’’ These commenters reasoned
that there would be needless confusion
PO 00000
Frm 00189
Fmt 4701
Sfmt 4700
35337
in the context of agricultural credit if
there were separate and competing
definitions of ‘‘Time in business’’ and
‘‘Year began farming.’’ A bank
recommended that the easiest way to
report time in business information is
with a number in the column; however,
it suggested that for newer businesses,
particularly for those with less than one
year in business, the number should be
reported in ranges, e.g., 0–6 months or
7–12 months. A community group said
that credit card lenders should not be
able to routinely report ‘‘not applicable’’
for this data point because the
information should not be too hard to
ask for on an application form. A bank
and a trade association requested that
the Bureau allow all financial
institutions to report the applicant’s
time in business, whether used in credit
underwriting or collected from the
applicant, and to rely on the
information provided by the applicant.
These commenters also requested that
the Bureau include in the final rule a
safe harbor from liability for reporting
the applicant-provided time in business.
Another trade association also
recommended that the Bureau clarify
that financial institutions may rely on
statements made by the applicant
without incurring risk.
A bank commented that putting an
upper limit on years to report is not a
good idea and said that time in business
should always be reported as a specific
number of years. The bank reasoned that
there are businesses that struggle at the
5 year mark, the 10 year mark, or the 50
year mark. According to this bank, one
should not assume that applicants are
‘‘fine’’ because those years are above an
arbitrary number the Bureau has chosen.
Final Rule
For the reasons set forth herein, the
Bureau is finalizing § 1002.107(a)(17)
with revisions to the regulatory text and
commentary. As explained below,
financial institutions will be required to
report the time the applicant has been
in business, but the Bureau has revised
the requirements to provide financial
institutions more flexibility in collecting
the information. Pursuant to its
authority under ECOA section
704B(e)(2)(H), the Bureau determines
that collecting data on time in business
will further the purposes of section
1071, as further explained below.
The Bureau believes that time in
business will advance both statutory
purposes of section 1071. Research
illustrates the role that start-ups and
new businesses play in the business
ecosystem and in promoting important
community development aims, such as
E:\FR\FM\31MYR2.SGM
31MYR2
35338
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
lotter on DSK11XQN23PROD with RULES2
creating new jobs.668 Financial
institutions often have special credit
policies regarding start-ups and other
young businesses, including whether
the institution will extend credit to
start-ups at all, the type(s) of credit
products start-ups and new businesses
can apply for, and the amount of credit
for which they can be approved. Studies
generally show that start-ups experience
greater difficulty in accessing credit.669
Time in business data will benefit
data users, including financial
institutions, policymakers, economic
analysts, and communities by allowing
them to better identify the proportion of
small businesses seeking credit that are
start-ups or relatively new businesses,
the type(s) of credit offered to these
groups, the geographic setting of these
businesses, the types of financial
institutions that are reaching such
businesses, and where communities
might focus business development
efforts. The data may also aid
policymakers in addressing issues
impacting the growth of small start-ups.
The data, particularly as to unmet
demand, could help interested financial
institutions identify lending
opportunities to reach more start-ups
and new businesses, promoting both
business and community development.
This data point will also facilitate fair
lending analyses by providing a useful
control to identify similarly situated
applicants and eliminate some false
positives, while also allowing
monitoring of potential disparate
treatment of relatively new minorityand women-owned small businesses.
The Bureau understands from
commenters that there are complexities
associated with collecting time in
business information from an applicant
for various reasons, including applicant
difficulty providing an exact time
because of prior name changes, events
that affected the applicant’s structure,
multi-generational ownership, and
others discussed by commenters above.
668 See, e.g., Small Bus. Admin., 2018 Small
Business Profiles, at 1–2 (2018), https://
www.sba.gov/advocacy/2018-small-businessprofiles-states-and-territories?utm_
medium=email&utm_source=govdelivery; John
Haltiwanger et al., Who Creates Jobs? Small versus
Large versus Young, 95(2) Review of Econ. & Stat.,
at 347–61 (2013), https://direct.mit.edu/rest/article/
95/2/347/58100/Who-Creates-Jobs-Small-versusLarge-versus-Young.
669 For example, a Federal Reserve Bank of New
York report, based on data from the 2016 Small
Business Credit Surveys that included information
from 12 Federal Reserve Banks, provides statistics
on how start-ups are less likely to receive credit as
compared to mature businesses, even with
comparable credit scores. See Fed. Rsrv. Bank of
N.Y., Small Business Credit Survey: Report on Startup Firms, at iv (2017), https://www.newyorkfed.org/
medialibrary/media/smallbusiness/2016/SBCSReport-StartupFirms-2016.pdf.
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
In light of the feedback received, the
Bureau has revised the requirements for
reporting time in business information,
based on the financial institution’s
procedures. The Bureau is also not
finalizing this data point to include data
as relied on by the financial institution
to make a decision. Rather, the final rule
requires financial institutions to report
time in business as collected or
otherwise obtained. Although this
requirement is similar to reporting the
time in business relied on, the new
language makes clear that the financial
institution reports the time in business
collected or obtained regardless of
whether it relied on that information in
underwriting the application.
Commenters indicated that they may
base their credit decision on a
combination of factors, such as the time
the applicant has been in existence and
the time the owners have been in the
industry, while other commenters
indicated that they do not collect or use
time in business for underwriting
purposes. The Bureau believes that
standardizing the time in business data
point to be based on what the financial
institution collects or obtains
streamlines the requirement and
provides flexibility for the financial
institution to report time in business
information based on its credit policies
or programs rather than having to select
a time in business method specifically
for reporting pursuant to this rule.
Accordingly, the Bureau is not
finalizing ‘‘as relied on or collected by
the financial institution’’ in the
regulatory text. Final regulatory text for
§ 1002.107(a)(17) requires reporting of
the time the applicant has been in
business; however, the Bureau is
providing further details guidance in
commentary regarding time in business
collection and reporting, as explained
below. As some commenters suggested,
allowing different methods for
measuring time in business will have an
effect on the comparability of the data,
but information about the time in
business actually collected by the
financial institution for its own
purposes will be useful for fair lending
analysis and will impose less
operational difficulty than requiring
reporting based on a single definition.
For example, this method will allow a
financial institution to use the ‘‘year
began farming’’ date, as suggested by
some commenters, to report time in
business without further inquiry.
Final comment 107(a)(17)–1.i
provides that a financial institution
reports time in business in whole years
if, as part of its procedures, it collects
or obtains the number of years an
PO 00000
Frm 00190
Fmt 4701
Sfmt 4700
applicant has been in business. Final
comment 107(a)(17)–1.i also provides
guidance to make clear that if the
financial institution reports the number
of whole years, the financial institution
rounds down to the nearest whole year.
Final comment 107(a)(17)–1.ii provides
that if a financial institution does not
collect or obtain the number of years an
applicant has been in business, but as
part of its procedures it determines
whether or not the applicant has been
in business less than two years, then the
financial institution reports the
applicant’s time in business as either
less than two years or two or more
years. Final comment 107(a)(17)–1.iii
provides that if a financial institution
does not collect or obtain time in
business, either as number of years or a
determination as to whether the
applicant has been in business less than
two years, then the financial institution
complies with the rule by asking the
applicant whether it has been in
business less than two years or two or
more years. The Bureau is not finalizing
the provision in proposed comment
107(a)(17)–1.ii to require financial
institutions to indicate whether an
applicant has not begun operating yet or
has been in operation less than a year.
In addition, the Bureau is not requiring
that newer business applicants’ time in
business be reported in ranges, as one
commenter suggested. The Bureau
believes that time in business
information reported in whole years or
an indication of over or under two years
can provide data users with robust
information regarding start-ups and
newer businesses as well as the maturity
of other businesses, thus furthering the
purposes of section 1071 while also
simplifying collection and reporting.
Issues such as whether to report the
time in business based on the time of
incorporation or time of business
opening, lapses in business operation
such as for a seasonal business, and new
business entities that do not actually
constitute a new enterprise should all be
considered within the financial
institution’s discretion in collecting
time in business. The Bureau does not
believe that these scenarios will have a
significant effect on the quality of the
data reported, but crafting a rule that
takes them into account could
considerably increase the operational
difficulty of compliance.
Final comment 107(a)(17)–2 provides
that a financial institution that collects
time in business as part of its
procedures is not required to collect or
obtain time in business information
pursuant to a specific definition for the
purposes of this rule. The comment
E:\FR\FM\31MYR2.SGM
31MYR2
lotter on DSK11XQN23PROD with RULES2
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
provides examples of how a financial
institution may define time in business,
including by asking the applicant when
the business started or based on the
owner’s experience in the industry. As
discussed above, the Bureau
understands from commenters that a
financial institution may collect and/or
consider for underwriting both the
number of years the applicant has been
in business and the number of years of
experience an owner has in the
industry. In response to a comment
requesting clarification and to mitigate
other commenter concerns, final
comment 107(a)(17)–2 provides that if a
financial institution collects the number
of years the applicant has existed as
well as another measure of time in
business, such as the number of years of
experience an owner has in the
industry, the financial institution
reports the number of years the
applicant has existed as the time in
business. The Bureau believes that this
method will result in more uniform and
comparable data on time in business
and should not cause operational
difficulty because the financial
institution will be reporting information
that it already collects.
Comment 107(a)(17)–3 (renumbered
from proposed comment 107(a)(17)–6) is
finalized with minor clarifications.
Final comment 107(a)(17)–3 provides
that a financial institution is required to
maintain procedures reasonably
designed to collect applicant-provided
data, which includes time in business;
however, if the financial institution is
nonetheless unable to collect this
information, then the financial
institution reports ‘‘not provided by
applicant and otherwise undetermined’’
for the time in business data point. The
Bureau believes that providing this
reporting option will facilitate
compliance.
The Bureau acknowledges
commenters’ arguments that time in
business is not collected by some
financial institutions now nor used by
such institutions for underwriting
purposes. However, other industry
commenters indicated that they do
collect and use time in business for
underwriting (for example, commenters
stated the credit decision is based on a
combination of the number of years the
applicant has been in business and the
number of years the principals or
owners have in the industry).
Commenters also expressed concern
with the burden associated with
collecting time in business information.
The Bureau does not believe it would be
too difficult for financial institutions to
collect this information if they do not
already do so, and the ability to merely
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
ask whether a business has existed for
less than two years or two years or more
should reduce any complexity for
applicants in providing the information.
The Bureau also believes that collection
of time in business will further the dual
purposes of section 1071, as discussed
above. The final rule does not permit
time in business information be
reported at the financial institution’s
option, as the Bureau believes that if it
made this data point optional, very little
data would be reported.
With respect to the concern raised by
a commenter that reporting time in
business information may cause a
financial institution to appear to
discriminate against start-up businesses
because of its policy to avoid providing
financing to start-ups, the Bureau
believes that time in business
information will help mitigate concerns
of data misrepresentation and help
explain the credit decision made by a
financial institution. For example, data
indicating that an applicant is relatively
new with little experience or financial
history could explain why the financial
institution denied the application or
approved it for less than what was
applied for.
With respect to the recommendation
that the Bureau allow all financial
institutions to report the applicant’s
time in business whether used in credit
underwriting or collected from the
applicant, the final rule provides this
flexibility for financial institutions. The
final rule also allows the financial
institution to collect applicant-provided
data, including time in business
information, from appropriate thirdparty sources. See final § 1002.107(b).
The Bureau is not adopting a safe
harbor from liability for reporting the
applicant-provided time in business for
the reasons provided in the section-bysection analysis of § 1002.112(c).
Guidance related to relying on
information provided by an applicant
and appropriate third-party sources,
including time in business information,
is provided in final comment 107(b)–1.
(Similar content was included in
proposed comment 107(a)(17)–1.) That
comment explains that a financial
institution needs report verified
information only if it verifies
information from the applicant for its
own business purposes. Because the
rule makes clear that a financial
institution may rely on statements made
by or information from the applicant
regarding time in business and need not
verify its accuracy, the Bureau does not
believe that a safe harbor is necessary.
For more information on relying on
information provided by an applicant,
PO 00000
Frm 00191
Fmt 4701
Sfmt 4700
35339
see the section-by-section analysis of
§ 1002.107(b).
107(a)(18) Minority-Owned, WomenOwned, and LGBTQI+-Owned Business
Statuses Background
ECOA section 704B(b) requires
financial institutions to inquire whether
applicants for credit are minority-owned
and/or women-owned businesses and to
maintain a record of the responses to
that inquiry separate from the
applications and accompanying
information. Section 704B(c) provides
that applicants for credit may refuse to
provide information requested pursuant
to 704B(b). ECOA section 704B(e)(2)(H)
authorizes the Bureau to require
financial institutions to compile and
maintain ‘‘any additional data that the
Bureau determines would aid in
fulfilling the purposes of [section
1071].’’ The Bureau is finalizing
§ 1002.107(a)(18) to address how a
financial institution would collect and
report an applicant’s minority-owned
and women-owned business statuses,
along with LGBTQI+-owned business
status which the Bureau believes would
aid in fulfilling the purposes of section
1071.
The Bureau proposed appendix F to
provide instructions to aid financial
institutions when collecting minorityowned business status pursuant to
proposed § 1002.107(a)(18) and womenowned business status pursuant to
proposed § 1002.107(a)(19). However,
there was some duplication between
what was contained in proposed
appendix F and in proposed
§ 1002.107(a)(18) and (19) and
associated commentary.
As discussed further herein, final
§ 1002.107(a)(18) differs from proposed
§ 1002.107(a)(18) in a number of ways,
largely to streamline the rule and
facilitate compliance. First, the final
rule combines proposed
§ 1002.107(a)(18) and (19) into final
§ 1002.107(a)(18). Next, final
§ 1002.107(a)(18) also requires
collection of LGBTQI+-owned business
status. Finally, the commentary to final
§ 1002.107(a)(18) incorporates the
information contained in proposed
appendix F.
Proposed Rule—Proposed
§ 1002.107(a)(18) and (19)
In order to implement the section
1071 requirement that financial
institutions inquire whether applicants
for credit are minority-owned and/or
women-owned businesses, the Bureau
proposed § 1002.107(a)(18) to address
minority-owned business status, and
§ 1002.107(a)(19) to address womenowned business status. The text of these
E:\FR\FM\31MYR2.SGM
31MYR2
lotter on DSK11XQN23PROD with RULES2
35340
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
proposed provisions was otherwise
identical in their language. Proposed
§ 1002.107(a)(18) and (19) would have
required financial institutions to collect
and report whether an applicant is a
minority-owned or women-owned
business, respectively. Proposed
§ 1002.107(a)(18) and (19) would also
have required financial institutions to
collect and report whether minorityowned business status or women-owned
business status, respectively, was being
reported based on previously collected
data pursuant to proposed
§ 1002.107(c)(2). When the financial
institution requests minority-owned and
women-owned business statuses from
an applicant, the financial institution
would have been required to inform the
applicant that the financial institution
cannot discriminate on the basis of the
applicant’s minority-owned or womenowned business status, or on whether
the applicant provides this information.
Finally, proposed § 1002.107(a)(18) and
(19) would have referred to proposed
appendix F for additional details
regarding how financial institutions are
required to collect and report minorityowned or women-owned business
statuses, respectively. Proposed
appendix F would have included a
requirement that a financial institution
inform an applicant that the applicant is
not required to respond to the financial
institution’s questions regarding the
applicant’s minority-owned business
status and women-owned business
status and inform the applicant of a
prohibition on financial institutions
requiring applicants to provide this
information.670
Proposed comments 107(a)(18)–1 and
107(a)(19)–1 would have clarified that a
financial institution would be required
to ask an applicant if it is a minorityowned business or women-owned
business, respectively, for each covered
application unless the financial
institution is permitted to report
minority-owned business status or
women-owned business status,
respectively, based on previously
collected data. Additionally, the
financial institution would have been
required to permit an applicant to refuse
to answer the financial institution’s
inquiry and to inform the applicant that
it is not required to provide the
information. The financial institution
would have reported the applicant’s
response, its refusal to answer the
inquiry (such as when the applicant
670 Proposed appendix G would have included a
similar requirement to notify applicants that they
are not required to provide information regarding
principal owners’ ethnicity, race, and sex and of a
similar prohibition on financial institutions
requiring that applicants provide such information.
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
indicates that it does not wish to
provide the requested information), or
its failure to respond (such as when the
applicant fails to submit a data
collection form) to the inquiry.
Proposed comments 107(a)(18)–2 and
107(a)(19)–2 would have explained that
a financial institution must inform the
applicant that the financial institution
cannot discriminate on the basis of an
applicant’s minority-owned business
status or women-owned business status,
respectively, or on whether the
applicant provides the information.
These proposed comments would also
have clarified that a financial institution
may combine this non-discrimination
notice regarding minority-owned
business status or women-owned
business status, respectively, with the
similar non-discrimination notices that
a financial institution is required to
provide when requesting women-owned
business status or minority-owned
business status, respectively, and a
principal owner’s ethnicity, race, and
sex if a financial institution requests
such information in the same data
collection form or at the same time.
Proposed comments 107(a)(18)–3 and
107(a)(19)–3 would have explained
how, pursuant to proposed
§ 1002.111(b), financial institutions
must record an applicant’s response
regarding minority-owned business
status and women-owned business
status pursuant to proposed
§ 1002.107(a)(18) or (19), respectively,
separate from the application and
accompanying information. These
proposed comments would have also
provided examples of how responses
could be recorded separately from the
application and accompanying
information.
Proposed comments 107(a)(18)–4 and
107(a)(19)–4 would have stated that
pursuant to proposed § 1002.107(c)(1), a
financial institution shall maintain
procedures reasonably designed to
collect applicant-provided information,
which includes the applicant’s
minority-owned business status or
women-owned business status,
respectively. However, if a financial
institution did not receive a response to
its inquiry, the financial institution
would have reported that the applicant’s
minority-owned business status or
women-owned business status,
respectively, is ‘‘not provided by
applicant.’’
Proposed comments 107(a)(18)–5 and
107(a)(19)–5 would have stated that
notwithstanding proposed § 1002.107(b)
(regarding verification of applicantprovided information), a financial
institution would have reported the
applicant’s response, its refusal to
PO 00000
Frm 00192
Fmt 4701
Sfmt 4700
answer the inquiry, or its failure to
respond to the inquiry pursuant to
proposed § 1002.107(a)(18) or (19),
respectively, even if the financial
institution verifies or otherwise obtains
an applicant’s minority-owned business
status or women-owned business status
for other purposes. Moreover, a
financial institution would not have
been required or permitted to verify the
applicant’s responses to the financial
institution’s inquiries pursuant to
proposed § 1002.107(a)(18) or (19)
regarding minority-owned business
status or women-owned business status,
respectively.
Proposed comments 107(a)(18)–6 and
107(a)(19)–6 would have clarified that a
financial institution does not report
minority-owned business status or
women-owned business status,
respectively, based on visual
observation, surname, or any basis other
than the applicant’s response to the
inquiry that the financial institution
makes to satisfy proposed
§ 1002.107(a)(18) or (19), respectively,
or, if the financial institution was
permitted to report based on previously
collected data, on the basis of the
applicant’s response to the inquiry that
the financial institution previously
made to satisfy § 1002.107(a)(18) or (19),
respectively.
Proposed comments 107(a)(18)–7 and
107(a)(19)–7 would have clarified that a
financial institution may report
minority-owned business status or
women-owned business status,
respectively, based on previously
collected data if the financial institution
is permitted to do so pursuant to
proposed § 1002.107(c)(2) and its
commentary.
The Bureau sought comment on its
proposed approach to these data points,
including the proposed methods of
collecting and reporting the data. The
Bureau also requested comment on
whether additional clarification
regarding any aspect of these data points
is needed. In particular, the Bureau
sought comment on whether applicants
are likely to have difficulty
understanding and determining the
information they are being asked to
provide and, if so, how the Bureau may
mitigate such difficulties.
Proposed Rule—Proposed Appendix F
Proposed appendix F would have
provided instructions to aid financial
institutions when collecting minorityowned business status pursuant to
proposed § 1002.107(a)(18) and womenowned business status pursuant to
proposed § 1002.107(a)(19).
The Bureau proposed appendix F
pursuant to its authority under ECOA
E:\FR\FM\31MYR2.SGM
31MYR2
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
lotter on DSK11XQN23PROD with RULES2
section 704B(g)(1) to prescribe such
rules and issue such guidance as may be
necessary to carry out, enforce, and
compile data pursuant to section 1071,
in order to facilitate compliance with
the statutory requirements to collect
minority-owned and women-owned
business statuses pursuant to
704B(b)(1). Further, the Bureau
proposed appendix F pursuant to its
obligation in 704B(g)(3) to issue
guidance to facilitate compliance with
the requirements of section 1071,
including assisting financial institutions
in working with applicants to determine
whether the applicants are womenowned or minority-owned businesses.
The Bureau sought comment on the
proposed instructions, and generally
sought comment on whether additional
clarification regarding any aspect of the
proposed instructions was needed. The
Bureau further requested comment on
whether additional or different
instructions were needed for financial
institutions that choose not to use a
paper data collection form to collect
minority-owned business status or
women-owned business status, such as
collecting such information using a
web-based or other electronic data
collection form, or over the telephone.
The Bureau also sought comment
regarding the challenges faced by both
applicants and financial institutions by
the data collection instructions
prescribed in appendix F and
specifically requested comment on ways
to improve the data collection of
minority-owned business status and
women-owned business status.
Comments Received—Women-Owned
and Minority-Owned Business Statuses
The Bureau received comments on
proposed § 1002.107(a)(18) and (19) and
appendix F from some industry and
community group commenters.
Commenters uniformly supported the
Bureau’s proposal that the financial
institution would rely solely on the
applicant to determine minority-owned
and women-owned business statuses,
and that institutions should not be
required or permitted to verify an
applicant’s response. One commenter
requested that a financial institution not
be required to conduct any follow-up if
an applicant fails to provide the
information. Another noted that owners
and ownership status may change from
day to day. One said that the back-office
functions of financial institutions will
need to ensure the data are being
reported correctly and identify any
issues in the data, which will require an
increase in staff.
A commenter asserted that applicants
should be permitted to self-report
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
whether they have been certified by a
third-party organization as a minorityand/or women-owned business and the
name of the certifying organization,
which it said would promote the
objectives of section 1071 by
encouraging responses of relevant and
verifiable information. Another
commenter suggested that the Bureau
coordinate with the U.S. Census to
create a minority and women-owned
business suffix to a business’s NAICS
code which identifies their minority or
women-owned business status.
Regarding appendix F, some
commenters supported the proposed
approach to collecting information.
Several commenters requested that the
Bureau eliminate duplication and
include all mandatory statements in the
rule text, rather than in the appendices.
Comments Received—LGBTQI+-Owned
Business Status
As discussed in the section-by-section
analysis of § 1002.102(k) and (l) above,
regarding the definitions for LGBTQI+
individual and LGBTQI+-owned
business, the Bureau sought comment
on whether it should adopt a data point
to collect an applicant’s lesbian, gay,
bisexual, transgender, or queer
(LGBTQ+)-owned business status,
similar to the way it proposed to collect
minority-owned business status and
women-owned business status.
The Bureau received comments from
several banks, individual commenters,
and community groups on this issue.
Some commenters did not support
including such a data point in the final
rule, generally stating that asking for
such information would be offensive,
would be considered an invasion of
privacy, or would damage bankcustomer relationships. One commenter
said that applicants are unlikely to
provide this information and that an
applicant’s LGBTQ+-owned business
status is not considered in the lending
process and thus should not be part of
this data collection.
A few commenters also stated that
asking for such information could
potentially further segregate and
stigmatize LGBTQ individuals and their
businesses, when they already face bias
and discrimination. These commenters
also raised concerns about the privacy
and security of the collected
information, noting that storing it with
financial institutions and in a
nationwide database exposes the
information to not only authorized
persons but also potentially to hackers.
These commenters argued that although
there is some protection in the Federal
employment law context due to the U.S.
Supreme Court’s opinion in Bostock v.
PO 00000
Frm 00193
Fmt 4701
Sfmt 4700
35341
Clayton County,671 there are States
where discrimination against LGBTQ
individuals is legal and thus inferences
about one’s sexuality could have serious
negative impacts. They also expressed
concern that this information could be
used for unintended purposes. One
commenter also expressed a concern
that previously collected information
about an applicant’s LGBTQ+-owned
business status could be used
inappropriately.
Other commenters supported
inclusion of LGBTQ+-owned business
status in the final rule, generally
asserting the collection of information
about a business’ LGBTQ+-owned status
is appropriate and necessary under the
law. One commenter stated that
businesses owned by LGBTQ+
individuals face discrimination and bias
and urged the Bureau to use its ECOA
section 704B(e)(2)(H) authority to
require the collection of such
information. Another commenter argued
that data about lending availability to
LGBTQ-owned businesses will enhance
the Bureau’s ability to enforce fair
lending laws to protect them from
discrimination in credit, and identify
their credit needs. Another commenter
stated that collecting applicants’
LGBTQ+-owned business status is
necessary to ensure that LGBTQ+ small
business owners are being treated fairly
by lenders and fulfill the purposes of
section 1071. One commenter suggested
that the Bureau include an inquiry to
identify businesses who have
experienced impermissible sex
discrimination under ECOA without
requiring information on the owners’
specifically held identities if they do not
wish to disclose them. This commenter
suggested this would be consistent with
the Bureau’s proposal regarding the
collection of ethnicity and race.
A commenter also stated that there is
public and congressional support for the
collection of LGBTQ+-owned business
status information, noting that H.R.
1443, the LGBTQ Business Equal Credit
Enforcement and Investment Act, would
have amended ECOA to include a
definition for ‘‘LGBTQ-owned business’’
and require the collection of LGBTQowned business status.672
Commenters suggested that the
Bureau adopt the same approach it
proposed using for collecting minorityowned and women-owned business
statuses, by providing applicants with a
definition for LGBTQ-owned business
671 140 S. Ct. 1731 (2020). See the section-bysection analysis of § 1002.107(a)(19), under
Proposed Rule—Collecting Sex, for a discussion of
the Court’s holdings in Bostock.
672 H.R. 1443, 117th Cong. (2021).
E:\FR\FM\31MYR2.SGM
31MYR2
35342
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
status and allowing respondents to
indicate whether they are or are not
such a business. Another commenter
recommended that financial institutions
not be allowed to collect or report such
information on the basis of visual
observation, surname analysis, or any
method other than applicant-provided
responses. This commenter also stated
that financial institutions should not be
permitted or required to verify an
applicant’s LGBTQ+-owned business
status.
lotter on DSK11XQN23PROD with RULES2
Final Rule—Business Status in General
For the reasons set forth herein, the
Bureau is adopting § 1002.107(a)(18)
with a number of changes to require
collection of minority-owned business
status, to incorporate collection womenowned business status (from proposed
§ 1002.107(a)(19)) and to add LGBTQI+owned business status, along with a
number of conforming changes to the
commentary. The Bureau has also
incorporated information from proposed
appendix F into the commentary to final
§ 1002.107(a)(18),673 added additional
commentary for parity with final
§ 1002.107(a)(19) regarding collection of
principal owners’ ethnicity, race, and
sex, and updated a number of crossreferences.
Final § 1002.107(a)(18) requires the
collection of information regarding
whether the applicant is a minorityowned, women-owned, and/or
LGBTQI+-owned business. When
requesting minority-owned, womenowned, and LGBTQI+-owned business
statuses from an applicant,
§ 1002.107(a)(18) requires that a
financial institution inform the
applicant that the financial institution
cannot discriminate on the basis of
minority-owned, women-owned, or
LGBTQI+-owned business statuses, or
on whether the applicant provides this
information.
Final comment 107(a)(18)–1 clarifies
that a financial institution must ask an
applicant whether it is a minorityowned, women-owned, and/or
LGBTQI+-owned business. A financial
institution must permit an applicant to
refuse (i.e., decline) to answer the
inquiries and must inform the applicant
that it is not required to provide the
information. The financial institution
must report the applicant’s substantive
responses, that the applicant declined to
673 In certain instances where language in
proposed appendix F and commentary to proposed
§ 1002.107(a)(18) and (19) were similar, language in
the final regulatory text or commentary has been
revised to improved clarity. In other instances,
language from proposed appendix F is imported
wholesale to provide clarity and streamline the
rule.
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
answer, or its failure to respond to an
inquiry, as applicable.
Final comment 107(a)(18)–2 clarifies
that a financial institution must provide
the applicants with definitions of the
terms minority-owned business,
women-owned business, and LGBTQI+owned business when inquiring about
these business statuses. A financial
institution satisfies this requirement if it
provides the definitions set forth in the
sample data collection form in appendix
E.
Final comment 107(a)(18)–3 clarifies
that a financial institution may combine
on the same paper or electronic data
form the business status questions along
with the data requested in
§ 1002.107(a)(19) (principal owners’
ethnicity, race, and sex) and
§ 1002.107(a)(20) (number of principal
owners).
Final comment 107(a)(18)–4
(renumbered from comment 107(a)(18)–
2 in the proposal and incorporating
additional information from proposed
appendix F) explains that a financial
institution must inform the applicant
that the financial institution cannot
discriminate on the basis of an
applicant’s business statuses or on
whether the applicant provides the
information. Under the final rule, a
financial institution must also inform
the applicant that Federal law requires
it to ask for an applicant’s minorityowned, women-owned, and LGBTQI+owned business statuses to help ensure
that all small business applicants for
credit are treated fairly and that
communities’ small business credit
needs are being fulfilled (this disclosure
would have been optional under the
NPRM). The Bureau believes that this
notice should be compulsory, rather
than voluntary, to ensure that applicants
receive information about the data
collection rule and its purposes. See the
section-by-section analysis of
§ 1002.107(a)(19) for further explanation
and discussion of comments received on
this issue.
Final comment 107(a)(18)–5 explains
that a financial institution must
maintain the record of an applicant’s
responses to the financial institution’s
inquiry separate from the application
and accompanying information.
Final comment 107(a)(18)–6 explains
that if a financial institution does not
receive a response to the financial
institution’s inquiry for purposes of
§ 1002.107(a)(18), the financial
institution reports that the applicant’s
business statuses were ‘‘not provided by
applicant.’’
Final comment 107(a)(18)–7 explains
that a financial institution reports that
the applicant responded that it did not
PO 00000
Frm 00194
Fmt 4701
Sfmt 4700
wish to provide the information about
an applicant’s business statuses if the
applicant declines or refuses to provide
the information by selecting such a
response option on a paper or electronic
form. The financial institution reports
an applicant’s refusal to provide such
information in this way, if the applicant
orally declines to provide such
information for a covered application
taken by telephone or another medium
that does not involve providing any
paper or electronic documents.
Final comment 107(a)(18)–8 explains
that if an applicant both provides a
substantive response to the financial
institution’s inquiry regarding business
status and also checks the ‘‘I do not
wish to provide this information’’ box or
similar for that question, the financial
institution reports the applicable
business status(es) provided by the
applicant (rather than reporting that the
applicant declined to provide the
information).
Final comment 107(a)(18)–9 explains
that, notwithstanding § 1002.107(b)
(regarding verification of applicantprovided data), a financial institution
must report the applicant’s substantive
response(s), that the applicant declined
to answer the inquiry, or the applicant’s
failure to respond to the inquiry, even
if the financial institution verifies or
otherwise obtains an applicant’s
business statuses for other purposes,
and provides an example of such a
situation.
With regard to commenters who
asserted that applicants should be able
to rely upon minority-owned or womenowned business status certifications
received from a third-party organization,
the Bureau believes that the definitions
of minority-owned or women-owned
business statuses from third-party
organizations may not align with the
definitions found in section 1071 and
codified in this rule, and thus reliance
on them would not be appropriate. As
addressed above, final comment
107(a)(18)–2 clarifies that a financial
institution must provide applicants with
definitions of the terms minority-owned
business, women-owned business, and
LGBTQI+-owned business, as provided
in this rule, when asking questions
about these business statuses.
Final Rule—LGBTQI+-Owned Business
Status
For the reasons set forth herein, the
Bureau is exercising its authority under
ECOA section 704B(e)(2)(H) to require
financial institutions to request
information about whether an applicant
is a LGBTQI+-owned business. The
Bureau believes that the collection of
this information will further section
E:\FR\FM\31MYR2.SGM
31MYR2
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
lotter on DSK11XQN23PROD with RULES2
1071’s statutory purposes. Specifically,
the Bureau believes that the collection
of this information will help address an
information gap about small business
lending and facilitate fair lending
enforcement and the identification of
business and community development
needs and opportunities for small
businesses.
Based on the limited information
available, the Bureau believes that
LGBTQI+-owned businesses may
experience particular challenges
accessing small business credit. For
example, one report found that, while
LGBTQ businesses were equally likely
to apply for financing, they were less
likely to receive it, with about 46
percent of LGBTQ-owned businesses
reporting that they had received none of
the financing that they had applied for
in the past year, as compared to 35
percent of non-LGBTQ businesses that
applied for funding. The report noted
that LGBTQ-owned businesses were
more likely than non-LGBTQ businesses
to explain their denial was due to
lenders not approving financing for
‘‘businesses like theirs’’ (33 percent
versus 24 percent), among other
reasons.674 The same report also found
that LGBTQ-owned businesses that
applied for Paycheck Protection
Program funding in 2021 were less
successful in receiving funding applied
for than non-LGBTQ businesses.675
ECOA section 704B(e)(2)(H) provides
the Bureau with broad discretion to
collect ‘‘any’’ additional data it
determines would aid in fulfilling the
purposes of section 1071. As discussed,
the Bureau has determined that the
collection of business applicants’
LGBTQI+-owned business status
information, in addition to requiring
information on principal owners’
specifically held sex/gender identity, as
discussed in the section-by-section
analysis of § 1002.107(a)(19) below, will
facilitate the purposes of section 1071
and is thus exercising its authority
under section 1071 to require its
collection.
674 Spencer Watson et al., Ctr. for LGBTQ
Economic Advancement & Research and Movement
Advancement Project, LGBTQ-Owned Small
Businesses in 2021, 10–11 (July 2021), https://
www.lgbtq-economics.org/research/lgbtq-smallbusinesses-2021 (analyzing 2021 data from Small
Business Credit Survey administered by the Federal
Reserve Banks). As used in the report, the term
‘‘LGBTQ-owned business’’ refers to businesses
where individuals who identify as lesbian, gay,
bisexual, transgender, or queer own 50 percent or
more of the business. Id. at note a.
675 Id. at 8–9 (only 54 percent of LGBTQ-owned
businesses received all the Paycheck Protection
Program funding they applied for in 2021, and 17
percent received none of the funding applied for,
compared to 68 percent and 10 percent of all nonLGBTQ owned businesses, respectively).
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
Similar to the proposed (and final)
approaches for collecting women-owned
and minority-owned business statuses,
financial institutions are required to
provide the definition of ‘‘LGBTQI+owned business’’ under § 1002.102(l)
when requesting information about an
applicant’s LGBTQI+-owned business
status as provided by final comment
107(a)(18)–2. Financial institutions are
also required to provide the same
notices when requesting an applicant’s
LGBTQI+-owned business status, such
as the notice that the applicant is not
required to provide the information
under final comment 107(a)(18)–1 and
other notices under final comment
107(a)(18)–4. Other provisions set out in
commentary for minority-owned and
women-owned business statuses
likewise apply to LGBTQI+-owned
business status; for example, a financial
institution reports only the applicant’s
response to the inquiry about its
LGBTQI+-owned business status, even if
it verifies or otherwise obtains an
applicant’s LGBTQI+-owned business
status for other purposes. See, e.g.,
comments 107(a)(18)–6, –7, and –9.
Final comment 107(a)(18)–5 also
clarifies that an applicant’s responses
about whether it is an LGBTQI+-owned
business must be kept separately from
the small business’s application form
and accompanying documents. ECOA
section 704B(b)(2) requires a financial
institution to maintain a record of the
‘‘responses to [the] inquiry’’ required by
section 704B(b)(1) separate from the
application and accompanying
information. As explained in part E.2 in
the Overview to this part V, the Bureau
interprets section 704B(b)(2) to refer to
an applicant’s responses to protected
demographic information, which
includes whether the applicant is a
minority-owned business and/or a
women-owned business, and the
ethnicity, race, and sex of the
applicant’s principal owners. This is
because these data points require
financial institutions to request
demographic information that has no
bearing on the creditworthiness of an
applicant and that financial institutions
would not be otherwise able to request
absent the data collection requirements
under section 1071 and the final rule as
a result of Regulation B’s general
prohibition on inquiring about the sex
of an applicant or any other person in
connection with a credit transaction.676
Likewise, the Bureau considers the
LGBTQI+-owned business status data
point to be protected demographic
information that has no bearing on an
676 86 FR 56356, 56386–87 (Oct. 8, 2021); id. at
56501–02. See also 12 CFR 1002.5(b).
PO 00000
Frm 00195
Fmt 4701
Sfmt 4700
35343
applicant’s creditworthiness, as also
noted by some commenters, and which
financial institutions would be unable
to collect without the requirement to do
so in final § 1002.107(a)(18). As a result,
the Bureau believes that it is necessary
to require a financial institution to
maintain an applicant’s response to the
inquiry about whether it is a LGBTQI+owned business separately from the rest
of the business’s application and
accompanying information under final
§ 1002.111(b), similar to the requirement
with respect to responses about an
applicant’s minority-owned and
women-owned business statuses.
The Bureau acknowledges
commenters’ concerns that requesting
information as to whether applicants are
LGBTQI+-owned businesses could be
offensive, be considered an invasion of
privacy by applicants, or damage bankcustomer relationships. Final comment
107(a)(18)–4 provides that a financial
institution must inform the applicant
that Federal law requires it to ask for an
applicant’s minority-owned, womenowned, and LGBTQI+-owned business
statuses to help ensure that all small
business applicants for credit are treated
fairly and that communities’ small
business credit needs are being fulfilled.
Sample language for this notice, which
provides a brief, plain language
explanation of the purpose of the data
collection, appears in the sample data
collection form in appendix E. The
Bureau believes providing such context
will help to mitigate negative reactions
an applicant may have to a financial
institution’s request for such
information. Further, as stated on the
sample data collection form, applicants
have the right to refuse to provide this
information, as provided under
comment 107(a)(18)–1.
The Bureau acknowledges
commenters’ arguments that applicants
are unlikely to respond to the inquiry
about LGBTQI+ status and that therefore
financial institutions should not be
required to ask. However, the Bureau
and other data users are unable to
conduct comprehensive fair lending and
business and community development
analyses without this data point, even as
applicants are individually entitled to
refuse to provide it.
Some commenters expressed concern
that LGBTQI+-owned business status
could be detrimentally used against
LGBTQI+ individuals and their
businesses. As discussed in greater
detail in part VIII below, the Bureau
acknowledges that an individual
person’s LGBTQI+ status likely is
sensitive personal information that
could pose personal privacy risks as
well as other non-personal commercial
E:\FR\FM\31MYR2.SGM
31MYR2
35344
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
privacy risks. Part VIII also contains a
more comprehensive analysis of how
privacy interests may be appropriately
protected. In addition, the Bureau is
finalizing § 1002.110(e), which prohibits
financial institutions and third parties
from disclosing protected demographic
information except in limited
circumstances.
lotter on DSK11XQN23PROD with RULES2
107(a)(19) Ethnicity, Race, and Sex of
Principal Owners
ECOA section 704B(e)(2)(G) requires
financial institutions to compile and
maintain certain information, including
the race, sex, and ethnicity of an
applicant’s principal owners. However,
section 1071 does not set out what
categories should be used when
collecting and reporting this
information. The Bureau proposed
§ 1002.107(a)(20) to address how a
financial institution would collect and
report the ethnicity, race, and sex of an
applicant’s principal owners.
Proposed § 1002.107(a)(20) would
have required financial institutions to
collect and report the ethnicity, race,
and sex 677 of the applicant’s principal
owners as well as whether this
information is being reported based on
previously collected data pursuant to
proposed § 1002.107(c)(2). It would
have also required financial institutions
to report, in certain circumstances,
whether ethnicity and race are being
reported by the financial institution on
the basis of visual observation or
surname analysis. Proposed
§ 1002.107(a)(20) would have required
financial institutions to collect and
report ethnicity, race, and sex data as
prescribed in proposed appendix G.
Proposed appendix G would have
included a requirement that a financial
institution inform an applicant that the
applicant is not required to respond to
the financial institution’s questions
regarding its principal owners’
ethnicity, race, or sex and would have
also included a prohibition on financial
institutions requiring applicants to
provide this information. Proposed
§ 1002.107(a)(20) would have also
required that when the financial
institution requests ethnicity, race, and
sex information from an applicant, the
financial institution must inform the
applicant that the financial institution
cannot discriminate on the basis of a
principal owner’s ethnicity, race, or sex,
or on whether the applicant provides
677 While
ECOA section 704B(e)(2)(G) uses ‘‘race,
sex, and ethnicity,’’ the Bureau reordered them to
‘‘ethnicity, race, and sex’’ for purposes of the
proposal, so that they would appear alphabetically
and for consistency with how they appear in
Regulation C. The Bureau is using the same
approach for this final rule.
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
this information. The Bureau also put
forth for public comment a sample data
collection form in proposed appendix E
that financial institutions would be able
use to collect ethnicity, race, and sex
information.
The Bureau is finalizing the statutory
requirement to collect principal owners’
ethnicity, race, and sex in
§ 1002.107(a)(19). Below, the Bureau
first discusses its general approach to
collecting principal owners’ ethnicity,
race, and sex. Second, the Bureau
discusses finalizing its proposal to
collect ethnicity and race information
using certain aggregate categories and
disaggregated subcategories. Third, the
Bureau discusses its approach to
requiring the collection of sex by
applicant self-identification (using only
a free-form text field for a paper or
electronic form, or by self-description
for applications taken orally) and
without the use of response categories.
Finally, the Bureau discusses its
decision not to require collection of
principal owners’ ethnicity and race via
visual observation and/or surname
analysis. The Bureau has incorporated
information from proposed appendix G
into the commentary to final
§ 1002.107(a)(19) 678 and has updated a
number of cross-references.
Proposed Rule—Collecting Ethnicity,
Race, and Sex, In General
Proposed comment 107(a)(20)–1
would have clarified how a financial
institution collects ethnicity, race, and
sex information. It would have stated
that unless a financial institution is
permitted to report ethnicity, race, and
sex information based on previously
collected data pursuant to proposed
§ 1002.107(c)(2), a financial institution
must ask an applicant to report its
principal owners’ ethnicity, race, and
sex for each covered application and
that the financial institution must
permit an applicant to refuse to answer
the financial institution’s inquiry. It
would have required financial
institutions to inform the applicant that
it is not required to provide the
information. Proposed comment
107(a)(20)–1 would have further
clarified that the financial institution
must report the applicant’s responses,
its refusal to answer the inquiries, or its
failure to respond to the inquiries, and
explain that in certain situations,
678 In certain instances where language in
proposed appendix G and commentary to proposed
§ 1002.107(a)(20) were substantially similar,
language in the final regulatory text or commentary
has been revised to improve clarity. In other
instances, language from proposed appendix G is
imported wholesale to provide clarity and
streamline the rule.
PO 00000
Frm 00196
Fmt 4701
Sfmt 4700
discussed in proposed comments
107(a)(20)–7 and -8 and in proposed
appendix G, a financial institution may
also be required to report one or more
principal owners’ ethnicity and race
(but not sex) based on visual
observation and/or surname analysis.
Proposed comment 107(a)(20)–1 would
have cross-referenced proposed
appendix G for additional instructions.
Proposed comment 107(a)(20)–2
would have explained that a financial
institution must inform the applicant
that the financial institution shall not
discriminate on the basis of a principal
owner’s ethnicity, race, or sex or on
whether the applicant provides that
information. It would have also clarified
that a financial institution may combine
this non-discrimination notice with the
similar non-discrimination notices that
a financial institution would have been
required to provide when requesting
minority-owned business status and
women-owned business status if a
financial institution had requested
minority-owned business status,
women-owned business status, and/or a
principal owner’s ethnicity, race, and
sex in the same data collection form or
at the same time.
Proposed comment 107(a)(20)–3
would have explained how, pursuant to
proposed § 1002.111(b), financial
institutions must record applicants’
responses regarding a principal owner’s
ethnicity, race, and sex pursuant to
§ 1002.107(a)(20) separate from the
application and accompanying
information. This proposed comment
would have also provided examples of
how responses could be recorded
separately from the application and
accompanying information.
Proposed comment 107(a)(20)–4
would have clarified that a financial
institution is required to maintain
procedures reasonably designed to
collect applicant-provided information
pursuant to proposed § 1002.107(c)(1),
including the ethnicity, race, and sex of
an applicant’s principal owners.
However, if a financial institution is
nonetheless unable to collect the
principal owners’ ethnicity, race, or sex
from the applicant and if the financial
institution is not required to report the
principal owners’ ethnicity and race
based on visual observation and/or
surname, the financial institution would
have been required to report that the
principal owner’s ethnicity, race, or sex
(as applicable) is ‘‘not provided by
applicant.’’
Proposed comment 107(a)(20)–12
would have clarified that a financial
institution is neither required nor
permitted to verify the ethnicity, race, or
sex information that the applicant
E:\FR\FM\31MYR2.SGM
31MYR2
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
lotter on DSK11XQN23PROD with RULES2
provides for purposes of proposed
§ 1002.107(a)(20), even if the financial
institution verifies or otherwise obtains
the ethnicity, race, or sex of the
applicant’s principal owners for other
purposes. The Bureau also solicited
comment on whether it would be useful
to expressly codify this application of
the principle in the commentary.
Additionally, the proposed comment
would have explained that, if an
applicant refuses to respond to the
inquiry pursuant to proposed
§ 1002.107(a)(20) or fails to respond to
this inquiry, the financial institution
reports that the applicant declined to
provide the information or did not
respond to the inquiry (as applicable),
unless the financial institution is
required to report ethnicity and race
based on visual observation and/or
surname analysis. Finally, the proposed
comment would have explained that the
financial institution does not report
ethnicity, race, or sex pursuant to
proposed § 1002.107(a)(20) based on
information that the financial institution
collects for other purposes.
Proposed comment 107(a)(20)–5
would have explained that generally an
applicant determines its principal
owners and decides whether to provide
information about principal owners. It
would have further stated that,
nonetheless, a financial institution may
be required to report ethnicity and race
information based on visual observation
and/or surname analysis and may need
to determine if a natural person with
whom the financial institution meets in
person is a principal owner. It would
have explained how a financial
institution determines who is a
principal owner in the event that the
financial institution may be required to
report ethnicity and race information
based on visual observation and/or
surname. It would have also provided
examples of how the financial
institution can make that determination
and noted that the financial institution
is not required to verify any responses
regarding whether a natural person is a
principal owner.
The Bureau sought comment on those
proposed general aspects of collecting
and reporting principal owners’
ethnicity, race, and sex, including
comments on the challenges that
financial institutions may have
implementing them.
Comments Received—Collecting
Ethnicity, Race, and Sex, In General
The Bureau received comments
regarding the collection of ethnicity,
race, and sex for applicants’ principal
owners, in general, from a wide range of
commenters including lenders, trade
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
associations, community groups,
individual commenters, a software
vendor, and others. Within these general
comments, commenters addressed a
number of issues including alignment
with HMDA, lack of applicant
responses, verification of applicantprovided data, privacy issues, and
concerns related to burden and cost.
These issues, and others, are discussed
in turn below.679
General support and concerns. The
Bureau received comments from
lenders, trade associations, community
groups, and others regarding its
proposal, at a general level, for
collecting information about the
ethnicity, race, and sex of principal
owners.
Many commenters supported the
Bureau’s proposal and the creation of a
comprehensive small business lending
database. These commenters said that
collecting information about the
ethnicity, race, and sex of small
business applicants’ principal owners
will help address a lack of such
information in existing lending data;
facilitate enforcement of fair lending
laws; and enable stakeholders to
understand and identify needs and
opportunities, remove barriers, and
advocate for women-owned, minorityowned, and small businesses. Some
commenters also emphasized generally
that the data disclosure would shed
light on racial and gender gaps and
discrimination, which they noted are
long-standing issues and which have
been exacerbated by the COVID–19
pandemic. One commenter
characterized the collection of this
information as long overdue.
Many commenters expressing general
support for the Bureau’s proposal
emphasized that the demographic data
collected under the final rule must be
robust, disaggregated, detailed, and
include information on underwriting
criteria and on race, gender identity,
sexual orientation, and disability status
in order to enable meaningful analysis.
Several lenders and a business
advocacy group stated that the data
would help lenders improve their
lending practices. One commenter that
Congress’s adjustments to the SBA’s
Paycheck Protection Program in the
program’s second round, to prioritize
679 The Bureau also received comments about
specific aspects of the Bureau’s proposal for
collecting and reporting principal owners’
ethnicity, race, and sex information, including
collecting ethnicity and race using aggregate
categories and disaggregated subcategories;
collecting sex; and collecting ethnicity and race via
visual observation and/or surname analysis in
certain circumstances. Such comments are
discussed further below in this section-by-section
analysis of § 1002.107(a)(19).
PO 00000
Frm 00197
Fmt 4701
Sfmt 4700
35345
minority-owned and women-owned
businesses and microbusinesses and set
aside funds for CDFIs, could not have
happened without access to Paycheck
Protection Program lending data,
including demographic data. Another
commenter stated that the small
business lending data collection is
necessary to gather critical data on
lending beyond what is collected by the
SBA.
Some commenters emphasized that
HMDA data, which include
demographic and socioeconomic
information, have provided valuable
insight on racial and income disparities
in the home mortgage lending market
and have been an important tool to hold
lenders accountable as well as to
determine how to meet unmet credit
needs. Several commenters also
emphasized that after Congress included
demographic information as part of the
HMDA data collection, the number of
mortgages to people of color and people
with modest incomes increased; these
commenters anticipate a similar
outcome for small business lending after
data collected under this final rule are
published.
One commenter stated that the
collection of demographic data for each
of an applicant’s principal owners
would help provide the public with a
sense of the varying percentages of
ownership by women or minorities
above or below the 50 percent threshold
for minority-owned or women-owned
businesses and help determine if
businesses with different minority
ownership levels have distinct
borrowing experiences.
The Bureau also received comments
expressing generally applicable
concerns and requests for clarification
about its proposal for collecting
ethnicity, race, and sex information.
Several commenters said that the
Bureau’s proposal includes duplicative
content in the proposed rule text,
commentary, and appendices, which
they said could complicate compliance.
These commenters recommended that
any mandatory requirements be in the
final regulatory text, rather than spread
out among the regulation, commentary,
and appendices. Another commenter
asserted that the proposed rules for
collecting demographic information are
too complex.
Another argued that a significant
hurdle in implementing the Bureau’s
proposal is that while ECOA requires
financial institutions to be blind to
factors such as ethnicity, race, and sex
in lending, they must collect and report
information on those same factors under
the Bureau’s proposed rule (including
by visual observation and surname
E:\FR\FM\31MYR2.SGM
31MYR2
lotter on DSK11XQN23PROD with RULES2
35346
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
analysis under certain circumstances).
This commenter asserted that the
Bureau’s proposal is irreconcilable with
ECOA and cannot be reasonably
implemented without compromising the
data collected. Another commenter
predicted that requiring financial
institutions to collect ethnicity, race, or
sex information would lead to possible
favoritism, discrimination, and
stereotyping. (Similar concerns were
raised specifically with respect to
collection of ethnicity and race
information by visual observation and/
or surname analysis; these commenters
are discussed separately below.)
One commenter asked the Bureau to
clarify how a financial institution
should report an applicant’s principal
owners’ ethnicity, race, and sex
information if a representative of a small
business applicant states they need to
check with the principal owners for
such information, but the application is
withdrawn or declined before the
information is provided. The
commenter stated that because
borrowers may apply to many lenders
for a loan, reporting on withdrawn
applications would skew collected loan
data. The commenter also asked for
clarification about how to report under
similar circumstances, where an
application has been approved, but still
no information has been provided. This
commenter suggested the Bureau
provide options for a financial
institution to report that an applicant
‘‘declined to answer’’ for applicants that
specifically refused to provide
responses and ‘‘not available’’ for other
circumstances, including withdrawn
applications or applicant nonresponsiveness.
Another commenter suggested that
the Bureau should collect demographic
data for ‘‘applicants,’’ which it
characterized as the natural persons
completing the application. This
commenter argued that such
information would further the fair
lending purposes of section 1071,
because loan applicants may be subject
to different treatment based on factors
such as their ethnicity, race, or gender,
citing a study finding that prospective
loan applicants were subject to
differential treatment on the basis of
their race and gender in the preapplication stage.680
An industry commenter asked
whether a financial institution could
collect demographic information at a
greater level of specificity than
680 Nat’l Cmty. Reinvestment Coal., Racial and
Gender Mystery Shopping for Entrepreneurial
Loans: Preliminary Overview (2020), https://
ncrc.org/wp-content/uploads/2020/02/NCRCMytery-Shopping-Race-and-Gender-v8.pdf.
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
proposed by the Bureau. Another asked
whether a financial institution is
permitted to reconcile discrepancies or
inaccuracies in self-reported ethnicity or
race data with the use of software or
other relevant information.
Alignment with HMDA. Some
industry commenters urged the Bureau
to align the collection of principal
owners’ ethnicity, race, and sex
information under the final rule with
the collection of such information for
mortgage applicants under Regulation C,
whether exactly or to the greatest extent
possible. One commenter also suggested
alignment with existing Regulation B,
which also requires the collection of
certain demographic information for
certain mortgages.681 These commenters
said that consistency between the
HMDA and section 1071 data
collections would reduce confusion for
financial institutions and applicants,
facilitate efficient data collection such
as by allowing data to be collected only
once for applications covered by both
HMDA and section 1071, facilitate
compliance, reduce burden, and make
the collected data more usable across
regulations.
Several commenters identified issues
that could arise for applications
reportable under both section 1071 and
HMDA, if the data collection
requirements under the two regulatory
regimes did not match. They said that
financial institutions could potentially
be required to collect data using
different forms and to have systems
capable of maintaining separate sets of
data for the same transaction under the
Bureau’s proposal. Some also said that
applicant confusion about the
differences between the two regimes
may reduce applicants’ willingness to
provide the requested information.
(Commenters more specific concerns
about how overlapping data collection
obligations would work are discussed in
more detail below.) Some commenters
generally urged the Bureau to either
align the HMDA and section 1071 data
collection requirements or to exempt
loans from one regime that are
reportable under the other to avoid such
issues.
681 Under existing Regulation B, a creditor is
required to collect applicant ethnicity, race, sex,
marital status, and age information for an
application for credit primarily for the purchase or
refinancing of a dwelling occupied or to be
occupied by the applicant as a principal residence,
where the extension of credit will be secured by the
dwelling. 12 CFR 1002.13(a). Regulation B provides
that the ethnicity and race information shall be
requested either by using specified aggregate
ethnicity and race categories, or the aggregate and
disaggregated ethnicity and race categories set forth
under Regulation C. Id.
PO 00000
Frm 00198
Fmt 4701
Sfmt 4700
Concerns related to specific
transactions or institutions.682 Some
commenters expressed support for, or
concerns about, the collection of
principal owners’ ethnicity, race, and
sex information in the context of
specific types of transaction or
institutions.
Some commenters raised general
concerns about the proposed collection
of ethnicity, race, and sex information
by small banks or community banks. A
few commenters said that requesting
ethnicity, race, and sex information has
the potential to negatively impact their
relationships with their customers. One
stated that such inquiries could make
customers distrustful of their banks and
raise privacy concerns, and urged the
Bureau to consider the impact that the
collection of such information may have
on the relationship-based banking
model of community banks.
A number of commenters, including
many agricultural lenders, expressed
general support for the collection of
demographic data. One commenter
stated that the proposed collection of
demographic information would help
reveal and prevent unfair agricultural
lending practices. Other commenters
stated support for demographic data
collection, provided that the rule’s
definition of small business is tailored
for the agricultural credit context. One
commenter expressed concern about the
burden for collecting and reporting
demographic information for
agricultural lenders and farmers.
Some commenters emphasized
particular difficulties for collecting
ethnicity, race, and sex information for
credit applications taken in retail
environments (also referred to as ‘‘point
of sale’’ applications/transactions).
These commenters noted that credit
applications taken in retail store
environments differ from those typically
taken at banks because customers expect
speed and efficiency in the application
process, and expressed their concern
that the Bureau’s proposal would add
complexity and length to application
processes, due in part to detailed
questions about ethnicity, race, and sex.
682 The Bureau received a number of comments
responding to the Bureau’s proposal regarding the
collection of protected demographic information
vis-a`-vis certain types of institutions and
transactions, many of which are discussed in the
section-by-section analyses of § 1002.104 (covered
transactions and excluded transactions), § 1002.105
(covered financial institutions and exempt
institutions), and § 1002.107(c) (time and manner of
collection). The Bureau also received comments on
specific aspects of the Bureau’s proposal to collect
principal owners’ ethnicity, race, and sex
information, in the context of specific types of
institutions and transactions. See the Bureau’s
discussion of such comments in the referenced
parts of this preamble for more detail.
E:\FR\FM\31MYR2.SGM
31MYR2
lotter on DSK11XQN23PROD with RULES2
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
These commenters also expressed
concerns about having retail store
associates ask for this information.
Commenters said that many retailers
may use oral, interview-style, in-store
application processes, and that retail
store associates do not have the training
to make such inquiries or handle
customer questions or reactions. Several
commenters also stated that small
business applicants may feel
uncomfortable providing ethnicity, race,
and sex information in public retail
spaces. Another commenter predicted
that the majority of small business
credit applications submitted at the
point of sale would lack demographic
information. Some of these commenters
also urged the Bureau to exempt private
label and co-branded credit
applications, along with other types of
credit originated at or facilitated
through retailers such as revolving lines
of credit and installment loans (e.g.,
point of sale credit), from the rule’s
requirements in various ways—such as
by exempting all such applications, or
those for lines of credit below $50,000,
from the requirement to collect
demographic information.
A group of trade organizations stated
that insurance premium finance
transactions should not be included
within the scope of the final rule, in part
because State insurance law generally
prohibits or discourages insurance
agents from collecting information about
race, religion, national origin, or
ethnicity of an insured business’s
owners on behalf of lenders, and
insurers do not collect such information
as a result.
Several other trade associations urged
the Bureau to clarify how the rule’s data
collection requirements apply to
indirect vehicle finance transactions.
Beyond generally urging the Bureau to
exempt such transactions from the final
rule, two trade associations stated a
survey of their automobile and truck
dealer members reflected concerns
about training employees to collect
ethnicity, race, and sex information,
particularly with respect to
implementing the Bureau’s proposed
visual observation and surname data
collection requirement.
Lack of applicant responses. Several
commenters raised concerns about a
potential lack of applicant responses to
the proposed demographic information
questions.683 A bank stated that it
683 A number of commenters also expressed
concerns about data quality in the specific context
of their comments about the Bureau’s proposal to
require financial institutions to collect at least one
principal owners’ race and ethnicity information
via visual observation and/or surname under
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
encounters difficulties in meeting the
HMDA reporting requirements because
mortgage loan applicants are reluctant
to provide demographic information
and it anticipates similar reactions from
small businesses. Other commenters
argued that low demographic response
rates in the Paycheck Protection
Program indicates that most small
business applicants will likely decline
or fail to provide demographic
information. Thus, some commenters
said, records with missing demographic
data will likely need to be either
excluded from fair lending analyses or
data users will have to use proxies for
the missing information, asserting that
this outcome calls into question the
benefits of the data collection versus the
costs. Another commenter said that the
high number of applications for small
business credit made online, and
situations where the person providing
information for a given application may
be one of several owners or a company
officer and not an owner themselves,
may also lead to a high percentage of
applicants who do not provide
responses. One commenter asserted that
small business owners may react
negatively to the amount of paperwork
associated with this rule’s data
collection requirements and as a result
decide not to provide their principal
owners’ information. Finally, a
commenter suggested that the Bureau
require demographic information to be
collected after a credit decision has been
made, rather than before.
Verification. Several industry
commenters and a women’s business
advocacy group argued that financial
institutions should not be required or
permitted to verify applicant-provided
data about a principal owner’s ethnicity,
race, or sex. One commenter suggested
that the Bureau should determine if
there are ways for it to verify if reported
data are accurate and correct. (Similar
comments specifically regarding
collection of information via visual
observation or surname are discussed in
more detail below.)
Reduced demand for traditional
credit. Several industry commenters
asserted that the collection of principal
owners’ protected demographic
information could potentially make
borrowing from traditional lenders less
attractive for small businesses due to
applicant discomfort or objections to
inquiries for such information. One
predicted that applicants may, as a
result, turn to credit cards, payday
loans, or nontraditional online financing
for their credit needs.
certain circumstances. These comments are
discussed in more detail below.
PO 00000
Frm 00199
Fmt 4701
Sfmt 4700
35347
Privacy. Several industry commenters
stated that small business customers
may find the collection of protected
demographic information that could
become public to be an invasion of
privacy. They generally expressed
concern that such information could be
used to re-identify borrowers, which
could in turn harm the reputation or
image of a small business applicant. A
bank said this concern is particularly
salient in small communities, and that
if public information is used to
determine the identities of a bank’s
customers and the pricing terms offered
to them, it could result in a competitive
disadvantage for the bank versus other
lenders.
Burden and costs for collecting
ethnicity, race, and sex information.
Several industry commenters raised
concerns about the burden or
compliance costs for financial
institutions associated collecting
principal owners’ ethnicity, race, and
sex information under the proposal.
Other commenters raised similar
concerns in the context of specific types
of transactions or institutions, or related
to specific aspects of the Bureau’s
proposal for collecting this information,
which are discussed in the relevant
parts of this section-by-section analysis.
One commenter expressed concern
that financial institutions may need to
increase the prices and fees for credit to
cover increased compliance costs
related to the collection and storage of
ethnicity, race, and sex information.
Another stated that collecting principal
owners’ ethnicity, race, and sex
information would require online
lenders to make system changes, which
it said would be different from those
needed by traditional lenders. This
commenter urged the Bureau to allow
lenders to report aggregate, as opposed
to application level, data to reduce this
burden. Another commenter said that
because does not currently collect
ethnicity information currently and its
core processing system does not include
a field for this information, it would
need to collect this data field manually.
One commenter stated that collecting
information for up to four principal
owners as proposed would be
burdensome for both financial
institutions and applicants. A lender
said that reporting such information for
all principal owners would take a large
amount of space on its small business
lending application register. That
commenter also suggested that the
Bureau require demographic
information for only one principal
owner instead of all principal owners,
asserting that this would not impact the
quality of the data because the
E:\FR\FM\31MYR2.SGM
31MYR2
lotter on DSK11XQN23PROD with RULES2
35348
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
applicant’s minority-owned and
women-owned business statuses would
still be collected.
In contrast, another lender did not
anticipate incurring significant costs
related to the collection of ethnicity,
race, and sex information because it
already gathers such information or
similar information for other small
business lending programs and funding
opportunities such as the SBA’s 7(a)
Loan Program; the Paycheck Protection
Program; the Wells Fargo Diverse
Community Capital Program; and the
CDFI Fund. The commenter stated that
adjusting to section 1071 data collection
requirements will primarily entail
updating software, compliance training,
and updating materials. The commenter
anticipated minimal ongoing costs that
will be considered normal costs of doing
business and said it does not plan on
raising fees or restricting access to credit
as a result. The commenter also urged
the Bureau to coordinate with the CDFI
Fund to streamline section 1071
reporting requirements.
Direct reporting to the Bureau or third
parties, or use of other data sources. A
number of industry commenters
suggested that protected demographic
information should be self-reported by
applicants directly to a central database
or registry, whether maintained by the
Bureau or by third parties.
Some commenters urged the Bureau
to work with Secretaries of State so that
demographic data generally or
information about a business’s minorityowned, women-owned, and/or
LGBTQI+-owned business statuses are
voluntarily registered at the same time
that a small business registers with its
State. One commenter stated that this
would allow small businesses to
provide information to a trusted entity
and lenders could then verify
demographic data with the relevant
State—thus avoiding delays and
confusion from applicants during the
loan application process.
Other commenters suggested that the
Bureau provide ways for small
businesses to report their demographic
information directly to the Bureau.
Several suggested the Bureau develop a
form for the collection of ethnicity, race,
and sex information that could be sent
directly to the Bureau. Others suggested
that the Bureau establish a tool, portal,
or online system for applicants to input
their demographic information or to
certify their desire to not provide
information. One commenter stated that
the regulatory trend has shifted from
requiring collection and reporting of
beneficial ownership information by
financial institutions to having small
businesses report directly to the
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
government. Generally, these
commenters said that applicants should
be provided with a unique identifier,
either by the Bureau or the financial
institutions, that could be used to match
applicant demographic information
with loan information. Several
commenters said that the financial
institution should also be given the
ability to match its records with the
central database, to enable their internal
fair lending compliance monitoring
efforts. Some commenters also
suggested the Bureau coordinate with
other Federal agencies, such as the SBA,
U.S. Department of the Treasury,
Internal Revenue Service, or the U.S.
Census Bureau, to develop the database,
gather information for other data points,
or purge records as necessary.
Some of these commenters stated that
direct reporting to the Bureau would
avoid the need for financial institutions
to collect ethnicity and race information
via visual observation or surname
analysis. These commenters also stated
that this would resolve privacy concerns
applicants may have in providing
demographic information to their
lenders. Commenters also asserted that
direct reporting would inform
applicants of the Bureau’s role in the
data collection, promote applicant selfreporting of demographic information,
and likely increase response rates
because it would provide applicants
with assurances of confidentiality and
because applicants would not be
concerned that financial institutions
would improperly use the data.
Several commenters argued that direct
reporting to the Bureau would have
other benefits for financial institutions,
including lessening or eliminating the
risk of inappropriate use of
demographic data by financial
institutions; reducing a financial
institutions’ compliance costs and
burden; avoiding the need for financial
institutions to establish firewalls;
lowering litigation and regulatory risk;
reducing the risk of reputational harm
for asking for sensitive data; and
lowering barriers to entry in financial
services. Commenters also stated that
direct reporting would be more efficient
for applicants because information
would be maintained in one place and
could be updated as needed, as opposed
to being provided for each application.
Commenters further suggested that the
Bureau would benefit from receiving
real-time data on applicant
demographics, which they claimed
would simplify and enhance analysis
and publication and would allow the
Bureau to directly manage the
collection, storage, and standardization
of the data.
PO 00000
Frm 00200
Fmt 4701
Sfmt 4700
Some commenters suggested that
instead of requiring financial
institutions to collect data, the Bureau
should coordinate with other
government agencies, like the Internal
Revenue Service and the U.S. Census
Bureau, which already collect
demographic and other data on small
businesses, to avoid burden to financial
institutions and which would result in
the Bureau having better data to use for
analyses. One commenter suggested that
the Bureau should use the demographic
analysis approach being used by the
U.S. Census Bureau and develop
educational materials for financial
institutions about the methodology.
Another commenter suggested the
Bureau buy information from Google or
Facebook.
Applicant and financial institution
education and guidance. A range of
commenters urged the Bureau to
provide education and guidance about
the final rule for applicants, the public,
and financial institutions. The
commenters generally stated that the
Bureau should engage in an education
and/or media campaign to explain the
final rule and its purposes to develop
trust with small business communities
and comfort for applicants by
explaining the role of the data collection
for facilitating fair lending and to
encourage small businesses to provide
their protected demographic
information.
Many of these commenters also
suggested that the Bureau develop
guidance and materials such as
frequently asked questions and
factsheets to explain the rule and its
purposes. A few commenters suggested
developing materials for applicants
regarding the ethnicity, race, and sex
data collection inquiries, such as how to
respond if a principal owner is multiethnic or multi-racial, so applicants can
accurately respond and financial
institution employees are not asked to
interpret or clarify such requirements.
Commenters also recommended
developing guidance materials for
financial institutions to use in
explaining the final rule, including
training resources and disclosures to
explain the reasons and purpose for the
data collection. They also suggested that
such materials be translated into the top
ten languages spoken in the United
States according to the U.S. Census
Bureau.
Final Rule—Collecting Ethnicity, Race,
and Sex, in General
For the reasons set forth herein, the
Bureau is finalizing the requirement to
collect principal owners’ ethnicity, race,
and sex with certain changes. Among
E:\FR\FM\31MYR2.SGM
31MYR2
lotter on DSK11XQN23PROD with RULES2
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
other things, the Bureau is: (1) finalizing
its proposed requirement for financial
institutions to collect ethnicity and race
information using aggregate categories
and disaggregated subcategories, using
the specific categories and subcategories
in the proposal; (2) finalizing the
requirement for financial institutions to
collect information about a principal
owner’s sex, which generally will
permit an applicant to respond to an
inquiry about the principal owner’s
‘‘sex/gender’’ through free-form text or
self-description for oral applications;
and (3) not finalizing its proposed
requirement to collect and report at least
one principal owner’s ethnicity and race
information on the basis of visual
observation and/or surname analysis
under certain circumstances. These
three specific aspects of the final rule
are each discussed in detail below.
Final § 1002.107(a)(19) (proposed as
§ 1002.107(a)(20)) requires financial
institutions to collect and report
information about the ethnicity, race,
and sex of small business applicants’
principal owners. In line with the
proposal, final § 1002.107(a)(19)
provides that when requesting such
information from an applicant, the
financial institution must inform the
applicant that it cannot discriminate on
the basis of a principal owner’s
ethnicity, race, or sex, or on the basis of
whether the applicant provides this
information (non-discrimination notice).
The final rule does not require a
financial institution to report whether
the reported ethnicity, race, and sex
information was based on previously
collected data (as permitted by proposed
comment 107(c)(2)–7). This information
would have provided additional context
for the Bureau and others when
application method was reported as
being other than in-person but ethnicity
or race information were reported as
collected through visual observation or
surname. Because the Bureau has
decided not to require the use of visual
observation and surname analysis in the
final rule, however, the Bureau does not
believe that capturing information about
data reuse is still necessary and thus has
removed that requirement from final
§ 1002.107(a)(19) to streamline and
facilitate compliance.
The Bureau acknowledges
commenters’ concerns about repetition
across the rule’s regulatory text,
commentary, and appendices, and has
made a number of changes to reduce
duplication and otherwise streamline
this aspect of the final rule to facilitate
compliance. In particular, the Bureau
has removed proposed appendix G,
relocating unique content into the
commentary for final § 1002.107(a)(19).
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
The Bureau has also adjusted the
commentary accompanying final
§ 1002.107(a)(19) to reflect changes to
the regulatory text described above, as
well as the addition of LGBTQI+-owned
business status where women- and
minority-owned business statuses are
mentioned.
Final comment 107(a)(19)–1 generally
clarifies how a financial institution
must ask an applicant for its principal
owners’ ethnicity, race, and sex. The
financial institution must permit an
applicant to refuse to answer the
financial institution’s inquiries and
must inform the applicant that it is not
required to provide the information. It
also establishes how a financial
institution reports the applicant’s
responses to its inquiries about
ethnicity, race, and sex.
Final comment 107(a)(19)–2
(incorporating instruction 3 from
proposed appendix G) explains that a
financial institution must provide an
applicant with the definition of
principal owner in final § 1002.102(o)
and that a financial institution satisfies
the requirement if it provides the
definition as set forth in the sample data
collection form in final appendix E.
Final comment 107(a)(19)–3
(incorporating instruction 2 from
proposed appendix G) explains that a
financial institution may combine on
the same paper or electronic data
collection form the questions about a
principal owner’s ethnicity, race, and
sex with the number of the applicant’s
principal owners pursuant to
§ 1002.107(a)(20) and the applicant’s
minority-owned, women-owned, and
LGBTQI+-owned business statuses
pursuant to § 1002.107(a)(18).
Final comment 107(a)(19)–4 (based on
proposed comment 107(a)(20)–2)
explains that the non-discrimination
notice required when a financial
institution requests a principal owner’s
ethnicity, race, and sex may be
combined with the non-discrimination
notice that is required when requesting
information about an applicant’s
minority-owned, women-owned, and
LGBTQI+-owned business statuses,
when such information is collected on
the same form or at the same time. The
comment has been updated to reflect the
addition of LGBTQI+ business status to
final § 1002.107(a)(18), and to state that
a financial institution must (as opposed
to ‘‘may’’ as proposed) inform an
applicant that Federal law requires it to
ask for the principal owners’ ethnicity,
race, and sex/gender to help ensure that
all small business applicants for credit
are treated fairly and that communities’
small business credit needs are being
PO 00000
Frm 00201
Fmt 4701
Sfmt 4700
35349
fulfilled, for reasons discussed further
below.
Final comment 107(a)(19)–5 (based on
proposed comment 107(a)(20)–3)
provides that a financial institution
must maintain the record of an
applicant’s responses to inquiries
pursuant to § 1002.107(a)(19) separate
from the application and accompanying
information, and cross-references final
§ 1002.111(b) and comment 111(b)–1.
Final comment 107(a)(19)–6 (based on
proposed comment 107(a)(20)–4)
addresses reporting when information
about a principal owner’s ethnicity,
race, or sex is not provided by an
applicant. While a financial institution
must maintain procedures reasonably
designed to collect applicant-provided
data, the comment acknowledges that
there may be circumstances under
which an applicant does not provide
ethnicity, race, or sex information. The
final comment has also been updated to
include explanatory examples,
including examples from proposed
appendix G (instruction 13).
Final comment 107(a)(19)–7 (adapted
from instruction 12 in proposed
appendix G) addresses how a financial
institution reports an applicant’s
response that it declines to provide
information about a principal owner’s
ethnicity, race, or sex.
Final comment 107(a)(19)–8 (adapted
from instruction 16 in proposed
appendix G) addresses how a financial
institution reports an applicant’s
conflicting responses for its principal
owner’s ethnicity, race, or sex
information, when the applicant selects
a response option indicating it does not
wish to provide the information but also
selects an answer option providing a
substantive response to the question at
issue.
Final comment 107(a)(19)–9 (based on
proposed comment 107(a)(20)–12)
explains that a financial institution
reports principal owners’ ethnicity,
race, and sex information as provided
by the applicant, even if the financial
institution verifies or otherwise obtains
such information for other purposes.
This comment no longer references
collection of ethnicity and race via
visual observation or surname.
Final comment 107(a)(19)–10
(substantially adapted from instruction
25 of proposed appendix G and
proposed comments 107(a)(20)–6.iv,
–7.iv, and –8) addresses how to report
ethnicity, race, and sex information for
an applicant with fewer than four
principal owners.
Final comment 107(a)(19)–11
(substantially adapted from instruction
26 of proposed appendix G) explains
that a financial institution reports one or
E:\FR\FM\31MYR2.SGM
31MYR2
35350
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
more principal owners’ ethnicity, race,
or sex information based on previously
collected data under § 1002.107(d), the
financial institution does not need to
collect any additional ethnicity, race, or
sex information for other principal
owners (if any).
Final comment 107(a)(19)–12
(substantially adapted from instruction
24 of proposed appendix G) explains
that a guarantor’s ethnicity, race, and
sex is not collected or reported unless
they are also a principal owner of the
applicant.
General support and concerns. The
Bureau agrees with commenters that the
statutorily required collection of
detailed ethnicity, race, and sex
information about small business
applicants’ principal owners will
facilitate the stated purposes of section
1071 to assist in the enforcement of fair
lending laws and enable communities,
governmental entities, and creditors to
understand and identify needs and
opportunities of women-owned,
minority-owned, and small
businesses.684 The collection of
ethnicity, race, and sex information in
the HMDA context under Regulation C,
for example, is essential to the Bureau’s
efforts to monitor financial institutions
for fair lending compliance in the home
mortgage market and to efforts by the
Bureau, policymakers, and others to
identify trends, gaps, and potential
solutions for addressing any issues
uncovered by the data. Recent changes
to Regulation C to collect disaggregated
ethnicity and race data have also added
to the Bureau’s and others’
understanding of the home mortgage
marketplace.685 The Bureau believes
that the collection of principal owners’
ethnicity, race, and sex information will
similarly provide important insights
into the small business lending market
and help enable the identification of
potential discriminatory lending.
The Bureau also agrees that in
combination with other collected
information such as the number of an
applicant’s principal owners under final
§ 1002.107(a)(20) and whether the
684 See
ECOA section 704B(a).
2015, the Bureau issued a final rule (2015
HMDA Rule) amending Regulation C to incorporate
several changes made under the Dodd-Frank Wall
Street Reform and Consumer Protection Act. See 80
FR 66128 (Oct. 28, 2015). One of the changes that
was implemented was the collection of mortgage
applicants’ race and ethnicity information using
aggregate categories and disaggregated
subcategories. Id. This data has been used by the
Bureau, for example, to examine how home buying
experiences differ among Asian American and
Pacific Islander subgroups. See CFPB, Data Point:
Asian American and Pacific Islanders in the
Mortgage Market (July 2021), https://
files.consumerfinance.gov/f/documents/cfpb_aapimortgage-market_report_2021-07.pdf.
lotter on DSK11XQN23PROD with RULES2
685 In
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
applicant is a minority-owned, womenowned, and/or LGBTQI+-owned small
business under final § 1002.107(a)(18),
the collection of principal owners’
ethnicity, race, and sex information will
help the Bureau and others to
understand lending market dynamics at
different levels of ownership by
individuals of certain ethnicities, races,
and/or sexual or gender population
subgroups. Transparency will not only
help facilitate fair lending enforcement,
but reduce uncertainty for financial
institutions and help them to identify
areas of unmet credit demand into
which they could consider increasing
product availability. In turn, small
business owners will benefit from
increased credit availability. The Bureau
believes that other information about a
covered application is still important for
fulfilling section 1071’s statutory
purposes even when the applicant has
declined to provide any protected
demographic information. Such
information can still provide insight
into lending to small businesses
pursuant to section 1071’s business and
community development purpose.
Moreover, the lack of demographic
information for a covered application
itself could be important information for
the Bureau and others to assess
potential reasons for and solutions to
correct such information gaps in the
future.
Regarding the comment its proposed
rules for collecting demographic data
are too complex, and comments that
suggested streamlining these provisions,
the Bureau notes that it is not finalizing
the proposed requirement to collect
ethnicity and race via visual observation
or surname data. As a result, the Bureau
has removed that provision, and related
requirements, from the final rule. The
Bureau has also moved all instructions
and information about collecting and
reporting ethnicity, race, and sex
information to the commentary for final
§ 1002.107(a)(19). The Bureau believes
these changes streamline and simplify
the ethnicity, race, and sex data
collection requirements, which will
facilitate financial institutions’
compliance with the final rule.
Regarding a commenter’s assertion
that this data collection requirement
conflicts with ECOA, the Bureau notes
that section 1071 amends ECOA to
require the collection of the race, sex,
and ethnicity of the principal owners of
small businesses. Moreover, ECOA also
provides that inquiries to collect data
under section 1071 are not considered
discrimination under the statute.686 The
final rule also includes protections
686 15
PO 00000
U.S.C. 1691(b)(5).
Frm 00202
Fmt 4701
Sfmt 4700
against the improper use of protected
demographic information, including the
firewall requirement in final § 1002.108,
the provision restricting re-disclosure of
protected demographic information in
final § 1002.110(e), and the
recordkeeping requirements in final
§ 1002.111(b).
Regarding a commenter’s request for
clarification as to how a financial
institution should report these data if
responses were provided by an
applicant’s representative before action
is taken on the application, or that an
applicant declined to provide the
requested information. As discussed
above, final comments 107(a)(19)–1, –6,
and –7 clarify the various reporting
options for reporting data collected
pursuant to final § 1002.107(a)(19):
financial institutions will be required to
report an applicant’s responses to the
ethnicity, race, and sex inquiries; their
selection of a response that they decline
to provide information (e.g., by selecting
an answer option of ‘‘I do not wish to
provide this information’’ or similar);
and a response of ‘‘not provided by the
applicant’’ if an applicant does not
provide any response. The final rule
also requires an applicant to report the
action taken on an application under
§ 1002.107(a)(9), including whether
originated or if the application was
withdrawn by the applicant or is
incomplete. Given these provisions, the
Bureau does not believe it is necessary
to include an option for a financial
institution to indicate that the applicant
or a principal owner was not available,
as suggested by the commenter.
The Bureau is not requiring the
collection of demographic information
for a natural person completing an
application on behalf of a small
business, as suggested by a commenter.
ECOA section 704B(e)(2)(G) specifically
requires financial institutions to
compile and maintain information about
the ethnicity, race, and sex of ‘‘the
principal owners of the business.’’ The
statute does not require financial
institutions to collect such information
for any other individuals. The Bureau
acknowledges the possibility of
discrimination occurring against an
applicant’s non-principal owner
representative, but in light of the
statutory directive to collect
demographic information about the
applicant’ principal owners, and the
associated complexity that adding such
a requirement could involve, the Bureau
does not believe that it would be
appropriate to adopt such a requirement
at this time. The Bureau may, however,
revisit at a later date whether the
collection of such information would
aid in fulfilling the purposes of section
E:\FR\FM\31MYR2.SGM
31MYR2
lotter on DSK11XQN23PROD with RULES2
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
1071 in the future as it enhances its
understanding of the small business
credit marketplace.
Regarding a commenter’s inquiry as to
whether a financial institution could
collect more specific demographic data
than required by the rule. Final
§ 1002.107(a)(19) establishes that
financial institutions must inquire about
applicants’ principal owners’ ethnicity,
race, and sex and must permit
applicants to provide certain specified
responses; certain responses include the
option of providing additional
information via free-form text field.
One commenter asked whether a
financial institution can reconcile
discrepancies or inaccuracies in
applicants’ self-reported ethnicity or
race data. Final comment 107(a)(19)–1
provides that the financial institution is
not permitted to report a principal
owner’s ethnicity, race, or sex on any
basis other than applicant-provided
data, which may include previously
provided data pursuant to final
§ 1002.107(d). As a result, financial
institutions must report applicant
responses as provided by the applicant,
even if the institution perceives possible
discrepancies or inaccuracies.
Alignment with HMDA. The Bureau
generally agrees with commenters that
some degree of alignment with the
HMDA data collection requirements
under Regulation C would promote
consistency and may reduce potential
confusion for financial institutions,
applicants, and data users. However, the
Bureau does not believe that the
collection of data as to small business
owners should necessarily be the same
in each aspect as it is for home mortgage
applicants. Although the collection of
ethnicity, race, and sex data in both
contexts serves related fair lending
purposes, Regulation C and this final
rule are authorized under different
statutes and for different markets.
Further, both Regulation C and this final
rule were developed in consideration of
the information available to the Bureau
at the time of each rulemaking,
including comments received in
response to the Bureau’s proposals and
current research and standards as to the
measurement of such factors. As
demographic data collection best
practices and standards evolve, the
Bureau considers such information in
its decision-making. The Bureau refers
readers to the relevant parts of this
section-by-section analysis for
discussion of its rationale for its
decisions on the collection of ethnicity,
race, and sex.
The Bureau notes that it is exempting
HMDA-reportable transactions from the
data collection requirements of this final
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
rule due to, in part, to commenters’
concerns about potentially duplicative
and/or inconsistent requirements for
reporting ethnicity, race, and sex. See
the section-by-section analysis of
§ 1002.104(b)(2) for additional
information.
Concerns related to specific
transactions or institutions. The Bureau
is not adopting special rules for the
collection of protected demographic
information for particular types of
transactions or lenders. The Bureau
believes it is important to collect
nationwide, comprehensive ethnicity,
race, and sex data for all covered
applications to fulfill the purposes of
section 1071. However, the Bureau
acknowledges commenters’ concerns
about the potential challenges in
collecting such information in certain
situations or for certain types of lenders
and appreciates, in particular, the
importance of trust in furthering
important relationships between small
businesses and their local banks. For
this reason, among others, the Bureau is
not finalizing its proposal to collect
ethnicity and race information via
visual observation or surname analysis,
as explained further in the relevant part
of this section-by-section analysis
below.
To help applicants’ understanding of
the section 1071 data collection, the
Bureau has made edits to the sample
data collection form in final appendix E
to include sample text that explains the
purpose of the rulemaking and clarifies
that the inquiries on the form for an
applicant’s status as a minority-owned,
women-owned, and/or LGBTQI+-owned
small business and its principal owners’
ethnicity, race, and sex information are
required under Federal law. The sample
form, of course, continues to note that
applicants are not required to provide
any of the requested demographic
information. The Bureau also
anticipates developing materials to help
small businesses understand the rule, as
described at the end of part I above.
The Bureau does not believe that
agricultural credit transactions should
be viewed or treated differently from
other covered transactions under the
final rule, with regard to the collection
of principal owners’ ethnicity, race, or
sex information. As explained in the
section-by-section analysis of
§ 1002.104, generally there is
insufficient information available about
agricultural credit markets;
nevertheless, there is evidence that
these markets are affected by historical
and/or continuing discrimination.
Moreover, farms are an important means
of capital formation for families and
communities. Collecting principal
PO 00000
Frm 00203
Fmt 4701
Sfmt 4700
35351
owners’ ethnicity, race, and sex
information for agricultural credit
transactions will help facilitate the
Bureau’s and others’ understanding of
the agricultural credit sector of the small
business lending marketplace and will
help to further the enforcement of fair
lending laws for that part of the market.
The Bureau also anticipates that the
collection of this information may
increase access to responsible and
affordable agricultural credit for a
diverse cross-section of the population,
by helping creditors and others identify
needs of and opportunities for small
farms, including those that are minority-,
women-, and/or LGBTQI+-owned.
Likewise, the Bureau is not adopting
separate rules or exemptions for credit
applications taken at point of sale. As
explained further in the section-bysection analysis of § 1002.107(c),
regarding the time and manner of
collection, the Bureau generally believes
that the same rules should apply across
all covered credit transactions and
covered financial institutions, and that
the arguments made by point of sale
providers are not unique in nature or
can be addressed through other means.
Likewise, the Bureau does not believe
there should be special considerations
for the collection of ethnicity, race, and
sex information for private label credit,
for which commenters raised similar
concerns.
Because the Bureau is exempting
insurance premium financing
transactions from coverage under the
final rule in § 1002.104(b)(3),
commenters’ concerns summarized
above about collecting protected
demographic information for such
transactions are rendered moot.
With regard to comments raising
concerns about collecting ethnicity,
race, and sex information in the context
of indirect auto finance transactions, the
Bureau refers readers to its discussion at
the section-by-section analysis of
§ 1002.109(a)(3). As discussed there, the
Bureau believes that auto dealers are
generally unlikely to be collecting 1071
data on behalf of covered financial
institutions because they are often the
last entity with authority to set the
material credit terms of a covered credit
transaction. But even in situations
where dealers are acting as conduits and
are thus collecting information on
behalf of another financial institution,
comment 5(a)(2)–3 to the Board’s
Regulation B states that persons such as
loan brokers and correspondents do not
violate ECOA or Regulation B if they
collect information that they are
otherwise prohibited from collecting,
where the purpose of collecting the
information is to provide it to a creditor
E:\FR\FM\31MYR2.SGM
31MYR2
lotter on DSK11XQN23PROD with RULES2
35352
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
that is subject to HMDA or another
Federal or State statute or regulation
requiring data collection.687 The Bureau
also does not believe that any
specialized knowledge is necessary to
collect 1071 data if dealers do collect
such data.
Lack of applicant responses. The
Bureau acknowledges concerns raised
by commenters about the potential for
low applicant response rates to the
required inquiries for information about
their principal owners’ ethnicity, race,
and sex. As discussed in the NPRM,
such concerns motivated the Bureau’s
proposal to require financial institutions
to collect at least one principal owner’s
ethnicity and race information through
visual observation and/or surname
analysis under certain circumstances.
The Bureau explained that the similar
data collection requirement for the
HMDA data collection has been an
important tool in supporting response
rates.
As discussed in more detail regarding
the Bureau’s proposal that financial
institutions collect principal owners’
ethnicity and race via visual observation
or surname in certain circumstances, the
Bureau believes that such a requirement
could help support response rates in the
right context. However, at this time, the
Bureau has elected to address concerns
about applicants’ potential
unwillingness to voluntarily provide
their principal owners’ ethnicity, race,
and sex information by providing
further clarification as to the
requirement that an institution maintain
procedures to collect applicantprovided data at a time and in a manner
that are reasonably designed to obtain a
response under final § 1002.107(c). For
example, final § 1002.107(c)(2) sets forth
minimum criteria when collecting
applicant-provided data directly from
the applicant that must be included
within a financial institution’s
procedures to ensure they are
reasonably designed to obtain a
response, including seeking to collect
such information before notifying an
applicant of action taken on a covered
application, ensuring that the request
for applicant-provided data is
prominently displayed or presented,
ensuring the collection does not have
the effect of discouraging applicants
from providing a response, and ensuring
that applicants can easily respond to a
request for the data. The Bureau also
anticipates developing materials to
educate small business owners about
687 This language aligns with comment 5(a)(2)–3
in the Bureau’s Regulation B, to which the Bureau
is adding a reference to subpart B for additional
clarity.
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
the small business lending data
collection and its purposes, which may
impact their willingness to provide
demographic information. Further, as
discussed in the section-by-section
analysis of final appendix E, the sample
data collection form will also include
language that explains, in plain
language, the purpose for the collection
of demographic information under the
final rule. At this time, the Bureau
believes that these measures will
improve applicant response rates to the
protected demographic information
inquiries under the final rule. However,
the Bureau will continue to assess
whether and what further measures may
be needed to improve response rates.
The Bureau’s decision not to change
the timing for collecting protected
demographic information to after a
credit decision has been made, as
suggested by a commenter, is discussed
in the section-by-section analysis of
§ 1002.107(c).
Verification. Commenters urged the
Bureau to provide that financial
institutions are not permitted or
required to verify the ethnicity, race, or
sex of a principal owner and to codify
this requirement in the final rule. The
Bureau agrees. Final comment
107(a)(19)–9 clarifies that a financial
institution may only report an
applicant’s responses as to its principal
owners’ ethnicity, race, and sex, even if
it verifies or otherwise obtains the
information for other purposes.
Reduced demand for traditional
credit. The Bureau appreciates some
commenters’ concerns that inquiries
about their principal owners’ ethnicity,
race, and sex information might
discourage small businesses from
seeking credit with traditional lenders.
The Bureau anticipates that while there
may be some period of initial hesitation
by small businesses to provide such
information, small businesses will
become more familiar with the requests
for their demographic information over
time and such requests will be
considered a normal part of the process
for seeking business credit. Further, as
described at the end of part I above, the
Bureau anticipates developing and
distributing materials about the final
rule directed at small businesses. The
Bureau also expects that such materials,
by furthering applicant understanding
of the 1071 data collection, will ease the
compliance burden for financial
institutions in implementing the final
rule.
Privacy. The Bureau received
comments generally expressing
concerns that small businesses’ owners’
demographic information could be used
to identify the businesses and their
PO 00000
Frm 00204
Fmt 4701
Sfmt 4700
owners. As discussed in greater detail in
part VIII below, after receiving a full
year of reported data, the Bureau will
assess privacy risks associated with the
data and make modification and
deletion decisions to the public
application-level dataset. The Bureau
takes the privacy of such information
seriously and will be making
appropriate modifications and deletions
to any data before making it public, and
intends to continue engage with the
public about how to mitigate privacy
risk.
With respect to concerns that small
business applicants may find the
collection of protected demographic
information to be an invasion of
privacy, in amending ECOA to require
the collection of an applicant’s principal
owners’ ethnicity, race, and sex
information, Congress implicitly
determined that the benefits of
collecting such information outweigh
any invasion of privacy concerns.
Nevertheless, the Bureau notes that it
has included sample language in the
sample data collection form in appendix
E explaining the purpose of the data
collection, and, as noted, it anticipates
developing materials to further help
small businesses understand the
purposes of the rule. In addition, the
final rule provides safeguards for
applicants’ protected demographic
information by requiring that such
information be kept separately from
their applications and accompanying
information under § 1002.111(b),
through the firewall requirement in
§ 1002.108, and in § 1002.110(e)
restricting financial institutions’ redisclosure of protected demographic
data to third parties.
Burden and costs for collecting
ethnicity, race, sex information. The
Bureau appreciates that financial
institutions will face some initial costs
and burden in implementing the final
rule, such as from making changes to its
policies, procedures, systems, training
programs, and in other areas. However,
as noted by one commenter, the Bureau
believes that for many financial
institutions covered by the final rule,
there will be manageable ongoing costs
related to the data collection after an
initial implementation period.
The Bureau does not believe it would
be appropriate to permit financial
institutions to report only aggregate
data, as opposed to application-level
data, as suggested by one commenter.
First, the statute clearly contemplates
the collection of individual loan-level
information. Section 1071’s information
gathering requirement provides that a
financial institution is required to
collect and maintain information ‘‘in the
E:\FR\FM\31MYR2.SGM
31MYR2
lotter on DSK11XQN23PROD with RULES2
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
case of any application to a financial
institution . . .’’ (emphasis added).688
Further, the statute requires the
financial institution to compile and
maintain ‘‘a record of the information
provided by any loan applicant,’’
including loan identifying information
such as the number of the application
and the date on which the application
was received.689 Given this language,
the Bureau believes that Congress
intended that financial institutions
compile and maintain application-level
information and submit the
information—compiled in that way—to
the Bureau.
Second, the Bureau believes that it is
necessary to have specific ethnicity,
race, and sex data for individual
principal owners to allow assessments
of whether there are trends in the data,
including for businesses with different
amounts of ownership by individuals of
certain ethnicities, races, or sex, which
cannot be captured through the
minority-owned, women-owned, and
LGBTQI+-owned business status data
points alone. As a result, the Bureau
rejects a commenter’s suggestion that
the Bureau require the collection of only
one principal owner’s ethnicity, race,
and sex information.
Direct reporting to the Bureau or third
parties, or use of other data sources. The
Bureau is not, at this time, establishing
a mechanism by which small businesses
might directly submit demographic
information to the agency. The Bureau
notes, in this respect, that the statute
calls for financial institutions to collect
these data and report them to the
Bureau. In addition, the mechanisms
described by the statute do not envision
the Bureau ever knowing the identity of
any small business submitting data,
which would occur if small businesses
were to file demographic data directly
with the Bureau.
However, the final rule does not
foreclose industry from developing
mechanisms to make demographic data
collection and submission more
effective or efficient. For example,
industry might seek to foster the
development of third-party mechanisms
that would let financial institutions
collect and report demographic
information in tokenized form so that
they themselves do not have access to
that demographic data. To the extent
that industry stakeholders are interested
in the development of such mechanisms
in connection with meeting their
obligations under the final rule, the
Bureau is willing to engage with them
on these issues in order to ensure that
688 ECOA
689 ECOA
section 704B(b).
section 704B(e)(2).
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
any such developments ensure
appropriate data quality and protection,
do not burden or create obligations for
applicants, and otherwise accord with
the rule and the statute; to the extent
necessary and appropriate, the Bureau
would also need to adjust certain
regulations and technical guidance. In
considering appropriate data quality
and protection, the Bureau will want to
ensure that such a third-party system
does not compromise privacy or other
important protections or create
opportunities for the sale of personal
data.
Some commenters suggested that, as
opposed to requiring financial
institutions to collect and report
demographic data, the Bureau should
instead use data, for example, that is
gathered by other Federal agencies or
buy it from outside sources. However,
Congress’s intent with ECOA section
704B was to require financial
institutions to collect demographic
information from applicants that would
then be reported to the Bureau.
Gathering such information from other
sources would not be aligned with this
intent. Further, the Bureau believes that
requiring financial institutions to collect
demographic information during the
application process will help to ensure
comprehensive, nationwide
demographic data collection about small
business lending, which will in turn
help enable the identification of
potential discriminatory lending
practices and identification of the needs
and opportunities of small businesses,
including women-owned, minorityowned, and LGBTQI+-owned
businesses. Data that have been
collected in other contexts and for other
purposes, and analyzed pursuant to
those agencies’ methods for those other
purposes, would not achieve what the
Bureau believes is necessary to meet
section 1071’s statutory objectives.
Further, some of the approaches
suggested by commenters would not be
feasible, such as buying data from
sources outside of the Federal
government, because they do not
identify a small business applicant’s
principal owners. The Bureau also notes
that it has worked with other Federal
regulators so that they can tailor data
collections in this area to take advantage
of data collected under this rule, thereby
reducing burden on regulated entities.
Applicant and financial institution
education and guidance. With respect to
commenters’ requests that the Bureau
educate and explain the final rule and
its requirements to small business
applicants, the public, and financial
institutions, and to provide translations
of the sample data collection form into
PO 00000
Frm 00205
Fmt 4701
Sfmt 4700
35353
other languages, the Bureau refers
readers to its discussion regarding
compliance and technical assistance at
the end of part I above. Likewise, the
Bureau agrees with commenters that it
is important to provide a disclosure to
applicants to generally explain the rule
and its purpose. Instruction 4 to
proposed appendix G would have
explained that a financial institution
may inform applicants that Federal law
requires it to ask for the principal
owners’ ethnicity, race, and sex to help
ensure that all small business applicants
for credit are treated fairly and that
communities’ small business credit
needs are being fulfilled. In response to
comments about the importance of
helping applicants to understand the
reasons for the data collection,690 under
the final rule financial institutions are
required to provide such information
(see final comment 107(a)(19)–4);
sample language effecting this provision
is included on the sample data
collection form at appendix E.
Proposed Rule—Collecting Ethnicity
and Race Using Aggregate Categories
and Disaggregated Subcategories
The Bureau proposed that financial
institutions request principal owners’
ethnicity and race using both aggregate
categories as well as disaggregated
subcategories.
With respect to ethnicity data
collection, the Bureau proposed using
the same aggregate categories (i.e.,
Hispanic or Latino and Not Hispanic or
Latino) and disaggregated subcategories
as are used in Regulation C. With
respect to race data collection, the
Bureau proposed using the same
aggregate categories as are used in
Regulation C (i.e., American Indian or
Alaska Native; Asian; Black or African
American; Native Hawaiian or Other
Pacific Islander; and White). The Bureau
also proposed using the same
disaggregated subcategories for the
Asian race category and the Native
Hawaiian or Other Pacific Islander race
category, as well as with respect to the
American Indian or Alaska Native race
category, including by inviting an
applicant to provide the name of a
principal or enrolled tribe. In addition,
the Bureau proposed adding
disaggregated subcategories for the
Black or African American race
category, which are not used when
690 This was reaffirmed in user testing. See CFPB,
User testing for sample data collection form for the
small business lending final rule at app. A (Mar.
2023), https://www.consumerfinance.gov/dataresearch/research-reports/user-testing-for-sampledata-collection-form-for-the-small-businesslending-final-rule/.
E:\FR\FM\31MYR2.SGM
31MYR2
35354
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
lotter on DSK11XQN23PROD with RULES2
collecting data pursuant to Regulation
C.
The Bureau explained that OMB has
issued standards for the classification of
Federal data on ethnicity and race.691
OMB’s government-wide standards
provide a minimum standard for
maintaining, collecting, and presenting
data on ethnicity and race for all Federal
reporting purposes. These standards
have been developed to provide ‘‘a
common language for uniformity and
comparability in the collection and use
of data on ethnicity and race by Federal
agencies.’’ 692 The OMB standards
provide the following minimum
categories for data on ethnicity and race:
Two minimum ethnicity categories
(Hispanic or Latino; Not Hispanic or
Latino) and five minimum race
categories (American Indian or Alaska
Native; Asian; Black or African
American; Native Hawaiian or Other
Pacific Islander; and White). The
aggregate categories for ethnicity and
race in Regulation C, which the Bureau
proposed to use in the section 1071 final
rule, conform to the OMB standards.
The Bureau also explained that in
addition to the minimum data categories
for ethnicity and race, the OMB’s
standards provide additional key
principles. First, self-identification is
the preferred means of obtaining
information about an individual’s
ethnicity and race, except in instances
where observer identification is more
practical.693 Second, the collection of
greater detail is encouraged as long as
any collection that uses more detail is
organized in such a way that the
additional detail can be aggregated into
the minimum aggregate categories for
data on ethnicity and race. More
detailed reporting, which can be
aggregated to the minimum categories,
may be used at the agencies’ discretion.
Lastly, Federal agencies must produce
as much detailed information on
ethnicity and race as possible; however,
Federal agencies shall not present data
on detailed categories if doing so would
compromise data quality or
confidentiality standards.694
The Bureau noted that although OMB
received comments requesting the
creation of a separate Arab or Middle
Eastern ethnicity category prior to the
adoption of the OMB Federal Data
Standards on Race and Ethnicity in
1997, OMB accepted the Interagency
691 Off. of Mgmt. & Budget, Revisions to the
Standards for the Classification of Federal Data on
Race and Ethnicity, 62 FR 58782, 58782–90 (Oct.
30, 1997) (OMB Federal Data Standards on Race
and Ethnicity).
692 See id.
693 See id.
694 See id.
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
Committee’s recommendation not to
include one in the 1997 minimum
standards for reporting of Federal data
on race and ethnicity. OMB stated that
while it was adopting the Interagency
Committee’s recommendation, it
believed additional research was needed
to determine the best way to improve
data on this population group.695
The Bureau further explained that in
2017, OMB requested comment on the
Federal Interagency Working Group for
Research on Race and Ethnicity’s
(Working Group’s) proposals to update
the OMB Federal Data Standards on
Race and Ethnicity.696 The Working
Group proposed adding a Middle
Eastern or North African classification
to the Federal Data Standards on Race
and Ethnicity and to issue specific
guidelines for the collection of detailed
data for American Indian or Alaska
Native, Asian, Black or African
American, Hispanic or Latino, Native
Hawaiian or Other Pacific Islander, and
White groups.697 The Working Group
also considered whether race and
ethnicity should be collected using
separate questions versus a combined
question. The OMB Federal Data
Standards on Race and Ethnicity have
not been updated, however, in the time
since OMB’s 2017 request for comment.
The Bureau stated its belief that it is
also important to consider the data
standards that the U.S. Census Bureau
(Census Bureau) uses in the Decennial
Census. The definition of Hispanic or
Latino origin used in the 2010 and 2020
Census questionnaire refers to a person
of Cuban, Mexican, Puerto Rican, South
or Central American, or other Spanish
culture or origin regardless of race.698
The 2010 and 2020 Census
disaggregated the Hispanic or Latino
ethnicity into four categories (Mexican,
Mexican American, or Chicano; Puerto
Rican; Cuban; and Another Hispanic,
Latino or Spanish origin) and included
an area where respondents could
provide (i.e., write in) a specific
Hispanic, Latino, or Spanish origin
group as additional information.699
The Bureau explained that the 2010
and 2020 Census questionnaires listed
695 Id.
at 58782.
FR 12242 (Mar. 1, 2017).
697 See OMB Federal Data Standards on Race and
Ethnicity.
698 See U.S. Census Bureau, 2010 Official
Questionnaire, https://www.census.gov/history/pdf/
2010questionnaire.pdf (2010 Census Official
Questionnaire), and U.S. Census Bureau, 2020
Official Questionnaire, https://www2.census.gov/
programs-surveys/decennial/2020/technicaldocumentation/questionnaires-and-instructions/
questionnaires/2020-informationalquestionnaire.pdf (2020 Census Official
Questionnaire).
699 See 2010 Census Official Questionnaire and
2020 Census Official Questionnaire.
696 82
PO 00000
Frm 00206
Fmt 4701
Sfmt 4700
three of OMB’s five aggregate race
categories (American Indian or Alaska
Native; Black or African American; and
White). Although the questionnaires do
not list the aggregate race categories for
Asian or for Native Hawaiian or Other
Pacific Islander, they do list the related
disaggregated subcategories for the
Asian race category (i.e., Asian Indian,
Chinese, Filipino, Japanese, Korean,
Vietnamese, Other Asian), and for the
Native Hawaiian and Other Pacific
Islander race category (i.e., Native
Hawaiian, Chamorro,700 Samoan, Other
Pacific Islander). These questionnaires
also included three areas where
respondents could write in a specific
race: a specific Other Asian race, a
specific Other Pacific Islander race, or
the name of an enrolled or principal
tribe in the American Indian or Alaska
Native category.701 Additionally, the
2020 Census allowed respondents to
write in a specific origin for the White
category and for the Black or African
American category. For respondents
who did not identify with any of the
five minimum OMB race categories, the
Census Bureau included a sixth race
category—Some Other Race—on the
2010 and 2020 Census questionnaires.
Respondents could also select one or
more race categories and write-in
options.702
The Bureau noted that on February
28, 2017, the Census Bureau released its
2015 National Content Test: Race and
Ethnicity Analysis Report. This National
Content Test provided the U.S. Census
Bureau with empirical research to
contribute to the planning for the
content of the 2020 Census’ race/
ethnicity questions. The report
presented findings to the Census Bureau
Director and executive staff on research
conducted to assess optimal design
elements that could be used in
question(s) on race and ethnicity. It
noted that Americans view ‘‘race’’ and
‘‘ethnicity’’ differently than in decades
past and that a growing number of
people find the current race and
ethnicity categories confusing, or they
wish to see their own specific group
reflected on the Census questionnaire.
The National Content Test’s research
found that there have been a growing
number of people who do not identify
with any of the official OMB race
categories, and that an increasing
number of respondents have been
racially classified as ‘‘Some Other
700 The questionnaire for the 2010 Census
included ‘‘Guamanian or Chamorro,’’ but the
questionnaire for the 2020 Census included only
‘‘Chamorro.’’
701 See 2010 Census Official Questionnaire and
2020 Census Official Questionnaire.
702 See id.
E:\FR\FM\31MYR2.SGM
31MYR2
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
lotter on DSK11XQN23PROD with RULES2
Race.’’ This was primarily because of
reporting by Hispanics who did not
identify with any of the OMB race
categories, but it also noted that
segments of other populations, such as
Afro-Caribbean and Middle Eastern or
North African populations, did not
identify with any of the OMB race
categories.703 The 2015 National
Content Test: Race and Ethnicity
Analysis Report concluded that optimal
design elements that may increase
reporting, decrease item non-response,
and improve data accuracy and
reliability include: (1) a combined race
and ethnicity question with detailed
checkbox options; (2) a separate
‘‘Middle Eastern or North African’’
response category; and (3) instructions
to ‘‘Mark all that apply’’ or ‘‘Select all
that apply’’ (instead of ‘‘Mark [X] one or
more boxes’’).704
The Census Bureau did not ultimately
incorporate these design elements into
the questionnaire for the 2020 Decennial
Census, but instead continued to ask
about ethnicity and race in two separate
questions. While the questionnaire did
not provide detailed check box options
for the White race category or for the
Black or African American race
category, the questionnaire did add
write-in options and noted examples.
For White, it noted examples of German,
Irish, English, Italian, Lebanese, and
Egyptian. For Black or African
American, it noted examples of African
American, Jamaican, Haitian, Nigerian,
Ethiopian, and Somali.705
Notwithstanding the approach used by
the Census Bureau for the 2020
Decennial Census, the Bureau requested
comment on whether the approach and
design elements set forth in the 2015
National Content Test: Race and
Ethnicity Report Analysis (whether in
whole or in part) would improve data
collection that otherwise furthers
section 1071’s purposes, improve selfidentification of race and ethnicity by
applicants and response rates, or impose
burdens on financial institutions
collecting and reporting this
information.
The Bureau proposed that financial
institutions must permit applicants to
provide a principal owner’s ethnicity
and race using the aggregate categories
used for HMDA data collection, which
conform to the OMB standards. The
Bureau believed that aligning the
703 U.S. Census Bureau, 2015 National Content
Test: Race and Ethnicity Analysis Report, Executive
Summary, at ix (Feb. 28, 2017), https://
www2.census.gov/programs-surveys/decennial/
2020/program-management/final-analysis-reports/
2015nct-race-ethnicity-analysis.pdf.
704 Id. at 83–85.
705 See 2020 Census Official Questionnaire.
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
aggregate ethnicity and race categories
for this rule’s data collection with the
HMDA data collection would promote
consistency and could reduce potential
confusion for applicants, financial
institutions, and other users of the data.
The Bureau also proposed that
applicants must be permitted to provide
a principal owner’s ethnicity and race
using the disaggregated subcategories
used in HMDA data collection, which
also conform to one of the key
principles in the OMB standards:
encouraging the collection of greater
detail as long as any collection that uses
more detail is organized in such a way
that the additional detail can be
aggregated into the minimum aggregate
categories for data on ethnicity and race.
With respect to ethnicity data
collection, the Bureau proposed that
applicants must be permitted to provide
a principal owner’s ethnicity using the
disaggregated subcategories used in
HMDA data collection. For race data
collection, the Bureau proposed that
applicants must be permitted to provide
a principal owner’s race using the
disaggregated subcategories for the
Asian race category and the Native
Hawaiian or Other Pacific Islander race
category. The Bureau also proposed that
applicants must be permitted to provide
a principal owner’s race using
disaggregated subcategories for the
Black or African American race
category, which is not currently used in
HMDA data collection. Lastly, similar to
HMDA, the Bureau proposed inviting an
applicant to provide the name of a
principal or enrolled tribe for each
principal owner with respect to the
American Indian or Alaska Native race
category.
The Bureau explained that it was
proposing use of disaggregated
subcategories for this rulemaking, in
part, for general consistency with
existing HMDA reporting requirements.
Further, collection and reporting using
disaggregated subcategories could be
beneficial when attempting to identify
potential discrimination or business and
community development needs in
particular communities. While
disaggregated data may not be useful in
analyzing potential discrimination
where financial institutions do not have
a sufficient number of applicants or
borrowers within particular subgroups
to permit reliable assessments of
whether unlawful discrimination may
have occurred, disaggregated data on
ethnicity and race may help identify
potentially discriminatory lending
patterns in situations in which the
numbers are sufficient to permit such
fair lending assessments. The Bureau
noted that additionally, as suggested in
PO 00000
Frm 00207
Fmt 4701
Sfmt 4700
35355
the 2015 National Content Test: Race
and Ethnicity Report Analysis, the use
of disaggregated subcategories may
increase response rates.
The Bureau acknowledged, however,
that including the disaggregated
subcategories for four principal owners
may make data collection more difficult
in certain situations, such as for
applications taken solely by telephone
or for paper applications taken at retail
locations. Given these concerns, the
Bureau sought comment on whether an
accommodation should be made for
certain application scenarios, for
example by permitting financial
institutions to collect ethnicity and race
information using only the aggregate
categories or to permit financial
institutions to collect ethnicity, race,
and sex information on only one
principal owner in those scenarios. The
Bureau also noted that FinCEN’s
customer due diligence rule excludes
from certain of its requirements pointof-sale transactions for the purchase of
retail goods or services up to a limit of
$50,000.706 The Bureau did not propose
this approach given the different
purposes and requirements of the
customer due diligence rule (as well as
FinCEN’s related customer
identification program rule) 707 and
section 1071. Nonetheless, the Bureau
sought comment on whether covered
applications taken at retail locations,
such as credit cards and lines of credit
with a credit limit under a specified
amount (such as $50,000), should be
excepted from some or all of the
requirement to obtain principal owners’
ethnicity, race, and sex information.
The Bureau also sought comment on
its proposed use of the HMDA aggregate
categories, the HMDA disaggregated
subcategories (including the ability to
provide additional information if an
applicant indicates that a principal
owner is Other Hispanic or Latino,
Other Asian, or Other Pacific Islander),
and the proposed addition of
706 31 CFR 1010.230(h)(1)(i). The customer due
diligence rule’s exclusion for certain point of sale
transactions is based on the ‘‘very low risk posed
by opening such accounts at [a] brick and mortar
store.’’ Fin. Crimes Enf’t Network, U.S. Dep’t of
Treas., Guidance: Frequently Asked Questions
Regarding Customer Due Diligence Requirements
for Financial Institutions, at Q 29 (Apr. 3, 2018),
https://www.fincen.gov/sites/default/files/2018-04/
FinCEN_Guidance_CDD_FAQ_FINAL_508_2.pdf.
707 FinCEN’s customer identification program rule
does not contain a point of sale exclusion. While
the rule permits verification of customer identity
information within a reasonable time after an
account is opened, the collection of required
customer information must occur prior to account
opening. See 31 CFR 1020.220(a)(2)(i)(A) and (ii).
For credit card accounts, a bank may obtain
identifying information about a customer from a
third-party source prior to extending credit to the
customer. 31 CFR 1020.220(a)(2)(i)(C).
E:\FR\FM\31MYR2.SGM
31MYR2
lotter on DSK11XQN23PROD with RULES2
35356
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
disaggregated subcategories for the
Black or African American category.
Additionally, the Bureau sought
comment regarding whether it would be
helpful or appropriate to provide
additional clarification or to pursue a
different approach regarding the ability
of a principal owner to identify as Other
Hispanic or Latino, Other Asian, or
Other Pacific Islander or to provide
additional information if a principal
owner is Other Hispanic or Latino,
Other Asian, or Other Pacific Islander.
The Bureau also sought comment on
whether any additional or different
categories or subcategories should be
used for section 1071 data collection,
and whether the collection and
reporting of ethnicity and race should
be combined into a single question for
purposes of section 1071 data collection
and reporting. The Bureau further
sought comment on whether an
additional category for Middle Eastern
or North African should be added and,
if so, how this category should be
included and defined. In addition, the
Bureau sought comment on whether
disaggregated subcategories should be
added for the aggregate White category,
and if so, what disaggregated
subcategories should be added and
whether the applicant should be
permitted to write in or otherwise
provide other disaggregated
subcategories or additional information.
The Bureau also sought comment on
whether the approach and design
elements set forth in the 2015 National
Content Test: Race and Ethnicity Report
Analysis would improve data collection
or otherwise further section 1071’s
purposes, as well as whether it would
pose any particular burdens or
challenges for financial institutions
collecting and reporting this
information. Finally, the Bureau sought
comment on whether, similar to data
collection pursuant to Regulation C,
financial institutions should be limited
to reporting a specified number of
aggregate categories and disaggregated
subcategories and, if so, whether such a
limitation should be described in the
sample data collection form.
Proposed comments 107(a)(20)–6 and
–7 would have provided guidance on
collecting and reporting ethnicity and
race information, respectively. The
proposed comments would have
explained that applicants must be
permitted to provide a principal owner’s
ethnicity or race using aggregate
categories and disaggregated
subcategories and would have also
listed the aggregate categories and
disaggregated subcategories that
applicants must be permitted to use.
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
The proposed comments would have
also explained that applicants must be
permitted to select one, both, or none of
the aggregate categories and as many
disaggregated subcategories as the
applicant chooses, even if the applicant
does not select the corresponding
aggregate category. The proposed
comments would have stated that, if an
applicant provides ethnicity or race
information for a principal owner, the
financial institution reports all of the
aggregate categories and disaggregated
subcategories provided by the applicant,
and the proposed comments would have
provided examples. The proposed
comments would have stated that a
financial institution must also permit
the applicant to refuse to provide
ethnicity or race information for one or
more principal owners and explain how
a financial institution reports ethnicity
or race information if an applicant
declines to provide the information or
fails to respond. Finally, the proposed
comments would have explained how a
financial institution reports ethnicity or
race information if an applicant has
fewer than four principal owners, and
they would have provided examples.
Comments Received—Collecting
Ethnicity and Race Using Aggregate
Categories and Disaggregated
Subcategories
The Bureau received comments from
a range of commenters, including
lenders, trade associations, community
groups, and a business advocacy group,
on its proposal to collect ethnicity and
race using aggregate categories and
disaggregated subcategories.
Several banks and a group of trade
associations opposed the proposal to
collect ethnicity and race information
using disaggregated subcategories.
Specifically, these commenters asserted
that the disaggregated subcategories do
not add value to fair lending reviews or
findings in the HMDA context because
there is not enough disaggregated
subcategory data from which to draw
fair lending conclusions, as mortgage
applicants do not often use the
disaggregated subcategories. Thus, they
said, disaggregated subcategories should
not be adopted for this data collection.
The group of trade associations also
stated that the Bureau’s analysis of 2018
HMDA data shows that mortgage
applicants largely selected one ethnicity
or race field and asserted that the
Bureau has not shown that small
business credit applicants are likely to
behave differently. A small business
owner also objected to the Bureau’s
proposal on the grounds that applicants
would not report the ethnicity and race
of their principal owners accurately
PO 00000
Frm 00208
Fmt 4701
Sfmt 4700
and, if faced with a long list of
categories, would choose not to report.
This commenter also asserted that the
Bureau’s proposal does not align with
other government data collections and
would hinder data analysis.
Two of those banks and the group of
trade associations also objected on the
grounds that collecting disaggregated
data in the HMDA context has been
burdensome and frustrating for
applicants and lenders. The trade
associations also argued that including
disaggregated subcategories would
impose more burden than under
Regulation C because ethnicity and race
data would need to be collected for up
to four principal owners under the
Bureau’s proposal, whereas it would
generally be collected for only one or
two applicants for the HMDA data
collection. This commenter also
emphasized that for ethnicity and race
data collection under Regulation C,
financial institutions are required to
read aloud all of the ethnicity and race
disaggregated subcategories when taking
a mortgage application over the phone,
which the commenter asserted has been
frustrating for mortgage applicants and
would likely be frustrating for small
business applicants as well.
The group of trade associations and a
bank further argued for use of only the
aggregate categories currently used in
Regulation C and the OMB Federal Data
Standards on Race and Ethnicity,
without any new aggregate or
disaggregated categories. As discussed
above regarding general comments
about the Bureau’s proposal for
collecting ethnicity, race, and sex, the
Bureau also received some comments
requesting that demographic
information collection generally
(including on race and ethnicity) for this
rule should be the same, or similar to
the greatest extent possible, as for
Regulation C.
In contrast, many community groups
and a minority business advocacy
group, as well as some industry
commenters, generally supported
collecting ethnicity and race using
aggregate categories and disaggregated
subcategories as proposed by the
Bureau. These commenters stated that
collecting detailed, disaggregated
ethnicity and race data on small
business applicants’ owners, and
particularly for those of color, will over
time provide transparency as to the
different experiences of racial and
ethnic subgroups in the small business
lending marketplace, further fair
lending enforcement, and support the
objectives of section 1071. Several
commenters emphasized that
disaggregated data will help capture
E:\FR\FM\31MYR2.SGM
31MYR2
lotter on DSK11XQN23PROD with RULES2
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
potential discrimination and allow for
targeted support. One stated that the
proposal will add nuance to fair lending
assessments and that aggregate racial
and ethnic categories mask economic
disparities and differences in social
capital and experiences.
Many of these commenters
highlighted that HMDA data has
revealed that racial and ethnic
subgroups have different experiences in
the home buying market. These
commenters argued that, similarly,
disaggregated ethnicity and race data are
necessary to allow assessments in the
small business lending marketplace.
Several of these commenters specifically
noted that research based on 2019
HMDA data shows that Asian American
and Pacific Islander communities and
Hispanic/Latino subgroups fare
differently in the mortgage market. One
commenter noted, as an example of
different experiences, that participants
in its homebuying seminars have stated
that language barriers often create
difficulties in the home buying process.
Other commenters noted the importance
of disaggregated data for business
lending specifically, generally citing
findings in the Federal Reserve Banks’
Small Business Credit Survey: 2021
Report on Employer Firms that firms
owned by people of color were less
likely to receive the full of amount
financing sought than white-owned
businesses.
Some commenters stated that they
supported the Bureau’s proposed
approach of generally aligning with
HMDA’s aggregate categories and
disaggregated subcategories for ethnicity
and race and also adding new
disaggregated subcategories. Two
commenters affirmed that the HMDA
ethnicity and race categories and
subcategories are also relevant for small
business lending. A lender commented
that this approach will reveal different
experiences in the small business
lending market, but also provide
familiar reporting standards. Another
lender stated that aligning many of the
ethnicity and race categories with those
for HMDA would promote consistency
and reduce confusion. One community
group stated that based on the HMDA
experience, it anticipates that applicants
will not have difficulty understanding
the information being requested
regarding race as long as the sample
form is clear for both lenders and
applicants to follow.
Many commenters also supported the
specific ethnicity and race aggregate
categories and disaggregated
subcategories proposed. Some called out
their support for particular groups of
disaggregated subcategories, for example
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
for the Hispanic/Latino population,
Asian, and Native Hawaiian or Other
Pacific Islander aggregate categories.
Some commenters noted that none of
these communities are monoliths and
different subgroups have different
experiences in seeking credit. One
commenter made a similar statement
regarding African American and African
immigrant communities in the
residential mortgage context.
A community group operating in New
York City suggested adding certain
subgroups listed as examples in the
Other Latino or Hispanic disaggregated
ethnicity subcategory and in the Other
Asian disaggregated race subcategory.
The community group suggested adding
an ethnicity subcategory for Dominican,
because in New York City Dominicans
make up a larger percentage of the
population than Puerto Ricans, one of
the proposed disaggregated ethnicity
subcategories. The commenter also
suggested adding Colombian,
Ecuadorian, and Honduran
disaggregated ethnicity subcategories.
This commenter further suggested
adding Bangladeshi and Pakistani
disaggregated race subcategories, under
the Asian aggregate race category,
stating that these populations make up
6 percent and 8 percent, respectively, of
the Asian population in New York City.
Many commenters expressed specific
support for the proposed disaggregated
Black or African American race
subcategories. One commenter stated
that there are distinct differences in the
experiences and treatment of different
subgroups and that many of these
subgroups have tight-knit communities
and thus it is important that this data
collection captures such nuances, and
another stated that disaggregation
generally has proven to have value in
the HMDA context.
Regarding the American Indian or
Alaska Native aggregate race category,
several commenters supported the
Bureau’s proposal to include a write-in
text field for an applicant to name a
principal owner’s enrolled or principal
tribe, though some also were concerned
that there would be insufficient
information on indigenous small
business owners as a result of small
sample sizes, which could mask the
credit needs of that community.
Some commenters supported adding
an additional category for Middle
Eastern or North African in the final
rule, in response to the Bureau’s request
for comment. One commenter stated
that individuals of Middle Eastern or
North African descent are often left with
little choice but to select White as their
race, despite a long history of
discrimination in the United States, and
PO 00000
Frm 00209
Fmt 4701
Sfmt 4700
35357
that adding this category would meet
the spirit of section 1071. Several other
commenters stated that a Middle
Eastern or North African category
should be added to capture
discrimination against and barriers for
applicants of Middle Eastern or North
African descent. A couple of
commenters suggested that North
African and Middle Eastern could be
addressed as its own category or as
disaggregated subcategories. However, a
group of trade associations argued
against the proposal for a Middle
Eastern or North African category,
noting that OMB never finalized its
proposal to include such a category in
its Federal standards on race and
ethnicity.
Regarding disaggregated ethnicity and
race categories generally, a joint letter
from community groups and business
advocacy groups suggested that the
Bureau provide in the final rule that the
ethnicity and race categories will be
maintained and updated in alignment
with OMB’s standards and that the
specifications will be adjusted in filing
instructions that the Bureau issues from
time to time.
Several commenters responded to the
Bureau’s request for comment on
whether to combine the proposed
questions about ethnicity and race.
These commenters did not support
combining the questions. A group trade
associations noted that while the Census
Bureau’s 2015 National Content Test:
Race and Ethnicity Report Analysis
showed that many individuals that
select Hispanic or Latino as their
ethnicity do not make any race
selections because they do not identify
with the aggregate race categories, the
race and ethnicity questions were
ultimately not combined for 2020
Decennial Census. The commenter also
reiterated that the questions are separate
for HMDA data collection purposes, and
stated that the same approach should be
used for this rule to maintain
consistency across data collection rules
and with the Census Bureau’s approach,
reduce burden for financial institutions,
and facilitate data analyses.
One commenter urged the Bureau to
allow applicants to provide an
additional disaggregated subcategory in
addition to those specified in the
proposal beside ‘‘other’’ in a text field
in the same manner that American
Indian or Alaska Natives can identify
tribal affiliation. The commenter stated
this would allow applicants to write in
responses such as Nicaraguan or Hmong
that may provide important additional
information for fair lending
enforcement.
E:\FR\FM\31MYR2.SGM
31MYR2
35358
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
A bank asserted that for the ethnicity
and race data collection under
Regulation C, when applicants select a
disaggregated ethnicity or race
subcategory, the selection prevents the
applications from being associated with
the corresponding aggregate category.
The commenter stated that this issue
impacts how some lenders’ application
and origination performance with
specific communities appears and urged
the Bureau to fix the issue in the
Regulation C data collection and ensure
it is not replicated for the section 1071
data collection.
lotter on DSK11XQN23PROD with RULES2
Final Rule—Collecting Ethnicity and
Race Using Aggregate Categories and
Disaggregated Subcategories
For the reasons set forth herein, the
Bureau is finalizing its proposal to
collect information about the ethnicity
and race of principal owners using
aggregate categories and disaggregated
subcategories generally as proposed.
However, the Bureau has revised the
commentary related to the collection of
ethnicity and race data to reduce
repetition among the appendices and
the commentary and to reflect other
changes, as explained below.
The Bureau agrees with commenters
that the disaggregated ethnicity and race
subcategories will provide meaningful
data that will further section 1071’s
purposes. Such data will be beneficial
in identifying potential discrimination
or business and community
development needs in particular
communities, including by providing
insight into variations in borrowing
experiences by ethnicity and race across
the small business lending marketplace,
even if not all applicants make ethnicity
or race disaggregated subcategory
selections. For example, in the HMDA
context, the Bureau has used
disaggregated race data collected under
Regulation C to find that some Asian
American and Pacific Islanders
subgroups fare better than others in the
mortgage market.708 Other data users
have been able to draw conclusions and
make policy recommendations to
address differences and disparities in
home lending among subgroups in the
Hispanic or Latino community using
disaggregated HMDA subcategories.709
The Bureau believes that disaggregated
ethnicity and race data in the section
708 Bureau of Consumer Fin. Prot., Data Point:
Asian American and Pacific Islanders in the
Mortgage Market (July 2021), https://
files.consumerfinance.gov/f/documents/cfpb_aapimortgage-market_report_2021-07.pdf.
709 See Agatha So et al., Nat’l Cmty. Reinvestment
Coal., Hispanic Mortgage Lending: 2019 HMDA
Analysis (2019), https://www.ncrc.org/hispanicmortgage-lending-2019-analysis/.
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
1071 data collection will similarly
advance section 1071’s purpose in
enabling communities, governmental
entities, and creditors to identify
business and community development
needs and opportunities of businesses
with owners that are members of ethnic
and racial subgroups, regardless of
whether those businesses meet the
definition of a minority-owned small
business.
With respect to the fair lending
enforcement purpose of section 1071,
the Bureau recognizes that disaggregated
data may not be useful in analyzing
potential discrimination where financial
institutions do not have a sufficient
number of applicants or borrowers
within particular subgroups to permit
reliable assessments of whether
unlawful discrimination may have
occurred. However, the Bureau believes
there will be—as has proven to be the
case in the HMDA data—situations in
which the numbers are sufficient to
permit such fair lending assessments.
The Bureau also believes that the use of
disaggregated subcategories may
increase ethnicity and race response
rates by small business applicants.
Requiring the collection of
disaggregated race and ethnicity data
also follows a key principle set forth in
the OMB Federal Data Standards on
Race and Ethnicity to encourage
applicants to self-identify their
principal owners’ race and ethnicity, by
providing more inclusive options for
applicant self-reporting.710
The Bureau is not, at this time, adding
additional disaggregated ethnicity and
race subcategories beyond those set
forth in the NPRM. While one
commenter suggested adding a few
disaggregated ethnicity and race
categories, such suggestions were based
on the demographics of a specific city
and it is unclear whether they would
provide useful data in a nationwide data
collection. The Bureau notes that if an
applicant’s principal owner does not
clearly identify with any of the listed
disaggregated ethnicity or race
subcategories associated with a specific
aggregate ethnicity or race category,
many of the aggregate ethnicity and race
categories have an associated ‘‘Other’’
disaggregated subcategory (e.g., ‘‘Other
Hispanic or Latino,’’ ‘‘Other Asian,’’
‘‘Other Black or African American,’’ and
‘‘Other Pacific Islander’’) that give the
applicant opportunities to provide a
specific subcategory not listed or
otherwise provide additional ethnicity
or race information.711
710 See
62 FR 58782, 58789 (Oct. 30, 1997).
exceptions are the ‘‘American Indian or
Alaska Native’’ aggregate race category, which
711 The
PO 00000
Frm 00210
Fmt 4701
Sfmt 4700
The Bureau also is not adding a
separate, disaggregated subcategory for
applicants to write in ethnicity or race
information, as suggested by a
commenter. The Bureau recognizes that
some applicants may not clearly
identify with the Bureau’s designated
ethnicity and race aggregate categories
and disaggregated subcategories, despite
the ‘‘Other’’ disaggregated ethnicity and
race subcategories associated with the
aggregate ethnicity and race categories
in the final rule. The Bureau also notes
that the 2020 Decennial Census and the
Census Bureau’s American Community
Survey include a separate ‘‘Some Other
Race’’ category, which provided
respondents with the ability to write in
additional information.712 However, the
Census Bureau’s use of this race
category is statutorily required and the
best practice for Federal agencies is to
not include a ‘‘Some Other Race’’
category unless required by law.713 The
Bureau believes it is important that the
race and ethnicity information be
capable of being aggregated to or
associated with the five OMB aggregate
categories for race and the two aggregate
categories for ethnicity in the OMB
Federal Data Standards on Race and
Ethnicity to facilitate the Bureau’s and
others’ ability to analyze and use the
collected data. As noted above,
applicants will be able to use the
associated ‘‘Other’’ disaggregated
subcategories associated with many of
the aggregate race and ethnicity
categories to provide their principal
owners’ information and, as clarified by
final comments 107(a)(19)–13 and –14,
will also be able to make multiple
selections for their principal owners’
race and/or ethnicity to accurately
reflect their racial and ethnic identities.
The Bureau likewise is not combining
the questions about ethnicity and race at
this point in time. Commenters
generally did not support or did not
state a position on combining the
ethnicity and race questions. The
Bureau notes that the 2020 Decennial
provides applicants with an opportunity to write in
or provide additional information about their
principal owner’s enrolled or principal tribe, the
‘‘Not Hispanic or Latino’’ aggregate ethnicity
category, and the ‘‘White’’ aggregate race category.
712 See 2020 Census Official Questionnaire; 2022
American Community Survey Questionnaire.
713 See Chief Statistician of the U.S., Flexibilities
and Best Practices for Implementing the Office of
Management and Budget’s 1997 Standards for
Maintaining, Collecting, And Presenting Federal
Data on Race and Ethnicity (Statistical Policy
Directive No. 15), n.32 (July 2022) (citing the
Science, State, Justice, Commerce, and Related
Agencies Appropriations Act, 2006, Public Law
109–108, tit. II, 119 Stat. 2289, 2308–09 (2005)),
https://www.whitehouse.gov/wp-content/uploads/
2022/07/Flexibilities-and-Best-Practices-UnderSPD-15.pdf; id. at 8–9.
E:\FR\FM\31MYR2.SGM
31MYR2
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
lotter on DSK11XQN23PROD with RULES2
Census and the 2022 American
Community Survey also do not combine
the questions.714
Some commenters expressed concern
that the Bureau’s proposal for the
American Indian or Alaska Native
aggregate race category, which does not
have specifically listed disaggregated
subcategories but permits applicants to
write in the name of a principal owner’s
enrolled or principal tribe, would lead
to small sample sizes and thus
insufficient information to make
assessments about indigenous small
business owners and those
communities. At this time, the Bureau is
not making any changes to its approach
for the American Indian or Alaska
Native aggregate race category. The
Bureau notes that the Census Bureau’s
2020 Decennial Census and 2022
American Community Survey similarly
listed American Indian or Alaska Native
as an aggregate race category, do not list
specific disaggregated subcategories,
and ask respondents to ‘‘Print [the]
name of enrolled or principal tribe(s)’’
along with suggested write-in
options.715 As explained in the 2015
National Content Test: Race and
Ethnicity Race Report Analysis, there
are hundreds of American Indian and
Alaska Native tribes, villages, and
groups, and checkboxes for the largest
groups would only represent a small
percentage of the American Indian and
Alaska Native population.716 Given this
research, the Bureau believes that its
approach to the American Indian or
Alaska Native aggregate race category is
appropriate and is thus not including a
list of suggested write-in examples at
this time.
The Bureau has also decided against
specifically collecting data on Middle
Eastern or North African populations at
this point in time, whether as an
aggregate ethnicity or race category, a
disaggregated ethnicity or race
subcategory, or through some other
inquiry, due to uncertainty about how a
714 The 2020 Decennial Census and the 2022
American Community Survey both ask separate
questions for Hispanic, Latino, or Spanish origin,
and for race. See 2020 Census Official
Questionnaire; U.S. Census Bureau, 2022 American
Community Survey Questionnaire, https://
www2.census.gov/programs-surveys/acs/
methodology/questionnaires/2022/quest22.pdf.
715 See 2020 Census Official Questionnaire; U.S.
Census Bureau, 2022 American Community Survey
Questionnaire.
716 2015 National Content Test: Race and
Ethnicity Report Analysis, at 52 (‘‘[W]e know from
Census Bureau research that there are hundreds of
very small detailed [American Indian and Alaska
Native] tribes, villages, and indigenous groups for
which Census Bureau data is collected and
tabulated, and if we were to employ the six largest
American Indian groups and Alaska Native groups
as checkboxes, they would represent only about 10
percent of the entire AIAN population.’’).
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
Middle Eastern or North African
category should be defined. As detailed
in the NPRM, the Census Bureau and
OMB have considered, over the course
of years, whether to include a separate
Arab or North African, or alternatively
Middle Eastern or North African,
classification in the Decennial Census
and the Federal Data Standards on Race
and Ethnicity.717 But, despite a 2017
recommendation by a Federal
interagency working group to add such
a classification to the OMB Federal Data
Standards on Race and Ethnicity, the
standards have not been updated. And,
although it was recommended in the
2015 National Content Test: Race and
Ethnicity Report Analysis that a
separate Middle Eastern or North
African classification be adopted for the
2020 Decennial Census, no Middle
Eastern or North African classification
was included due to questions about
whether the information should be
collected as an ethnicity or race
category.718 Given the unsettled nature
of how to best collect information about
Middle Eastern and North African
populations, the Bureau is not including
a separate classification for Middle
Eastern or North African at this point in
time. The Bureau notes, however, that
OMB is currently in the process of
reviewing and revising the standards for
collecting data on race and ethnicity for
the Federal government and may revise
the standards by the summer of 2024.719
The Bureau will be reviewing OMB’s
efforts and other developments that may
arise in the area of ethnicity and race
data collection and measurement.
717 62 FR 58782 (Oct. 30, 1997); 82 FR 12242
(Mar. 1, 2017).
718 Hansi Lo Wang, No Middle Eastern or North
African Category on the 2020 Census, Bureau Says,
Nat’l Pub. Radio (Jan. 29, 2018), https://
www.npr.org/2018/01/29/581541111/no-middleeastern-or-north-african-category-on-2020-censusbureau-says. See also U.S. Census Bureau, 2015
NCT, at xiii, 84–85.
The Bureau notes that after the NPRM was
published, the U.S. Department of the Treasury
published an interim final rule in March 2022
related to data collection for its State Small
Business Credit Initiative (SSBCI) program, which
establishes that recipients of SSBCI funding must
maintain and submit information about small
business program beneficiaries’ principal owners’
Middle Eastern or North African ancestry, through
a separate ancestry question. U.S. Dep’t of Treas.,
State Small Business Credit Initiative;
Demographics-Related Reporting Requirements, 87
FR 13628 (Mar. 10, 2022).
719 Off. of Mgmt. & Budget, Initial Proposals for
Updating OMB’s Race and Ethnicity Statistical
Standards, 88 FR 5375 (Jan. 27, 2023). Proposals
and questions for which OMB is soliciting comment
include collecting race and ethnicity information
using one combined question, adding a Middle
Eastern or North African minimum reporting
category, requiring the collection of detailed race
and ethnicity categories by default, and certain
updates to terminology, among others.
PO 00000
Frm 00211
Fmt 4701
Sfmt 4700
35359
The Bureau is not committing at this
time to updating the rule’s ethnicity and
race aggregate categories and
disaggregated subcategories to align
with future changes to OMB Federal
Data Standards on Race and Ethnicity.
First, the data points the Bureau is
finalizing under § 1002.107(a)(18) and
(19), regarding minority-owned business
status and the ethnicity and race of
principal owners, are statutorily
mandated. Second, the Bureau notes
that the OMB Federal Data Standards on
Race and Ethnicity establish only
minimum standards for the collection of
race and ethnicity information, which
the data collection under Regulation C
already expands upon.720 Third, it is
unknown what the changes to the
Federal standards will be and whether
the collection of information based on
any revised race and ethnicity aggregate
categories and/or disaggregated
subcategories would further the
purposes of section 1071. The Bureau,
however, will track forthcoming
developments as to the Federal
government’s standards for the
collection of race and ethnicity
information. Regarding updates to data
point response options, see final
comment 107(a)–4.
As supported by some commenters,
the Bureau believes it is important to
collect information about principal
owners that identify with subgroups
within the Black or African American
community, particularly as the Black or
African American community in the
United States diversifies. The Bureau
does not believe it is necessary to use
the exact same aggregate categories and
disaggregated subcategories for ethnicity
and race as are used for data collection
under Regulation C (which would
preclude the Black or African American
race disaggregated subcategories), as
suggested by some commenters.
Certainly, the Bureau’s experience with
ethnicity and race data collection under
HMDA informed the Bureau’s
considerations for its proposals and for
this final rule. However, although the
collection of ethnicity, race, and sex
data in both contexts serves related fair
lending purposes, Regulation C and this
final rule are authorized under different
statutes and for different markets. The
Bureau believes that the added Black or
African American race disaggregated
subcategories it proposed and is
finalizing will provide additional
720 As explained by the Bureau in 2015, the race
and ethnicity disaggregated subcategories under
Regulation C go beyond the minimum categories set
forth in the OMB Federal Data Standards on Race
and Ethnicity by adding subpopulations used in the
2000 and 2010 Decennial Census. See 80 FR 66128,
66190 (Oct. 28, 2015).
E:\FR\FM\31MYR2.SGM
31MYR2
35360
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
lotter on DSK11XQN23PROD with RULES2
information that will further the
purposes of section 1071, as explained
below.
According to a Pew Research Center
report, while 4.6 million, or one in ten,
Black individuals in the United States
were born in a different country in 2019,
it is projected that by 2060 the number
will increase to 9.5 million, or more
than double the current level.721 Within
this changing demographic, there are
socio-economic differences between
Black immigrant-headed households
and other immigrant households in the
United States, between Black
immigrant-headed households and U.S.born Black American headedhouseholds, and among Black
immigrant-headed households by region
of origin. For example, the report found
that in 2019, poverty rates within the
Black immigrant population vary by
region, with fewer than one-in-five
African-born (16 percent) and Central
American- or Mexican-born Black
immigrants (16 percent) living below
the poverty line, and 11 percent and 12
percent of Caribbean- and South
American-born Black immigrants,
respectively.722 The Bureau is not
collecting immigrant status as part of
the section 1071 data collection.
However, this research indicates to the
Bureau that there could be important
distinctions between subgroups of the
Black or African American communities
in the small business lending
marketplace. The Bureau believes that
the collection of information about
small businesses whose principal
owners identify among the Black or
African American subgroups will allow
it and others to better understand if
there are distinct differences in patterns
in lending to small businesses with
owners in these subgroups and help
fulfill the fair lending enforcement and
business and community development
purposes of section 1071.
Based on its experience with
Regulation C, the Bureau believes that
after some initial burden to implement
the ethnicity and race reporting
requirements, there should be minimal
ongoing burden for financial institutions
related to the collection and reporting of
applicants’ self-provided responses
regarding their principal owners’
aggregate category and disaggregated
subcategory ethnicity and race
selections. However, the Bureau
acknowledges the concern raised by one
721 Christine Tamir & Monica Anderson, Pew
Rsch. Ctr., One-in-Ten Black People Living in the
U.S. Are Immigrants, at 7 (Jan. 20, 2022), https://
www.pewresearch.org/race-ethnicity/wp-content/
uploads/sites/18/2022/01/RE_2022.01.20_BlackImmigrants_FINAL.pdf.
722 See id. at 28–31.
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
commenter that, unlike in mortgage
transactions where generally there are
only up to two applicants, under the
Bureau’s proposal, ethnicity and race
information could be collected for up to
four principal owners. The commenter
generally noted that because of this
potential for an applicant to have up to
four principal owners, for applications
taken over the phone, it could be
frustrating for applicants and financial
institution employees and officers to
read all of the ethnicity and race
aggregate categories and disaggregated
subcategories out loud, as is currently
the practice under Regulation C. In
consideration of this issue, the Bureau
has added a comment to provide
clarification for collecting ethnicity and
race information orally, such as over the
phone. Final comment 107(a)(19)–16
generally clarifies that when collecting
ethnicity and race information orally,
the financial institution is not required
to read aloud every disaggregated
ethnicity and race subcategory. Instead,
a financial institution will be able to
orally present the lists of aggregate
ethnicity and race categories, followed
by the disaggregated subcategories (if
any) associated with the specific
aggregate ethnicity or race categories
selected or requested to be heard by the
applicant. Comment 107(a)(19)–16 will
also clarify, among other things, that
after the applicant has made its
selection(s) (if any), the financial
institution must also ask if the applicant
wishes to hear any other lists of
disaggregated subcategories. The
comment also provides that the
financial institution may not present the
applicant with the option to decline to
provide ethnicity or race information
without also presenting the applicant
with the specified ethnicity or race
aggregate categories and disaggregated
subcategories. Comment 107(a)(19)–16
also generally provides that if an
applicant has more than one principal
owner, a financial institution will have
the flexibility to ask for the principal
owners’ ethnicity and race information
in a way that reduces repetition.
With regard to one commenter’s
request that the Bureau ensure that an
applicant’s selection of a disaggregated
ethnicity or race subcategory does not
prevent the application from being
associated with the corresponding
aggregate ethnicity or race category, the
Bureau does not anticipate that the
commenter’s concern will be an issue
for the 1071 data collection. The Bureau
also notes that the commenter’s issue is
not present for reporting under
Regulation C, as stated by the
commenter. When reporting an
PO 00000
Frm 00212
Fmt 4701
Sfmt 4700
applicant’s disaggregated ethnicity or
race subcategory selections under
Regulation C, the aggregate ethnicity or
race category is disclosed in the derived
aggregate ethnicity or race field in the
publicly released data. To the extent the
commenter is referring to a concern
about how an applicant may select a
disaggregated ethnicity or race
subcategory, without also selecting the
associated aggregate category, the
Bureau believes that allowing applicants
to make such a selection and requiring
a financial institution to report that
selection as it was made, and recognizes
that individuals may have varying racial
and ethnic identities.
To further this goal, final comment
107(a)(19)–1 states that financial
institutions report responses as
provided by applicants. Generally, this
is the case even if they contain obvious
discrepancies and inaccuracies.723 Upon
further review, however, the Bureau has
revised the commentary for final
§ 1002.107(a)(19) to clarify that if an
applicant provides additional ethnicity
or race information in a write-in field on
a paper or electronic data collection
form but does not select (e.g., by a check
mark on a paper form) the
corresponding ‘‘Other’’ disaggregated
subcategory (e.g., ‘‘Other Hispanic or
Latino,’’ ‘‘Other Asian,’’ ‘‘Other Black or
African American,’’ and ‘‘Other Pacific
Islander’’), the financial institution is
permitted, but not required, to report
the corresponding ‘‘Other’’ ethnicity or
race disaggregated subcategory as well.
Similarly, if an applicant provides the
name of an enrolled or principal tribe
but does not also indicate that the
principal owner is American Indian or
Alaska Native on a paper or electronic
data collection form, the financial
institution is permitted, but not
required, to report American Indian or
Alaska Native as well. This change
aligns with the similar instruction
regarding such situations in Regulation
C.724
The Bureau has also made changes to
the commentary specifically regarding
the collection of ethnicity and race
information to incorporate unique
723 The Bureau notes that comment 107(a)(19)–8
provides clarification that in the specific situation
where an applicant both provides a substantive
response to a request for a given principal owner’s
ethnicity, race, or sex (by identifying the principal
owner’s race, ethnicity, or sex) and also indicates
that it does not wish to provide the information
(e.g., by selecting an option that states ‘‘I do not
wish to provide this information’’ or similar), the
financial institution reports the substantive
response provided by the applicant (rather than
reporting that the applicant responded that it did
not wish to provide the information).
724 See, e.g., 12 CFR part 1002, appendix B,
instruction 9.ii.
E:\FR\FM\31MYR2.SGM
31MYR2
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
lotter on DSK11XQN23PROD with RULES2
content from the instructions for
collecting ethnicity and race
information in proposed appendix G,
which the Bureau is removing from the
final rule, as explained earlier in this
section-by-section analysis.725 These
changes include updated numbering,
added references to the sample data
collection form at final appendix E, and
further clarification regarding
applicability of the instructions when
ethnicity and race information is
requested on a paper or electronic data
collection form, versus orally (e.g.,
telephone applications). The Bureau has
also removed proposed clarification in
each of the ethnicity and race-related
comments regarding ethnicity and race
information that an applicant has
specifically indicated it is declining to
provide, which it did not provide, or
which is not applicable, including
because the applicant has fewer than
four principal owners.726 The Bureau
has either deleted such content where
duplicative of similar content in final
comment 107(a)(19)–1 (‘‘General’’) or
moved it to new, generally applicable
comments at final comments 107(a)(19)–
6 (‘‘Ethnicity, race, or sex of principal
owners not provided by applicant’’),
107(a)(19)–7 (‘‘Applicant declines to
provide information about a principal
owner’s ethnicity, race, or sex’’), and
107(a)(19)–10 (‘‘Reporting for fewer than
four principal owners’’).
Proposed Rule—Collecting Sex
Proposed comment 107(a)(20)–8
would have clarified that a financial
institution is required to permit an
applicant to provide a principal owner’s
sex using one or more of the following
categories: Male, Female, the applicant
prefers to self-describe their sex (with
the ability of the applicant to write in
or otherwise provide additional
information), and also would have
permitted the applicant to refuse to
provide the information. The sex
categories would have also been on the
sample data collection form proposed as
appendix E, in response to a query
about the principal owner’s ‘‘Sex,’’ with
a direction to ‘‘Check one or more.’’
Instruction 6 of proposed appendix G
would have similarly required financial
institutions to permit applicants to use
the sex categories as listed on proposed
appendix E as responses for a principal
owner’s sex.
In the NPRM, the Bureau stated that
it was generally proposing that financial
725 These comments were proposed comments
107(a)(20)–6 and 107(a)(20)–7. These proposed
comments generally correspond with final
comments 107(a)(19)–13 and 107(a)(20)–14.
726 The clarification was originally at proposed
comments 107(a)(20)–6.iv and –7.iv.
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
institutions use the sex categories from
Regulation C when requesting that
applicants provide the sex information
of their principal owners, but that it was
also proposing the self-describe
response option. The Bureau explained
that Federal, State, and local
government agencies have been moving
to providing additional options for
designating sex. At the Federal level, the
Bureau noted that, for example, the
Department of State had announced that
it was planning to offer the option of a
new gender marker for non-binary,
intersex, and gender non-conforming
persons for passports and Consular
Reports of Birth Abroad as an
alternative to male or female.727 The
Bureau also noted that the Food and
Drug Administration includes the
gender options of female, male, intersex,
transgender, and ‘‘prefer not to
disclose’’ on certain patient forms.728
The Bureau also discussed how a
number of States and the District of
Columbia, as well as some local
governments, offer an alternative sex or
gender designation to male and female
(e.g., ‘‘X’’) on government-issued
documents and forms such as drivers’
licenses and identification cards, and in
some cases birth certificates.729
727 See U.S. Dep’t of State, Proposing Changes to
the Department’s Policies on Gender on U.S.
Passports and Consular Reports of Birth Abroad
(June 30, 2021), https://www.state.gov/proposingchanges-to-the-departments-policies-on-gender-onu-s-passports-and-consular-reports-of-birthabroad/. The Department of State subsequently
made this option available in April 2022. See U.S.
Dep’t of State, X Gender Marker Available on U.S.
Passports Starting April 11, 2022 (Mar. 31, 2022),
https://www.state.gov/x-gender-marker-availableon-u-s-passports-starting-april-11/.
728 See U.S. Food & Drug Admin., MedWatch
forms FDA 3500 and 3500A (Sept. 12, 2018)
(approved under OMB No. 0910–0291), https://
www.fda.gov/media/76299/download and https://
www.fda.gov/media/69876/download.
729 See, e.g., Cal. S.B. 179, Gender identity:
female, male or nonbinary (Oct. 16, 2017), https://
leginfo.legislature.ca.gov/faces/
billTextClient.xhtml?bill_id=201720180SB179;
State of California Dep’t of Motor Vehicles, Driver’s
License or ID Card Updates, https://
www.dmv.ca.gov/portal/driver-licensesidentification-cards/updating-information-on-yourdriver-license-or-identification-dl-id-card/ (last
visited Mar. 20, 2023); Colo. Dep’t of Revenue,
Change of Sex Designation, https://
drive.google.com/file/d/1PeYZd7U43ar6Flg8
lFAT1Etg1EPdLVUy/view; State of Connecticut
Dep’t of Motor Vehicles, Gender Designation on a
License or Identification Card, https://portal.ct.gov/
-/media/DMV/20/29/B-385.pdf; District of Columbia
Dep’t of Motor Vehicles, Procedure For Establishing
or Changing Gender Designation on a Driver
License or Identification Card (June 13, 2017),
https://dmv.dc.gov/sites/default/files/dc/sites/dmv/
publication/attachments/DC%20DMV%20Form
%20Gender%20Self-Designation%20English.pdf,
DC Driver License or Identification Card
Application (Jan. 2019), https://dmv.dc.gov/sites/
default/files/dc/sites/dmv/publication/attachments/
DMV%20BOE%20Application_2-25-19.pdf; Maine
Bureau of Motor Vehicles, Gender Designation
PO 00000
Frm 00213
Fmt 4701
Sfmt 4700
35361
The Bureau further explained that the
Supreme Court’s 2020 opinion in
Bostock v. Clayton County had
concluded that sex discrimination
encompasses sexual orientation
discrimination and gender identity
discrimination, and that these forms of
discrimination necessarily involve
consideration of sex.730 The Supreme
Court reached this conclusion in the
context of title VII of the Civil Rights
Act of 1964, as amended,731 which
prohibits sex discrimination in
employment.732 Following the issuance
of the Supreme Court’s opinion, the
Bureau issued an interpretive rule
clarifying that ECOA’s and Regulation
B’s prohibition on discrimination based
on sex protects against discrimination
based on sexual orientation, gender
identity, actual or perceived
nonconformity with sex-based or
gender-based stereotypes, and the sex of
people associated with the applicant.733
The Bureau noted that other Federal
agencies have similarly clarified that
other statutes that protect against
discrimination based on sex protect
against discrimination based on sexual
orientation and gender identity.734
Form (Nov. 4, 2019), https://www1.maine.gov/sos/
bmv/forms/GENDER%20
DESIGNATION%20FORM.pdf; State of Nevada
Dep’t of Motor Vehicles, Name Changes, https://
dmvnv.com/namechange.htm; State of New Jersey
Dep’t of Health, Off. of Vital Statistics and Registry,
Request Form and Attestation (REG–L2) to Amend
Sex Designation to Reflect Gender Identity on a
Birth Certificate—Adult (Feb. 2019), https://
www.nj.gov/health/forms/reg-l2_1.pdf; 2019 N.J.
Sess. Law Serv. ch. 271; New Mexico Motor Vehicle
Div., Request for Sex Designation Change, https://
realfile.tax.newmexico.gov/mvd10237.pdf; New
Mexico Dep’t of Health, Request to Change Gender
Designation on a Birth Certificate (Oct. 2019),
https://www.nmhealth.org/publication/view/form/
5429/; Virginia Dep’t of Motor Vehicles, Driver’s
License and Identification Card Application (July 1,
2021), https://www.dmv.virginia.gov/webdoc/pdf/
dl1p.pdf; Washington State Dep’t of Licensing,
Change of Gender Designation (Nov. 2019), https://
www.dol.wa.gov/forms/520043.pdf; N.Y. City Dep’t
of Homeless Servs., Off. of Policy, Procedures and
Training, Transgender, Non-binary, and Intersex
Clients (July 15, 2019), https://www1.nyc.gov/
assets/dhs/downloads/pdf/dhs_policy_on_serving_
transgender_non_binary_and_intersex_clients.pdf.
730 See Bostock, 140 S. Ct. 1731.
731 42 U.S.C. 2000e et seq.
732 Bostock, 140 S. Ct. 1731.
733 86 FR 14363 (Mar. 16, 2021). See also Letter
from CFPB to Serv. & Advocacy for GLBT Elders
(SAGE) (Aug. 30, 2016), https://
files.consumerfinance.gov/f/documents/cfpb_sageresponse-letter_2021-02.pdf.
734 See, e.g., 86 FR 32637 (June 22, 2021)
(Department of Education interpreting title IX of the
Education Amendments of 1972); 86 FR 27984 (May
25, 2021) (Department of Health and Human
Services interpreting section 1557 of the Affordable
Care Act); Memorandum from Jeanine M. Worden,
Acting Assistant Secretary for Fair Housing and
Equal Opportunity, Implementation of Executive
Order 13988 on the Enforcement of the Fair
Housing Act (Feb. 11, 2021), https://www.hud.gov/
E:\FR\FM\31MYR2.SGM
Continued
31MYR2
35362
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
lotter on DSK11XQN23PROD with RULES2
The Bureau additionally explained
that some other Federal agencies had
also begun to re-consider how they
collect information on sex by including
questions about sexual orientation and
gender identity as part of questions
about sex. The Bureau cited the example
of the Census Bureau’s Household Pulse
Survey,735 which asks questions about
sex assigned at birth, current gender
identity, and sexual orientation.736 The
Bureau also noted that other Federal
agencies and initiatives have
encouraged sexual orientation and
gender identity data collection in health
care settings.737
The Bureau explained that in light of
feedback it received during the SBREFA
process, among other matters, the
Bureau was proposing to add the option
for ‘‘I prefer to self-describe’’ (with the
ability of the applicant to write in or
otherwise provide additional
information) for the principal owner’s
sex in addition to the options currently
used on the HMDA sample data
collection form.
Proposed comment 107(a)(20)–8
would have explained that a financial
institution would have been required to
sites/dfiles/PA/documents/HUD_Memo_
EO13988.pdf (Department of Housing and Urban
Development interpreting the Fair Housing Act).
735 U.S. Census Bureau, Phase 3.2 Household
Pulse Survey (undated), https://www2.census.gov/
programs-surveys/demo/technical-documentation/
hhp/Phase_3.2_Household_Pulse_Survey_FINAL_
ENGLISH.pdf. As of the date of this document, the
Household Pulse Survey is in Phase 3.7, which
started on December 9, 2022. See U.S. Census
Bureau, Household Pulse Survey Phase 3.7 (Dec. 9,
2022, updated Dec. 14, 2022), https://
www.census.gov/newsroom/press-releases/2022/
household-pulse-phase-3-7.html. The survey
questionnaire used for Phase 3.7 includes the same
three questions noted by the Bureau in the NPRM.
See U.S. Census Bureau, Phase 3.7 Household Pulse
Survey (undated), https://www2.census.gov/
programs-surveys/demo/technical-documentation/
hhp/Phase_3-7_Household_Pulse_Survey_
ENGLISH.pdf.
736 Specifically, the Household Pulse Survey
includes the following three questions: (1) What sex
were you assigned at birth, on your original birth
certificate? (A respondent could provide a response
of male or female.); (2) Do you currently describe
yourself as male, female or transgender? (A
respondent also could provide a response of ‘‘none
of these.’’); (3) Which of the following best
represents how you think of yourself? (A
respondent may select from the following
responses: (a) Gay or lesbian; (b) Straight, that is not
gay or lesbian; (c) Bisexual; (d) Something else; or
(e) I don’t know.
737 See, e.g., Off. of Disease Prevention & Health
Promotion, Healthy People (2020), https://
www.healthypeople.gov/2020/topics-objectives/
topic/lesbian-gay-bisexual-and-transgender-health;
Off. of the Nat’l Coordinator of Health Info. Tech.,
2021 Interoperability Standards Advisory (2021),
https://www.healthit.gov/isa/sites/isa/files/inlinefiles/2021-ISA-Reference-Edition.pdf; Ctrs. for
Disease Control & Prevention, Collecting Sexual
Orientation and Gender Identity Information (Apr.
1, 2020), https://www.cdc.gov/hiv/clinicians/
transforming-health/health-care-providers/
collecting-sexual-orientation.html.
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
permit an applicant to provide a
principal owner’s sex using one or more
of the following categories: Male,
Female, and/or that the principal owner
prefers to self-describe their sex. It
would have further explained that, if an
applicant indicated that a principal
owner preferred to self-describe their
sex, the financial institution would have
been required to permit the applicant to
provide additional information about
the principal owner’s sex. The financial
institution would have been required to
report to the Bureau the additional
information provided by the applicant
as free-form text.
Proposed comment 107(a)(20)–8
would have stated that a financial
institution would be required to permit
an applicant to select as many categories
as the applicant chooses and that the
financial institution would report the
category or categories selected by the
applicant, including any additional
information provided by the applicant,
or would report that the applicant
refused to provide the information or
failed to respond. It would have
clarified that a financial institution
would not have been permitted to report
sex based on visual observation,
surname, or any basis other than the
applicant-provided information. Finally,
proposed comment 107(a)(20)–8 would
have explained how a financial
institution would report sex if an
applicant had fewer than four principal
owners, would have provided an
example, and would have directed
financial institutions to proposed
appendix G for additional information
on collecting and reporting a principal
owner’s sex.
The Bureau sought comment on its
proposed approach to requesting
information about a principal owner’s
sex, including the opportunity for selfidentification (by allowing the applicant
to write in or otherwise provide
additional information). The Bureau
also sought comment on whether the
sample data collection form should list
examples from which the applicant
could choose. The Bureau also sought
comment on whether, alternatively, sex
should be collected solely via the ‘‘I
prefer to self-describe’’ option (with the
ability of an applicant to write in or
otherwise provide additional
information). The Bureau also sought
comment on whether applicants should
be restricted from designating more than
one category for a principal owner’s sex.
The Bureau also sought comment on
whether financial institutions should be
required to ask separate questions
regarding sex, sexual orientation, and
gender identity and, if so, what
categories should be offered for use in
PO 00000
Frm 00214
Fmt 4701
Sfmt 4700
responding to each question. The
Bureau also sought comment on
whether it should adopt a data point to
collect an applicant’s lesbian, gay,
bisexual, transgender, or queer plus
(LGBTQ+)-owned business status,
similar to the way it proposed to collect
minority-owned business status and
women-owned business status under
proposed § 1002.107(a)(18) and (19).738
The Bureau also sought comment on
whether including such questions
would improve data collection or
otherwise further section 1071’s
purposes, as well as whether it would
pose any particular burdens or
challenges for industry.
Finally, the Bureau also requested
information on Federal, State, and local
government initiatives, as well as
private sector initiatives, involving
questions regarding sexual orientation
and gender identity in demographic
information.
Comments Received—Collecting Sex
The Bureau received comments from
community groups, banks, trade
associations, and individuals on its
proposal for collecting information
about principal owners’ sex.
Commenters addressed both general
issues as well as specific aspects of the
proposal, including whether to collect
sexual orientation and gender identity
data.
General comments. A couple of
commenters opposed collecting
information about principal owners’
sex. An individual commenter stated
that it does not make sense to collect
such information because society’s view
of gender is still evolving. A lender
suggested removing the sex of principal
owners (along with several other data
points) to reduce the amount of detail in
the rule.
One industry commenter supported
the collection of sex data as proposed;
others supported the Bureau’s proposal
but suggested that the Bureau use the
term ‘‘gender’’ instead of ‘‘sex’’ to be
consistent with modern usage. One
suggested that the Bureau also include
sex category options for transgender and
nonbinary.
Another commenter said that sharing
information about principal owners’
gender identity and sexual orientation
should be voluntary for applicants,
738 For a discussion of the comments received by
the Bureau with regard to its request for comment
on whether to include a data point to collect
information about applicants’ LGBTQ+-owned
business status, the Bureau refers readers to the
section-by-section analyses of §§ 1002.102(k)
(definition of LGBTQI+ individual), 1002.102(l)
(definition of LGBTQI+-owned business), and
1002.107(a)(18) (minority-owned, women-owned,
and/or LGBTQI+-owned business status).
E:\FR\FM\31MYR2.SGM
31MYR2
lotter on DSK11XQN23PROD with RULES2
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
noting that individuals that are a part of
the lesbian, gay, bisexual, transgender,
queer, intersex, and asexual (LGBTQIA)
community are concerned about
harassment and should be protected.
Collection of sexual orientation and
gender identity information. Most of the
comments received by the Bureau in
response to its proposal for collecting
information about a principal owner’s
sex were in the context of whether the
Bureau should also collect information
about principal owners’ sexual
orientation and gender identity.
Several banks, trade associations, and
individual commenters opposed adding
inquiries about principal owners’ sexual
orientation and gender identity to the
final rule. A few stated that bank
employees would feel uncomfortable
requesting this information; that
applicants would refuse to provide the
information or would be offended by the
questions; or that separate questions for
sex, sexual orientation, and gender
identity would be invasive.
A few of these commenters stated that
requiring financial institutions to ask
separate questions for sex, sexual
orientation, and gender identity could
potentially further segregate and
stigmatize LGBTQ individuals and their
businesses, when members of that
community already face bias and
discrimination. These commenters also
raised concerns about the security of the
collected information, noting that
storing it with financial institutions and
in a nationwide database exposes the
information to not only a number of
persons with authorized access but also
potentially to hackers. These
commenters stated that although there is
some protection from employment
discrimination under Federal law due to
Bostock, there are States where
discrimination against LGBTQ
individuals in other forms is legal and
inferences about one’s sexuality could
have serious negative impacts. The
commenters also expressed concern that
the information could be used for other
purposes, with one commenter
additionally expressing a concern that
such previously collected data could be
used for unintended purposes. Another
commenter stated that the information
should be requested only if information
is also provided to applicants to allow
them to make informed decisions about
providing the information, which
includes a warning that discrimination
based on sexual orientation may be
allowed in certain States. Some
commenters also opposed collecting
information on principal owners’ gender
identity and sexual orientation, on the
grounds that such information is not
needed by financial institutions to make
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
loans and it should have no bearing on
an applicant’s ability to qualify for a
loan.
Several other industry commenters
expressed concern that adding more
inquiries to a demographic data
collection form would add complexity
to the collection process and increase
the burden on financial institutions.
One urged the Bureau to not include
inquiries about such personal
information in the business lending
process without more stakeholder input
as to the benefits and burdens of
collecting the data and before
publishing such sensitive information.
These commenters also suggested that
the Bureau give financial institutions
the option of collecting the information.
Some commenters suggested that the
Bureau should include only ‘‘Male’’ and
‘‘Female’’ categories as responses to a
request for a principal owner’s sex
information. One bank opposed the
inclusion of options for gender choices
and free-form text, stating that there are
many possible gender categories and
including those categories or a write-in
field could dilute the data and lead to
inconclusive findings. Several lenders
also specifically urged use of only
‘‘Male’’ and ‘‘Female’’ categories as
answer options in the final rule, for
alignment with sex categories used to
collect HMDA data, on the grounds that
it would avoid confusion among
financial institutions and applicants,
promote efficient implementation and
reporting, reduce administrative
complexity, and facilitate compliance.
One bank expressed concern about use
of the proposed self-describe sex
response option for applications
reported under both HMDA and section
1071.
In contrast, a range of commenters,
including many community groups,
research and advocacy groups,
community-oriented lenders, and
individual commenters, urged the
Bureau to require the collection of more
detailed and accurate information about
gender identity and sexual orientation
than would be collected under the
Bureau’s proposal. These commenters
generally stated that more detailed
information is necessary to account for
small businesses owned by people with
intersectional identities and
orientations, to see if they experience
discrimination, enforce fair lending
laws, and to allow policymakers and the
public to have a better understanding of
and address gaps and community needs.
Several commenters asserted that to the
final rule should reflect that gender is
not binary and be more inclusive.
Others argued that collecting principal
owners’ gender identity information
PO 00000
Frm 00215
Fmt 4701
Sfmt 4700
35363
will enhance the Bureau’s and the
public’s ability to enforce ECOA for
transgender individuals and gender
minorities and collecting their sexual
orientation information will likewise
facilitate the same as to lesbians, gays,
bisexuals, and other sexual minorities,
consistent with the purposes of section
1071. Another commenter stated that
collecting information about gender
identity and sexual orientation would
reduce the burden of implementing
future legislation requiring such
collection.739 Another commenter said
that collecting data on gender identity
and sexual orientation would allow
lenders, especially CDFIs, to be more
accountable to their mission of
economic justice and financial
inclusion. Some commenters urged the
Bureau to follow best practices and
directed the Bureau to resources made
available and research conducted by the
Williams Institute at the University of
California Los Angeles School of Law.
A number of these commenters urged
the Bureau to not conflate lines of
inquiry for gender identity and sexual
orientation, with some specifically
suggesting separate sets of questions,
either in addition to or in place of, the
inquiry about principal owners’ sex as
proposed by the Bureau.740
One commenter stated that
respondents are unlikely to consider
sexual orientation and gender identity
to be sensitive and would likely provide
their information, citing a study as to
the collection of such information in
health centers and another relating to
attitudes of sexual minorities
responding to a 2020 survey
administered by the Census Bureau.
Commenters also noted that other
Federal surveys ask questions about
gender identity and sexual orientation,
including the Census Bureau and the
Centers for Disease Control and
Prevention, and that questions to
identify transgender respondents are
included on State and investigator-led
surveys. One commenter asserted that
the proposal collects less information
than other Federal agencies, citing the
example of the Census Bureau.
739 The commenter cited the LGBTQ Business
Equal Credit Enforcement and Investment Act (H.R.
1443, 117th Cong. (2021)), which sought to amend
ECOA section 704B to require the collection of an
applicant’s principal owners’ sexual orientation and
gender identity, in addition to information about
sex.
740 For example, some commenters suggested
separate categories for gender (Cis woman, Cis man,
Trans woman, Trans man, Non-binary or gender
non-conforming, and Other (with a write-in text
field)) and sexual orientation (straight/heterosexual,
bisexual, and queer, and other (with a write-in text
field)).
E:\FR\FM\31MYR2.SGM
31MYR2
lotter on DSK11XQN23PROD with RULES2
35364
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
Commenters also noted that the
Federal government has long considered
what best practices should apply for the
measurement of sexual orientation and
gender identity information, such as
through the Federal Interagency
Working Group on Improving
Measurement of Sexual Orientation and
Gender Identity in Federal Surveys, and
by commissioning a study looking at the
measurement of sex, gender identity,
and sexual orientation through the
National Academies of Sciences,
Engineering, and Medicine (the National
Academies).741
Legal authority. Several research and
advocacy organizations argued that the
Bureau has the legal authority to collect
information about the gender identity
and sexual orientation of principal
owners. Generally, these commenters
stated that ECOA and section 1071
provide the Bureau with a broad grant
of authority to issue regulations
requiring the collection of gender
identity and sexual orientation data.
The commenters also highlighted that
unlawful discrimination based on ‘‘sex’’
under ECOA includes discrimination
based on sexual orientation and gender
identity, consistent with the U.S.
Supreme Court’s decision in Bostock.
As a result, they said, collecting sexual
orientation and gender identity data
would facilitate the purposes of section
1071 by enhancing the agency’s ability
to understand small business lending
discrimination based on sexual
orientation and gender identity, enforce
fair lending laws, and identify business
and community development needs and
opportunities of small businesses.
However, several industry
commenters argued that the collection
of sexual orientation and gender
identity information is not clearly
required. One stated that there is no
indication in the statute that Congress
intended the term ‘‘sex’’ as used in
section 1071 to encompass sexual
orientation and/or gender identity.
Another emphasized that the statute
focuses on the collection and reporting
of data about the defined term ‘‘womenowned businesses,’’ and asserted it is
thus not apparent that the section 1071
data collection is meant to include such
data. Another commenter argued that
neither Congress nor the Supreme Court
in Bostock has taken specific action to
change the scope of the prohibition
against sex discrimination in ECOA to
741 Since the comment period for the NPRM
closed, the National Academies published its report
on the study. See Nat’l Acad. of Scis., Eng’g, &
Med., Measuring Sex, Gender Identity, and Sexual
Orientation (2022), https://www.ncbi.nlm.nih.gov/
books/NBK578625/pdf/Bookshelf_NBK578625.pdf.
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
include discrimination on the bases of
sexual orientation and gender identity.
Need for information on gender
identity and sexual orientation. Some
community groups and research and
advocacy organizations generally stated
that data are needed to understand
LGBTQI+ individuals’ and business
owners’ experiences in accessing small
business credit. Some emphasized that
available Federal small business or fair
lending data do not currently include
sexual orientation and gender identity
information. One commenter noted that
the Federal data that exist on LGBTQ
individuals’ access to credit are
generally limited to the population of
cohabitating same-sex couples because
such data are often collected through a
marital status question on Census
Bureau surveys.
Nevertheless, these commenters
stated that available research suggests
that sexual and gender minorities
encounter discrimination when
attempting to access credit. The
commenters cited research, based on the
2019 Federal Reserve Board Survey of
Household Economic Decisionmaking,
finding that LGBT individuals (and
particularly LGBT persons of color and
depending on gender) are more likely to
have their applications for credit
rejected and that they are more likely to
be approved for less credit than they
wanted.742 The commenters stated that
studies based on HMDA data have also
found that same-sex couples are denied
home loans more often and that the
loans they do receive have higher
interest rates and fees than different-sex
couples of similar financial and credit
quality. Similarly, loans made in
neighborhoods with a higher density of
LGBTQI+ individuals generally have
higher interest rates and fees than
neighborhoods with a lower density.743
One commenter stated that the analysis
likely understates these disparities due
to HMDA data limitations.744 A research
and policy organization focusing on
gender identity and sexual orientation
issues also cited reports and analyses
742 Spencer Watson et al., Ctr. for LGBTQ Econ.
Advancement & Rsch., The Economic Well-Being of
LGBT Adults in the U.S. in 2019 (2021), https://
lgbtq-economics.org/wp-content/uploads/2021/06/
The-Economic-Well-Being-of-LGBT-Adults-in-2019Final-1.pdf.
743 See Jason Richardson & Karen Kali, Nat’l
Cmty. Reinvestment Coal., Same-Sex Couples and
Mortgage Lending (June 22, 2020), https://ncrc.org/
same-sex-couples-and-mortgage-lending/; Hua Sun
& Lei Gao, Lending Practices to Same-Sex
Borrowers, 116 Procs. of the Nat’l Acad. of Sci.
(PNAS) PROCs. NAT’L ACAD. SCI. 9293 (Mar. 16,
2019), https://doi.org/10.1073/pnas.1903592116.
744 See Jason Richardson & Karen Kali, Nat’l
Cmty. Reinvestment Coal., Same-Sex Couples and
Mortgage Lending (June 22, 2020), https://ncrc.org/
same-sex-couples-and-mortgage-lending/.
PO 00000
Frm 00216
Fmt 4701
Sfmt 4700
highlighting disparities in home
ownership between LGBT adults and
non-LGBT adults, same-sex couples and
different-sex couples, and among sexual
minorities versus heterosexual
individuals and also suggesting that
home ownership among transgender
adults is particularly low.745 This
commenter also stated that such
research noting disparities among
LGBTQI+ persons based upon race, sex,
and sexual orientation suggests that the
data collected under section 1071
should allow identification of
individuals who may have
intersectional identities.
Commenters also noted that LGBTQI+
individuals and businesses are key parts
of the population and economy in this
country, yet face discrimination and
disparities in a number of areas. They
stated that there are an estimated 11
million LGBT adults, which make up
around 4.5 percent of the total U.S.
adult population. They stated that high
numbers of LGBTQ adults have selfreported experiences with physical and
verbal abuse and violence, job loss, and
workplace harassment and
discrimination. They also noted that
prior to the COVID–19 pandemic,
LGBTQ individuals were more likely to
report having experienced economic
hardship, from unemployment,
homelessness, and in other areas. The
commenters also emphasized that
studies show that during the pandemic,
LGBTQ adults, and particularly LGBTQ
people of color and gender minorities,
have disproportionately experienced the
negative financial effects of the COVID–
19 pandemic, including food insecurity,
job loss, and housing insecurity.746 One
745 Studies cited by the commenters include, for
example: Adam P. Romero, Shoshana K. Goldberg,
& Luis A. Vasquez, Williams Inst., LGBT People and
Housing Affordability, Discrimination, and
Homelessness (2020), https://
williamsinstitute.law.ucla.edu/wp-content/uploads/
LGBT-Housing-Apr-2020.pdf; Kerith Conron,
Williams Inst., Financial Services and the LGBTQ+
Community: A Review of Discrimination in Lending
and Housing, Testimony Before the Subcommittee
on Oversight and Investigations (2019), https://
williamsinstitute.law.ucla.edu/wp-content/uploads/
Testimony-US-House-Financial-Services-Oct2019.pdf; Freddie Mac, The LGBT Community:
Buying and Renting Homes (2018), https://
www.freddiemac.com/fmac-resources/research/pdf/
Freddie_Mac_LGBT_Survey_Results_FINAL.pdf;
Kerith J. Conron, Shoshana K. Goldberg, & Carolyn
T. Halpern, Sexual Orientation and Sex Differences
in Socioeconomic Status: A Population-Based
Investigation in the National Longitudinal Study of
Adolescent to Adult Health, 72 J. Epidemiology &
Cmty. Health 1016 (Nov. 2018), https://
pubmed.ncbi.nlm.nih.gov/30190439.
746 See Thom File & Joey Marshall, U.S. Census
Bureau, Household Pulse Survey Shows LGBT
Adults More Likely to Report Living in Households
With Food and Economic Insecurity Than NonLGBT Respondents (Aug. 11, 2021), https://
www.census.gov/library/stories/2021/08/lgbt-
E:\FR\FM\31MYR2.SGM
31MYR2
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
lotter on DSK11XQN23PROD with RULES2
commenter also highlighted that
research shows that transgender
individuals are disadvantaged as
compared to their cisgendered
counterparts across a number of socioeconomic factors, such as education
levels and percentages living at or below
the poverty level, among others.747
One commenter cited a study
estimating that about 7.7 million LGBT
adults live in States without explicit
statutory protections against
discrimination on the basis of sexual
orientation and gender identity in
credit.748 This commenter also noted
research finding that while 30 States
have laws analogous to ECOA, only
about half explicitly prohibit
discrimination on the basis of sexual
orientation or gender identity, leaving a
significant number of LGBT adults in
the United States without protection
from credit discrimination under State
law.749 Further, this commenter stated
that LGBTQ businesses may generally
have a particular need for credit,
because they often lack the family
support other small business
entrepreneurs may rely upon to begin
their businesses.
Suggestions for collecting sexual
orientation and gender identity
information. A number of commenters
suggested specific modifications to the
Bureau’s proposal, generally by either
community-harder-hit-by-economic-impact-ofpandemic.html; Brad Sears, Kerith J. Conron, &
Andrew R. Flores, Williams Inst., The Impact of the
Fall 2020 COVID–19 Surge on LGBT Adults in the
US (Feb. 2021), https://
williamsinstitute.law.ucla.edu/wp-content/uploads/
COVID-LGBT-Fall-Surge-Feb-2021.pdf; Christy
Mallory, Brad Sears, & Andrew R. Flores, Williams
Inst., COVID–19 and LGBT Adults Ages 45 and
Older in the US (May 2021), https://
williamsinstitute.law.ucla.edu/wp-content/uploads/
COVID-LGBT-45-May-2021.pdf; Kerith J. Conron &
Kathryn K. O’Neill, Williams Inst., Food
Insufficiency Among Transgender Adults During
the COVID–19 Pandemic (Dec. 2021), https://
williamsinstitute.law.ucla.edu/wp-content/uploads/
Trans-Food-Insufficiency-Dec-2021.pdf; Movement
Advancement Project, The Delta Variant & the
Disproportionate Impacts of COVID–19 on LGBTQ
Households in the U.S., Results from an August/
September 2021 National Poll (Nov. 2021), https://
www.lgbtmap.org/file/2021-report-delta-impactv2.pdf.
747 See Kerith J. Conron & Kathryn K. O’Neill,
Williams Inst., Food Insufficiency Among
Transgender Adults During the COVID–19
Pandemic (Dec. 2021), https://
williamsinstitute.law.ucla.edu/wp-content/uploads/
Trans-Food-Insufficiency-Dec-2021.pdf.
748 Kerith J. Conron & Shoshana K. Goldberg,
Williams Inst., LGBT People in the US Not
Protected by State Non-Discrimination Statutes
(Apr. 2020), https://williamsinstitute.law.ucla.edu/
wp-content/uploads/LGBT-ND-Protections-UpdateApr-2020.pdf.
749 Christy Mallory, Luis A. Vasquez, & Celia
Meredith, Williams Inst., Legal Protections for
LGBT People After Bostock v. Clayton County (Aug.
2020), https://williamsinstitute.law.ucla.edu/wpcontent/uploads/Bostock-State-Laws-Jul-2020.pdf.
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
adding response categories to the
proposed (single) inquiry about a
principal owner’s sex; by
recommending two separate inquiries
for the identification of a principal
owner’s gender (as opposed to sex) and
sexual orientation; or by suggesting
separate inquiries as to each of a
principal owner’s sex, gender identity,
and sexual orientation.
Generally, commenters who suggested
additional response categories suggested
adding such options in the context of a
single inquiry for information about a
principal owner’s sex. Some
commenters suggesting adding an
additional category, such as ‘‘Other,’’ to
allow the Bureau to analyze whether
nonbinary individuals face
discrimination from lenders and urged
the Bureau to avoid a data collection
that forces applicants to provide their
principal owners’ information on a strict
binary sex/gender basis. Several
industry commenters suggested the
Bureau remove the self-describe option
with a write-in text field with a third
category, such as ‘‘non-binary.’’ These
commenters expressed concern that the
write-in text field may create data
integrity problems or add complexity to
reporting standards.
Other commenters suggested specific
sex categories for the Bureau’s
consideration. A group of trade
associations suggested adding sex
categories for transgender and
nonbinary. A community group
suggested adding a ‘‘non-binary’’ sex
category and any others according to
best practices, in order to bring
transparency as to the treatment of that
population. Another suggested adding
‘‘Non-binary,’’ ‘‘Transgender Male,’’
‘‘Transgender Female,’’ stating that
these categories are widely accepted by
the LGBTQ community, will provide
more data, and will be more inclusive.
This commenter also supported
allowing applicants to select one or
more options. A CDFI lender
recommended that the Bureau include a
list of examples that an applicant could
refer to when self-describing, like
intersex, non-binary, or transgender.
This commenter stated that providing
examples for the self-describe option
would streamline the data collection
and analysis.
A bank suggested that instead of
requesting information from applicants
about their principal owners’ sex, that
the Bureau identify a principal owners’
information based on what is listed on
the principal owner’s driver’s license.
The bank noted that some states, like
New York, allow residents who identify
as nonbinary or intersex to use an ‘‘X’’
marker on their State driver’s licenses
PO 00000
Frm 00217
Fmt 4701
Sfmt 4700
35365
and stated that beneficial owners’
driver’s licenses must be provided as a
result of FinCEN’s customer due
diligence rule when an account is
opened. The bank acknowledged that
different states may not allow the use of
an ‘‘X’’ marker and that some principal
owners may not identify with the
gender marker on their driver’s license
but suggested that aligning the data
collection with this supporting
documentation would remove the
potential for error and regulatory
scrutiny.
Some commenters urged the Bureau
to revise its proposal to include two sets
of inquiries, one addressing gender
identity and the other sexual
orientation, each with multiple
categories from which an applicant
could select. One community group
suggested two separate inquiries are
necessary, to accurately measure
disparities and discrimination. The
community group suggested that for the
inquiry about gender identity, response
options could include ‘‘Male,’’
‘‘Female,’’ ‘‘Transgender,’’ and ‘‘Do not
identify as female, male, or
transgender.’’ For the inquiry about
sexual orientation, the community
group stated response options could
include ‘‘Straight,’’ ‘‘Gay or lesbian,’’
‘‘Bisexual,’’ and ‘‘Transsexual, or gender
non-conforming.’’ This commenter also
suggested the Bureau consult experts on
these issues. Some other community
groups suggested that, to reflect current
language around gender-identity and
expression, categories for gender should
include ‘‘Cis woman,’’ ‘‘Cis man,’’
‘‘Trans woman,’’ ‘‘Trans man,’’ ‘‘Nonbinary or gender non-conforming,’’ and
‘‘Other’’ (with a write-in text field). For
sexual orientation, the commenters
suggested ‘‘Straight/heterosexual,’’
‘‘Bisexual,’’ ‘‘Queer,’’ and ‘‘Other’’ (with
a write-in text field). One commenter
noted that the answer options for each
inquiry should include those to allow
the applicant to choose not to state its
response and an ‘‘Other’’ option (with a
write-in text field).
Several research and policy
organizations focusing on gender
identity and sexual orientation issues
generally stated that because sex, sexual
orientation, and gender identity are
related but intellectually distinct
concepts, the Bureau should collect
such information through three separate
inquiries addressing each concept
instead of through one question asking
about a principal owner’s sex. A
community group stated that the
Bureau’s proposal does not sufficiently
encompass gender, gender identity, and
sexual orientation to address fair
lending concerns.
E:\FR\FM\31MYR2.SGM
31MYR2
35366
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
lotter on DSK11XQN23PROD with RULES2
Research and policy organizations
also suggested the Bureau take an
approach similar to that used in the
Census Bureau’s Household Pulse
Survey, which they characterized as
taking a ‘‘two-step’’ approach to asking
about a respondent’s sex, with one
question about the respondent’s sex
assigned at birth and a second question
about their current gender. They also
recommended the Household Pulse
Survey approach in asking a separate
question about sexual orientation,
which the commenters noted aligns
with a recommendation from a 2009
Sexual Minority Assessment Research
Team report 750 on best practices for
asking questions about sexual
orientation on surveys. One also urged
the Bureau to examine a two-step
approach to sex for the final rule, noting
that it was based on research and
recommended by a panel of experts
known as the Gender Identity in U.S.
Surveillance group, through the
Williams Institute at the University of
California Los Angeles School of Law,
as one that is likely to have high
sensitivity and specificity in
distinguishing transgender and gender
minority respondents from cisgender
respondents.751 The commenter also
recommended that the Bureau consider
if any refinements are necessary in the
context of section 1071, conduct user
testing, and also coordinate in the future
with other Federal agencies to improve
its measurements of principal owners’
sex.
For the question about sexual
orientation, research and policy
organizations recommended using the
same or similar questions as presented
in the Census Bureau’s Household Pulse
Survey and the 2009 Sexual Minority
Assessment Research Team report. A
community group also suggested that
the Bureau adopt the Census Bureau’s
approach with the Household Pulse
Survey, but stated that more response
categories may be necessary to better
capture the LGBTQIA+ community.
Selection of multiple responses. The
Bureau received several responses to the
Bureau’s question about whether
applicants should be restricted from
designating more than one category for
a principal owner’s sex. Two
750 Sexual Minority Assessment Rsch. Team
(SMART), Williams Inst., Best Practices for Asking
Questions About Sexual Orientation on Surveys
(2009), https://williamsinstitute.law.ucla.edu/wpcontent/uploads/Best-Practices-SO-Surveys-Nov2009.pdf.
751 The GenIUSS Grp., Williams Inst., Best
Practices for Asking Questions to Identify
Transgender and Other Gender Minority
Respondents on Population-Based Surveys (Sept.
2014), https://williamsinstitute.law.ucla.edu/
publications/geniuss-trans-pop-based-survey/.
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
commenters supported the Bureau’s
proposal to allow an applicant to select
multiple sex categories, stating that
limiting applicants to one answer option
may be viewed as marginalizing the
principal owner’s personal
characteristics for individuals whose
gender is fluid. Another suggested
allowing the selection of just one
response category, which it said would
streamline data collection. Two research
and policy organizations suggested that
the Bureau limit applicants from
selecting more than one response to the
inquiry about sex assigned at birth
because medical records in the United
States generally allow only male or
female sex assignments. They also
suggested that the Bureau allow just one
selection in response to a question about
sexual orientation. But for gender
identity, the applicant suggested
allowing applicants to select multiple
response options.
Self-describe response option. Several
commenters supported the Bureau’s
proposed ‘‘I prefer to self-describe’’
option (with the ability to write in or
otherwise provide additional
information). A business advocacy
group stated that the information
collected from the option will bring
attention to inequitable lending
practices based on gender identity. As
noted above, one commenter supported
the proposed answer option, but
suggested that the Bureau include a list
of examples. The commenter opposed,
however, the use of the option as the
only way to collect information about
principal owners’ sex. Another
commenter supported having the ‘‘I
prefer to self-describe’’ option as the
only way used to collect sex
information, stating that this approach
would promote diversity and
acceptance and that the Bureau’s
proposal may make applicants feel
uncomfortable expressing their true
gender identity.
However, several industry and
research and policy organization
commenters opposed the proposed ‘‘I
prefer to self-describe’’ option. One
commenter said it would be confusing
for applicants and bank employees, and
recommended having the Bureau’s data
collection for principal owners’ sex
match that under Regulation C. Other
commenters generally cited data quality
concerns related to potential write-in
field responses. Two such commenters
noted that in the HMDA free-form
ethnicity and race data, they commonly
see responses that would fit into an
existing category and expressed concern
that similar issues would arise under
the Bureau’s proposal. Two industry
commenters also noted that the write-in
PO 00000
Frm 00218
Fmt 4701
Sfmt 4700
field could diminish the accuracy and
utility of collected data, because fewer
responses would be reported for other
listed categories. One industry
commenter also noted that a write-in
field may add complexity to reporting
standards. Another stated that the
Bureau may encounter varying spellings
and misspellings, which would create
reporting burdens and diminish the
accuracy of the information received by
the Bureau.
A research and policy organization
stated that because the Bureau will not
be including write-in responses in what
is released to or analyzed for the public,
write-in responses allowing applicants
to self-describe their principal owners’
sex, sexual orientation, or gender
identity would prevent respondents
from being included in the data for
analysis. The commenter suggested that
the Bureau assess the performance of
questions as to gender identity and
sexual orientation first and then make
revisions as needed. The commenter
also stated that it also did not
recommend including the proposed ‘‘I
prefer to self-describe’’ option as a way
to capture individuals with intersex
traits, and noted that it is not generally
recommended that researchers capture
information on intersex status through a
question on sex.
Other research and policy
organizations stated a concern that freeform text responses would require
substantial effort by the Bureau and
others to distinguish transgender
individuals and gender minorities from
respondents using the ‘‘I prefer to selfdescribe’’ option, even though female or
male responses would have been
appropriate. This commenter noted that
analysis of free-form text fields can be
time-intensive and responses
challenging to categorize, leading to
discarded data, reduced sample sizes,
lessened statistical power, and
potentially errors in classification. The
commenter also noted that although a
write-in response for gender identity to
capture the many gender identities and
communities that exist may work in
some circumstances, it does not
recommend it for a data collection of the
anticipated size and complexity of the
effort under section 1071. With regard to
sexual orientation, the commenter noted
that most people with same-sex
attraction are likely to choose the terms
gay, lesbian, or bisexual if they are the
only terms provided, and thus a selfdescribe option would just reduce the
number of identifiably lesbian, gay, and
bisexual principal owners in the section
1071 data collection and reduce the
usefulness of the data.
E:\FR\FM\31MYR2.SGM
31MYR2
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
Intersex status. Research and policy
organizations suggested that the Bureau
add a specific inquiry regarding
variations of sex characteristics in the
final rule or in the future, to identify
intersex business owners and their
experiences. They emphasized that
people with variations in sex
characteristics may comprise as much as
1.7 percent of the population. And,
although little population-based data
exists, according to the commenter,
intersex people face documented social
and health disparities. This in turn, they
said, could affect their economic
opportunities. Moreover, according to
the commenter, the increased visibility
of intersex individuals could also make
small business owners with intersex
traits more vulnerable to discrimination.
They also stated that the Department of
Justice’s Title IX Legal Manual
rationale—finding that title IX’s
prohibition on sex discrimination
includes discrimination based on sex
characteristics, including intersex
traits—should also apply to ECOA. They
noted that a consensus study from the
National Academies had recommended
that the Federal government develop
and evaluate measures to identify
intersex populations and recommended
that the Bureau review another pending
National Academies study with
recommendations on this area.752
lotter on DSK11XQN23PROD with RULES2
Final Rule—Collecting Sex
For the reasons set forth herein, the
Bureau has revised its proposal
regarding the collection of information
about the sex of the principal owners of
a small business applicant. Under final
comment 107(a)(19)–15, if collecting the
information using a paper or electronic
form, the financial institution must
make the request using the term ‘‘sex/
gender’’ and must permit applicants to
respond by using free-form text. If
collecting the information orally, the
financial institution must inform the
applicant of the opportunity to provide
each principal owner’s sex/gender and
record the response. As with other
protected demographic information, the
applicant can refuse to provide the
requested information. Unlike the
Bureau’s proposal, the final rule does
not use specific sex categories, such as
752 See Nat’l Acads. of Scis., Eng’g, & Med.,
Understanding the Well-Being of LGBTQI+
Populations (2020), https://
nap.nationalacademies.org/catalog/25877/
understanding-the-well-being-of-lgbtqi-populations.
The National Academies has issued the report
anticipated by the commenter. See Nat’l Acads. of
Scis., Eng’g, & Med., Measuring Sex, Gender
Identity, and Sexual Orientation for the National
Institutes of Health (2022), https://
www.ncbi.nlm.nih.gov/books/NBK578625/pdf/
Bookshelf_NBK578625.pdf.
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
‘‘Male’’ and ‘‘Female,’’ for a principal
owner’s sex/gender. The Bureau has
made conforming changes, removed
duplicative content, and updated crossreferences, in comment 107(a)(19)–15
and other comments that relate to
collection of principal owners’ sex.
As an initial matter, the Bureau
believes that collecting information
about a principal owner’s sex, gender
identity, and sexual orientation is
within section 1071’s mandate.
Following the Supreme Court’s holding
in Bostock, even though the term ‘‘sex’’
is not defined in ECOA or in Regulation
B, the Bureau interprets ECOA’s and
Regulation B’s prohibitions against
discrimination on the basis of ‘‘sex’’ to
include discrimination based on sexual
orientation and gender identity.753 As
stated by the Court, sex discrimination
encompasses sexual orientation
discrimination and gender identity
discrimination, as those forms of
discrimination necessarily involve
consideration of sex.754 Because section
1071 is an enumerated provision of
ECOA and the final rule is part of
Regulation B, this interpretation as to
what is included within the scope of the
term ‘‘sex’’ necessarily applies to the
collection of information about a
principal owner’s ‘‘sex’’ under section
1071 as well.
The Bureau believes further that
available research, including that cited
by commenters and discussed above,
showing disparities in access to credit
across gender identity and sexual
orientation supports the importance of
collecting gender identity and sexual
orientation small business lending
data.755
There was no clear consensus among
commenters as to how information
about the sex of small businesses’
principal owners should be collected.
753 Bostock, 140 S. Ct. 1731; 86 FR 14363 (Mar.
16, 2021).
754 See Bostock, 140 S. Ct. 1731.
755 See, e.g., Ctr. for LGBTQ Econ. Advancement
& Rsch., The Economic Well-Being of LGBT Adults
in the U.S. in 2019 (June 2021), https://lgbtqeconomics.org/research/lgbt-adults-2019/ (LGBT
adults more likely than non-LGBT adults to report
being turned down by lenders and to be offered
credit at rates higher than desired); Hua Sun & Lei
Gao, Lending practices to same-sex borrowers,
Proceedings of the Nat’l Acad. Sci. of the U.S. of
Am. (May 2019), https://doi.org/10.1073/
pnas.1903592116 (finding same-sex couples more
likely to be denied a mortgage than different-sex
couples); J. Shahar Dillbary & Griffin Edwards, An
Empirical Analysis of Sexual Orientation
Discrimination, 86 U. Chi. L. Rev. 1 (2019), https://
lawreview.uchicago.edu/publication/empiricalanalysis-sexual-orientation-discrimination (finding
that same-sex male home loan co-applicants were
less likely to have their loan applications accepted
compared to white, different-sex co-applicant pairs;
male same-sex pairs with Black applicants had
significantly worse acceptance outcomes).
PO 00000
Frm 00219
Fmt 4701
Sfmt 4700
35367
As described above, the Bureau received
a diverse array of comments
recommending a range of response
options to the proposed inquiry about a
principal owner’s sex and suggesting
questions in addition to, or instead of,
the Bureau’s proposed query about a
principal owner’s sex. The Bureau notes
that at the Federal level, there is wide
variance in data collection approaches,
question phrasing, and answer options,
and that the Federal government’s
approach is in flux.756 For example, on
January 11, 2023, shortly before this rule
was issued, OMB released new
recommendations for agencies on the
best practices for the collection of
sexual orientation, gender identity, and
sex characteristics data on Federal
756 See 86 FR 56356, 56482 (Oct. 8, 2021)
(discussing approach used by the Census Bureau’s
Household Pulse Survey, asking separate questions
for sex assigned at birth, current gender identity,
and sexual orientation); id. at 56482 n.686
(discussing other Federal agency approaches in
health care settings). See also 31 CFR 35.28(h), (i)
(in annual reports by participants in the U.S.
Treasury’s State Small Business Credit Initiative
(SSBCI) program, requiring information about
program beneficiaries’ principal owner’s gender
(using categories: female; male; nonbinary; prefer to
self-describe, with an option to write in
information; prefer not to respond; or that the
business did not answer) and sexual orientation
(using categories: gay or lesbian; bisexual; straight,
that is, not gay, lesbian, or bisexual; something else;
prefer not to respond; or that the business did not
answer); 2020 Census Official Questionnaire
(inquiring as to each person’s sex (e.g., ‘‘What is
Person 1’s sex? Mark (x) ONE box.’’), with answer
options: ‘‘Male’’ and ‘‘Female’’ and asking about the
relationships with other household members (e.g.,
‘‘How is this person related to Person 1? Mark (X)
ONE box.’’), with answer options including, inter
alia, ‘‘opposite-sex husband/wife/spouse’’,
‘‘opposite-sex unmarried partner, ‘‘same-sex
husband/wife/spouse’’, and ‘‘same-sex unmarried
partner’’); Soc. Sec. Admin., How do I change the
sex identification on my Social Security record?
(KA–01453) (last updated Oct. 25, 2022), https://
faq.ssa.gov/en-us/Topic/article/KA-01453
(individuals can provide sex identification evidence
that is binary or non-binary, but stating that SSA
record systems currently require a sex designation
of female or male); U.S. Dep’t of State, X Gender
Marker Available on U.S. Passports Starting April
11, 2022 (Mar. 31, 2022), https://www.state.gov/xgender-marker-available-on-u-s-passports-startingapril-11/; U.S. Equal Emp. Opportunity Comm’n,
EEOC Adds X Gender Marker to Voluntary
Questions During Charge Intake Process (June 27,
2022), https://www.eeoc.gov/newsroom/eeoc-addsx-gender-marker-voluntary-questions-duringcharge-intake-process; Admin. for Children &
Fams., U.S. Dep’t of Health & Hum. Servs.,
Proposed Information Collection Activity; Domestic
Victims of Human Trafficking Program Data (OMB
#0970–0542), 87 FR 45107 (July 27, 2022)
(proposing changes to collection of participant
demographics for Domestic Victims of Human
Trafficking Services and Outreach Program grant
programs); Admin. for Children & Fams., U.S. Dep’t
of Health & Hum. Servs., Proposed Information
Collection Activity; SOAR (Stop, Observe, Ask,
Respond) to Health and Wellness Training (SOAR)
Demonstration Grant Program Data (New
Collection), 87 FR 52386 (Aug. 25, 2022) (indicating
that data to be collected with regard to the SOAR
program will include client sex, gender identity,
sexual orientation.)
E:\FR\FM\31MYR2.SGM
31MYR2
35368
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
lotter on DSK11XQN23PROD with RULES2
statistical surveys, including strategies
to preserve data privacy and safety.757
The Bureau also notes the consensus
study from the National Academies
cited by a commenter that indicates that
the terms used to describe individuals
who identify as or exhibit attractions
and behaviors that do not align with
heterosexual or traditional male-female
binary gender norms are evolving.758
As a result of these factors, the Bureau
believes that an approach that allows
principal owners to designate their sex/
gender with the ability to write-in or
provide additional information (such as
in a free-form field on a paper or
electronic form) will encourage
applicant self-identification using
terminology that may change over time.
To increase applicants’ autonomy to
provide responses they feel best
characterize their principal owners, the
final rule does not include additional
sex category responses suggested by
commenters nor does it require a
financial institution to provide a list of
example responses when requesting that
an applicant provide its principal
owners’ sex. This approach mitigates
the concern of some commenters that a
list of disaggregated categories would be
difficult for some lender staff to ask and
for some applicants to be asked.
In partial response to the several
commenters who urged that the Bureau
use the term ‘‘gender’’ instead of ‘‘sex,’’
the Bureau is requiring financial
institutions to use the term ‘‘sex/
gender’’ when requesting information
about principal owners’ sex. As
explained above, the Bureau interprets
ECOA’s and Regulation B’s prohibitions
against discrimination on the basis of
‘‘sex’’ to also include, inter alia,
discrimination based on gender identity;
this interpretation as to what is
included within the scope of the term
‘‘sex’’ necessarily also applies to the
collection of information about a
principal owner’s ‘‘sex’’ under section
1071.759 The Bureau believes that
requiring financial institutions to ask for
information about ‘‘sex/gender’’ will
provide principal owners with the
757 Off. of Mgmt. & Budget, Off. of the Chief
Statistician of the U.S., Recommendations on the
Best Practices for the Collection of Sexual
Orientation and Gender Identity Data on Federal
Statistical Surveys (Jan. 11, 2023), https://
www.whitehouse.gov/wp-content/uploads/2023/01/
SOGI-Best-Practices.pdf.
758 Nat’l Acads. of Scis., Eng’g, & Med.,
Understanding the Well-Being of LGBTQI+
Populations 1–2. See also Nat’l Acads. of Scis.,
Eng’g, & Med., Measuring Sex, Gender Identity, and
Sexual Orientation 1–4 to 1–5 (discussing terms
and identities associated with the concepts of
gender, sex, and sexual orientation).
759 86 FR 14363 (Mar. 16, 2021).
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
flexibility and autonomy to use terms
that they prefer.
Although some commenters requested
that the Bureau require the collection of
principal owners’ sexual orientation
information and intersex status in
addition to the collection of information
about their gender identity, the final
rule does not include these specific
inquiries. The Bureau believes that such
specific inquiries about individuals
would likely be perceived as more
invasive than a general request as to
‘‘sex/gender’’ and, as explained above,
the overall LGBTQI+-ownership status
of the business. Accordingly, the Bureau
is concerned that questions to this effect
could impact the overall willingness of
applicants to provide demographic
information, as noted by some
commenters.
Some commenters expressed concerns
that collecting data via write-in text
fields may lead to data analysis issues.
The Bureau anticipates that its review of
responses to the sex/gender inquiry will
result in data that could be used by the
Bureau and other regulators and, once
grouped into categories, publicly
released subject to any necessary
modifications or deletions for privacy
purposes.
The Bureau believes that principal
owners’ sex/gender and applicants’
LGBTQI+-owned business status data
points together strike a balance that
respects for small business owners’
autonomy in self-identification, while
also providing the Bureau and the
public with information needed to
further section 1071’s statutory
purposes.
The Bureau recognizes that the way
financial institutions will collect data
about sex under the final rule differs
from the collection of information about
the sex of home mortgage applicants
under Regulation C/HMDA.760 Although
the collection of ethnicity, race, and sex
data in both contexts serves related fair
lending purposes, the two regulations
have different legal authorities, cover
different markets, and were developed
at different times. The Bureau has
specifically tailored the collection of sex
data under this final rule implementing
section 1071 for the small business
lending context, in consideration of the
comments received and of continuing
developments in Federal government’s
approach to collecting information
about sex, gender identity, and sexual
orientation.
760 As the Bureau is exempting HMDA-reportable
transactions from the data collection requirements
of the final rule, in § 1002.104(b)(2), strict
consistency between reporting categories is
unnecessary.
PO 00000
Frm 00220
Fmt 4701
Sfmt 4700
The Bureau has also considered
commenters’ statements that small
business applicants may feel
uncomfortable and have privacy
concerns about providing sensitive
information to lenders related to the sex
of their principal owners. As discussed
in greater detail in part VIII below, after
receiving a full year of reported data, the
Bureau will assess privacy risks
associated with this data and on that
basis, make appropriate pre-publication
modification and deletion decisions.
The Bureau takes the privacy of such
information seriously and intends to
make appropriate modifications and
deletions.
Commenters also included
suggestions for whether to allow
applicants to select only one or multiple
response categories in response to
questions related to a principal owner’s
sex. As explained above, the Bureau has
decided to include only a self-describe
response option in response to the
question about a principal owner’s sex/
gender at this time, rendering these
comments moot.
One commenter stated that providing
information about a principal owner’s
sexual orientation and gender identity
should be optional for the applicant.
The Bureau agrees, and applicants have
a right to refuse to provide responses to
questions about protected demographic
information. As explained in final
comment 107(a)(19)–1, financial
institutions must permit an applicant to
refuse to answer the financial
institution’s inquiry and must inform
the applicant that it is not required to
provide the information.
With regard to some commenters’
suggestion that questions about a
principal owner’s gender identity and
sexual orientation should be optional
for financial institutions, the Bureau is
not requiring separate questions for sex,
gender identity, and sexual orientation
for the reasons above. Thus, these
commenters’ suggestion is moot.
The Bureau does not believe it would
be appropriate, however, to remove the
requirement to collect principal owners’
sex, suggested by some commenters. As
discussed above, the collection of
information about sex is required under
section 1071.
The Bureau is not requiring financial
institutions to report what sex or gender
is indicated on a principal owner’s State
driver’s license, as requested by one
commenter. As the commenter
acknowledged, State requirements differ
as to what residents may select as to
their sex and/or gender on their State
government-issued identification and
the available selections may not be
adequate as to a principal owner’s self-
E:\FR\FM\31MYR2.SGM
31MYR2
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
identified sex and/or gender. As noted
above, the Bureau believes that the
collection of principal owners’ sex
information under this rule should be
based solely on an applicant’s selfidentification. However, as the
commenter also pointed out, some
governmental authorities allow
individuals to indicate their sex as ‘‘X’’
in government-issued documents.
Nothing in this rule would interfere
with a principal owner choosing to
designate their sex in that way in the
self-describe response option.
With regard to one commenter’s
statement that the Bureau should not
allow the use of previously collected
information due to concern about
misuse of such data, the final rule
specifies how previously collected
information may be used, as discussed
further in the section-by-section
analyses of §§ 1002.107(d) and
1002.110(e) below.
Regarding a commenter’s suggestion
that the Bureau should consult further
with stakeholders before finalizing any
publication of information about sexual
orientation and gender identity of
principal owners, the Bureau intends to
engage further with stakeholders before
publishing data, as discussed in part
VIII below.
Proposed Rule—Collecting Ethnicity
and Race via Visual Observation or
Surname in Certain Circumstances
lotter on DSK11XQN23PROD with RULES2
The Bureau proposed that financial
institutions be required to collect and
report at least one principal owner’s
ethnicity and race based on visual
observation and/or surname in certain
circumstances. This would have been
required if the financial institution met
in person with one or more of the
applicant’s principal owners and the
applicant did not provide ethnicity,
race, or sex information for at least one
principal owner in response to the
financial institution’s inquiry pursuant
to proposed § 1002.107(a)(20).
The Bureau noted that demographic
response rates in the SBA’s Paycheck
Protection Program data are much lower
when compared to ethnicity, race, and
sex response rates in HMDA data.761
The Bureau reasoned that without a
visual observation and/or surname
collection requirement, meaningful
analysis of principal owner ethnicity
761 Small Bus. Admin., Paycheck Protection
Program Weekly Reports 2021, Version 11, at 9
(effective Apr. 5, 2021), https://www.sba.gov/sites/
default/files/2021-04/PPP_Report_Public_210404508.pdf. Paycheck Protection Program data were
taken from 2021 loans for which the collection form
for principal owner demographics was included in
the application itself and, for most of that time, was
featured on the first page of the application.
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
and race data could be difficult,
significantly undermining section
1071’s purposes. Historically, one
challenge under HMDA has been the
reluctance of some applicants to
voluntarily provide requested
demographic information, such as
ethnicity and race. The Bureau
explained that the requirement in
Regulation C to collect race, sex, and
ethnicity on the basis of visual
observation or surname is an important
tool to address that challenge, and that
it believes that the requirement has
resulted in more robust response rates
in the HMDA data.
Accordingly, the Bureau proposed
that financial institutions collect at least
one principal owner’s ethnicity and race
(but not sex) on the basis of visual
observation and/or surname in the
circumstances described above. Under
the Bureau’s proposal, a financial
institution would not have been
required to collect ethnicity and race via
visual observation and/or surname if the
applicant provided any demographic
information regarding any principal
owner. For applicants with multiple
principal owners, the financial
institution may not be able to determine
whether the applicant had provided the
demographic information of the
principal owner who met in person with
the financial institution or for another
principal owner. The Bureau sought
comment on this proposed approach.
The Bureau also sought comment on
whether a financial institution should
be required to collect a principal
owner’s ethnicity and/or race via visual
observation and/or surname if the
applicant has only one principal owner,
the applicant does not provide all of the
principal owner’s requested
demographic information, and the
financial institution meets in person
with the principal owner. The Bureau
noted that in this situation, the financial
institution would be able to ‘‘match’’
any demographic information that the
applicant provides with the correct
principal owner because there is only
one principal owner.
Proposed comment 107(a)(20)–9
would have explained that a financial
institution would be required to report
ethnicity and race based on visual
observation and/or surname in certain
circumstances. It would have further
explained that a financial institution
would not be required to report based
on visual observation and/or surname if
the principal owner only meets in
person with a third party through whom
the applicant is submitting an
application to the financial institution.
Proposed comment 107(a)(20)–10
would have clarified that a financial
PO 00000
Frm 00221
Fmt 4701
Sfmt 4700
35369
institution meets with a principal owner
in person if an employee or officer of
the financial institution or one of its
affiliates has a meeting or discussion
with the applicant’s principal owner
about an application and can visually
observe the principal owner. The
proposed comment would have also
provided examples of situations where
the financial institution meets in person
with a principal owner and where it
does not. The Bureau requested
comment on this approach and whether
there should be additional or different
examples.
Proposed comment 107(a)(20)–11
would have clarified that a financial
institution uses only aggregate
categories when reporting ethnicity and
race based on visual observation and/or
surname and would have directed
financial institutions to proposed
appendix G for additional information
on collecting and reporting ethnicity
and race based on visual observation
and/or surname. The Bureau requested
comment on whether to permit, but not
require, financial institutions to use the
disaggregated subcategories as well
when reporting ethnicity and race based
on visual observation and/or surname.
In addition to the specific matters
identified above, the Bureau sought
comment on its proposed approach to
this data point, the proposed methods of
collecting and reporting the data, and on
whether additional clarification
regarding any aspect of this data point
is needed.
Comments Received—Collecting
Ethnicity and Race via Visual
Observation or Surname in Certain
Circumstances
General comments. The Bureau
received comments from many banks,
trade associations, community groups,
members of Congress, small business
owners, service providers, and others on
its proposal that financial institutions be
required to collect at least one principal
owner’s ethnicity and race on the basis
of visual observation and/or surname
under certain circumstances. A
community group, a joint letter from
community and business advocacy
groups, and a CDFI lender supported the
proposed requirement, emphasizing that
demographic data collection via visual
observation and surname analysis has
been required by Regulation C for many
years. The community group also
commented that ethnicity and race
information, including information
collected via visual observation and/or
surname as proposed, will allow data
users to assess how the experiences of
small businesses differ by approximate
amount of minority ownership in the
E:\FR\FM\31MYR2.SGM
31MYR2
lotter on DSK11XQN23PROD with RULES2
35370
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
business, particularly when combined
with information about an applicant’s
number of principal owners under
proposed § 1002.107(a)(21).
Many commenters objected to the
proposed requirement. A number of
industry commenters stated that the
Bureau should require only the
reporting of applicant-provided data. A
number of agricultural lenders, a trade
association, a service provider, a
community group, and a business
advocacy group stated that while they
support the collection of demographic
information and the need for robust
data, they do not support the proposed
requirement. A few industry
commenters said that the Bureau should
only require best efforts to collect
demographic information.
Use of visual observation and
surname to collect sex. A number of
commenters, including banks, trade
associations, community groups, and
LGBTQI+ advocacy groups, supported
the Bureau’s proposal to not require the
use of visual observation and/or
surname to report a principal owner’s
sex. Several LGBTQI+ advocacy groups
commented that visual observation of
the gender expression of principal
owners would inevitably rely upon sex
stereotypes and lead to inaccurate
determinations of sex, gender identity,
or sexual orientation. A community
group similarly stated that it would not
be possible in some cases to use visual
observation to accurately identify
gender. Several industry commenters
stated that requiring financial
institutions to determine the sex of
principal owners would make
employees uncomfortable and
potentially offend applicants who had
declined to provide this information.
In contrast, some banks requested that
the visual observation and surname
requirement for this rule be aligned with
Regulation C and thus apply to data on
sex as well as for ethnicity and race.
These commenters said that alignment
with Regulation C would reduce
reporting errors and financial
institutions’ compliance burden because
financial institutions would not need to
use additional resources to understand
and implement different data collection
requirements.
Data accuracy and related concerns.
Many commenters, including a range of
lenders, trade associations, community
groups, several members of Congress,
business advocacy groups, and others,
were concerned that the proposed
requirement would yield unreliable
ethnicity and race data.
Some commenters argued that such a
requirement would introduce error,
bias, and subjectivity into the data
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
collection process, leading to inaccurate
or distorted data. Several said that such
purported bias should not be part of the
underwriting process or that section
1071 was intended to combat this type
of bias. One commenter said that banks
do not consider the ethnicity, race, or
gender of small business applicants and
argued that they should not be required
to guess such information. Other
commenters asserted that inaccuracies
in the collected data would not support
rigorous analysis, would not serve the
purposes of section 1071, and would be
inconsistent with congressional intent
to collect reliable data on small business
credit. Several other commenters
similarly stated that data collected via
visual observation or surname would
impair analyses, conclusions, and
policies based on such data.
Several commenters asserted that data
collected pursuant to the proposed
requirement would be inaccurate
because the process would be based on
or encourage the use of racial
stereotypes or assumptions. Several
other commenters asserted that
ethnicity and race determinations made
by visual observation have been prone
to error or unreliable, with some citing
materials on own-race bias, other-race
effect, and similar issues. Some
commenters predicted that the proposed
requirement may cause some lenders to
rely on surname alone to avoid
determining ethnicity and race based on
visual observation. Others said that the
proposed requirement should not be
finalized because it could risk
perpetuating discrimination and insert
racial stereotyping into application
processes, posing risks to applicants and
financial institutions alike. A
community group stated that the
proposed data collection method raises
fair lending concerns. With respect to
reporting ethnicity and race based on
surname, several commenters asserted
that surname analysis was unreliable
and obsolete.
Commenters also identified specific
circumstances that they said could lead
to inaccurate ethnicity and race
determinations based on visual
observation and surname. Some
commenters argued that the provision
does not account for situations such as
adoption, surname changes, and multiethnic or multi-racial identities. Other
commenters alleged that visual
observation and surname analysis
would likely be inaccurate or unreliable
as a result of increasing demographic
diversity. Several asserted that racial
and ethnic identities are personal,
influenced by a number of different
factors, and should be confirmed only
by the applicant. Another commenter
PO 00000
Frm 00222
Fmt 4701
Sfmt 4700
likewise stated that the Bureau should
only require lenders to report based on
applicant-provided data to promote
accuracy and inclusivity. Several
commenters noted that a principal
owner’s ethnicity and race could be
reported differently by different lenders
under the proposed requirement.
Some commenters said that loan
officers and bank employees lack the
expertise or training to make ethnicity
and race determinations, and that the
proposed requirement would lead to
guessing. Another commenter said the
proposed requirement would create
training and other employment hurdles
without producing meaningful
information.
Several commenters noted that the
proposed requirement would result in
inaccurate data when the person filling
out the application is not a principal
owner of the business, but rather an
employee. Commenters also asserted
that data would be misleading when the
ethnicity and race of the principal
owner meeting with the bank is not
representative of the other principal
owners of the business. One commenter
asserted that the proposed requirement
could subject lenders to liability
because they do not always interact
with principal owners.
Some commenters opposed the
proposed requirement on the grounds
that data collected using this method
would be, they said, generally
unrepresentative of small business
applicants. They predicted low response
rates to inquiries about ethnicity and
race for this rule, based on the
experience of the Paycheck Protection
Program, and argued that ethnicity and
race data would be based on visual
observation and surname analysis for a
disproportionate number of
applications, which these commenters
posited would result in inaccurate data.
Several commenters stated that, as a
result, inaccuracies attributable to the
use of visual observation and surname
analysis would be magnified, making
the data collected unrepresentative of
the applicant population and not useful
for any analyses. Others commented
that ethnicity and race data reported
based on visual observation or surname
would be both inaccurate and
unrepresentative because of the
increased use of digital application
processes with no visual component. A
trade association anticipated low
applicant response rates to the
demographic questions based on its
members’ experience that customers
express anger or are reluctant to provide
ownership information as required by
FinCEN’s customer due diligence rule.
This commenter expected that
E:\FR\FM\31MYR2.SGM
31MYR2
lotter on DSK11XQN23PROD with RULES2
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
applicants would not want to provide
demographic information due to
concerns that it would be used in the
credit process, despite any assurances to
the contrary on the sample data
collection form.
Customer relationships. Many
commenters asserted that the proposed
requirement would impair customer
relationships, citing small business
lending as more relationship-dependent
than other forms of credit. A number of
commenters stated that it would make
bank employees and applicants
uncomfortable, with some suggesting
specifically that this could occur when
in-person applicants witness employees
filling out demographic information that
the applicants declined to provide. A
number of commenters likewise said it
would negatively impact customer
relationships. One argued that because
banks are more likely to have ongoing
interactions with a small business
owner than someone seeking a
mortgage, offense taken from visual
observation or surname analysis would
be more detrimental.
Several agricultural lenders expressed
concern that the disclosure on the
proposed sample data collection form
informing applicants about the
obligation of lenders to report ethnicity
and race information through visual
observation and/or surname analysis
would be negatively received by
applicants, stating that applicants might
perceive the notice as an indication that
the lender intends to or must contradict
the applicant’s wishes. A trade
association suggested that applicants
would feel uncomfortable providing
their demographic information if they
receive notice that such information
would not be subject to a firewall,
which would lead to a greater use of
visual observation and surname
analyses.
Right to refuse. A range of
commenters opposed the proposal on
the grounds that applicants have a right
to decline to provide demographic
information. One commenter said that
the proposed requirement would further
damage the public’s confidence in
financial institutions and heighten
privacy concerns, because it would
contradict an applicant’s decision to not
provide the requested information.
Several cited the high percentage of
Paycheck Protection Program loan
applicants that did not report
demographic data as showing applicant
concerns about privacy and the
importance of voluntary reporting.
Some commenters stated that the
proposal is inconsistent with, or that it
inappropriately circumvents, section
1071’s provision that an applicant may
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
refuse to provide protected demographic
information and urged the Bureau to
respect that right. One commenter said
that section 1071 is structured to require
financial institutions to make inquiries
for their customers’ information and to
allow applicants to refuse to provide
such information; given this framework,
the commenter questioned whether
requiring collection would be
permissible under the statute when an
applicant has already refused to provide
the information. One commenter said
that applicants may not understand that
if they decline to answer demographic
inquiries that lenders will determine
and report their ethnicity and race
anyway. Several commenters
highlighted that HMDA, in contrast to
section 1071, does not provide a
comparable right of refusal.
Burden and cost. A few commenters
objected to the proposed requirement on
the grounds that it would impose
significant costs on some lenders. One
commenter identified costs to create and
maintain policies and procedures, apply
these consistently, conduct ongoing
training, and audit compliance, while
another said the proposal would require
substantial changes to its loan
processes, systems, and compliance
protocols to implement. A commenter
said that reliance on proxying,
inference, or visual observation would
impose a number of cost and
compliance concerns. Several
commenters asserted that lenders may
face substantial costs to train employees
to make determinations; one said this
training could be complex for front-line
employees who are currently taught that
ECOA and other laws prohibit the
collection of ethnicity and race
information. A CDFI lender stated that
the proposed requirement would
impose less burden on larger banks and
online lenders, either because they will
have a higher number of online loan
applications or because they already
report demographic information on the
basis of visual observation and surname
under HMDA.
Response rates. Several commenters
disputed that the higher responses rates
in HMDA data, compared with lower
response rates in Paycheck Protection
Program data, could be attributed to
HMDA’s visual observation and
surname requirement, and also disputed
that this proposed requirement could
improve response rates for financial
institutions complying with the small
business lending rule. Some suggested
that the Bureau’s concern with low
response rates based on the Paycheck
Protection Program experience is
misplaced, arguing that those response
rates were attributable to the program’s
PO 00000
Frm 00223
Fmt 4701
Sfmt 4700
35371
emergency nature, and the rush by all
parties to submit and process
applications. Commenters also noted
that Paycheck Protection Program may
not inform the likely response rates
under this rule because that program
covered a wider range of businesses
than the Bureau’s proposal.
Purported conflicts with ECOA and
Regulation B. Some commenters raised
concerns about conflicts between the
proposed requirement and subpart A of
Regulation B and ECOA. One
commenter stated that the proposed
requirement is prohibited by 12 CFR
202.5, which provides that a creditor
may not inquire about the race, color,
religion, national origin, or sex of an
applicant or any other person in
connection with a credit transaction.
Several commenters said that the
proposed requirement would require
bank employees to consider factors that
ECOA prohibits creditors from
considering. Commenters also generally
stated that the proposed requirement
conflicts with the fair lending training
provided to bank employees and will
insert race as a factor in the credit
application process.
Several commenters said that a visual
observation and surname requirement
would not align with, or would violate,
the statutory firewall requirement,
noting that the lenders would have to
determine a borrower’s ethnicity and
race but then have to ‘‘forget’’ and
isolate the information when making
credit decisions. One requested that
information collected via visual
observation and/or surname not be
subject to the firewall provision because
of the difficulty in maintaining the
firewall requirements for data collected
this way.
In-person meetings. A number of
commenters raised concerns that the
proposed requirement would damage
the relationships that community banks,
traditional banks, or small- to mid-sized
banks have with their customers. One
asserted that in-person interactions are
important for community lenders, such
as CDFI banks, to understand customers,
to make customers feel comfortable, and
to identify products and services
responsive to the needs of lower income
and other underserved communities.
Others emphasized that such lenders
value and rely on repeated, in-person
interactions with customers, saying that
the proposed requirement would
disproportionately affect them, but
would favor large banks and online
lenders that did not see applicants and
thus would not have to employ the
visual observation or surname analysis.
One commenter suggested that all
lenders should be subject to the
E:\FR\FM\31MYR2.SGM
31MYR2
lotter on DSK11XQN23PROD with RULES2
35372
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
proposed requirement, because online
lenders can still conduct surname
analyses. Another said that the
proposed requirement would
disproportionately subject CDFI lenders
to the risks of reporting inaccurate data,
including reputational damage, and
greater operational and compliance
burden. A commenter urged that the
Bureau exempt community banks from
the proposed requirement.
In contrast, some commenters
suggested that the proposed requirement
would not generate much data as a
result of a shift away from in-person
interactions, thus limiting or negating
its value. One such commenter
predicted that much small business
lending will likely be through credit
cards, which it said would not provide
an opportunity to implement the
requirement, and as a result data
collected via visual observation and
surname would be associated with
certain loan types that may be received
by higher revenue applicants.
Some commenters suggested that
lenders, their employees, and applicants
would try to avoid visual observation
and surname analysis. Several said that
the proposed requirement would
discourage loan officers and applicants
from meeting in person or by video call.
Others stated that some banks may shift
applications online, impairing the
personal interaction some banks have
with their communities. One
commenter predicted that the proposed
requirement would discourage small
business applicants from seeking credit.
Another commenter argued that the
proposed requirement is unnecessary
because financial institutions do not
always meet with the principal owners
of a business. Several commenters said
that ethnicity and race determinations
from visual observation and surname
analysis may not be representative of
the applicant population, would be
inconsistent, and would not be
comparable to other data.
One commenter said that the
requirement would be difficult to apply
because a financial institution may not
know if the principal owner’s
demographic information had already
been collected to assess if the visual
observation and surname requirement
applies, such as in the context of a brief
interaction that is later determined to be
an in-person meeting that would trigger
the proposed requirement. Others asked
for clarity on whether the proposed
requirement would be triggered if any
bank employee met in person with a
principal owner, even if not involved
with the credit application (for example
when signing closing documents).
Another commenter stated that financial
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
institutions should not be required to
determine if an individual is a principal
owner, a necessary condition to collect
data on a principal owner’s ethnicity
and race via visual observation and
surname analysis, if the small business
applicant chooses not to disclose its
ownership structure.
Litigation and compliance risk. Some
commenters were concerned that the
proposed requirement would subject
financial institutions and their
employees to enforcement actions or
litigation if they erred in determining a
principal owner’s ethnicity or race.
Several stated that despite good faith
efforts, such errors could subject lenders
to examiner scrutiny, litigation, negative
media, and erroneous discrimination
claims by third parties, or subject them
to customer complaints. One commenter
stated that regulators could use financial
institutions’ best-guess, but erroneous
determinations to pursue disparate
impact cases, or customers could bring
discrimination cases, if they are able to
reverse engineer the inadvertently
incorrect ethnicity or race
determinations made by financial
institutions. A community group
suggested that financial institutions
would avoid reporting ethnicity or race
at all to avoid litigation risk.
Several business advocacy groups
suggested that certain lenders may use
this provision to fabricate ethnicity and
race data in order to make their lending
practices appear more equitable,
accessible, and unbiased.
Implementation and other comments.
A number of commenters offered
specific suggestions regarding particular
aspects of the proposal, notwithstanding
other objections they may have raised
regarding whether it should be finalized
at all. Several urged the Bureau to
provide guidance materials and sample
disclosures, and to engage in education
efforts to encourage applicants to selfreport their demographic information,
with some suggesting these options in
place of the proposed provision. Some
said the Bureau should develop
guidance that lenders could use to avoid
questions of interpretation and to learn
about resources they can use to make
ethnicity and race determinations on the
basis of a principal owner’s surname.
Several suggested that the Bureau
provide a uniform surname
classification standard.
One commenter requested an
exemption from the proposed
requirement (and the collection of
ethnicity and race generally) for retail
credit, on the grounds that many
applicants will decline to provide
demographic information about their
principal owners given the sensitivity of
PO 00000
Frm 00224
Fmt 4701
Sfmt 4700
the information. Other commenters
stated that automobile and truck dealers
had expressed concerns about the
proposed requirement and did not think
it would be possible to report detailed
demographic information based on
visual observation. Another commenter
recommended that the Bureau exempt
sole proprietors from the proposed
requirement, noting that sole proprietor
transactions are unique and may not
provide meaningful data on the
commercial credit market served by
small, non-bank lenders.
Several commenters opposed the
proposed requirement, arguing that the
use of visual observation and surname
is outdated. Two commenters stated that
these methods employed in Regulation
C were implemented many years ago,
and that the Bureau should follow more
current government agency practices,
citing a 2021 policy memo from
USDA 762 rescinding the use of visual
observation to determine ethnicity or
race for certain Federal food programs.
One commenter stated that, as with
participants in the USDA programs,
some small business owners may not
want their ethnicity or race determined
by others, may perceive discriminatory
treatment, and may avoid applying for
credit.
One commenter stated that the scope
of the proposed requirement was
unclear, noting that the NPRM preamble
and proposed commentary provided
that a financial institution would have
to identify at least one principal owner
by visual observation or surname if the
applicant does not provide the ethnicity
and race of at least one principal owner,
even though institutions are obligated to
collect the ethnicity, race, and sex of
each of the small business applicant’s
principal owners. Several commenters
requested that financial institutions
should only be required to collect
aggregate ethnicity and race categories.
One commenter suggested the use of
an automated proxy analysis of
surnames as an alternative to the
proposed requirement. Another said
that the Bureau could determine
ethnicity and race with the data
reported by lenders based on surname
analysis.
Several commenters urged that, if the
proposed requirement is finalized,
demographic data should note when
they are collected via visual observation
or surname.
762 U.S. Dep’t of Agric., Collection of Race and
Ethnicity Data by Visual Observation and
Identification in the Child and Adult Care Food
Program and Summer Food Service Program—
Policy Recission (May 17, 2021), https://
www.fns.usda.gov/cn/Race-and-Ethnicity-DataPolicy-Rescission.
E:\FR\FM\31MYR2.SGM
31MYR2
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
lotter on DSK11XQN23PROD with RULES2
Final Rule—Collecting Ethnicity and
Race via Visual Observation or Surname
in Certain Circumstances
The Bureau is not finalizing its
proposed visual observation and/or
surname analysis requirement for the
reasons set forth below. Final
§ 1002.107(a)(19) (proposed as
§ 1002.107(a)(20)) no longer includes
references to the reporting of ethnicity
and race based on visual observation
and surname. The Bureau is likewise
not adopting proposed comment
107(a)(20)–9, regarding reporting based
on visual observation and/or surname;
proposed comment 107(a)(20)–10,
regarding meeting in person with a
principal owner; and proposed
comment 107(a)(20)–11, regarding the
use of aggregate categories when
reporting using visual observation or
surname. The Bureau has also removed
other references to the collection of
ethnicity and race data via visual
observation and/or surname from other
locations in the final rule.
In making this decision, the Bureau
carefully considered the numerous
comments it received, the statute, the
history of the use of visual observation
and surname analysis under HMDA,
and the recent history of the collection
of demographic information related to
the Paycheck Protection Program. The
Bureau believes, based on its expertise
and the longstanding use of visual
observation and surname analysis in
HMDA, that collection of demographic
information via visual observation or
surname analysis has the capacity to
improve response rates for demographic
information—without particular risk to
data accuracy,763 introduction of bias or
racial stereotyping into the underwriting
process,764 increased litigation/
compliance risk, or violations of
existing ECOA/Regulation B,765 as
763 While some commenters suggested that data
inaccuracies from visual observation and surname
analysis would have limited the usefulness,
integrity, reliability, or quality of the collected data
and conclusions or policies based upon the data,
the Bureau has not found this to be the case in
HMDA and would not expect it to be so here either.
A loan officer reporting their perception of an
applicant’s ethnicity and race could not do so
‘‘incorrectly’’ (other than by intentionally misreporting their perception); in fact, a loan officer’s
perception of an applicant’s protected demographic
information may be more important for fair lending
analyses than how the applicant self-identifies.
764 Collecting lenders’ perceptions of the ethnicity
and race of applicants, whether or not such
perceptions are what the applicant would consider
‘‘accurate,’’ could have enabled an analysis of
potential bias by lenders. But the mere recordation
of those perceptions is unlikely to create bias on the
basis of those perceptions.
765 Inquiring about an applicant’s ethnicity and
race (or collecting such information via visual
observation or surname, if the Bureau were
finalizing that aspect of the proposal) will not, in
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
suggested by some commenters. The
Paycheck Protection Program
experience also suggests that there may
be benefits in such a requirement.
Nonetheless, the Bureau believes that
a requirement to collect principal
owners’ ethnicity and race via visual
observation or surname could pose
particular challenges for small business
lending that are not present in mortgage
lending. For example, applicants and
co-applicants are clearly identified as
such in mortgage applications—making
it obvious whose demographic
information has, or has not, been selfreported. In contrast, this final rule—as
mandated by section 1071—requires a
record of the applicant’s responses to a
request for protected demographic
information to be kept separate from the
application, and prohibits inclusion of
personally identifiable information in
records compiled and maintained
pursuant to this rule. This could make
tracking whose information has, or has
not, been self-reported by the applicant
particularly challenging. As commenters
pointed out, a financial institution
might be interacting with a
representative of a small business who
is not a principal owner, or the
institution may not know—particularly
early in the application process—if a
particular person is a principal owner.
In addition, the Bureau is mindful,
consistent with the comments it
received, that much of the lending to
small businesses in smaller
communities and in underserved and
rural areas occurs through relationship
banking that involves more frequent and
more personal contact with applicants.
The Bureau is also mindful of concerns
raised by lenders that rely on in-person
engagement that their customer
relationships may be negatively
impacted by customer discomfort with a
visual observation and surname data
collection requirement, particularly
during initial implementation of this
final rule. The Bureau also
acknowledges the concerns expressed
by commenters that bank employees
may feel uncomfortable making
ethnicity and race determinations on the
basis of visual observation or surname.
On the other hand, the Bureau
acknowledges comments that the
prevalence of online lending processes
and use of credit cards in small business
fact, violate Regulation B’s prohibition on inquiring
about certain protected characteristics of an
applicant in connection with a credit transaction,
nor is doing so under HMDA/Regulation C a
violation. Regulation B implements ECOA, of which
section 1071 is a part. Section 1002.5 of Regulation
B, and its amendments under this final rule, make
clear that the collection of ethnicity and race
pursuant to this rule would not violate Regulation
B.
PO 00000
Frm 00225
Fmt 4701
Sfmt 4700
35373
lending could mean few opportunities
for in-person or video-enabled meetings
and thus for the collection of ethnicity
and race via visual observation or
surname.
The Bureau’s decision not require
financial institutions to collect principal
owners’ ethnicity and race information
via visual observation or surname at this
time renders moot the comments about
implementation of such a requirement,
as well as those suggesting alternatives
to the proposal.
The Bureau intends to actively
monitor financial institutions’ response
rates to inquiries regarding demographic
data to ensure that applicants are not
being discouraged in any way from
providing their demographic data
pursuant to this final rule and to
determine whether any future
adjustments to the rule may be
warranted.
107(a)(20) Number of Principal Owners
Proposed Rule
Proposed § 1002.107(a)(21) would
have required financial institutions to
collect and report the number of the
applicant’s principal owners. Proposed
comment 107(a)(21)–1 would have
explained that a financial institution
would be able to collect an applicant’s
number of principal owners by
requesting the number of principal
owners from the applicant or by
determining the number of principal
owners from information provided by
the applicant or that the financial
institution otherwise obtains. If the
financial institution asks the applicant
to provide the number of its principal
owners, proposed comment 107(a)(21)–
1 explained that the financial institution
would have been required to provide
the definition of principal owner set
forth in proposed § 1002.102(o). The
proposed comment also clarified that, if
permitted pursuant to proposed
§ 1002.107(c)(2), a financial institution
could report an applicant’s number of
principal owners based on previously
collected data.
Proposed comment 107(a)(21)–2
would have clarified the relationship
between the proposed requirement to
collect and report the number of
principal owners in proposed
§ 1002.107(a)(21) with the proposed
requirement to report verified
information in proposed § 1002.107(b).
The proposed comment would have
stated that the financial institution may
rely on an applicant’s statements in
collecting and reporting the number of
the applicant’s principal owners. The
financial institution would not have
been required to verify the number of
E:\FR\FM\31MYR2.SGM
31MYR2
35374
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
lotter on DSK11XQN23PROD with RULES2
principal owners provided by the
applicant, but if the financial institution
did verify the number of principal
owners, then the financial institution
would report the verified number of
principal owners.
Proposed comment 107(a)(21)–3
would have stated that pursuant to
proposed § 1002.107(c)(1), a financial
institution would be required to
maintain procedures reasonably
designed to collect applicant-provided
information, which includes the
applicant’s number of principal owners.
However, the proposed comment would
have explained that if a financial
institution is nonetheless unable to
collect or determine the number of
principal owners of the applicant, the
financial institution would report that
the number of principal owners is ‘‘not
provided by applicant and otherwise
undetermined.’’
In addition to seeking comment on its
proposed approach to the collection and
reporting of the number of principal
owners generally, the Bureau also
sought comment on whether to instead,
or additionally, require collection and
reporting of similar information about
owners (rather than principal owners).
The Bureau raised, as an example,
whether financial institutions should be
required to collect and report the
number of owners that an applicant has
that are not natural persons.
Comments Received
The Bureau received comments on
this aspect of the proposal from a
number of lenders, trade associations,
and community groups. Two lenders
and a community group supported the
Bureau’s proposal for collecting and
reporting the number of an applicant’s
principal owners. The community group
stated that the information would help
determine whether experiences in the
small business lending marketplace are
different if an owner is a woman or
minority, even if a small business does
not meet the criteria for a minorityowned or women-owned business.
Further, knowing the number of a
business’s principal owners would help
data users identify businesses with
varying percentages of ownership by
women or minorities above or below the
50 percent threshold for minorityowned or women-owned businesses.
One lender stated that the number of
principal owners data point, along with
others proposed by the Bureau, would
provide insight on the quality of capital
being accessed by small businesses,
assist in showing how financial
institutions compare across different
metrics, and help determine if an
institution is engaged in equitable
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
lending. This commenter also stated
that in its experience, there are a
number of small business lending
programs and funding opportunities
that require similar data. Thus, this
commenter stated its expectation that
the reporting requirements in the
Bureau’s final rule would satisfy
requirements across a number of such
programs and reduce administrative
burden. Specifically, the commenter
noted that it had gathered similar data
on owners for Paycheck Protection
Program loans it originated.
A number of lenders and trade
associations opposed the Bureau’s
proposal to collect information about
the number of an applicant’s principal
owners. Two such commenters stated
that the information does not serve the
purposes of section 1071, unless it is to
allow second guessing of applicantprovided responses as to their minorityowned or women-owned status or the
Bureau intends to require the collection
of ethnicity, race, and sex data for all of
an applicant’s principal owners. One
bank stated that the proposed number of
principal owners data point would not
offer any insight into lending patterns,
as it is not considered in the
underwriting process. Another bank
argued that the data point is not
necessary because there is no evidence
that lenders use an applicant’s number
of principal owners as a basis for
discrimination. One bank questioned
the benefit of collecting such
information, stating that a business’s
ownership and principals may change
on a day-to-day basis. Another
commenter stated that the information
collected may inadequately or
erroneously describe an applicant’s
ownership structure, particularly where
the legal structure of the applicant’s
ownership may make such
determinations difficult. Several
commenters also stated that the data
point is unnecessary, because similar
information is already collected in other
contexts (such as under FinCEN’s
customer due diligence rule) and
regulators already examine banks for
fair lending compliance.
Several commenters cited costs and
burden as the basis for their objections.
Two banks stated that it would be
expensive to collect the information,
with one also noting that the costs
would be passed down to customers and
communities. Another bank stated that
because it does not collect information
about the number of an applicant’s
principal owners currently, the
proposed requirement would entail
changes to its operating procedures and
suggested that the Bureau could obtain
this information from the Internal
PO 00000
Frm 00226
Fmt 4701
Sfmt 4700
Revenue Service instead. With regard to
indirect vehicle financing transactions,
a trade association stated that
information about the number of
principal owners is not part of the data
transmitted between dealers and finance
companies and is not used for business
purposes, thus technical and process
changes would be needed to collect and
report the data.
A few industry commenters objected
to the collection and reporting of the
number of an applicant’s principal
owners on the basis of privacy, stating
that the data point could be used to
identify applicants. One said that this
concern was particularly relevant for
small communities with limited
numbers of small businesses. Two
others urged the Bureau to not publish
the data point publicly to protect
applicants’ privacy.
An agricultural lender said it was
unclear how financial institutions
should report the number of principal
owners for family farmers. This lender
emphasized that the ownership of many
family farm businesses is complex and
may involve multiple business entities
for risk management purposes, with
separate entities for different farm
operations. The commenter provided as
an example a situation where a person
owns only one farm parcel but works
several farm parcels that are owned by
a parent through multiple business
entities and trusts.
Some industry commenters objected
to this proposed data point as part of
their general objection to the Bureau’s
data points proposed pursuant to ECOA
section 704B(e)(2)(H). These
commenters generally argued that such
data points, including the number of an
applicant’s principal owners, do not add
value or advance the purposes of
achieving fair lending or of ECOA; are
not used or collected for underwriting
or financial analysis; go beyond what
other laws require financial institutions
to collect; add unnecessary complexity
and detail to the rule; and would add to
the burden and costs for implementing
the rule, especially for small covered
financial institutions.
Two industry commenters objected to
the data point on the grounds that in the
absence of other information about an
applicant’s ownership, such as the
number of owners or percentages of
ownership, the information could lead
to incorrect assumptions about the
ownership structure of a small business
applicant. For example, the commenters
noted that if demographic data are
reported for one individual, it could
lead to a conclusion that the applicant
has only one principal owner, when the
applicant has several owners, but only
E:\FR\FM\31MYR2.SGM
31MYR2
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
lotter on DSK11XQN23PROD with RULES2
one with more than a 25 percent
ownership share.
Two commenters urged the Bureau to
provide a regulatory safe harbor for
reporting information about an
applicant’s number of principal owners,
as part of a global safe harbor for all
applicant provided data, or a safe harbor
similar to that in proposed
§ 1002.112(c).
Several community groups suggested
additional data points related to
ownership. One such commenter
suggested that the Bureau require
financial institutions collect and report
the percentage amount of a principal
owner’s ownership. This information,
argued the commenter, would enable
the Bureau to refine its data and reveal
specific disparities in lending by
ownership composition. Another
commenter suggested that the Bureau
require financial institutions to ask
applicants for the number of individuals
who own less than 25 percent of the
applicant, to provide more insight on
the distribution of small businesses and
their experiences. One other commenter
instead suggested that the Bureau add
additional data points to measure the
percentage of ownership by women and
by people of color, to further enable
evaluations of access to credit based on
the proportion of ownership and control
by such individuals.
A joint letter from community and
business advocacy groups requested that
the Bureau clarify proposed comment
107(a)(21)–3, which stated that if a
financial institution is unable to collect
or ‘‘otherwise determine’’ an applicant’s
number of principal owners, the
financial institution should report it as
unknown. The community groups asked
the Bureau to clarify the meaning of the
phrase ‘‘otherwise determine,’’ and
specifically whether financial
institutions may limit its investigation
to documents obtained from the
applicant in the normal course of an
application, or if they have an obligation
to conduct a due diligence investigation
of corporate records.
Final Rule
For the reasons set forth herein, the
Bureau is finalizing the requirement for
financial institutions to collect and
report the number of an applicant’s
principal owners, renumbered as
§ 1002.107(a)(20), and its associated
commentary. In consideration of the
comments received, the Bureau is doing
so pursuant to its authority under ECOA
section 704B(g)(1) to prescribe such
rules and issue such guidance as may be
necessary to carry out, enforce, and
compile data under section 1071 and
under ECOA section 704B(e)(2)(H),
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
which authorizes the Bureau to require
financial institutions to compile and
maintain ‘‘any additional data that the
Bureau determines would aid in
fulfilling the purposes of [section
1071].’’
The Bureau believes that the
information will provide important
context for other information collected
and reported under the rule and thus
serve the purposes of section 1071. The
Bureau acknowledges that, as argued by
commenters, the number of an
applicant’s principal owners may not be
information considered by financial
institutions in the underwriting process
or, by itself, serve as the basis of
discrimination. However, as noted by
other commenters, information about
the number of small businesses’
principal owners will help data users,
including the Bureau, understand how
small business applicants’ experiences
in the lending marketplace differ on the
basis of the demographic composition of
their ownership and identify business
and community development needs and
opportunities. Thus, even if an
applicant is not a women-owned,
minority-owned, or LGBTQI+-owned
business under § 1002.107(a)(18),
through the number of principal owners
data point, data users will still have
some insight into what proportion of the
small business’s ownership has the
demographic characteristics provided
by the applicant.
The Bureau acknowledges some
commenters’ concerns that the number
of principal owners data point would
not provide a comprehensive picture of
an applicant’s ownership structure.
Final § 1002.102(o) defines a principal
owner as an individual who directly
owns 25 percent or more of the equity
interests of a business. As a result, the
requirement to collect information about
the number of an applicant’s principal
owners will not account for individuals
with either indirect ownership or less
than 25 percent ownership in the
business. However, the Bureau believes
that this supports, rather than counsels
against, inclusion of this data point in
the final rule.
The Bureau also is not adding other
data points related to ownership to the
final rule. The Bureau considered the
general likelihood that an individual
responding for the applicant would
know the information being requested
in formulating its proposal. The Bureau
believes that applicants are likely to
know the number of its principal
owners and will be willing to provide
that information. Overall, the Bureau
believes that the number of principal
owners data point, particularly in
combination with information about an
PO 00000
Frm 00227
Fmt 4701
Sfmt 4700
35375
applicant’s business statuses under
§ 1002.107(a)(18), strikes a balance so
that the Bureau is likely to receive
useful data that will allow it and others
to develop a nuanced understanding of
small business lending practices
generally, even if it does not present a
complete picture of each applicant’s
ownership structure.
The Bureau does not believe that the
fact that some applicants have
complicated ownership structures
necessitates removal of this data point
from the final rule. Although some
small business applicants, such as
family farmers, may have ownership
structures where there are many owners
and/or where ownership is through
various business entities, the rule’s
definition for principal owner means
that applicants would be required to
identify only individuals, and not
entities or trusts, with direct ownership
in the business and would not need to
trace ownership through multiple
business entities or provide information
about individuals with small equity
shares in the business. Under comment
107(a)(20)–1, this definition would be
provided to an applicant in conjunction
with the request for the number of its
principal owners. The Bureau believes
that the straightforward definition in
§ 1002.102(o) will assist applicants in
providing this information.
Further, the Bureau believes the
information about the number of an
applicant’s principal owners will be
useful and facilitate the purposes of
section 1071, even if a specific
applicant’s ownership changes over
time. Under the Bureau’s proposal, as
with the final rule, applicants are asked
for information in relation to individual,
covered applications to allow data
users, in the aggregate, to ascertain
lending patterns at the institution or
community levels. The data meets the
final rule’s purposes if it is accurate at
the time the data are collected.
Identifying changes in ownership over
time will also further the business and
community development and fair
lending purposes of section 1071.
Some commenters suggested that the
number of principal owners data point
should not be required under the final
rule because similar information is
collected in other contexts. However,
the definition of principal owner under
§ 1002.102(o) has been specifically
tailored by the Bureau to meet the
purposes of section 1071. Information
about differently defined owners under
different regulatory regimes, reported to
other regulatory authorities, does not
facilitate section 1071’s purposes of fair
lending enforcement and identification
of business and community
E:\FR\FM\31MYR2.SGM
31MYR2
lotter on DSK11XQN23PROD with RULES2
35376
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
development needs and opportunities,
nor could such data be matched to a
particular covered application reported
under section 1071.
With respect to commenters’
arguments that the additional burden
and costs that would result from the
number of principal owners data point
warrant its removal from the final rule,
the Bureau notes first that commenters
did not identify any specific costs or
burdens with reporting the number of
principal owners data point in
particular, as much as concern about the
costs and burden of reporting data
points adopted pursuant to the Bureau’s
statutory authority in ECOA section
704B(e)(2)(H) generally. The Bureau
acknowledges that financial institutions
will experience some initial expenses
and burden in implementing new
regulatory data collection requirements.
However, the Bureau understands that
financial institutions already collect and
maintain information about the
ownership of certain businesses under
FinCEN’s customer due diligence rule.
The Bureau does not believe that there
will be significant costs and burden
associated with collecting and reporting
information about applicants’ principal
owners specifically, as opposed to
generally as part of a new data
collection regime. The Bureau considers
the data points it is adopting pursuant
to section 704B(e)(2)(H)—including the
number of an applicant’s principal
owners and the corresponding costs and
burden to implement their collection—
necessary to facilitate the purposes of
section 1071.
The Bureau does not believe that a
specific safe harbor is necessary for
reporting the number of an applicant’s
principal owners, as urged by
commenters. As provided in final
comment 107(a)(20)–2 (proposed as
comment 107(a)(21)–2), a financial
institution is entitled to rely on the
statements provided by the applicant in
collecting and reporting the information
provided by the applicant. As a result,
any such good faith reporting by a
financial institution of the number of an
applicant’s principal owners that the
financial institution has no reason to
believe is inaccurate will not be a
violation of the regulation’s
requirements.
In response to commenters’ concerns
that information about an applicant’s
number of principal owners may be
used to identify applicants, the Bureau
will review the data received to
complete the full privacy analysis to
determine the privacy risks associated
with the publication of the applicationlevel data as discussed in part VIII,
below. The Bureau takes the privacy of
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
such information seriously and will be
making appropriate modifications and
deletions to any data before making it
public.
With respect to commenters’ request
that the Bureau clarify financial
institutions’ obligation to determine the
number of an applicant’s principal
owners, the Bureau believes that the
proposed commentary is sufficiently
clear and does not need to be revised.
The Bureau’s intent in proposed
comment 107(a)(21)–3 that a financial
institution report that the number of
principal owners is ‘‘not provided by
the applicant and is otherwise
undetermined’’ was to refer to the
possibility that a financial institution
may not know the number of the
applicant’s principal owners if, despite
maintaining reasonably designed
procedures to obtain the information,
the applicant does not provide the
information and the financial institution
does not otherwise verify such
information. The Bureau has also
revised comment 107(b)–1 to clarify
what information may be used to verify
information. Given these other
statements in the commentary, the
Bureau does not believe that further
clarification of financial institutions’
obligation to determine the number of
an applicant’s principal owners is
necessary.
As explained in the section-by-section
analysis of § 1002.102(o), the Bureau has
changed the definition of principal
owner to use the term ‘‘individual’’
instead of ‘‘natural person’’ for
comprehensibility reasons. Accordingly,
the commentary for final
§ 1002.107(a)(20) has likewise been
updated to refer to individuals and not
natural persons.
To streamline the commentary, the
Bureau has revised comment
107(a)(20)–1 (proposed as 107(a)(21)–1)
to remove the first sentence as to
requesting the number of an applicant’s
principal owners from the applicant or
determining such information from
other information, as duplicative of
content in comment 107(b)–1, which
applies to the number of principal
owners data point. For similar reasons,
it has removed the last sentences of
comments 107(a)(20)–1 and –2,
regarding the use of previously collected
data and about verification, as
straightforward applications of final
§ 1002.107(d) and (b), respectively, that
would not provide any new content.
Otherwise, the Bureau is substantially
finalizing the commentary for
§ 1002.107(a)(20) with changes to reflect
updated numbering for the data point
and also updating and adding cross-
PO 00000
Frm 00228
Fmt 4701
Sfmt 4700
references to other parts of the final
rule.
107(b) Reliance on and Verification of
Applicant-Provided Data
Proposed Rule
ECOA section 704B(e)(1) provides
that ‘‘[e]ach financial institution shall
compile and maintain, in accordance
with regulations of the Bureau, a record
of the information provided by any loan
applicant pursuant to a request under
[section 704B(b)].’’ 766 Section 1071 does
not impose any requirement for a
financial institution to verify the
information provided by an applicant.
During the SBREFA process, a
number of small entity representatives
urged the Bureau to require collection
and reporting of a number of data points
based only on information as provided
by the applicant.767 No small entity
representatives stated that they thought
verification should be generally
required. The industry stakeholders
who commented on this issue asked that
the Bureau not require verification of
applicant-provided information. The
Bureau did not receive any comments
on this issue from community group
stakeholders during the SBREFA
process.
The Bureau proposed in § 1002.107(b)
that unless otherwise provided in
subpart B, the financial institution
would be able to rely on statements of
the applicant when compiling data
unless it verified the information
provided, in which case it would be
required to collect and report the
verified information. The Bureau
believed that requiring verification of
collected data would greatly increase
the operational burden of the rule.
Proposed comment 107(b)–1 would
have explained that a financial
institution could rely on statements
made by an applicant (whether made in
writing or orally) or information
provided by an applicant when
compiling and reporting applicantprovided data; the financial institution
would not be required to verify those
statements. Proposed comment 107(b)–1
would have further explained, however,
that if the financial institution did verify
applicant statements for its own
business purposes, such as statements
relating to gross annual revenue or time
in business, the financial institution
would report the verified information.
The comment would have gone on to
explain that, depending on the
circumstances and the financial
institution’s procedures, certain
applicant-provided data could be
766 ECOA
section 704B(e)(1).
Panel Report at 26.
767 SBREFA
E:\FR\FM\31MYR2.SGM
31MYR2
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
lotter on DSK11XQN23PROD with RULES2
collected without a specific request
from the applicant. For example, gross
annual revenue could have been
collected from tax return documents. In
addition, the proposed comment would
have made clear that applicant-provided
data are the data that are or could be
provided by the applicant, including
those in proposed § 1002.107(a)(5)
through (7), and (13) through (21).
The Bureau sought comment on its
proposed approach to verification of the
1071 data points, including the specific
guidance that would have been
presented in comment 107(b)–1. The
Bureau also sought comment on
whether financial institutions should be
required to indicate whether particular
data points being reported have been
verified or not.
Comments Received
The Bureau received comments on
this aspect of the proposal from
numerous lenders, trade associations,
community groups, and a business
advocacy group. Several lenders and
trade associations supported the
proposed provision, agreeing with the
Bureau that requiring verification of
collected data would greatly increase
the operational burden of the rule.
These commenters did not object to
reporting verified information when a
financial institution verifies applicant
statements for its own business
purposes. Several of these commenters
did, however, object to the possible
inclusion of a provision requiring
financial institutions to flag whether or
not they had verified reported data, a
question that the NPRM had sought
comment on. Although these
commenters did not discuss reasons for
objecting to the verification flag, the
context suggests that they were
concerned about the operational
difficulty of carrying out such a
provision.
Several banks and trade associations
supported the ability to rely on
unverified applicant-provided data, but
objected to the requirement to report
verified information when the financial
institution verifies applicant statements
for its own business purposes. Some of
these commenters pointed out that
verification may happen after the initial
application, different lenders have
different methods of verification, and
updating the information for reporting
would be operationally difficult. One of
these commenters stated that the
verification may be carried out by
different staff using different platforms,
and section 1071 does not mention
verification. Other commenters
suggested that the term ‘‘verification’’
was not sufficiently clear, and
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
sometimes a financial institution would
collect documents such as tax forms that
contain information that conflicts with
applicant statements, for example a
different NAICS number, even though
the financial institution is not
‘‘verifying’’ that data point. Other
commenters expressed concern about
how reporting information verified later
would affect use of the ‘‘firewall.’’ A
group of trade associations stated that
collecting the verified information
would provide little benefit and the
already difficult implementation of the
rule would be made even more onerous
by this provision. In addition, one
commenter stated that the verification
provision was similar to HMDA, which
they considered to be very onerous.
A community group and a women’s
business advocacy group suggested that
the final rule should require additional
verification. The community group
stated that verification of a few key data
points that are generally verified by
lenders now, such as gross annual
revenue, or that can be easily checked,
such as the NAICS code, should be
required. A business association urged
the Bureau to look into ways to verify
that the correct information is offered
and reports are accurate.
Final Rule
For the reasons set forth herein, the
Bureau is finalizing § 1002.107(b) with
additional language making clear that a
financial institution may rely on
information from appropriate thirdparty sources as well as the applicant,
and other edits for clarity. Final
§ 1002.107(b) provides that unless
otherwise provided in subpart B, the
financial institution may rely on
information from the applicant, or
appropriate third-party sources, when
compiling data. Section 1002.107(b)
further states that if the financial
institution verifies applicant-provided
data, however, it shall report the
verified information.
The Bureau is also finalizing
associated comment 107(b)–1 with
phrasing edits similar to those in the
regulation text, and revised and
additional cross-references to facilitate
compliance. Final comment 107(b)–1
explains that a financial institution may
rely on statements made by an applicant
(whether made in writing or orally) or
information provided by an applicant
when compiling and reporting
applicant-provided data; the financial
institution is not required to verify those
statements or that information.
Comment 107(b)–1 further explains,
however, that if the financial institution
does verify applicant statements or
information for its own business
PO 00000
Frm 00229
Fmt 4701
Sfmt 4700
35377
purposes, such as statements relating to
gross annual revenue or time in
business, the financial institution
reports the verified information. The
comment also makes clear that when
collecting certain applicant-provided
data, depending on the circumstances
and the financial institution’s
procedures, a financial institution may
collect and rely on information from
appropriate third-party sources without
requesting it from the applicant. The
comment then provides further
guidance on collection and verification
of applicant-provided data, including a
list of applicant-provided data points. In
order to facilitate compliance, final
comment 107(b)–1 also adds references
to two comments that explain
restrictions regarding verification of
certain data points.
The Bureau believes that requiring
verification of applicant-provided data
points would greatly increase the
operational burden of the rule, and that
relying on applicant-provided data,
whether directly from the applicant or
through appropriate third-party sources,
will ensure sufficient accuracy to carry
out the purposes of section 1071. As
explained above, section 1071 does not
speak to verification; rather it refers
only to compiling and maintaining a
record of certain information provided
by an applicant. However, the Bureau
believes that requiring financial
institutions to collect and report (for
this final rule) information that they
have already verified will only add
slight operational difficulty, and will
enhance the accuracy and usefulness of
the data, thereby furthering the
purposes of section 1071. The Bureau is
implementing this requirement
pursuant to its authority under ECOA
section 704B(g)(1) to prescribe rules in
order to carry out, enforce, and compile
data pursuant to section 1071, and as an
interpretation of the statutory phrase
‘‘compile and maintain’’ in ECOA
section 704B(e)(1). In the Bureau’s view,
the fact that the statute does not use the
specific word ‘‘verification’’ is not
relevant to this issue because the
verification that the financial institution
chooses to carry out is a standard part
of compiling and maintaining the
information provided by the applicant.
The Bureau also believes that this
requirement will improve the quality
and usefulness of the resulting dataset,
thereby furthering the purposes of
section 1071.
In regard to the possibility of the final
rule requiring financial institutions to
report whether or not certain data points
have been verified, the Bureau notes
that no commenters expressed support
for this idea, while several opposed it.
E:\FR\FM\31MYR2.SGM
31MYR2
lotter on DSK11XQN23PROD with RULES2
35378
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
The Bureau believes that such a
requirement would impose considerable
operational difficulty, and it is not clear
that any uses of this information would
justify the increased burden.
Consequently, the final rule does not
include this provision.
As discussed above, several
commenters suggested that verification
might occur at different times on
different platforms and be carried out by
different personnel. Although credit
processing is complex, the Bureau
anticipates that financial institutions
will report data using the applicant’s
whole credit file in order to provide
accurate information, as is done with
HMDA. Although implementing the
final rule so that verified information
can be reported will add operational
difficulty, such difficulty should be
greatly reduced once the rule is
implemented and the gathering of data
is standardized within the financial
institution. In addition, the fact that
different financial institutions have
different processes should not cause a
problem because each financial
institution can implement the rule to
coordinate with its own processes. As
explained above, the Bureau believes
that requiring reporting of the verified
information when the financial
institution verifies for its own purposes
will benefit data users in carrying out
the purposes of section 1071 by
enhancing the quality of the data
reported.
Several commenters were concerned
about how the term ‘‘verification’’
would be interpreted in relation to
unused information in the credit file
that might conflict with applicantprovided data. The Bureau interprets
the word ‘‘verification’’ to mean the
intentional act of determining the
accuracy of information provided, in
this case for the purpose of processing
and underwriting the credit applied for,
and potentially changing that
information to reflect the determination.
Loan file information that may or may
not be more accurate than applicantprovided data and is not part of a
financial institution’s verification of the
file’s applicant-provided data or used by
the institution in processing or
underwriting the loan need not be
reported. For example, a financial
institution that uses a tax form to verify
gross annual revenue, but does not
consider or use the NAICS information
on the tax form, may continue to rely on
the applicant-provided NAICS
information. However, if a financial
institution believes the tax form
information to be more accurate and
chooses to report it instead of the
applicant-provided data, it may do so.
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
The Bureau does not believe that
requiring the reporting of data that is
later verified will interfere with the final
rule’s firewall provision, which exists to
protect against disclosure of protected
demographic information for which
verification is not allowed. For further
discussion of the firewall provision see
the section-by-section analysis of
§ 1002.108 below.
The Bureau does not believe it would
be appropriate, as suggested by some
commenters, require financial
institutions to verify applicant-provided
data when they do not already do so for
their own business purposes. As stated
by several commenters and explained
above, requiring verification merely for
the purpose of data collection would
impose significant operational difficulty
and expense on reporters.
107(c) Time and Manner of Collection
Proposed Rule
Although the definition of
‘‘application’’ triggers a financial
institution’s duty to collect 1071 data,
the application definition does not
necessarily govern when that data must
be collected. The language and structure
of section 1071—which applies to
‘‘applications’’ from ‘‘applicants’’—
indicates that the data must be collected
sometime during the application
process, but does not provide further
detail.768
Proposed § 1002.107(c)(1) would have
required a covered financial institution
to maintain procedures to collect
applicant-provided data under proposed
§ 1002.107(a) at a time and in a manner
that is reasonably designed to obtain a
response. The Bureau believed there
would be benefits to providing a flexible
approach concerning when applicantprovided data must be collected during
the application process. Given the
variety of application processes in the
small business lending space, the
Bureau believed that requiring data
collection to occur within a narrow
window could affect data quality and
disrupt financial institution practices.
On the other hand, the Bureau believed
that safeguards would be necessary to
ensure that financial institutions are not
evading or delaying their obligation to
collect data in a manner that
detrimentally affects response rates.
Proposed comments 107(c)(1)–1 and
–2 would have clarified the meaning of
financial institution ‘‘procedures’’ and
would have emphasized a financial
768 See, e.g., ECOA section 704B(b) (‘‘[I]n the case
of any application to a financial institution . . . .’’)
and 704B(c) (‘‘Any applicant . . . may refuse to
provide any information requested . . . .’’)
(emphases added)).
PO 00000
Frm 00230
Fmt 4701
Sfmt 4700
institution’s latitude to establish
procedures concerning the time and
manner that it collects applicantprovided data, provided that those
procedures are reasonably designed to
collect the applicant-provided data in
proposed § 1002.107(a). Proposed
comment 107(c)(1)–3 would have
clarified what constitutes ‘‘applicantprovided data’’ in proposed
§ 1002.107(c)(1).
Proposed comment 107(c)(1)–4 would
have provided additional guidance on
financial institutions’ procedures that
are reasonably designed to obtain a
response. Proposed comment 107(c)(1)–
4 would have provided that a financial
institution shall assess on a periodic
basis whether its procedures are
reasonably designed. Proposed
comment 107(c)(1)–4 would have
explained that one way a financial
institution may be able to assess
whether its procedures are reasonably
designed would be, once 1071 data are
made publicly available, to compare its
response rate with similarly situated
financial institutions (for example, those
that offer similar products, use a similar
lending model, or are of a similar size).
Proposed comments 107(c)(1)–5 and
–6 would have provided examples of
procedures that generally are and are
not reasonably designed to obtain a
response. Proposed comment 107(c)(1)–
5 would have provided that, although a
fact-based determination, a procedure
reasonably designed to obtain a
response is one in which a financial
institution requests applicant-provided
data at the time of a covered
application; the earlier a financial
institution seeks to collect applicantprovided information, the more likely
the timing of collection is reasonably
designed to obtain an applicant
response. Conversely, proposed
comment 107(c)(1)–6 would have
provided that, as a general matter, a
procedure is not reasonably designed to
obtain a response if a financial
institution requests applicant-provided
data simultaneous with or after
notifying an applicant of action taken on
the covered application. Proposed
comment 107(c)(1)–6 would have
provided that depending on the
particular facts, however, these
procedures may be reasonably designed
to obtain a response; for example, if the
financial institution has evidence or a
reason to believe that under its
procedures the response rate would be
similar to or better than other
alternatives.
Proposed comment 107(c)(1)–7 would
have explained that a financial
institution reports updated applicantprovided data if it obtains more current
E:\FR\FM\31MYR2.SGM
31MYR2
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
lotter on DSK11XQN23PROD with RULES2
data during the application process.
Proposed comment 107(c)(1)–8 would
have provided guidance in the event a
financial institution changes its
determination regarding an applicant’s
status as a small business.
The Bureau sought comment on
proposed § 1002.107(c)(1) and
associated commentary.
Comments Received
The Bureau received comment on
proposed § 1002.107(c)(1) from a
number of lenders, trade associations,
and community groups. Commenters
expressed a range of views.
General comments related to
proposed § 1002.107(c)(1). A number of
commenters, mainly from industry,
supported the flexibility provided in
proposed § 1002.107(c)(1), including
provisions that would have allowed
financial institutions leeway to establish
data collection procedures that best fit
within their processes and business
models. A CDFI lender emphasized that
lenders have varying intake processes.
Similarly, a trade association noted that
while it anticipates most CDFIs will
collect 1071 data as early in the
application process as possible,
including at the time an application is
triggered, lenders should have flexibility
to respond to market concerns. Trade
associations representing automobile
dealers urged the need for flexibility, for
example, to accommodate the different
methods by which data is collected
(online and in-person) and the different
parties involved in a credit transaction.
A CDFI lender argued that the
application and timeline often depends
on the applicant themselves, further
supporting the need for flexibility. A
number of commenters argued for
flexible collection, pointing out that
small business lending, unlike mortgage
lending, does not involve highly
regimented application procedures.
Trade associations representing
automobile dealers further argued that
flexibility would facilitate compliance
without diminishing the information
reported.
Commenters representing community
banks similarly stressed the need for
flexibility. A trade association asked the
Bureau to provide community banks
with flexibility in how and when to
collect 1071 data during the lending
process and latitude to determine what
are reasonable collection practices. The
commenter emphasized the iterative
nature of small business lending, noting
that the application process can span
weeks or months to complete. The
commenter urged the Bureau to avoid
designating a prescriptive point in time
when sufficient data has been gathered
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
to trigger reporting. They further stated
that community banks are good at
satisfying regulatory requirements, do
not need to be second-guessed in how
or when they accomplish data
collection, and that the Bureau should
not be concerned about community
banks’ ability to maintain data quality
and completeness. Even with the
proposed flexibility, a community bank
generally opposed proposed
§ 1002.107(c)(1), stating that the
requirements are similar to HMDA,
which are very onerous and unduly
burdensome on small and mid-size
institutions.
Comments related to the reasonably
designed standard. As described above,
proposed comments 107(c)(1)–4 through
–6 would have provided additional
guidance and examples of reasonably
designed procedures. The Bureau
received numerous comments
concerning proposed comments
107(c)(1)–4 through –6 from a range of
stakeholders.
The Bureau received a number of
comments on its general approach in
proposed comments 107(c)(1)–4 through
–6 to provide examples of procedures
that are and are not reasonably designed
to obtain a response. A CDFI lender and
a trade association representing CDFIs
supported the proposed commentary
and the description of ‘‘reasonably
designed’’ procedures for collecting
applicant-provided data. The trade
association noted that the examples
were helpful to identify what lenders
should avoid and agreed that it is
important to have safeguards to ensure
the data are collected in a manner
reasonably designed to obtain a
response.
In contrast, other commenters argued
that proposed § 1002.107(c)(1) and
associated commentary are ambiguous
or incomplete and urged the Bureau to
provide further guidance. A trade
association representing online small
business lenders expressed concern that
financial institutions would have
increased compliance costs to avoid
unintentional non-compliance. For
example, financial institutions may
believe they are required to compare
response rates at different parts of the
loan application cycle, compare results
similar to an A/B testing scheme, or
otherwise consistently seek to ascertain
the best ways to obtain 1071 applicantprovided data. The commenter
suggested the Bureau provide additional
guidance so that financial institutions
can ensure they meet the reasonableness
standard. Another commenter similarly
requested that the Bureau provide more
guidance on the reasonableness
standard, and in particular clarify that
PO 00000
Frm 00231
Fmt 4701
Sfmt 4700
35379
financial institutions have flexibility to
design self-assessment methods best
suited to their products, processes, and
business models.
Among the proposed examples of
reasonably designed procedures, the
Bureau received the most comments
related to the timing of collection. The
comments spanned a range of positions,
with some commenters advocating for a
more restricted time period for
collection of applicant-provided data
while other commenters sought a more
flexible approach. For example, some
community groups argued that financial
institutions should be required to
collect applicant-provided data at the
time of a covered application. One of
these commenters said that requiring
collection at the time of application
would increase the likelihood of
successfully receiving the requested
information, and that the benefits of
early collection outweigh the costs.
Another commenter similarly asserted
that collection at the time of a covered
application would maximize responses
and urged the Bureau to make it a
requirement, rather than merely a
suggestion, as set forth in the proposal.
A credit union also said that if a
customer does not provide 1071 data
with an application, it will be
challenging for a financial institution to
accurately collect and report the
required data.
In contrast, a number of industry
commenters took issue with proposed
comment 107(c)(1)–6, which would
have provided that collection of
applicant-provided data simultaneous
with or after notifying an applicant of
action taken is generally not reasonably
designed to obtain a response. Many of
these commenters argued that financial
institutions should have flexibility to
collect applicant-provided data after
decisioning an application. A few
commenters went further, arguing that
collection should be permitted or
required to occur after finalizing credit
documents, after a credit decision is
made, or during closing. One
commenter stated that although the
proposed rule asserts to provide
flexibility for financial institutions,
proposed comments 107(c)(1)–5.i and
–6.i (identifying procedures concerning
the timing of collection of applicantprovided data that generally would and
would not be reasonably designed to
obtain a response) claw back that
flexibility by expressing a clear
preference that would discourage
financial institutions from collecting
1071 data at any time except early in the
application process. The commenter
suggested the Bureau instead clarify that
a financial institution has flexibility to
E:\FR\FM\31MYR2.SGM
31MYR2
lotter on DSK11XQN23PROD with RULES2
35380
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
sequence collection at a time it
determines is reasonable for its business
and products, subject to the selfassessment process articulated in
proposed 107(c)(1)–4.
Commenters advanced several
arguments for why financial institutions
should be permitted to collect
applicant-provided data after a credit
decision is made on a covered
application. First, a couple of
commenters stated that it would
minimize friction during the application
process; they asserted that mandating
1071 data collection while the
application is pending would frustrate
the application process, create
additional obstacles, and increase the
likelihood of abandoned applications.
Several technology providers and a
trade association representing
technology providers said that the
application process is already lengthy
enough given existing legal and
underwriting requirements. The
commenters further stated that the
streamlined and user-friendly
application experience that technology
companies have sought to establish
would be further frustrated if 1071 data
is required to be collected early in the
application process. Some of the
commenters argued that sequencing of
1071 data collection involves a tradeoff
between getting small businesses to
respond to 1071 data requests and
getting small businesses to apply for
credit at all. Another trade association
similarly emphasized the need for
flexibility, particularly for fast-paced
processes that render a decision in
minutes.
Several of the commenters argued that
collection of applicant-provided data
early in the process could cause an
applicant to believe that such
information would be considered as part
of the credit decision, therefore
potentially discouraging an applicant
from applying for credit. A group of
technology providers stated that
collection of demographic information
before a credit decision is made may
invite the perception of bias in the
application process, especially if an
applicant is later denied credit. The
commenters cited a Federal Reserve
Banks survey, which they stated showed
that minority-owned businesses were
more likely than white-owned
businesses to report that they did not
apply for financing because they either
believed they would be turned down or
found the application process too
difficult or confusing.769 The
769 Citing Fed. Rsrv. Bank of Atlanta et al., Small
Business Credit Survey: 2021 Report on Firms
Owned by People of Color, at 25 (Apr. 15, 2021),
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
commenters argued that requiring
collection of applicant-provided data
before a credit decision is made would
exacerbate identified concerns of
discouragement and undermine the
purposes of section 1071. Similarly, a
couple commenters expressed concerns
about discouragement if demographic
information is collected early in the
application process. Two CDFI lenders
stated that they had received feedback
from applicants that providing
demographic data early in the
application process felt intrusive and
raised concerns for the applicant that
their responses would negatively affect
their application. As a result, one said
that it had moved collection of
demographic information from the loan
application stage to the loan closing
stage.
A couple of commenters challenged
the Bureau’s assertion that applicants
will be less likely to respond to requests
for the action taken. One commenter
noted that the proposed rule improperly
places the burden on the financial
institution that wants to collect 1071
data after action is taken on an
application to show that response rates
would be similar to or better than
alternative collection methods. Another
asserted that Paycheck Protection
Program data demonstrate that
applicants are less likely to answer a
question about their race on a credit
application. A trade association
representing equipment and leasing
finance companies similarly asserted
that post-decision collection would
improve response rates.
Commenters advanced several other
arguments for why applicant-provided
collection should be permitted or
required to occur after decisioning an
application. A trade association
representing equipment and leasing
finance companies predicted that
collecting applicant-provided data with
the credit application would lead
applicants to provide little information
given the speed of the transaction,
which is often completed in minutes.
The commenter also asserted that the
person initially completing the
application is often not the business
owner or familiar with the owner, and
so would lack the requisite knowledge
to provide certain 1071-required
information. If, on the other hand, the
financial institution can follow-up
electronically or through other means
with the business, the commenter
asserted that the request could be
directed to the person in the best
position to provide the information. The
https://www.fedsmallbusiness.org/survey/2021/
2021-report-on-firms-owned-by-people-of-color.
PO 00000
Frm 00232
Fmt 4701
Sfmt 4700
commenter further stated that collecting
1071 data during the application stage
would be particularly problematic for
vendor finance transactions because the
vendor collecting application
information has no regulatory
requirement to do so, and so would
unlikely take the time to gather the
required information. Another
commenter asserted that post-decision
collection would also ensure that
underwriters would not have access to
an applicant’s responses related to
ethnicity, race, and sex. The commenter
asserted that financial institutions could
ensure data is collected by making it
part of the closing procedures for
approved loans and as part of
remediation efforts for non-approved
loans.
In addition to seeking comment
related to the timing of collection, the
Bureau sought comment on proposed
§ 1002.107(c)(1) and associated
proposed commentary generally,
including on the other examples in
proposed comments 107(c)(1)–5 and –6
of procedures that generally would and
would not be reasonably designed to
obtain a response. The Bureau further
asked commenters whether it would be
useful to provide additional examples.
In response, commenters raised a
number of issues related to the
commentary on reasonably designed
procedures in proposed comments
107(c)(1)–4 through –6.
Several commenters weighed in on
the provision in proposed comment
107(c)(1)–4 that financial institutions
shall ‘‘reassess on a periodic basis’’
whether its procedures are reasonably
designed to obtain a response. One
commenter stated that it would be
appropriate for financial institutions to
conduct periodic reassessments of their
collection procedures, but urged that
procedures should not need to be
reexamined more frequently than once
every three years. The commenter
suggested an additional safeguard
would be to encourage consistent
collection across individual institutions
and small business lending sectors.
Another commenter urged the Bureau to
provide greater clarity on how frequent
‘‘periodic’’ testing must occur so that
financial institutions can allocate
resources accordingly, and encouraged
the Bureau to take into account different
products and resources among financial
institutions. A business advocacy group
urged the Bureau not to treat an
applicant’s decision to not to provide
1071 data as evidence that a lender
lacks reasonably designed procedures.
A couple of commenters provided
feedback on the use of response rates. A
community group and a minority
E:\FR\FM\31MYR2.SGM
31MYR2
lotter on DSK11XQN23PROD with RULES2
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
business advocacy group asked the
Bureau to reconsider guidance in
proposed comment 107(c)(1)–4 that a
financial institution may assess the
reasonableness of its procedures by, for
example, comparing its response rate
with similarly situated financial
institutions. The commenters argued
that peers may also not be making a
reasonable effort to collect the data, and
that it would be better to have a
concrete metric, for example, based on
other data collection efforts with good
response rates.
A handful of commenters asked the
Bureau to take other actions related to
proposed § 1002.107(c)(1), including to
provide additional clarifications and
guidance. First, a trade association
asked the Bureau to clarify that lenders
need only request 1071-required data
once. Next, a group of trade associations
asked for clarification on proposed
comment 107(c)(1)–7, which would
have provided that a financial
institution reports updated applicantprovided data if it obtains more current
data during the application process. The
commenter said that the requirement to
‘‘update’’ information is ambiguous, and
inquired whether a financial institution
would be required to update
information if an applicant supplies
updated data without a request from the
financial institution. The commenter
also asserted that it was unclear how
proposed comment 107(c)(1)–7 relates
to proposed § 1002.107(b) related to the
reporting of verified information where
obtained. A network of financial
institutions specializing in agricultural
lending stated that certain lenders use
the information included in scoring
models to determine whether the
applicant business is a ‘‘small
business,’’ and so would not be able to
identify applications involving a small
business for which demographic
information must be collected, until
after a credit decision is made. The
commenter argued that because ECOA
and the Fair Credit Reporting Act
require a timely decision be made and
communicated, it would be a direct
conflict of the regulations to delay
communicating a credit decision to a
customer solely to acquire data for
demographic reporting purposes.
Several commenters asked the Bureau
to provide additional guidance on the
manner in which applicant-provided
data can be collected, including
disclosures and sample forms for
collection. A CDFI lender asked the
Bureau to share best practices on
disclosures or assurances a lender can
provide applicants when collecting
demographic information to allay
concerns about how the data will be
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
used. A community bank and a
community group urged the Bureau to
provide a data collection form for
financial institutions to use when
collecting 1071 data from applicants.
The community bank asserted that use
of a data collection form would increase
borrower response rates, as
demonstrated by Paycheck Protection
Program statistics. The commenter also
argued that absent a uniform CFPBissued form, collection will be flawed
and the data useless. A community
group stated that the Bureau may want
to create a sample application form with
all required data elements in order to
facilitate data collection. Finally, a bank
and a trade association urged the Bureau
to expressly permit covered financial
institutions to collect required data from
applicants through a variety of means,
including on an application form, on
supplemental documents or forms, or on
the proposed sample data collection
form. The commenters stated that
certain applicant-provided data points,
such as number of workers, time in
business, and NAICS code, are not on
the sample data collection form. The
commenters stated that except for data
points required to be collected on the
sample data collection form and kept
separate, financial institutions should
be permitted to collect the other data
points through various means or forms.
Comments requesting special
treatment for particular transactions or
financial institutions. Several
commenters urged the Bureau exempt
particular types of transactions or
lenders from coverage under the rule,
primarily due to concerns about the
specific characteristics of these
application processes and the particular
difficulty of collecting demographic
information in light of these
characteristics.770 As discussed in the
NPRM, the proposed rule would not
have made any exceptions concerning
the time and manner of collecting 1071
data for point of sale transactions.771 In
response to the Bureau’s request for
comment on point of sale transactions,
two trade association commenters and a
community group stated that such
transactions should be provided special
treatment or exceptions. The two trade
associations, one representing industry
and another representing retailers,
opposed rule coverage for private label
applications, focusing particularly on
770 See also the section-by-section analysis of
§ 1002.104 (covered credit transactions) concerning
additional comments related to private-label credit
and insurance premium finance transactions, and
the section-by-section analysis of § 1002.105
(covered financial institutions and exempt
institutions) concerning indirect lending.
771 86 FR 56356, 56487–88 (Oct. 8, 2021).
PO 00000
Frm 00233
Fmt 4701
Sfmt 4700
35381
point of sale transactions. One stated
that credit applications are taken at the
point of sale or at a customer service
desk using interview-style or interactive
processes. The commenters asserted that
customers would feel uncomfortable
answering questions related to their
race, sex, and ethnicity in such a public
place, without the necessary privacy
accommodations. They also argued that
collecting applicant-provided data
would significantly lengthen the
application process, frustrating retailers’
focus on speed, efficiency, and limiting
time spent in the checkout line. The
commenters further asserted that
requiring 1071 data collection at the
point of sale would impede the
availability of commercial credit
applications in-store, both because
businesses would not want to apply for
credit and because retailers would no
longer offer in-store private label credit.
One also argued that point of sale
transaction data would be of reduced
data quality: the data may be collected
from persons who are not the principal
owners of a business and may therefor
lack the relevant knowledge, the
environment is not conducive to
collecting detailed information, and the
data would reflect the retailer’s, rather
than a financial institution’s, clientele.
The commenter also said that retail staff
are unable to manage sensitive
demographic information and that
retailers will not appreciate allegations
of discrimination if an application is left
pending or denied. A few commenters
suggested that if the Bureau were to
include private label or co-branded
transactions (which often occur as point
of sale transactions) in the final rule, it
should exempt transactions under
$50,000 to mitigate the impact of
inclusion and provide consistency with
FinCEN’s customer due diligence rule.
Similarly, a trade association stated that
if point of sale transactions are
included, credit lines below $50,000
should be excepted from the
requirement to obtain demographic
information.
In contrast, a community group urged
the Bureau not to provide special
treatment for point of sale transactions,
arguing that point of sale transactions
should follow a similar procedure as
other covered transactions. The
commenter voiced agreement for the
Bureau’s suggestion in the proposed
rule that retail stores can use the sample
data collection form (printed or online)
for point of sale transactions.
Next, a trade association representing
insurance premium finance lenders and
insurance agents and brokers similarly
argued that the Bureau’s rule should not
apply to insurance premium finance
E:\FR\FM\31MYR2.SGM
31MYR2
35382
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
lotter on DSK11XQN23PROD with RULES2
lenders, asserting that such lenders
cannot collect 1071 data until after
funding. Comments regarding insurance
premium finance are discussed in the
section-by-section analysis of
§ 1002.104(b)(3).
Finally, one trade association argued
for the exemption of captive vehicle
finance lenders, based in part on
concerns about the collection of small
business lending data. The commenter
argued that because indirect lenders do
not interact with the applicant, they
cannot gather certain data required by
section 1071, and therefore the motor
vehicle dealer would be the only party
capable of requesting the applicant’s
protected demographic information.
However, the commenter asserted, the
dealer is outside the CFPB’s authority
and is currently prohibited by ECOA
from gathering this information. The
commenter stated that the proposal
would put pressure on dealers to collect
otherwise protected information. The
commenter further noted that the
employee acquiring the vehicle may not
be familiar with the requested data,
such as total revenue or ownership
structure. In addition, the commenter
voiced concerns about purportedly
having to collect data at each stage of
the process, potentially by multiple
covered financial institutions. The
commenter argued that requiring
collection of 1071 data (such as
ethnicity, race, and sex information) at
multiple points in the process would be
unnecessary, costly, and duplicative,
and could expose financial institutions
to liability.
Final Rule—Overview of Final
§ 1002.107(c)
For the reasons set forth below, the
Bureau is finalizing § 1002.107(c)(1) to
require a covered financial institution to
not discourage an applicant from
responding to requests for applicantprovided data under final § 1002.107(a)
and to otherwise maintain procedures to
collect such data at a time and in a
manner that are reasonably designed to
obtain a response. The Bureau is
adopting new § 1002.107(c)(2) to
identify certain minimum components
when collecting data directly from the
applicant that must be included within
a financial institution’s procedures to
ensure they are reasonably designed to
obtain a response. The Bureau is also
adopting new § 1002.107(c)(3) to
provide the additional safeguard that a
covered financial institution must
maintain procedures to identify and
respond to indicia that it may be
discouraging applicants from
responding to requests for applicantprovided data, including low response
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
rates for applicant-provided data.
Finally, new § 1002.107(c)(4) provides
that low response rates for applicantprovided data may indicate that a
financial institution is discouraging
applicants from responding to requests
for applicant-provided data or otherwise
failing to maintain procedures to collect
applicant-provided data that are
reasonably designed to obtain a
response. The Bureau is finalizing
§ 1002.107(c) pursuant to its authority
in ECOA section 704B(g)(1) to prescribe
such rules and issue such guidance as
may be necessary to carry out, enforce,
and compile data pursuant to section
1071. For the reasons discussed below,
final § 1002.107(c) is necessary to
collect 1071 data from applicants and
prevent financial institutions from
discouraging or influencing an
applicant’s response.
Final § 1002.107(c) seeks to provide a
balance between flexibility and ensuring
data collection occurs without
discouragement and otherwise in a time
and manner likely to generate a robust
response. On the one hand, the Bureau
believes there are benefits to preserving
some flexibility concerning the time and
manner in which applicant-provided
data are collected. As noted by a
number of commenters, there are
benefits to providing a flexible approach
given the variety of application
processes in the small business lending
space. The Bureau believes that
financial institutions may need latitude
to adjust data collection practices to fit
within their own processes and business
models; requiring data collection at a
single point in time, or only through a
particular method, may affect data
quality and disrupt financial
institutions’ practices.
On the other hand, the Bureau
believes that collection of applicantprovided data is essential to fulfilling
the purposes of section 1071. The
Bureau therefore believes that
substantial safeguards are necessary to
ensure that financial institutions do not
discourage applicants from responding
to requests for applicant-provided data
or otherwise evade or delay their
obligation to collect 1071 data in a
manner that detrimentally affects
response rates.
The Bureau is also implementing
revisions to final § 1002.107(c) to
provide additional clarity to covered
financial institutions concerning the
reasonably designed standard and
minimum requirements. These changes
are responsive to feedback from
commenters that proposed
1002.107(c)(1) and associated
commentary would have been
ambiguous and potentially inconsistent,
PO 00000
Frm 00234
Fmt 4701
Sfmt 4700
and requesting further clarity and
guidance. The revisions to final
§ 1002.107(c) and responses to
commenter feedback are discussed in
depth below.
Final Rule—§ 1002.107(c)(1) in General
Final § 1002.107(c)(1) requires a
covered financial institution to not
discourage applicants from responding
to requests for applicant-provided data
under § 1002.107(a) and to otherwise
maintain procedures to collect such data
at a time and in a manner that are
reasonably designed to obtain a
response. As discussed above, the
Bureau believes this general standard
provides flexibility to accommodate
various small business lending models
while also imposing a general duty to
maintain procedures concerning the
collection of applicant-provided data
that are reasonably designed to obtain a
response, including not discouraging
applicant responses. In general,
reasonably designed procedures will
seek to maximize collection of
applicant-provided data and minimize
missing or erroneous data, and
procedures cannot be reasonably
designed if they permit financial
institutions to engage in conduct that
discourages applicants from responding
to requests for applicant-provided data.
While the Bureau believes that
reasonably designed procedures to
collect applicant-provided data
inherently must not discourage
applicants from responding, in response
to comments seeking additional clarity
on the Bureau’s understanding of
reasonably designed procedures, the
Bureau is now clearly articulating the
prohibition against discouragement.
Comments 107(c)(1)–1 and –3 are
finalized with minor revisions for
clarity and consistency. Final comment
107(c)(1)–2 is revised to affirm a
financial institution’s flexibility to
establish procedures concerning the
time and manner that it collects
applicant-provided data, provided that
its procedures otherwise meet the
requirements of final § 1002.107(c).
New comment 107(c)(1)–4 (part of
which was proposed as part of comment
107(c)(1)–3) clarifies that applicantprovided data can be obtained without
a direct request to the applicant and can
be based on other information provided
by the applicant or through appropriate
third-party sources.
The Bureau is revising comment
107(c)(1)–5 (proposed as comment
107(c)(1)–7) to clarify that a financial
institution reports updated data if it
obtains more current data from the
applicant during the application
process. In response to a commenter’s
E:\FR\FM\31MYR2.SGM
31MYR2
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
request for additional guidance on
whether a financial institution must
update data if the applicant provides the
information without a request from the
financial institution, the Bureau notes
that final comment 107(c)(1)–5 requires
a financial institution to report data
updated by the applicant regardless of
whether the financial institution solicits
the information. The commenter also
asked how proposed comment
107(c)(1)–7 differs from proposed
§ 1002.107(b), which would have
permitted a financial institution to rely
on statements of the applicant when
compiling data, unless verified
information was available. Both final
comment 107(c)(1)–5 and final
§ 1002.107(b) require reporting of
updated information where available;
the former is focused on data provided
by the applicant, while the latter is
focused on data verified by the financial
institution. Thus, no matter the source,
a financial institution should report
updated data where available. To the
extent a financial institution receives
updates from the applicant on data the
financial institution has already
verified, final comment 107(c)(1)–5 is
revised to clarify that a financial
institution reports the information it
believes to be more accurate, in its
discretion.
lotter on DSK11XQN23PROD with RULES2
Final Rule—§ 1002.107(c)(2) ApplicantProvided Data Collected Directly From
the Applicant
The Bureau is adopting new
§ 1002.107(c)(2), which provides that for
data collected directly from the
applicant, procedures that are
reasonably designed to obtain a
response must include four specific
components, which are further
described below. The Bureau is
adopting new § 1002.107(c)(2) to
provide financial institutions additional
clarity on minimum criteria the Bureau
believes are necessary for a financial
institution’s procedures to be
‘‘reasonably designed’’ to obtain a
response. Although proposed comments
107(c)(1)–4 through –6 would have
provided examples of procedures that
generally were and were not reasonably
designed, as discussed above, the
Bureau received feedback that proposed
§ 1002.107(c)(1) and associated
comments would have been ambiguous,
been incomplete, or increased
compliance burdens on financial
institutions seeking to avoid
unintentional non-compliance. The
Bureau also believes that greater clarity
will increase compliance and help
ensure financial institutions put such
safeguards into place.
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
New comment 107(c)(2)–1 provides
general guidance on what are reasonably
designed procedures and the minimum
criteria required under final
§ 1002.107(c)(2). Comment 107(c)(2)–1
clarifies that whether a financial
institution’s procedures are reasonably
designed is a fact-based determination
that may depend on a number of factors,
and that procedures that are reasonably
designed to obtain a response may
therefore require additional provisions
beyond the minimum criteria set forth
in § 1002.107(c)(2). In general,
reasonably designed procedures will
seek to maximize collection of
applicant-provided data and minimize
missing or erroneous data.
The specific components that must be
included within a financial institution’s
procedures pursuant to final
§ 1002.107(c)(2) are each discussed in
turn below.
Provisions primarily related to the
timing of collection. The Bureau is
adopting new § 1002.107(c)(2)(i), which
requires covered financial institutions to
maintain procedures that provide for the
initial request for applicant-provided
data to occur prior to notifying an
applicant of final action taken on a
covered application. The Bureau
believes this requirement strikes the
right balance between providing
financial institutions some flexibility to
time the initial collection of applicantprovided data at a point that works for
their business models, while also
putting in place a guardrail to ensure
that applicant-provided data is not
collected so late in the process that it
jeopardizes the likelihood of receiving a
response from an applicant. Unlike
proposed § 1002.107(c)(1), which did
not set forth any concrete timing
deadlines for the collection of applicantprovided data, final § 1002.107(c)(2)(i)
requires financial institutions to
initially seek to collect applicantprovided data, at the latest, before
notifying the applicant of final action
taken on a covered application. The
Bureau is adopting this revision for
several reasons, described below.
Foremost among them, the Bureau
believes that initial attempts to collect
applicant-provided data after notifying
an applicant of action taken on an
application—particularly if the action
taken is a denial—are likely to result in
higher rates of missing data. This view
is unchanged from the Bureau’s initial
position at the NPRM stage, which
similarly encouraged collection early in
the process and before notifying the
applicant of action taken on the
PO 00000
Frm 00235
Fmt 4701
Sfmt 4700
35383
application.772 Not only will late
collections miss withdrawn or
incomplete applications—information
about which is essential to the purposes
of section 1071—but it will also likely
jeopardize the probability of responses
from declined applicants. Unlike
originated applications, which have
continuous touch points between an
applicant and a lender, the Bureau
believes it is highly unlikely that an
applicant will continue to engage in any
information gathering process after
being denied a request for credit.
Significantly, no commenter provided a
viable solution for ensuring collection of
1071 data after an application is denied.
Next, final § 1002.107(c)(2)(i) provides
a bright line point in the application
process before which financial
institutions must initially seek to collect
applicant-provided data, therefore
responding to certain commenter
feedback that the proposed standard
would be ambiguous. As noted by one
commenter, although the proposal
asserted to provide flexibility for
financial institutions to collect
applicant-provided data at any point
during the application process, so long
as the procedures are reasonably
designed, the proposed commentary
clawed back that flexibility by
expressing a clear preference for
collection before notifying an applicant
of the outcome of its application. The
Bureau agrees this fluid framing may
cause confusion, and believes providing
a defined time frame early enough in the
process when applicant-provided data
must be collected will assist financial
institutions with compliance.
Finally, other changes in the final rule
counsel in favor of adopting a more
concrete timing standard for the
collection of applicant-provided data.
Unlike the proposal, which would have
included a requirement in certain
circumstances for financial institutions
to collect information about an
applicant’s ethnicity and race based on
visual observation and/or surname
analysis if the applicant did not itself
provide such information, as discussed
in the section-by-section analysis of
§ 1002.107(a)(19) above, the final rule
does not include such a requirement. As
772 As discussed above, proposed comment
107(c)(1)–5 would have provided that although a
fact-based determination, a procedure reasonably
designed to obtain a response is one in which a
financial institution requests applicant-provided
data at the time of a covered application.
Conversely, proposed comment 107(c)(1)–6 would
have provided that a procedure is generally not
reasonably designed to obtain a response if a
financial institution requests applicant-provided
data simultaneous with or after notifying an
applicant of action taken on the covered
application.
E:\FR\FM\31MYR2.SGM
31MYR2
lotter on DSK11XQN23PROD with RULES2
35384
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
a result, financial institutions might be
less motivated to obtain demographic
information early enough in the process,
when the applicant is still actively
engaged and more likely to respond to
data requests.
As described above, some
commenters urged the Bureau to tighten
the timing requirement to require
collection in a narrow timeframe, while
others asked the Bureau to expand the
timing requirement to widely permit
collection even after notifying an
applicant of action taken on a covered
application. The Bureau is not adopting
either approach. Although the Bureau
agrees with commenters who argued
that collection at the time of a covered
application will likely increase
applicant responses rates in most
instances, given the fluid and
heterogenous nature of small business
lending, the Bureau believes designating
a narrow time-frame may be overly
restrictive.
On the other hand, the Bureau is also
not permitting financial institutions to
attempt the initial collection of
applicant-provided data after notifying
an applicant of action taken on an
application. Industry commenters’
principal argument was that collection
of sensitive applicant-provided data
before decisioning an application could
lead to discouragement: applicants may
be concerned that the information will
be used against them in the credit
decision and thus will either not
provide the information or not proceed
with the credit transaction altogether.
Industry commenters also raised the
concern that financial institutions could
be accused of bias if an applicant is
ultimately denied credit after providing
protected demographic information.
The Bureau does not believe that early
collection will discourage applicants
from disclosing certain demographic
information and does not believe this
concern expressed by commenters
outweighs the benefits of early data
collection. Initially, concerns of
discouragement may be mitigated by the
mandatory disclosure language set forth
in final comments 107(a)(18)–3 and
107(a)(19)–3, and included on the
sample data collection form in appendix
E, which explains to applicants the
reason the information is being
collected and that the information
cannot be used to discriminate against
the applicant. If, however, an applicant
remains concerned about providing
applicant demographic information, the
applicant can always choose to not
provide any requested information (e.g.,
by selecting ‘‘I do not wish to provide
this information’’ or similar for any of
the demographic information inquiries).
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
As set forth in final comments
107(a)(18)–1 and 107(a)(19)–1, a
financial institution must permit an
applicant to refuse or decline to answer
inquiries regarding the applicant’s
protected demographic information and
must inform the applicant that the
applicant is not required to provide the
information. These protections ensure
that any applicant who does not feel
comfortable providing a response to the
demographic inquiries, is not required
to do so.
Similarly, the Bureau does not believe
that requiring an initial collection
attempt before notifying an applicant of
action taken will result in fewer
applicants voluntarily providing certain
demographic information. The Bureau
notes that financial institutions
regularly collect, at the time of
application, demographic information
required by Regulation C without issue.
Although certain commenters cited to
the Paycheck Protection Program as
evidence that the collection of
demographic information at the time of
application results in low response
rates, the demographic response rates
for Regulation C are significantly higher
than for the Paycheck Protection
Program, with only 14.3 and 14.7
percent of HMDA respondents not
providing a response for race and
ethnicity, respectively.773 Thus, the
lower response rate for Paycheck
Protection Program applicants is likely
due to independent factors. Moreover,
to the extent that a financial institution
believes that applicants may be
reluctant to provide demographic data
before an application is decisioned, new
§ 1002.107(c)(2)(i) only requires a
financial institution to make an initial
collection attempt before notifying an
applicant of action taken; nothing
prevents a financial institution from
making another attempt to collect data
required by this rule after the
application is decisioned.
Ultimately, any applicant reluctance
to provide demographic (or other
applicant-provided data) pre-decision is
not outweighed by the commonsense
conclusion that applicants will be
773 See 86 FR 56356, 56483 (Oct. 8, 2021) (noting
that demographic response rates in the SBA’s
Paycheck Protection Program data are ‘‘much lower
when compared to ethnicity, race, and sex response
rates in HMDA data. For instance, roughly 71
percent of respondents in the [Paycheck Protection
Program] data did not provide a response for race,
compared to only 14.7 percent in the HMDA data.
Roughly 66 percent of respondents in the [Paycheck
Protection Program] data did not provide a response
for ethnicity, compared to only 14.3 percent in the
HMDA data.’’) (citing Small Bus. Admin., Paycheck
Protection Program Weekly Reports 2021, Version
11, at 9 (effective Apr. 5, 2021), https://
www.sba.gov/sites/default/files/2021-04/PPP_
Report_Public_210404-508.pdf.
PO 00000
Frm 00236
Fmt 4701
Sfmt 4700
unwilling and unmotivated to provide
information after being denied a request
for credit. After a denial, an applicant
will have no independent reason to
continue discussions with the lender,
much less respond to new requests for
information. In this respect, 1071 data
collection is distinct from current
collection efforts by CDFIs that
generally seek to collect demographic
information for originated loans, but not
denied loans. While CDFI commenters’
practice of collecting demographic data
at loan closing may make sense for other
regulatory regimes, it would not be
effective at capturing data on denied,
incomplete, or withdrawn
applications.774 Although some
commenters asserted that response rates
would be better if demographic
information is collected post-decision,
significantly, none of the commenters
were able to provide persuasive
evidence in support of their assertion, to
rebut the belief that applicants are
unlikely to respond to information
requests once they are no longer
involved in the application process, or
to offer a workable solution to ensure
robust data collection post-decision.
While one commenter suggested that
financial institutions could collect
applicant-provided data ‘‘as part of
remediation efforts for non-approved
loans,’’ the commenter provided no
specifics as to what this would entail, or
how or why it would be effective.
Next, commenters stated that
permitting post-decision collection
would minimize friction in the
application process. These commenters
argued that streamlining the application
process is of paramount importance to
their business, and any additional delay
could frustrate the application process
and lead to abandoned applications.
The Bureau agrees that new
§ 1002.107(c)(2)(i) may require financial
institutions to take some minimal
additional steps during the information
gathering stage of the application
process, but believes that these
additional minimal steps are necessary
to fulfill the purposes of section 1071
and should not impact meaningfully the
rate of abandoned applications.
Moreover, as discussed in the sectionby-section analysis of § 1002.107(d), the
Bureau has provided flexibilities for
financial institutions to reuse some
applicant-provided data under certain
circumstances, which may alleviate the
774 See, e.g., 12 CFR 1805.803 (identifying data
collection and reporting requirements for the CDFI
program, which provides that a financial institution
recipient shall ‘‘compile data on gender, race,
ethnicity, national original, or other information on
individuals that utilize its products and services
. . . .’’) (emphasis added).
E:\FR\FM\31MYR2.SGM
31MYR2
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
lotter on DSK11XQN23PROD with RULES2
need for repeated collections. In
response to an industry commenter’s
argument that applicants are unlikely to
respond to 1071 data requests given the
speed of certain application processes,
the Bureau notes that the applicant is
less likely to respond if the data is
requested post-decision when the
applicant is no longer engaged in the
process at all. Given the relatively
limited time it would take to collect
1071 data, the Bureau also rejects
commenters’ assertion that requesting
1071 data will negatively impact
whether a small business applies for
credit at all. No commenter provided
persuasive evidence that applicants will
avoid seeking credit because of data
collection under this rule.
Commenters raised a handful of
additional arguments. In response to a
commenter’s argument that the person
initially completing the application may
not be the business owner or have the
requisite knowledge, the Bureau notes
that new comment 107(c)(2)–2.v permits
a financial institution to follow-up with
additional attempts to collect the
information through different means or
at another time. Moreover, given that
approximately 82 percent of small
businesses are non-employer firms,775
the Bureau believes in most instances
the individual completing the form will
have the relevant information.
Next, in response to a comment that
post-decision collection would ensure
underwriters do not have access to
protected demographic information, the
Bureau agrees, but does not believe that
such considerations trump the
importance of ensuring data are
collected in the first place. Indeed, the
fact that ECOA section 704B(d)(2)
contemplates that underwriters and
other employees involved in making a
credit determination may have access to
applicant-provided data demonstrates
that Congress envisioned that financial
institutions may collect 1071 data before
decisioning an application. In any
event, concerns about access to
demographic information are adequately
addressed by the firewall provision in
final § 1002.108, as well as the general
prohibition from discriminating on a
prohibited basis in any aspect of a credit
transaction in existing ECOA and
Regulation B.
Finally, one commenter indirectly
took issue with the requirement to
collect applicant-provided data in
775 White Paper at 8; see also U.S. Small Bus.
Admin., Off. of Advocacy, 2022 Small Business
Profile, at 2 (2022), https://cdn.advocacy.sba.gov/
wp-content/uploads/2022/08/30121338/SmallBusiness-Economic-Profile-US.pdf (identifying
33,185,550 small businesses, of which 27,104,006
have no employees).
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
advance of notifying an applicant of
action taken by noting that certain
lenders would use decision scoring
models to also determine whether the
applicant is a ‘‘small business,’’ such
that demographic information could
only be collected after a decision is
made on the application. Initially, the
Bureau notes that nothing prevents a
financial institution from inquiring
whether the applicant is a ‘‘small
business,’’ and if so, seeking applicantprovided data before decisioning the
covered application. Indeed, as
discussed in final comment 107(c)(2)–
2.i, the earlier in the application process
the financial institution initially seeks
to collect applicant-provided data, the
more likely the timing of collection is
reasonably designed to obtain a
response. The Bureau also does not
agree that delaying communicating a
credit decision to an applicant in order
to acquire demographic or other
applicant-provided data would violate
ECOA and the Fair Credit Reporting
Act. The Bureau does not believe there
is a conflict between the laws; any delay
would be minimal, would not affect the
timeframes under existing Regulation B
to provide required notices when
decisioning a credit application,776 and
could be avoided by collecting
applicant-provided data in advance, as
discussed above.777
For the reasons discussed above,
including that collection occurring postfinal action would undermine the
purposes of section 1071, the Bureau is
requiring financial institutions to
maintain procedures to collect
applicant-provided data before notifying
the applicant of final action on the
application.778 The Bureau is also
adopting new comment 107(c)(2)–2.i,
which provides additional guidance
concerning when financial institutions
must initially seek to collect 1071
776 Existing Regulation B § 1002.19(a)(1) requires
a creditor to notify an applicant of action taken
within 30 days after receiving a completed
application.
777 See Epic Sys. Corp. v. Lewis, 138 S. Ct. 1612,
1624 (2018) (‘‘When confronted with two Acts of
Congress allegedly touching on the same topic, this
Court is not at ‘liberty to pick and choose among
congressional enactments’ and must instead strive
‘to give effect to both.’ ’’ (citation omitted)).
778 Although final § 1002.107(c)(2)(i) requires
collection before notifying an applicant of final
action on an application, the Bureau anticipates
that in the vast majority of cases financial
institutions will also collect applicant-provided
data before decisioning an application. The Bureau
is requiring collection based on when an applicant
is notified of final action on the application,
however, given the concerns noted above
(particularly related to the applicant’s willingness
to stay engaged) and because a financial institution
may have an easier time controlling when an
applicant is notified, versus when an application is
decisioned.
PO 00000
Frm 00237
Fmt 4701
Sfmt 4700
35385
applicant-provided data. New comment
107(c)(2)–2.i clarifies that
§ 1002.107(c)(2) requires that under no
circumstances may the initial request
for applicant-provided data occur
simultaneous with or after notifying an
applicant of final action taken on a
covered application.779
Although new § 1002.107(c)(2)(i)
requires a financial institution to make
an initial collection attempt prior to
notifying an applicant of action taken,
new comment 107(c)(2)–2.v clarifies
that a financial institution has latitude
to make additional requests for
applicant-provided data, including after
notifying the applicant of action taken.
In response to a trade association’s
request that the Bureau clarify how
many times a financial institution must
request 1071 data, new comment
107(c)(2)–2.v clarifies that a financial
institution is permitted, but not
required, to make more than one
attempt to obtain applicant-provided
data if the applicant does not respond
to an initial request. For example, a
financial institution may decide to make
multiple requests if it is concerned that
applicants may not be as forthcoming
early in the process, if it has multiple
opportunities to request 1071 data that
work well within its business processes,
or as another method to encourage
greater applicant response.
Provisions primarily related to the
manner of collection. New
§ 1002.107(c)(2)(ii) through (iv) sets
forth provisions that financial
institutions must incorporate into their
procedures for collecting applicantprovided data directly from the
applicant to ensure that such
procedures are reasonably designed to
obtain a response and do not discourage
a response. New § 1002.107(c)(2)(ii)
requires financial institutions to
maintain procedures that provide the
request for applicant-provided data is
prominently displayed or presented.
New comment 107(c)(2)–2.ii provides
further guidance on the requirement,
clarifying that a financial institution
must ensure an applicant actually sees,
hears, or is otherwise presented with the
request for applicant-provided data, and
that if the request is obscured or likely
to be overlooked or missed by the
applicant, it is not reasonably designed.
For example, a financial institution
779 Nor may a financial institution seek to evade
§ 1002.107(c)(2)(i) by initially seeking to collect
applicant-provided data after it has signaled to the
applicant that its application has been decisioned
and the likely outcome, even if the financial
institution has not yet formally notified the
applicant of action taken on the covered
application. Such conduct would not constitute
procedures reasonably designed to obtain a
response, as required pursuant to § 1002.107(c)(1).
E:\FR\FM\31MYR2.SGM
31MYR2
lotter on DSK11XQN23PROD with RULES2
35386
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
seeking to collect 1071 data in
connection with a digital application
likely does not have reasonably
designed procedures if it uses a
bypassable hyperlink for 1071 data
collection while other data are
requested through click-through
screens.
New § 1002.107(c)(2)(iii) requires that
the financial institution’s procedures
must not have the effect of discouraging
applicants from responding to a request
for applicant-provided data. New
comment 107(c)(2)–2.iii clarifies that a
covered financial institution that
collects applicant-provided data in a
time or manner that directly or
indirectly discourages or obstructs an
applicant from responding or providing
a particular response violates the rule.
The comment also provides further
guidance on procedures that may avoid
the effect of discouraging a response.
For example, comment 107(c)(2)–2.iii.B
explains a covered financial institution
avoids discouraging a response by
requiring an applicant to provide a
response in order to proceed with a
covered application, including, as
applicable, a response of ‘‘I do not wish
to provide this information’’ or similar.
While optional, requiring an applicant
to provide a response, particularly for
the collection of demographic applicant
information, may be one of the most
effective methods a financial institution
can use to maximize collection of such
data.
The Bureau notes that other aspects of
this final rule are similarly directed at
ensuring applicants are not discouraged
from providing a response. For example,
in response to a commenter’s request
that the Bureau provide potential
disclosure language and sample
collection forms financial institutions
can use with applicants to allay
concerns about how data will be used,
the Bureau notes that the final rule
provides for such required disclosure
language and a sample disclosure form.
For instance, final comments
107(a)(18)–4 and 107(a)(19)–4,
concerning collection of applicant
demographic information, require
financial institutions to inform the
applicant both that a financial
institution cannot discriminate on the
basis of the applicant’s responses to data
collected pursuant to § 1002.107(a)(18)
and (19) and that Federal law requires
them to ask for an applicant’s
demographic information to help ensure
that all small business applicants for
credit are treated fairly and that
communities’ small business credit
needs are being fulfilled. The Bureau
believes such explanations, which are
included in the sample data collection
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
form in appendix E, are important to
inform applicants why the request is
being made and to assure them that
financial institutions may not use the
information collected for a
discriminatory purpose.780
Finally, new § 1002.107(c)(2)(iv)
requires that the financial institution’s
procedures include provisions that
ensure applicants can easily respond to
a request for applicant-provided data.
New comment 107(c)(2)–2.iv provides
additional guidance and examples of
procedures that would and would not
make it easy for an applicant to provide
a response. The comment further
clarifies that a financial institution
complies with § 1002.107(c)(2)(iv) if it
requests the applicant to respond to
inquiries made pursuant to
§ 1002.107(a)(18) and (19) through a
reasonable method intended to keep the
applicant’s responses discrete and
protected from view. For example, if an
applicant is completing a paper
application form, a financial institution
may request that the applicant return a
paper data collection form requesting
demographic data in a sealed envelope
provided by the financial institution.
In response to a commenter’s
suggestion that the Bureau permit
financial institutions to collect
applicant-provided data through a
variety of means, the Bureau notes that
nothing requires a financial institution
to request applicant-provided data in a
single format or manner, and indeed
new comment 107(c)(2)–2.iv expressly
contemplates that a financial institution
may use multiple methods to collect
applicant-provided data.
Final Rule—§ 1002.107(c)(3) Procedures
To Monitor Compliance
The Bureau is adopting new
§ 1002.107(c)(3) to require that a
covered financial institution maintain
procedures designed to identify and
respond to indicia of potential
discouragement, including low response
rates for applicant-provided data. The
Bureau is adopting new § 1002.107(c)(3)
in order to provide greater clarity and
safeguards on the type of infrastructure
financial institutions are expected to
have in place in order to ensure
compliance with final § 1002.107(c)(1)
and (2). Although the Bureau anticipates
780 In response to a community group’s suggestion
that the Bureau create a sample form with all
required data elements, the Bureau notes that,
except for collection of certain demographic
information, many financial institutions already
collect some or all of the data required by this final
rule, or may opt do so in a myriad of ways. See the
section-by-section analysis of appendix E for further
discussion of why the Bureau is not adopting
sample or model forms for the collection of other
types of data required by this rule.
PO 00000
Frm 00238
Fmt 4701
Sfmt 4700
that the particular components of a
financial institution’s procedures will
vary from institution to institution, to
provide regulatory clarity, new
comment 107(c)(3)–1 provides a list of
procedures the Bureau generally expects
financial institutions will maintain in
order to identify and respond to indicia
of potential discouragement.781
In response to commenters’ request
for additional guidance on proposed
comment 107(c)(1)–4, which would
have required financial institutions to
reassess on a periodic basis, based on
available data, whether its procedures
are reasonably designed to obtain a
response, the Bureau notes that new
§ 1002.107(c)(3) and comment
107(c)(3)–1 clarify the type of
monitoring expected of financial
institutions. In response to a
commenter’s question about whether a
financial institution is permitted or
required to engage in testing beyond
peer analysis, such as A/B testing or
other methods, the Bureau notes that
nothing in the final rule requires a
financial institution to do so. While a
financial institution is certainly free to
experiment with different procedures to
see which are most effective for its
business model, a financial institution
may typically comply with final
§ 1002.107(c) by following the minimum
factors and guidelines set forth in final
§ 1002.107(c)(1) through (3) and
associated commentary. In response to a
commenter’s request for further
guidance on what constitutes ‘‘periodic’’
peer testing, the Bureau notes initially
that the term ‘‘periodic’’ does not appear
in new § 1002.107(c)(3) or its associated
commentary. The Bureau does
anticipate, however, regular monitoring
under new § 1002.107(c)(3) in order to
identify and respond to indicia of
potential discouragement. There is no
designated number or time frame for
how often that monitoring must occur;
rather, the precise cadence and scope
will vary depending on the financial
institution’s procedures for collecting
applicant-provided data, its business
model, and other relevant factors.
Final Rule—§ 1002.107(c)(4) Low
Response Rates
The Bureau is adopting new
§ 1002.107(c)(4) to provide that a low
781 The Bureau acknowledges that financial
institutions may not have all the necessary data to
conduct a robust peer analysis of response rates
until after 1071 data collection has been in effect
for some period of time, and that the availability
and robustness of a peer analysis will also depend
on the extent to which 1071 data are made publicly
available. In the meantime, the Bureau still expects
financial institutions to monitor response rates
internally and in comparison to public data, as
available.
E:\FR\FM\31MYR2.SGM
31MYR2
lotter on DSK11XQN23PROD with RULES2
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
response rate for applicant-provided
data may indicate discouragement or
other failure by a covered financial
institution to maintain procedures to
collect applicant-provided data that are
reasonably designed to obtain a
response. Similar to proposed comment
107(c)(1)–4, which would have
provided that a financial institution may
compare its response rate to peer
institutions as a method to assess
whether its procedures are reasonably
designed, final § 1002.107(c)(4)
identifies the importance of response
rates as a method to assess whether a
financial institution has reasonably
designed procedures. The Bureau
anticipates that in many instances, a
low response rate may indicate a failure
to comply with final § 1002.107(c)(1)
and (2). The Bureau is adopting
§ 1002.107(c)(4) in order to provide
covered financial institutions clarity on
the type of information that may be used
to assess a financial institution’s
procedures.
The Bureau is adopting new comment
107(c)(4)–1 to provide further guidance
on how to assess response rates. The
comment clarifies that ‘‘response rate’’
generally refers to whether the financial
institution has obtained some type of
response to requests for applicantprovided data (including, as applicable,
a response from the applicant of ‘‘I do
not wish to provide this information’’ or
similar). However, significant
irregularities in a particular response
(for example, very high rates of ‘‘I do not
wish to provide this information’’ or
similar) may also indicate that a
financial institution does not have
reasonably designed procedures. In
particular, significant irregularities may
indicate the financial institution is
somehow steering, improperly
interfering with, or otherwise
discouraging or obstructing an
applicants’ preferred response. New
comment 107(c)(4)–1 further clarifies
that response rates may be measured, as
appropriate, as compared to financial
institutions of a similar size, type, and/
or geographic reach, or other factors, as
appropriate.
In response to commenters’ concern
that peer comparisons may not be an
effective method to assess the
reasonableness of a financial
institution’s procedures if all peers are
not making reasonable efforts, the
Bureau agrees that peer comparisons
alone are not determinative. Comparing
a financial institution’s response rates to
its peers is just one possible indicator of
whether a financial institution has
procedures reasonably designed to
obtain a response. Even if a financial
institution maintains a response rate
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
commensurate with its peers, if all peers
have low response rates overall or
maintain procedures not reasonably
designed to obtain a response, the
financial institution may still violate
§ 1002.107(c). The Bureau does not
believe it would be appropriate at this
time, however, to set a specific
percentage or metric for response rates,
as suggested by some commenters, as
the appropriate response rate may
depend on a number of factors, differ
from institution to institution, and
change over time, for example, as
financial institutions refine their
collection methods.
Requests for Special Treatment for
Particular Types of Transactions or
Types of Financial Institutions
The Bureau is not adopting
exceptions concerning the time and
manner of collection of demographic
information for particular types of
transactions or by particular financial
institutions, as requested by some
commenters. For the reasons described
below, the Bureau believes the same
time and manner rules should apply
across all covered credit transactions
and all covered financial institutions.
Initially, the Bureau believes that
point of sale transactions should follow
the same rules as all covered credit
transaction types, and thus does not
believe that an exemption for such
transactions, as suggested by some
commenters, would be appropriate. The
Bureau understands that many (though
not all) point of sale applications,
particularly those for smaller credit
amounts or to purchase particular goods
in a store, are submitted on-site at the
point of sale and decisioned in real
time. Many of the commenters’
arguments for exclusion of point of sale
transactions were identical to the
arguments set forth by commenters
above for why financial institutions
should be permitted to collect 1071 data
after decisioning an application,
including arguments based on the speed
and fast-paced nature of the application
process, that applicants would be
discouraged from responding or
proceeding with the transaction, and
that the person completing the
application may lack the requisite
knowledge. For the same reasons
discussed above, the Bureau likewise
does not believe that an exemption
would be appropriate for point of sale
transactions.
In response to commenters’ concerns
that applicants will not feel comfortable
answering questions related to their
ethnicity, race, and sex in a public
place, the Bureau believes that financial
institutions can develop procedures to
PO 00000
Frm 00239
Fmt 4701
Sfmt 4700
35387
accommodate collection in this setting,
including by using the sample
collection form developed by the
Bureau (in paper or electronic format) or
creating more private locations for the
collection of data in-store. The Bureau
also does not believe that specialized
knowledge is necessary to collect these
data, and believes that retailers and
their employees can collect and
maintain data with the necessary
precautions to safeguard applicant
information, as they do with other
sensitive data provided in connection
with a credit application. As to a
commenter’s argument that retailers will
have limited motivation to collect small
business lending data, the Bureau notes
that a financial institution that retains a
third party to offer its financial products
has significant control and
responsibility over how its products are
offered, including the power and
responsibility to require third-party
partners to seek to collect required data
and otherwise comply with applicable
law. In response to a commenter’s
argument that data collected on point of
sale transactions will reflect the
retailer’s, rather than the financial
institution’s, footprint, the Bureau notes
that a financial institution chooses its
retail partners. Finally, although some
commenters asserted that the collection
of 1071 data will deter applicants from
seeking credit or retailers from
providing in-store private label credit,
they provided no evidence to support
this claim.
Several commenters requested that if
the Bureau includes point of sale or
similar transactions in the final rule, the
Bureau should nonetheless exempt such
transactions under $50,000 or except
such transactions from the requirement
to obtain demographic data. These
commenters stated that such an
exemption would be consistent with
FinCEN’s customer due diligence rule,
which excludes from certain of its
requirements point of sale transactions
to provide credit products solely for the
purchase of retail goods/services up to
a limit of $50,000. The Bureau is not
adopting such an approach here, given
the different purposes and requirements
of the customer due diligence rule and
section 1071. The purpose of FinCEN’s
rule is to improve financial
transparency and prevent criminals and
terrorists from misusing companies to
disguise their illicit activities and
launder their ill-gotten gains.782 The
782 See Fin. Crimes Enf’t Network, Information on
Complying with the Customer Due Diligence (CDD)
Final Rule, https://www.fincen.gov/resources/
statutes-and-regulations/cdd-final-rule (last visited
Mar. 20, 2023).
E:\FR\FM\31MYR2.SGM
31MYR2
lotter on DSK11XQN23PROD with RULES2
35388
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
customer due diligence rule’s exclusion
for certain point of sale transactions is
based on the ‘‘very low risk posed by
opening such accounts at [a] brick and
mortar store.’’ 783 While the customer
due diligence rule focuses on accounts
(including certain originated loans),
obtaining data on denials is essential to
section 1071’s purposes. Moreover,
unlike FinCEN’s rule, which requires
covered financial institutions to collect
certain essential information, section
1071 only requires that financial
institutions seek to collect applicants’
protected demographic information, and
permits applicants to refuse to provide
that information. Given these key
differences, the Bureau is not adopting
an exclusion for point of sale
applications below $50,000. See also the
section-by-section analysis of
§ 1002.104, which discusses requests for
minimum transaction amount
thresholds.
Next, trade associations representing
insurance premium finance lenders and
insurance agents and brokers similarly
argued that the Bureau’s rule should not
apply to insurance premium finance
lenders, in part because such lenders
cannot collect 1071 data until after
funding. New § 1002.104(b)(3) excludes
insurance premium financing, therefore
resolving these commenters’ concerns.
Finally, the Bureau does not believe it
would be appropriate to categorically
exclude captive vehicle finance lenders
should be excluded from coverage. The
commenter’s request was primarily
based on the argument that dealers—
who primarily interact with
applicants—are currently prohibited by
ECOA from gathering certain protected
demographic information. As further
discussed in the section-by-section
analysis of § 1002.109(a)(3), Regulation
B issued by the Board of Governors of
the Federal Reserve System (12 CFR part
202) and applicable to dealers provides
in comment 5(a)(2)–3 that ‘‘[p]ersons
such as loan brokers and correspondents
do not violate the ECOA or Regulation
B if they collect information that they
are otherwise prohibited from
collecting, where the purpose of
collecting the information is to provide
it to a creditor that is subject to [HMDA]
or another Federal or State statute or
regulation requiring data collection.’’ In
response to the commenter’s concern
that dealers may not be familiar with all
required data under section 1071, such
as gross annual revenue or ownership
structure information, the Bureau first
783 Fin. Crimes Enf’t Network, Guidance, at Q 29
(Apr. 3, 2018), https://www.fincen.gov/sites/default/
files/2018-04/FinCEN_Guidance_CDD_FAQ_
FINAL_508_2.pdf.
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
notes that dealers are often the last
entity with authority to set the material
credit terms of the covered credit
transaction, and so are generally
unlikely to be collecting 1071 data on
behalf of other reporting financial
institutions. Second, even in situations
where the dealer is acting as a mere
conduit, and thus may be collecting
information on behalf of another
financial institution, the Bureau expects
that the dealer can request 1071 data
from the applicant, just like a covered
financial institution would do. Finally,
the commenter’s concerns that data
must be collected at each stage of the
process, potentially by multiple covered
financial institutions, may be
misplaced; nothing in the proposed or
final rule would require a financial
institution (or a third party collecting
data on its behalf) to collect data
multiple times in connection with a
single covered application.
107(d) Previously Collected Data
Proposed Rule
Proposed § 1002.107(c)(2) would have
permitted, but not required, a financial
institution to reuse previously collected
data to satisfy proposed
§ 1002.107(a)(13) through (21) if the data
were collected within the same calendar
year as the current covered application
and the financial institution had no
reason to believe the data are inaccurate.
The Bureau believed that, absent a
reason to suspect otherwise, recently
collected 1071 data are likely to be
reliable.
Proposed comments 107(c)(2)–1
through –7 would have provided
additional guidance and examples of
when certain data can be reused by a
financial institution, including what
data can be reused, when information is
considered collected in the same year,
when a financial institution may have
reason to believe data are inaccurate,
and when a financial institution may
reuse data regarding minority-owned
business status, women-owned business
status, and data on the principal
owners’ ethnicity, race, and sex.
The Bureau sought comment on
§ 1002.107(c)(2) and associated
commentary.
Comments Received
The Bureau received comment on
proposed § 1002.107(c)(2) from a range
of lenders, trade associations, and
community groups. A few commenters
noted that it is commonplace for lenders
to receive multiple applications from a
borrower. For example, a community
bank stated that it is typical for
borrowers to submit numerous loan
PO 00000
Frm 00240
Fmt 4701
Sfmt 4700
requests during the year, and expressed
concern about what it referred to as
‘‘repetitive completion’’ of data points.
A trade association similarly noted that
financial institutions often have
customers with multiple facilities,
which may have been obtained all at
once or over time.
Some commenters generally
supported a provision that would allow
financial institution to reuse certain
data for some period of time. A
community group supported allowing
lenders to use previously collected data
if an application is continued at a later
date. However, the commenter urged
against permitting reuse beyond a year,
noting that the characteristics of the
small business may change (such as
revenue size).
In response to the Bureau’s request for
comment on the issue, a number of
commenters urged the Bureau to adjust
the time frame for reuse. A CDFI lender
urged that, at a minimum, the Bureau
update the time frame to ‘‘within 12
months,’’ rather than the same calendar
year, noting that there is no reason to
believe data are inaccurate for
applications submitted close in time,
but that fall between two calendar years.
A trade association urged the Bureau to
permit reuse for ‘‘the same or prior
calendar year.’’ The commenter argued
that permitting reuse of data would
reduce applicant burden and that it
would be unnecessarily restrictive to
require financial institutions to collect
anew previously obtained data that is
still likely to be accurate. The
commenter further noted that a financial
institution can repopulate previously
provided data, and the applicant can
certify that the data are still accurate or
update the data. A community bank
argued that a one-year period was too
short considering that its agricultural
clients often annually reapply for draw
down lines of credit (used to purchase
crop inputs for the year), during which
period a borrower’s small business and
principal owner status are unlikely to
change.
A couple of community banks and
group of trade associations urged the
Bureau to permit reuse for a 24-month
or two-year period. One of the banks
stated that it is common for businesses
to obtain a new product from a financial
institution in the first three years, rather
than the first year alone. Another trade
association argued for a three-year reuse
period. The commenter also argued that
reuse should be permitted for any data
the financial institution does not
normally gather in connection with
credit applications, such as data
regarding minority-owned business
status, women-owned business status,
E:\FR\FM\31MYR2.SGM
31MYR2
lotter on DSK11XQN23PROD with RULES2
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
and data on the principal owners’
ethnicity, race, and sex, as well as gross
annual revenue information if not
typically collected. A community bank
argued that if there are no changes to the
data, a financial institution should be
permitted to reuse data indefinitely.
Finally, a community bank asserted that
prior collected data should be reusable
for the same amount of time across all
data points, unless there is a reason to
believe they are inaccurate. However,
the commenter continued, reuse of gross
annual revenue data should be updated
every fiscal year and gender should be
updated every year given that gender
identity may change. The commenter
asserted that ethnicity and race
information about the principal
owner(s) should not change absent a
change in principal owner(s).
In contrast, a community groups,
community-oriented lenders, and
business advocacy groups, as well as an
individual commenter opposed reuse of
prior collected data in certain
circumstances. The joint letter and the
minority business advocacy group
specifically opposed reuse of
information about a principal owner’s
ethnicity, race, and sex information if
the business previously responded ‘‘I do
not wish to provide this information.’’
The commenters asserted that opinions
may shift, which may make a person
more likely to provide the requested
information. The commenters further
noted that it is not a big burden on
financial institutions to attempt to
gather the information again and doing
so goes to the purposes of section 1071.
An individual commenter argued that
the proposed reuse of previously
collected data about an applicant’s sex,
sexual orientation and gender
identification would have a negative
impact on members of the LGBTQ
community. The commenter was
concerned that information collected for
one purpose would be used for a nonintended purpose, such as to classify
and segregate LGBTQ members applying
for a small business loan. The
commenter stated that by collecting data
on an applicant’s sex, sexual
orientation, and gender identification,
LGBTQ members are at risk that their
data may be used for unintended
purposes outside 1071 data collection.
In response to the Bureau’s request for
comment on whether financial
institutions should be required to notify
applicants that information they provide
may be reused for subsequent
applications, one community bank
suggested the Bureau add a disclosure
on the sample data collection form
noting that the information may be
reused, and if the information has
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
changed, to inform the applicant’s
lender.
A community bank asked how the
reuse provision could be implemented
in light of the proposed firewall
provision. The commenter noted that
because the firewall provision prohibits
review by underwriters of demographic
information, it is unclear how a
financial institution can reasonably rely
on data collected in the same calendar
year if that data is inaccessible to the
lender. Another commenter asked for
clarification whether data (specifically
demographic data) collected in prior
years could be reused, and what to do
if there are multiple collections.
Specifically, the commenter gave the
example of an applicant that provides
demographic information for one
application, and then chooses not to
provide demographic information for a
subsequent application, and asking
which collection should be reported.
Final Rule
For the reasons set forth herein, the
Bureau is finalizing § 1002.107(d)
(proposed as § 1002.107(c)(2)) to permit,
but not require, a financial institution to
reuse previously collected data to satisfy
§ 1002.107(a)(13) through (20) if (a) the
data were collected within the 36
months preceding the current covered
application (except that to satisfy
§ 1002.107(a)(14), on gross annual
revenue, the data must be collected
within the same calendar year as the
current covered application) and (b) the
financial institution has no reason to
believe the data are inaccurate. As
discussed above, the majority of
commenters to weigh in on this issue
supported reuse of data for some period
of time, with many commenters urging
the Bureau to extend the time period for
reuse from the same calendar year to
multiple years. As noted by one bank,
it is common for businesses to seek a
new product within three years of a
prior origination, with fewer requests
occurring within one year. Allowing
reuse will also reduce the need for
applicants to repeatedly provide the
same information over a short period of
time, as noted by some commenters.
The Bureau also believes permitting
reuse will reduce burden on financial
institutions, particularly those with an
established relationship with a business.
In addition, the Bureau believes that
permitting reuse will assist in fast-paced
transactions, such as requests for
additional credit amounts on an existing
account. Based on these reasons and the
feedback from commenters, the Bureau
now believes that 36 months strikes the
appropriate balance of permitting reuse
for a short enough period of time that
PO 00000
Frm 00241
Fmt 4701
Sfmt 4700
35389
the data are likely to be reliable, while
also permitting a long enough period of
reuse to avoid a financial institution
from having to make repeated
information requests to returning
customers.
In response to a commenter’s concern
that characteristics of a small business
may change during a time period greater
than a year, the Bureau notes that any
dramatic shifts will likely be known to
a financial institution considering a new
covered application. In those
circumstances, the financial institution
either will have already collected
updated information (in which case the
updated information would be reported
pursuant to final comment 107(d)–4) or
the financial institution will have
reason to believe certain data are
inaccurate, in which the case the
financial institution cannot reuse that
data pursuant to final § 1002.107(d)(2).
Indeed, the Bureau believes that final
§ 1002.107(d)(2), the provision
prohibiting reuse of data if the financial
institution has reason to believe the
prior collected data are inaccurate, will
identify the majority of situations where
the data are no longer reliable. For
example, as set forth in final comment
107(d)–6, a financial institution may
have reason to believe data are
inaccurate if it knows that the applicant
has had a change in ownership or a
change in an owner’s percentage of
ownership. Similarly, a financial
institution may also have reason to
know data are inaccurate if the business
indicates that is has opened several new
store locations recently. In that case, the
financial institution may have reason to
ask for updated data on gross annual
revenue, number of workers, and
potentially other data points.
Some commenters raised concerns
about reuse of data regarding a principal
owner’s race, sex, and ethnicity
information, particularly if the business
previously responded ‘‘I do not wish to
provide this information.’’ Another
commenter stated that identities, and
particularly gender identity, may shift,
and so the information should be
collected at least every year. The Bureau
understands that how an applicant
wishes to identify may shift over time.
However, as noted above, the Bureau
believes that a 36-month period
provides the right balance of permitting
reuse for a period of time to reduce
repetitive collections, but also require
financial institutions collect the data
anew once a substantial amount of time
has passed. Although the final rule
permits reuse of applicant demographic
data pursuant to final § 1002.107(d),
final comment 107(d)–9 provides that a
financial institution may not reuse data
E:\FR\FM\31MYR2.SGM
31MYR2
lotter on DSK11XQN23PROD with RULES2
35390
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
to satisfy § 1002.107(a)(18) and (19)
unless the data were collected in
connection with a prior covered
application pursuant to subpart B. The
Bureau believes that reuse of applicant
demographic data should be limited in
this manner to ensure that data reported
were collected in a manner that aligns
with the protections and selection
options set forth in final
§ 1002.107(a)(18) and (19).
Although the Bureau is finalizing
§ 1002.107(d) to permit reuse of certain
data collected within a 36-month
period, the Bureau notes that a financial
institution may—at any time, even
outside a three-year period—use
reasonable procedures to reaffirm data
previously collected. The Bureau
understands that many financial
institutions have years of experience
serving a particular small business’s
credit needs and so may seek to
streamline new credit requests to avoid
duplicative or unnecessary collection
efforts. In this respect, it is important to
note that the final rule does not prevent
a financial institution from identifying
efficient ways to gather 1071 required
data, including by leveraging prior 1071
data to streamline the collection
process. For example, even if it has been
more than three years since a business
submitted an application for credit, a
financial institution may reaffirm prior
collected data about whether the
business is minority-owned, womenowned, and LGBTQI+-owned, and the
ethnicity, race, and sex of the principal
owners of the business by, for example,
providing the applicant with a data
collection form pre-populated with its
prior responses and confirming with the
applicant that the information remains
accurate or making any changes noted
by the applicant. Methods that reaffirm
prior collected data may be particularly
useful in faster-paced transactions, such
as requests for additional credit
amounts.
A bank asked how the reuse provision
can be implemented in light of the
proposed firewall provision, noting that
because the firewall provision prohibits
review by underwriters of demographic
information, it is unclear how a
financial institution can reasonably rely
on previously collected data if it is
inaccessible to the lender. The Bureau
does not believe that the firewall
provision in final § 1002.108 will
conflict or render unusable the reuse
provisions in final § 1002.107(d), as
suggested by some commenters.
Initially, the Bureau notes that the
firewall provision only applies to
information regarding whether the
applicant is a minority-owned business,
a women-owned business, or an
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
LGBTQI+-owned business under
§ 1002.107(a)(18) and regarding the
ethnicity, race, and sex of the
applicant’s principal owners under
§ 1002.107(a)(19), but not other
applicant-provided data. In any event, if
an employee or officer is typically
tasked with collecting data required
under § 1002.107(a)(18) and (19), and is
otherwise not involved in making any
determination concerning a covered
application, providing that employee
with access to an applicant’s prior
responses to data requests under
§ 1002.107(a)(18) and (19) would not
violate the firewall. Thus, final
comment 108(a)–1(ii)(f) provides the
example that reviewing previously
collected data to determine if it can be
used for a later covered application
pursuant to § 1002.107(d) is not an
activity that constitutes being involved
in making a determination regarding a
covered application. Finally, if a
financial institution determines that it is
not feasible to limit an employee’s or
officer’s access to an applicant’s prior
responses to the financial institution’s
inquiries under final § 1002.107(a)(18)
and (19) and provided the notice
required under final § 1002.108(d) to the
applicant at the time the data were
collected, the financial institution can
permit that employee or officer to reuse
the collected data for a 36-month period
as set forth in final § 1002.107(d).
In response to a commenter’s question
concerning what previously reported
data can be used, and how to resolve
conflicting answers provided at
different times, the Bureau notes that
final comment 107(d)–4 provides that a
financial institution should use updated
information if available.
In response to its request for comment
on the issue in the NPRM, the Bureau
received feedback from an industry
commenter that the sample data
collection form should include a
disclosure that information can be
reused for section 1071 reporting
purposes, and that an applicant should
inform its lender if there have been any
changes. The Bureau is finalizing the
sample data collection form without a
disclosure about potential reuse of data.
Including such language could distract
an applicant from other language on the
form (such as why the data is being
collected) and risks potentially
confusing an applicant, who might not
understand that reuse is limited to 1071.
Relatedly, the collection form accurately
identifies why the information is being
collected whether or not the data are
later reused—to help ensure that all
small business applicants are treated
fairly and that communities’ small
business credit needs are being fulfilled.
PO 00000
Frm 00242
Fmt 4701
Sfmt 4700
Final comment 107(d)–1 (proposed as
comment 107(c)(2)–1) is revised to
clarify that reuse of data pursuant to
final § 1002.107(d) is limited to reuse for
the purpose of reporting such data
pursuant to § 1002.109. In response to
an individual commenter’s concern
about potential misuse of 1071 data, the
Bureau has adopted new § 1002.110(e),
which prohibits a financial institution
from disclosing or providing to third
parties the information it collects
pursuant to final § 1002.107(18) and (19)
except in limited circumstances. In
addition, financial institutions remain
prohibited from using 1071 data—
particularly data about whether the
business is minority-owned, womenowned, or LGBTQI+-owned, and the
ethnicity, race, and sex of the principal
owners of the business—in a manner
that violates ECOA, existing Regulation
B, or any other applicable law. For
example, existing § 1002.4(a) prohibits a
creditor from discriminating against an
applicant on a prohibited basis in any
aspect of a credit transaction. Similarly,
existing § 1002.6(b)(1) prohibits a
creditor from taking a prohibited basis
into account in any system of evaluating
the creditworthiness of an applicant,
except as expressly provided for by
ECOA or Regulation B. Thus, just
because this final rule gives a financial
institution permission to collect
ethnicity, race, and sex/gender
information for the limited purposes of
section 1071, a financial institution still
remains prohibited from considering
that data in a manner that violates
ECOA, existing Regulation B, or any
other applicable law.
Final comments 107(d)–2 and –3
(proposed as comments 107(d)–2 and
–3) contain minor revisions for
consistency and clarity. Final comment
107(d)–2 identifies the particular data
that can be reused. The comment also
clarifies that other data required by final
§ 1002.107(a) cannot be reused, as those
data points are specific and unique to
each covered application. Final
comment 107(d)–3 clarifies instances
where data have not been ‘‘previously
collected’’ and so cannot be reused
under final § 1002.107(d).
The Bureau is adopting new comment
107(d)–4 to clarify that if a financial
institution obtains updated information
relevant to the data required to be
collected and reported pursuant to final
§ 1002.107(a)(13) through (20), and the
applicant subsequently submits a new
covered application, the financial
institution must use the updated
information in connection with the new
covered application or seek to collect
the data again. Final comment
E:\FR\FM\31MYR2.SGM
31MYR2
lotter on DSK11XQN23PROD with RULES2
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
107(c)(2)–4 also provides an example of
updated information.
Final comment 107(d)–5 (proposed as
comment 107(c)(2)–4) is revised to
provide guidance on how to measure
the 36-month period for potential reuse
of certain data, and provides an
illustrative example.
Final comment 107(d)–6 (proposed as
comment 107(c)(2)–5) contains minor
revisions for consistency and clarity,
and an example of when a financial
institution has reason to believe data
may be inaccurate and so cannot be
reused for a subsequent covered
application.
As noted above, final § 1002.107(d)(1)
permits a financial institution to reuse
gross annual revenue data if collected
within the same calendar year as the
current covered application. The Bureau
is adopting a narrower window for the
reuse of gross annual revenue data than
other previously collected data given
the language in ECOA section
704B(e)(2)(F) requiring financial
institutions to compile ‘‘gross annual
revenue of the business in the last fiscal
year . . . preceding the date of the
application.’’ Given that the statute
identifies a specified time frame for the
collection of gross annual revenue, it
would be more consistent with the
statute to permit reuse of gross annual
revenue only within the same calendar
year. Moreover, given that gross annual
revenue data already looks back to the
prior fiscal year, adding an additional
36-month period could affect data
quality. The Bureau is also adopting
new comment 107(d)–7 to provide
guidance on when gross annual revenue
information is considered collected in
the same calendar year, and so may be
reused by a financial institution in
certain circumstances. In particular, the
comment discusses applications that
span more than one calendar year.
The Bureau is adopting new comment
107(d)–8 to clarify that if a financial
institution decides to reuse data about
the applicant’s time in business, the
financial institution must update the
data to reflect the passage of time, and
provides an illustrative example.
Lastly, final comment 107(d)–9
(proposed as comments 107(c)(2)–6 and
–7) is revised to provide guidance on
when data regarding minority-owned
business status, women-owned business
status, LGBTQI+-owned business status,
and data on the principal owners’
ethnicity, race, and sex may be reused
by a financial institution in a
subsequent covered application.
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
Section 1002.108
Firewall
Background
ECOA section 704B(d) generally
limits the access of certain individuals
at a financial institution or its affiliates
to certain information provided by an
applicant pursuant to section 1071. The
Bureau calls this requirement in 704B(d)
to limit access to information a
‘‘firewall.’’
More specifically, ECOA section
704B(d)(1) states that ‘‘[w]here feasible,’’
underwriters and other officers and
employees of a financial institution or
its affiliates ‘‘involved in making any
determination concerning an
application for credit’’ cannot have
access to any information provided by
the applicant pursuant to a request
under 704B(b). That is, the statute limits
access not only by underwriters and
persons making an underwriting
decision but also by anyone else
involved in making any determination
concerning an application. However, it
does not expressly define the term
‘‘feasible’’ or provide clarification
regarding what it means to be ‘‘involved
in making any determination
concerning an application for credit.’’
Additionally, under ECOA section
704B(d)(2), if a financial institution
determines that an underwriter,
employee, or officer involved in making
a determination ‘‘should have access’’ to
any information provided by the
applicant pursuant to a request under
704B(b), the financial institution must
provide a notice to the applicant of the
underwriter’s access to such
information, along with notice that the
financial institution may not
discriminate on the basis of such
information. Section 704B(d)(2) does
not expressly define or describe when
an underwriter, employee, or officer
‘‘should have access,’’ nor does it
explain the relationship, if any, between
when a financial institution determines
that an individual ‘‘should have access’’
under 704B(d)(2) and whether it is
‘‘feasible’’ to implement and maintain a
firewall under 704B(d)(1).
Proposed Rule
Scope of the firewall. In the NPRM,
the Bureau explained its belief that
section 1071 is ambiguous with respect
to the meaning of ‘‘any information
provided by the applicant pursuant to a
request under subsection (b).’’ On the
one hand, ECOA section 704B(b)(1)
directs financial institutions to inquire
whether a business is ‘‘a women-owned,
minority-owned, or small business,’’ so
the phrase could be interpreted as
referring only to these three data points.
However, section 704B(e) indicates that
PO 00000
Frm 00243
Fmt 4701
Sfmt 4700
35391
the scope of 704B(b) is much broader. It
instructs financial institutions that
‘‘information provided by any loan
applicant pursuant to a request under
subsection (b) . . . shall be itemized in
order to clearly and conspicuously
disclose’’ data including the loan type
and purpose, the amount of credit
applied for and approved, and gross
annual revenue, among other things. In
other words, 704B(e) designates all of
the information that financial
institutions are required to compile and
maintain—not simply an applicant’s
status as a women-owned, minorityowned, or small business—as
information provided by an applicant
‘‘pursuant to a request under subsection
(b).’’
Information deemed provided
pursuant to 704B(b) is subject not only
to the firewall under 704B(d) but also to
a right to refuse under 704B(c) and
separate recordkeeping requirements
under 704B(b)(2). Applying these
special protections to many of the data
points in 704B(e), such as an applicant’s
gross annual revenue or the amount
applied for, would be extremely
difficult to implement because this
information is critical to financial
institutions’ ordinary operations in
making credit decisions.
In order to resolve these ambiguities,
the Bureau gave different meanings to
the phrase ‘‘any information provided
by the applicant pursuant to a request
under subsection (b)’’ with respect to
ECOA section 704B(e) as opposed to
704B(b)(2), (c), and (d). With respect to
the scope of the firewall, the Bureau
interpreted the phrase to refer to the
data points in proposed
§ 1002.107(a)(18) (minority-owned
business status) and proposed
§ 1002.107(a)(19) (women-owned
business status), as well as proposed
§ 1002.107(a)(20) (ethnicity, race, and
sex of principal owners). None of these
data points has any bearing on the
creditworthiness of the applicant.
Moreover, a financial institution
generally could not inquire about this
demographic information absent section
1071’s mandate to collect and report the
information, and ECOA prohibits a
financial institution from discriminating
against an applicant on the basis of the
information. Thus, the Bureau believed
that the best effectuation of
congressional intent was to apply
section 1071’s limitation on access and
right to refuse provisions to all
demographic information collected
pursuant to section 1071 and not to
whether an applicant is a small business
or any of the non-demographic data
points proposed in § 1002.107(a).
E:\FR\FM\31MYR2.SGM
31MYR2
lotter on DSK11XQN23PROD with RULES2
35392
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
Accordingly, the Bureau proposed
that financial institutions need only
limit access under ECOA section
704B(d) to an applicant’s responses to
the financial institution’s specific
inquiries regarding women-owned
business status and minority-owned
business status and the ethnicity, race,
and sex of principal owners, but not to
an applicant’s small business status.784
Additionally, the proposal would have
clarified that this prohibition on
allowing certain employees and officers
to access certain information does not
extend to ethnicity or race information
about principal owners that the
financial institution collects via visual
observation or surname. It would have
also clarified that the prohibition does
not extend to an applicant’s responses
to inquiries regarding demographic
information made for purposes other
than data collection pursuant to section
1071 or to an employee’s or officer’s
knowledge due to activities unrelated to
the inquiries made to satisfy the
financial institution’s obligations under
section 1071 (e.g., an employee knows
that the applicant is a minority-owned
business or women-owned business due
to information provided to qualify for a
special purpose credit program or an
officer knows a principal owner’s
ethnicity, race, or sex due to
participation in a community group or
association).
As noted above, section 1071
prohibits access to certain information
by underwriters and other officers and
employees of a financial institution or
its affiliates ‘‘involved in making any
determination concerning an
application for credit.’’ Consistent with
the statute, the Bureau proposed that a
financial institution need only prohibit
the access of an employee or officer to
demographic information pursuant to
section 1071 if that employee or officer
is involved in making a determination
concerning an applicant’s covered
application. The Bureau further
proposed defining the phrase ‘‘involved
in making any determination
concerning a covered application’’ to
mean participating in a decision
regarding the evaluation of a covered
application, including the
creditworthiness of an applicant for a
covered credit transaction. The NPRM
noted that this group of employees and
officers includes, but is not limited to,
employees and officers who serve as
underwriters. Additionally, the NPRM
would have explained that the decision
that the employee or officer makes or
participates in must be about a specific
covered application. An employee or
784 SBREFA
VerDate Sep<11>2014
Outline at 36–37.
18:47 May 30, 2023
Jkt 259001
officer would not be involved in making
a determination concerning a covered
application if the employee or officer is
involved in making a decision that
affects covered applications generally,
the employee or officer interacts with
small businesses prior to them
becoming applicants or submitting a
covered application, or the employee or
officer makes or participates in a
decision after the financial institution
has taken final action on the
application, such as decisions about
servicing or collecting a covered credit
transaction.
Feasibility of establishing and
maintaining a firewall. In the NPRM,
the Bureau also noted that ECOA
section 704B(d) contains significant
ambiguities with respect to how
financial institutions, in practical terms,
should determine how to implement a
firewall to limit access to certain
information provided by applicants
pursuant to section 1071. Indeed, based
on feedback from stakeholders during
the SBREFA process, it appeared that in
many instances financial institutions
that find it not ‘‘feasible’’ to implement
and maintain a firewall will be the same
institutions determining that relevant
individuals ‘‘should have access’’ to the
information provided by an applicant
pursuant to 704B(b). The Bureau
believed that reading these two
provisions in isolation from each other
would likely result in significant
confusion and challenges, particularly
for smaller financial institutions.
Accordingly, the Bureau proposed
that section 1071’s firewall requirement
be implemented by reading the ‘‘should
have access’’ language in ECOA section
704B(d)(2) in conjunction with the
‘‘feasibility’’ language in 704B(d)(1). As
proposed, it would not be feasible for a
financial institution to implement and
maintain a firewall with respect to a
given employee or officer involved in
making a determination concerning a
covered application if the financial
institution determines that employee or
officer should have access to one or
more of the applicant’s responses to the
financial institution’s inquiries under
proposed § 1002.107(a)(18) through (20).
Conversely, it would be feasible for a
financial institution to implement and
maintain a firewall if the financial
institution determines that no employee
or officer involved in making a
determination concerning a covered
application should have access to the
applicant’s responses to the financial
institution’s inquiries under proposed
§ 1002.107(a)(18) through (20). Thus, the
Bureau proposed that the prohibition on
certain individuals accessing
information as set forth in proposed
PO 00000
Frm 00244
Fmt 4701
Sfmt 4700
§ 1002.108(b) would not apply to an
employee or officer if the financial
institution determines that it is not
feasible to limit that employee’s or
officer’s access to one or more of an
applicant’s responses to the financial
institution’s inquiries under proposed
§ 1002.107(a)(18) through (20), and the
financial institution provides the notice
required under proposed § 1002.108(d)
to the applicant.
The Bureau further proposed that it is
not feasible to limit access as required
pursuant to proposed § 1002.108(b) if
the financial institution determines that
an employee or officer involved in
making any determination concerning a
covered application should have access
to one or more applicants’ responses to
the financial institution’s inquiries
under proposed § 1002.107(a)(18)
through (20). The Bureau proposed to
define the phrase ‘‘should have access’’
to mean that an employee or officer may
need to collect, see, consider, refer to, or
otherwise use the information to
perform that employee’s or officer’s
assigned job duties. As proposed, a
financial institution may determine that
an employee or officer should have
access for purposes of proposed
§ 1002.108 if that employee or officer is
assigned one or more job duties that
may require the employee or officer to
collect (based on visual observation,
surname, or otherwise), see, consider,
refer to, or use information otherwise
subject to the prohibition in proposed
§ 1002.108(b). The employee or officer
would not have to be required to collect,
see, consider, refer to or use such
information or to actually collect, see,
consider, refer to or use such
information. It would be sufficient if the
employee or officer might need to do so
to perform the employee’s or officer’s
assigned job duties. Additionally, a
financial institution may determine that
all employees or officers with the same
job description or assigned duties
should have access for purposes of
proposed § 1002.108. However, if a
financial institution determines that one
or more employees or officers involved
in making any determination
concerning a covered application
should have access for purposes of
proposed § 1002.108, the financial
institution would have been responsible
for ensuring that the employees or
officers only access and use the
protected information for lawful
purposes.
Exception to establishing and
maintaining a firewall. As explained
above, the Bureau proposed to
implement the statutory exception to
the requirement to establish and
maintain a firewall in § 1002.108. The
E:\FR\FM\31MYR2.SGM
31MYR2
lotter on DSK11XQN23PROD with RULES2
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
exception would allow financial
institutions to give certain employees or
officers access to protected demographic
information if the financial institution
determines that they should have access
to that information. However, in such
circumstances, the financial institution
would need to comply with the
statutory requirement to provide a
notice in lieu of limiting access. Thus,
the Bureau proposed that, in order to
satisfy the exception, as set forth in
proposed § 1002.108(c), a financial
institution would be required to provide
a notice.
The Bureau proposed that the
financial institution be required to
provide the notice to, at least, each
applicant whose responses to the
financial institution’s inquiries under
proposed § 1002.107(a)(18) through (20)
would be accessed by an employee or
officer involved in making a
determination concerning that
applicant’s covered application. As an
alternative, the Bureau proposed that
the financial institution could provide
the required notice to a larger group of
applicants, including all applicants, if it
determines that one or more officers or
employees should have access to
protected demographic information.
The Bureau further proposed that the
notice provided to satisfy the exception
in proposed § 1002.108(c) must inform
the applicant that one or more
employees and officers involved in
making determinations concerning the
applicant’s covered application may
have access to the applicant’s responses
regarding the applicant’s minorityowned business status, its womenowned business status, and its principal
owners’ ethnicity, race, and sex. The
Bureau proposed language for the
required notice and stated that a
financial institution would be required
to use the language set forth in proposed
comment 108(d)–2 or substantially
similar language when providing the
notice.
The Bureau also proposed timing
requirements for providing the notice.
The Bureau proposed that, if the
financial institution provides the notice
orally, it must provide the notice prior
to asking the applicant if it is a
minority-owned business or womenowned business and prior to asking for
a principal owner’s ethnicity, race, or
sex. If the financial institution provided
the notice on the same paper or
electronic data collection form as the
inquiries about minority-owned
business status, women-owned business
status, and the principal owners’
ethnicity, race, or sex, the financial
institution would have been required to
provide the notice at the top of the form.
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
If the financial institution provided the
notice required by proposed
§ 1002.108(d) in an electronic or paper
document that is separate from the data
collection form inquiring about the
applicant’s minority-owned business
status, its women-owned business
status, and its principal owners’
ethnicity, race, and sex, the financial
institution would have been required to
provide the notice at the same time as
or prior to providing the data collection
form. Additionally, the NPRM would
have clarified that the notice required
pursuant to proposed § 1002.108(d)
must be provided with the nondiscrimination notices required
pursuant to proposed § 1002.107(a)(18)
through (20).
Requests for comment. The Bureau
sought comment on its proposed
approach to the statutory firewall
requirement and whether a different
approach might result in a better policy
outcome. The Bureau also sought
comment on the scope of the proposed
firewall requirement and the exception
to establishing and maintaining a
firewall. The Bureau specifically sought
comment on whether the proposed
firewall should apply to information
about principal owners’ ethnicity and
race that is obtained via visual
observation and/or surname analysis.
Finally, the Bureau generally requested
comment on whether additional
clarification is needed regarding the
firewall requirement.
Comments Received
The Bureau received comments on its
proposed approach to the firewall
requirement from a wide range of
commenters including lenders, trade
associations, business advocacy groups,
community groups, small business
owners and other individuals, and
members of Congress. A majority of
these comments addressed the
feasibility of establishing and
maintaining a firewall and/or addressed
the notice required to rely on the
exception. Numerous commenters
sought the elimination of or exemptions
to the firewall requirement. Other
commenters sought additional guidance
on some or all of the firewall provisions,
including the scope of the firewall and
determining who ‘‘should have access’’
to the protected information.
General. A community group
commenter said that the proposed
firewall provisions appropriately protect
applicants, and another stated that the
formulation of the proposed firewall
provisions was reasonable. A CDFI
lender said that while smaller financial
institutions might not be able to
establish and maintain a firewall, the
PO 00000
Frm 00245
Fmt 4701
Sfmt 4700
35393
NPRM provided sufficient flexibility in
its firewall provisions to facilitate
implementation. A women’s business
advocacy group encouraged the Bureau
to look at ways to make a more secure
firewall and noted that the feasibility
standard in the proposed rule seemed to
remove the firewall’s effectiveness.
Another commenter cautioned that the
proposed firewall would not stop
lenders from using information
inappropriately and in a manner that
harms small business applicants.
In contrast, a large number of lenders,
trade associations, and individual
commenters requested that the Bureau
eliminate the firewall. Some of these
commenters said that the firewall
should be eliminated because it would
create competitive disadvantages or
overburden certain financial
institutions. Others said that it should
be eliminated because the firewall
would overburden all covered financial
institutions. Many commenters said that
the firewall will add complexity, create
burden and regulatory risk, and/or
increase the cost of compliance. A few
commenters said that the firewall
provisions could result in financial
institutions being required to purchase
or create new technology or systems.
Some commenters noted that the
additional expense could result in an
increased cost of credit, limited access
to credit, and/or the cessation of certain
products being offered. One commenter
further stated that the costs of such a
requirement would likely decimate
small businesses’ access to credit
because financial institutions will either
decrease or stop their small business
lending.
One bank commenter asked that the
Bureau create a simple way for the
commenter to certify that the firewall
concept cannot work for its entire
institution without exception,
equivocation, or a repetitive review.
This commenter further indicated that it
would provide a short and simple
disclosure (one half of a letter size page
or less) to all of its commercial
applicants to document its compliance.
The commenter said that the proposed
firewall requirements gave it concern
and appeared to be a ‘‘gotcha’’ clause in
the proposed rule. In particular, they
indicated it was concerned with a
portion of proposed comment 108(c)–1
that would have said that a financial
institution cannot permit all employees
and officers to have access simply
because it has determined that one or
more employees or officers should have
access.
Some commenters said that they had
not been able to devise a workable
method for improving what they called
E:\FR\FM\31MYR2.SGM
31MYR2
lotter on DSK11XQN23PROD with RULES2
35394
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
the firewall’s ‘‘prohibit-or-disclose
regime,’’ and suggested that the Bureau
needed to exercise its statutory
authority to eliminate the firewall
provision. These commenters and others
also noted that eliminating the firewall
requirement would align the rule
implementing section 1071 with
HMDA/Regulation C, which they said
has required collection of demographic
information for decades without any
known incidents, despite the absence of
any firewall.
Some commenters said that the
Bureau should eliminate the firewall
because it is unnecessary. A commenter
also noted that the firewall requirement
presents unique compliance challenges
because the requirement is different
than HMDA and will require unique
systems. A few commenters said that
the firewall serves no purpose or has no
practical value. A few other commenters
noted that the firewall is impractical or
serves no purpose when applications
are not anonymous, such as in smaller
communities or where the employee or
officer making determinations has an
existing relationship with the applicant.
A few commenters asked the Bureau
to create a platform, portal, or other
system for applicants to report
demographic information directly to the
Bureau so that financial institutions
could avoid having to intake such
information at all.
Scope of the firewall. Comments on
the scope of the proposed firewall
requirement largely requested
clarification. These commenters
requested additional guidance regarding
the types of employees and officers that
would be subject to the firewall with
one commenter asserting that the
standard in the proposed rule was vague
and subjective. This commenter also
requested additional clarity regarding
the definition of the phrase ‘‘involved in
making any determinations concerning
an application for credit.’’ Some
commenters requested that specific
groups of employees (such as software
engineers and data scientists, bankers
and managers who provide information
or counseling on available credit
products, and employees who gather
information and submit applications to
unrelated financial institutions who
may take assignments of the credit
contract) explicitly be excluded from
the scope of the firewall requirement.
However, a trade association said it
supported the proposed definition of the
phrase ‘‘involved in making any
determination concerning a covered
application.’’
One commenter specifically agreed
that the firewall should not extend to an
applicant’s status as a small business.
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
Regarding application of the proposed
firewall requirement to demographic
information collected via visual
observation or surname, one commenter
requested guidance on how to comply
with the firewall for such information.
Another commenter urged the Bureau
not to include information collected via
visual observation or surname within
the scope of the firewall. In contrast,
another commenter noted that if the
firewall is meant to prevent a credit
decision based on protected
information, it should not matter how
the demographic information is
collected.
Some commenters requested
clarification or guidance regarding the
firewall’s applicability to information
collected pursuant to HMDA or other
laws or regulations. One commenter
said that an employee or officer should
not be subject to the firewall if the
employee or officer accessed
demographic information collected
pursuant to section 1071 in order to
satisfy HMDA or another regulatory
requirement.
A commenter said that the firewall
should only apply to applications
originated completely online.
Feasibility of establishing and
maintaining a firewall. A significant
majority of the comments about the
firewall provisions specifically
addressed the feasibility of establishing
and maintaining a firewall.
Overwhelmingly, these commenters
said that the firewall would be
impossible, difficult, inefficient, and/or
costly to implement for certain financial
institutions.
Numerous commenters said that the
firewall is not or may not be feasible for
smaller institutions, such as credit
unions and other community-based
financial institutions with limited staff
and resources. Numerous commenters
also said that the firewall would not be
workable with some business models,
loan processes, and/or decision-making
structures. Specifically, commenters
asserted that the firewall would be
impossible or impractical with highcontact and relationship-based lending
models and with lending models that
rely on loan officers to collect
information from applicants. One
commenter said that the logistics of
implementing a firewall would be too
much for most lenders.
While some commenters said that the
firewall requirement would unfairly
burden and punish smaller financial
institutions or traditional financial
institutions in favor of larger financial
institutions and online lenders, others
said that the firewall may not be feasible
for larger institutions or online lenders.
PO 00000
Frm 00246
Fmt 4701
Sfmt 4700
Specifically, some commenters said that
the firewall would not be feasible for
larger institutions because they would
have to make substantial investments in
technology to implement a firewall. One
commenter said that while it was a
larger financial institution, its business
lending department was small, which
would make establishing and
maintaining a firewall impossible,
infeasible, or burdensome.
Many commenters said that lenders
would need to change their operations,
hire additional staff, reconfigure
systems, and/or invest significant sums
in technology in order to establish and
maintain a firewall. Some commenters
asserted that the costs of doing these
things may be prohibitive. A few
commenters said that the firewall would
disrupt their process, and one
commenter said that the firewall
requirement could diminish a loan
officer’s ability to fully engage with
their clients efficiently and timely. With
regard to indirect vehicle financing, a
few commenters said that there is not
currently a mechanism to shield and
transmit data for such transactions and
noted there would be a one-time cost
exceeding $4 million to develop such a
mechanism.
Some commenters requested
additional clarification or guidance on
the feasibility standard. A few
commenters specifically requested a
clearer feasibility standard. Some
recommended that the Bureau provide
clear guidance about when a firewall is
or is not feasible and how a covered
financial institution may determine the
feasibility of establishing and
maintaining a firewall. A few
commenters said that the Bureau should
clarify the operational factors (such as
existing staffing, software capability,
other existing systems and operations,
and costs of making changes) that a
financial institution may consider when
determining feasibility and when an
employee or officer should have access
to protected demographic information
collected pursuant to section 1071. Two
of these commenters requested that the
commentary specifically state that a
financial institution may determine that
a firewall is not feasible if it would need
to hire additional staff in a line of
business. Another commenter said that
a financial institution should be
permitted to consider department size
in determining feasibility.
Two commenters said that the Bureau
should expressly state that a financial
institution has discretion to determine
when a firewall is or is not feasible.
These commenters further said that a
financial institution’s determination
that a firewall is not feasible should be
E:\FR\FM\31MYR2.SGM
31MYR2
lotter on DSK11XQN23PROD with RULES2
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
left to the sole and exclusive discretion
of financial institutions, effectively
creating a safe harbor for institutions’
determinations of feasibility. Another
commenter said that the Bureau should
also consider adding a feasibility-related
safe harbor provision in § 1002.112(c)
that allows for variations in determining
feasibility. Other commenters
recommended that a determination of
feasibility or infeasibility should satisfy
the rule if done in conformity with
written procedures. Finally, one
commenter said that it did not believe
that the Bureau could create a feasibility
standard that would allow a financial
institution to determine whether it is
required to implement a firewall
pursuant to the rule.
Providing a notice in lieu of
establishing and maintaining a firewall.
A significant number of the commenters
who said that it would not or may not
be feasible to implement and maintain
a firewall also opposed providing a
notice in lieu of establishing and
maintaining a firewall. Generally,
commenters said that the notice may
raise privacy concerns among some
applicants, create confusion, and/or
create competitive disadvantages for
financial institutions that provide the
notice. Some commenters said that
requiring a notice would create an
additional compliance and/or
administrative burden, and one said that
the notice may slow down the loan
process because financial institutions
will need to explain the required
language. Several commenters said that
the notice could cause customer
complaints (as well as customer
confusion) if some financial institutions
are not required to provide the notice.
Several commenters said that applicants
may want to obtain loans from financial
institutions that do not provide the
notice, and some said this ultimately
could result in a reduction of applicant
choice, a reduction of applicant access
to credit, or increased cost of credit.
A number of commenters said that
providing the applicant with notice of
the fact that their demographic data will
be shared could raise questions or
suspicions of whether the data plays a
role in credit decisions or doubts about
the impartiality of the credit decision, or
could cause unwarranted scrutiny from
individuals receiving the notice. Some
commenters said that the notice may
cause applicants to think the financial
institution is not adequately staffed or
cannot maintain the confidentiality of
applicant information. One commenter
suggested that the language of the
proposed notice is inflammatory.
Another commenter said that the
proposed notice implied that some
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
financial institutions are inherently
more likely to engage in unfair lending,
to the extent that a ‘‘government
warning’’ is necessary. The commenter
further stated that this implication is an
unwarranted insult to the integrity and
fairness of the shareholders and
management of smaller community
banks, and they would most likely
prefer to withdraw from or significantly
curtail small business lending than rely
on the proposed exception to the
firewall requirement by providing the
notice.
Different commenters identified
financial institutions that would need to
provide the notice as smaller financial
institutions, mid-sized financial
institutions, community banks, credit
unions, or more traditional financial
institutions (i.e., not online lenders).
However, one commenter predicted that
lenders of many sizes, business models,
and regulatory levels will conclude that
employees and officers involved in
making a determination concerning an
application should have access to
demographic information collected
under section 1071 and provide the
notice.
A number of commenters suggested
that the notice could inhibit the
collection of demographic information
and/or undercut section 1071’s statutory
purposes because it might influence
applicants not to provide the requested
information. One commenter said the
notice might result in more applicants at
community banks opting not to provide
their demographic information, and in
turn, more community banks having to
report ethnicity and race information
based on visual observation or surname.
Another commenter said that providing
the notice may affect an applicant’s
willingness to provide demographic
information as the notice gives the
perception that the information would
likely be used to discriminate. Likewise,
some commenters said that providing
the notice to qualify for the firewall
exception at the same time as the nondiscrimination notice is especially
problematic and could result in
applicants declining to provide the
requested information. Some
commenters said that giving the notices
together could result in other harms,
such as harm to existing customer
relationships. Two commenters
suggested that the notice requirement is
counterproductive because applicants
may be less inclined to provide
demographic information if they are
told that decision makers may access
their demographic information.
A bank said that the Bureau should
eliminate the notice because applicants
will know that the person making the
PO 00000
Frm 00247
Fmt 4701
Sfmt 4700
35395
inquiries pursuant to section 1071 will
be making determinations regarding
applications. Another bank said that the
notice is useless because no one reads
disclosures, and customers already
know that lenders cannot discriminate.
A few commenters requested specific
revisions to the notice. One commenter
said that the Bureau should revise the
notice to align with a HMDA notice.
Another commenter requested that the
Bureau align the notice with the
disclosure used for HMDA and stated
that this means that the disclosure
would be provided with requests for
demographic information on covered
applications, regardless of whether the
financial institution can maintain a
firewall, and would emphasize that the
information is being requested/collected
for government monitoring of lenders’
fair lending performance and
compliance, cannot influence credit
decisions, and is voluntary for
applicants to provide. A third
commenter said that in lieu of having a
firewall requirement, the Bureau should
develop a model disclosure to
applicants explaining the data gathering
process, similar to the disclosure
provided in the government monitoring
section of the home mortgage
application.
A commenter said that the Bureau
should exercise its authority to allow
institutions to provide a Bureaudeveloped disclosure to applicants
explaining that there may be access to
the data and explain that the institution
must not discriminate based on the
information. The commenter further
said that the Bureau should develop and
provide the disclosure in Spanish as
well as English when it publishes the
final rule and add other translations
over time.
A trade association supported the
Bureau’s proposal to develop model
disclosures that lenders could use when
notifying applicants of an employee’s or
officer’s access to personal information.
Another trade association supported an
exception to the firewall requirement
and a model disclosure that alerts
applicants that an employee or officer
may have access to demographic
information, but does not tell applicants
that such individuals will have access to
such information. Two other
commenters supported allowing
financial institutions to provide a notice
to applicants in lieu of restricting access
to applicants’ protected demographic
information if a financial institution
determines that it is not feasible to limit
access to one or more of an applicant’s
responses to the financial institution’s
inquiries. A community group
E:\FR\FM\31MYR2.SGM
31MYR2
35396
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
commenter said that the notice is an
important aspect of the proposed rule.
Requests for exemptions from the
firewall requirements. Many
commenters requested that the Bureau
exempt certain financial institutions
from the firewall requirement, though
not all commenters agreed on which
institutions should be exempted. One
commenter requested an exemption for
financial institutions with assets of less
than $1.384 billion (the CRA small bank
threshold as of January 1, 2022),785 and
another for institutions with assets of
less than $5 billion. A few commenters
said that financial institutions with
assets of less than $10 billion should be
exempted. Other commenters said that
‘‘smaller’’ or ‘‘community based
institutions’’ or ‘‘community banks’’ or
‘‘credit unions’’ should be exempted.
One commenter said that community
banks should be exempt from the notice
requirement.
Other commenters said that certain
institutions should be provided an
‘‘automatic’’ exception to the firewall,
such that smaller institutions could
avoid the analysis and documentation
required to show that an institution
qualifies for the exception.
Several commenters said that, due in
whole or in part to the firewall
requirement, certain institutions should
be exempted from the entire rule. One
commenter said that banks under $1
billion should be exempted on this
basis, a few said community banks
should be exempted on this basis, and
one commenter said that all but the
largest lenders or all depository lenders
should be exempted.
One commenter said that as an
alternative to exempting community
banks from the firewall requirement, the
Bureau could require all financial
institutions to provide the notice to all
applicants, regardless of whether
information is firewalled.
lotter on DSK11XQN23PROD with RULES2
Final Rule
For the reasons set forth herein, the
Bureau is generally finalizing the
firewall requirement with additional
clarifications in the commentary
regarding the definitions of ‘‘involved in
making any determination concerning a
covered application’’ and ‘‘should have
access,’’ the scope of the firewall,
determining feasibility, the nature of the
785 Bd. of Governors of the Fed. Rsrv. Sys. & Fed.
Deposit Ins. Corp., Agencies release annual assetsize thresholds under Community Reinvestment Act
regulations (Dec. 16, 2021), https://
www.federalreserve.gov/newsevents/pressreleases/
bcreg20211216a.htm; Fed. Fin. Insts. Examination
Council, Explanation of the Community
Reinvestment Act Asset-Size Threshold Change
(Dec. 16, 2021), https://www.ffiec.gov/cra/pdf/
2022_Asset_Size_Threshold.pdf.
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
exception, and applying the exception
to a specific employee or officer or
group of similarly situated employees or
officers. In addition, the Bureau has
eliminated the requirement to use
specific language when providing the
notice required to qualify for the
exception and, instead, has provided
sample language for the notice. This
sample language appears in the sample
data collection form at appendix E. The
Bureau has also revised the firewall
provisions to align with other changes
to the final rule, such as the inclusion
of LGBTQI+-owned business status
collected pursuant to final
§ 1002.107(a)(18) as protected
demographic information subject to the
firewall and the elimination of the
requirement to collect certain
information via visual observation or
surname.
Final § 1002.108(b) states the general
prohibition on access to applicants’
protected demographic information by
certain persons. The Bureau is finalizing
§ 1002.108(b) and comments 108(b)–1
and 108(b)–2 with changes for clarity
and consistency with other portions of
the final rule. Specifically, § 1002.108(b)
has been revised to include LGBTQI+owned business status, and crossreferences have been updated to reflect
changes elsewhere in the final rule.
Final § 1002.108(b) states that unless the
exception under final § 1002.108(c)
applies, an employee or officer of a
covered financial institution or a
covered financial institution’s affiliate
shall not have access to an applicant’s
responses to inquiries that the financial
institution makes pursuant to this
subpart regarding whether the applicant
is a minority-owned business, a womenowned business, or an LGBTQI+-owned
business under final § 1002.107(a)(18),
and regarding the ethnicity, race, and
sex of the applicant’s principal owners
under final § 1002.107(a)(19), if that
employee or officer is involved in
making any determination concerning
that applicant’s covered application.
Comments 108(b)–1 and –2 have been
re-ordered. Final comment 108(b)–1 and
final comment 108(b)–2 have been
revised to clarify the scope of the
prohibition.
While many commenters said that the
Bureau should eliminate the firewall
requirement, or should exempt certain
covered financial institutions or certain
types of transactions from the firewall
requirement, the Bureau does not
believe it is appropriate to abrogate this
statutory requirement through section
1071’s general exception authority
beyond the exception provided in the
statutory firewall provision itself.
Congress, which would have been aware
PO 00000
Frm 00248
Fmt 4701
Sfmt 4700
of the HMDA data collection regime
(including its lack of a firewall) at the
time that section 1071 was enacted,
specifically required that financial
institutions limit certain employees’ and
officers’ access to demographic
information that financial institutions
request from applicants in order to
comply with section 1071. While
Congress allowed an exception to the
general requirement to establish and
maintain a firewall in certain
circumstances (i.e., when the financial
institution determined that an employee
or officer should have access to the
demographic information and a firewall
would not be feasible), the language of
the statute suggests that Congress did
not intend for the Bureau to eliminate
the prohibition on access more broadly.
Furthermore, Congress only authorized
the Bureau to create exceptions to the
requirements in section 1071 where
necessary or appropriate to carry out
section 1071’s purposes. The Bureau
does not believe that eliminating the
firewall is necessary or appropriate to
carry out section 1071’s purposes.
Moreover, the Bureau believes that it
has separately addressed many of the
concerns about the ability of smaller
institutions and institutions with
limited staff to implement a firewall in
other sections of the final rule. In
particular, the Bureau has increased the
origination threshold for coverage in
§ 1002.105(b). As a result, many smaller
institutions and institutions with
limited staff will not be subject to any
provisions of the final rule, including
the firewall requirement.
Because the requirement to collect
certain information via visual
observation or surname is not included
in final § 1002.107(a)(19), it is not
necessary to address the comments
about the applicability of the firewall
requirements to information collected
via those methods. The Bureau has
accordingly removed references to
collecting information via visual
observation or surname from final
comments 108(a)–2.i and 108(b)–2.ii.
Similarly, because HMDA reportable
loans are excluded transactions
pursuant to final § 1002.104(b)(2), it is
not necessary to address comments
asking for guidance on how to apply the
firewall requirement if a loan is subject
to both HMDA and this final rule.
Regarding comments that the Bureau
establish a platform or system that
applicants can use to report
demographic data directly to the
Bureau, thereby eliminating the need for
institutions to implement a firewall, in
line with its discussion of this issue in
the section-by-section analysis of
§ 1002.107(a)(19), the Bureau does not
E:\FR\FM\31MYR2.SGM
31MYR2
lotter on DSK11XQN23PROD with RULES2
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
intend to create such a system at this
time but is open to engaging further
with stakeholders on alternative
approaches for how financial
institutions might collect and report
protected demographic information.
Final § 1002.108(a) provides certain
relevant definitions, including the
definition of the phrase ‘‘involved in
making any determination concerning a
covered application from a small
business.’’ Generally, the Bureau is
finalizing the definition of the phrase
‘‘involved in making any determination
concerning a covered application’’ in
§ 1002.108(a)(1) with revisions for
clarity. The Bureau also is revising
comment 108(a)–1 to provide additional
clarity that the covered application must
be from a small business and to provide
clarity and examples regarding which
employees and officers are subject to the
prohibition set out in final § 1002.108(b)
and which employees and officers are
not subject to the prohibition. In
response to the comments, the Bureau
has clarified that certain activities do
not constitute being involved in making
a determination concerning a covered
application from a small business and
that other activities do constitute being
involved in making such
determinations.
While the Bureau recognizes that the
‘‘involved in making any determination
concerning an application for credit’’
standard that Congress created in the
statute is broad, the Bureau does not
believe that the standard in final
§ 1002.108(a)(1), as further explained in
the commentary, is unduly vague or
subjective, as asserted by some
commenters.
As explained in final comment
108(a)–1.i, an employee or officer is
involved in making a determination
concerning a covered application from a
small business for purposes of final
§ 1002.108 if the employee or officer
makes, or otherwise participates in, a
decision regarding the evaluation of a
covered application or the
creditworthiness of a small business
applicant for a covered credit
transaction. Final comment 108(a)–1.i
also explains that the decision that an
employee or officer makes or
participates in must be about a specific
covered application or about the
creditworthiness of a specific applicant.
Thus, activities undertaken prior to the
submission of a covered application do
not constitute being involved in making
a determination about a covered
application. Similarly, activities
undertaken after a financial institution
has taken final action on a covered
application do not constitute making a
determination regarding a covered
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
application. Furthermore, an employee
or officer is not involved in making a
determination concerning a covered
application if the employee or officer is
only involved in making a decision that
affects covered applications generally.
Finally, the comment clarifies that an
employee or officer may be participating
in a determination even if the employee
or officer is not the ultimate or sole
decision maker and provides examples.
Additionally, in response to
comments requesting further
clarification regarding the definition of
the statutory phrase ‘‘involved in
making any determination concerning
an application for credit,’’ the Bureau
has added several examples to the list
of the types of activities in final
comment 108(a)–1.ii that do not
constitute being involved in making a
determination concerning a covered
application from a small business for
purposes of § 1002.108. The Bureau has
also added a list of examples in
comment 108(a)–1.iii of the types of
activities that do constitute being
involved in making a determination
concerning a covered application from a
small business for purposes of
§ 1002.108.
Section 1002.108(c), which the
Bureau is finalizing with updated crossreferences to reflect other changes in the
rule, explains the exception to the
general prohibition set forth in final
§ 1002.108(b). Final § 1002.108(c)
establishes an exception to the
prohibition in final § 1002.108(b) and
states that the prohibition does not
apply to an employee or officer if the
financial institution determines that it is
not feasible to limit that employee’s or
officer’s access to an applicant’s
responses to the financial institution’s
inquiries under final § 1002.107(a)(18)
or (19) and the financial institution
provides the notice required under final
§ 1002.108(d) to the applicant. It further
provides that it is not feasible to limit
access as required pursuant to final
§ 1002.108(b) if the financial institution
determines that an employee or officer
involved in making any determination
concerning a covered application from a
small business should have access to
one or more applicants’ responses to the
financial institution’s inquiries under
final § 1002.107(a)(18) or (19).
However, in response to comments
(including comments requesting
clarification about how a financial
institution should be permitted to
determine feasibility pursuant to the
final rule) and to provide additional
clarity and guidance, the Bureau has
divided proposed comment 108(c)–1
into two comments and revised and
supplemented both comments.
PO 00000
Frm 00249
Fmt 4701
Sfmt 4700
35397
Specifically, the Bureau has added
language in final comment 108(c)–1 to
clarify that a financial institution is not
required to separately determine the
feasibility of maintaining a firewall. A
determination that an employee or
officer should have access means that it
is not feasible to maintain a firewall as
to that particular employee or officer,
and the exception applies to that
employee or officer if the financial
institution provides the notice required
by final § 1002.108(d).
The comment also clarifies the nature
of the exception (i.e., that it applies on
an individual employee or officer basis,
not an institution-wide basis). The
comment states that the fact that a
financial institution has made a
determination that an employee or
officer should have access does not
mean that the financial institution can
permit other employees and officers
who are involved in making
determinations concerning a covered
application to have access to the
information collected pursuant to final
§ 1002.107(a)(18) and (19). A financial
institution may only permit an
employee or officer who is involved in
making a determination concerning a
covered application to have access to
information collected pursuant to final
§ 1002.107(a)(18) and (19) if it has
determined that employee or officer or
a group of which the employee or officer
is a member should have access to the
information.
The Bureau is not adopting one
commenter’s suggestion that the Bureau
permit a financial institution to
determine that a firewall is not feasible
for a single employee and then allow all
employees and officers to have access to
protected demographic information. As
explained above, the final rule clarifies
that a financial institution can permit an
employee or officer who is involved in
making a determination concerning a
covered applications from a small
business to access that small business’s
protected demographic information only
if the financial institution has
determined that employee or officer
should have access (i.e., either
individually or as part of a group). This
requirement is not intended to be a
‘‘gotcha,’’ as suggested by the
commenter, but rather a reasonable
means of allowing a financial institution
to provide employees and officers to
have access to protected demographic
information when such access may be
necessary to perform assigned job duties
without allowing such information to be
widely accessible to those employees
and officers who make determinations
concerning covered applications but do
not need the information to perform
E:\FR\FM\31MYR2.SGM
31MYR2
lotter on DSK11XQN23PROD with RULES2
35398
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
their jobs. The sample data collection
form at appendix E includes sample
language for the firewall notice, but the
Bureau is not requiring use of that
specific language for the firewall notice.
Final comment 108(c)–2 addresses
how a financial institution may apply
the exception to a specific employee or
officer or a group of similarly situated
employees or officers. It clarifies that a
financial institution may determine that
several employees and officers, all of a
group of similarly situated employees or
officers, and multiple groups of
similarly situated employees or officers
should have access to information
collected pursuant to § 1002.107(a)(18)
and (19). It also provides examples.
Final § 1002.108(a)(2) defines the phrase
‘‘should have access,’’ which is used in
§ 1002.108(c) and related commentary.
This phrase means that an employee or
officer may need to collect, see,
consider, refer to, or otherwise use the
information to perform that employee’s
or officer’s assigned job duties.
However, in response to comments, the
Bureau has revised comment 108(a)–2
and added a comment 108(a)–2.iii. The
Bureau has also revised comment
108(a)–2 to align with other changes
finalized in the rule (i.e., the elimination
of requirements to collect information
via visual observation or surname and
the inclusion of the LGBTQI+-business
status in final § 1002.107(a)(18)). These
comments clarify how a financial
institution may determine who should
have access.
Final comment 108(a)–2.i explains
that a financial institution may
determine that an employee or officer
who is involved in making a
determination concerning a covered
application should have access to
protected demographic information if
that employee or officer is assigned one
or more job duties that may require the
employee or officer to collect, see,
consider, refer to, or use such
information. The employee or officer
does not have to be required to collect,
see, consider, refer to, or use such
information or to actually collect, see,
consider, refer to or use such
information in order for the financial
institution to determine that the
employee or officer should have access.
It is sufficient if the employee or officer
might need to do so to perform the
employee’s or officer’s assigned job
duties.
Final comment 108(a)–2.ii explains
that a financial institution may
determine that all employees or officers
with the same job description or
assigned duties should have access for
purposes of final § 1002.108. If a
financial institution assigns one or more
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
tasks that may require access to one or
more applicants’ protected demographic
information to a particular job title, the
financial institution may determine that
all employees and officers who share
that job title should have access for
purposes of § 1002.108.
Although the final rule does not
provide a safe harbor for a financial
institution’s determination to account
for variations in determining feasibility
(i.e., determining which employees and
officers should have access) as two
commenters requested, new comment
108(a)–2.iii states that a financial
institution is permitted to choose what
lawful factors it will consider when
determining whether an employee or
officer should have access to protected
demographic information. A financial
institution’s determination that an
employee or officer should have access
may take into account relevant
operational factors and lawful business
practices. For example, a financial
institution may consider its size, the
number of employees and officers
within the relevant line of business or
at a particular branch or office location,
and/or the number of covered
applications the financial institution has
received or expects to receive.
Additionally, a financial institution may
consider its current or its reasonably
anticipated staffing levels, operations,
systems, processes, policies, and
procedures. A financial institution is
not required to hire additional staff,
upgrade its systems, change its lending
or operational processes, or revise its
policies or procedures for the sole
purpose of determining who should
have access.
The Bureau believes this new
comment makes clear that different
financial institutions may make
different determinations regarding
which employees and officers should
have access and that those different
determinations are permissible.
Additionally, in response to
commenters’ suggestions that
determinations of feasibility should
satisfy the final rule if they are made in
conformity with written procedures, the
Bureau notes that a financial institution
may choose to make its determinations
regarding who should have access to
protected demographic information
pursuant to written procedures, but is
not required to do so in order to have
a determination satisfy the final rule.
Furthermore, in light of the flexibility
provided in § 1002.108, and because the
firewall requirement was explicitly set
forth by Congress in section 1071, the
Bureau does not believe that providing
further discretion in determining
feasibility or adopting a safe harbor, as
PO 00000
Frm 00250
Fmt 4701
Sfmt 4700
suggested by some commenters, would
be appropriate.
Final § 1002.108(d) explains the
requirement to provide a notice in order
to qualify for the exception. The Bureau
is finalizing § 1002.108(d) and
comments 108(d)–1 and –3 largely as
proposed, and has revised comment
108(d)–2 regarding the content of the
notice. Final § 1002.108(d) has been
revised to include LGBTQI+-owned
business status, and cross-references
have been updated to reflect changes
elsewhere in the final rule. Specifically,
final § 1002.108(d) states that in order to
satisfy the exception set forth in final
§ 1002.108(c), a financial institution
shall provide a notice to each applicant
whose responses to inquiries for
protected demographic information will
be accessed, informing the applicant
that one or more employees or officers
involved in making determinations
concerning the covered application may
have access to the applicant’s responses
to the financial institution’s inquiries
regarding whether the applicant is a
minority-owned business, a womenowned business, or an LGBTQI+-owned
business, and regarding the ethnicity,
race, and sex of the applicant’s principal
owners. The financial institution shall
provide the notice required by final
§ 1002.108(d) when making the
inquiries required under final
§ 1002.107(a)(18) and (19) and together
with the notices required pursuant to
§ 1002.107(a)(18) and (19).
Final comment 108(d)–1, which
includes minor revisions for clarity,
explains that if a financial institution
determines that one or more employees
or officers should have access pursuant
to § 1002.108(c), the financial institution
must provide the required notice to, at
a minimum, the applicant or applicants
whose responses will be accessed by an
employee or officer involved in making
determinations concerning the
applicant’s or applicants’ covered
applications. Alternatively, a financial
institution may also provide the
required notice to applicants whose
responses will not or might not be
accessed. For example, a financial
institution could provide the notice to
all applicants for covered credit
transactions or all applicants for a
specific type of product.
Final comment 108(d)–3, which
includes minor revisions to align with
changes made elsewhere in the final
rule, explains the timing for providing
the notice. Generally, the financial
institution must provide the notice
required by § 1002.108(d) prior to asking
the applicant if it is a minority-owned,
women-owned, or LGBTQI+-owned
business and prior to asking for a
E:\FR\FM\31MYR2.SGM
31MYR2
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
lotter on DSK11XQN23PROD with RULES2
principal owner’s ethnicity, race, or sex.
Additionally, the notice must be
provided with the non-discrimination
notices required pursuant to
§ 1002.107(a)(18) and (19).
While many commenters said that the
Bureau should eliminate the notice
requirement or should exempt certain
covered financial institutions from the
notice requirement, the Bureau does not
believe it is appropriate to eliminate this
statutory requirement or to except
certain financial institutions from
providing the notice if they are relying
on the exception to the firewall
requirement. Congress explicitly
required that a financial institution
provide a notice to an applicant if the
financial institution does not limit
certain employees’ and officers’ access
to protected demographic information.
Congress also required that applicants
be permitted to refuse to provide the
requested demographic information.
Thus, an applicant should be told that
certain employees and officers may have
access to the protected demographic
information so that the applicant can
make an informed decision of whether
to exercise the applicant’s statutory
right to refuse. The Bureau does not
believe it would be appropriate to allow
some or all financial institutions to
forego providing applicants with the
information they may need to determine
whether to exercise this statutory right.
Although some commenters said that
the notice may undercut section 1071’s
purposes because the notice may cause
applicants to refuse to provide the
requested demographic information, the
Bureau believes that Congress was
aware of this potential result when it
provided applicants with the right to
receive a notice and the right to refuse
to provide the requested information.
Additionally, other commenters
undercut or contradicted the reasoning
put forth by commenters opposed to
providing the notice. For example,
while a group of commenters opposed
providing the notice based on the belief
that it would create competitive
disadvantages or burdens only for
smaller institutions, other commenters
said that larger institutions would also
likely provide the notice in lieu of
establishing and maintaining a
firewall.786 Other commenters
supported allowing financial
institutions to provide a notice in lieu
of establishing and maintaining a
786 Aside from being speculative, such a
competitive effect, if it existed, would be a direct
consequence of the statutory mandate regarding the
firewall: if the financial institution determines that
an employee or officer should have access to
protected demographic information, the notice must
be provided.
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
firewall, and one commenter said that
the notice was an important aspect of
the proposed rule.
Nonetheless, in order to address
commenters’ concerns about the specific
content proposed for the notice, the
Bureau has revised comment 108(d)–2.
That comment reiterates that the notice
must inform the applicant that one or
more employees and officers involved
in making determinations concerning
the applicant’s covered application may
have access to the applicant’s responses
regarding the applicant’s minorityowned business status, women-owned
business status, LGBTQI+-owned
business status, and its principal
owners’ ethnicity, race, and sex.
However, the comment no longer
prescribes language to be used for the
notice and, instead, directs financial
institutions to the sample data
collection form included in the final
rule for sample language that a financial
institution may opt to use when
providing the notice.787 Alternatively, a
financial institution may opt to use
different language as long as the notice
provides an applicant with the
statutorily required information (i.e.,
that one or more employees and officers
involved in making determinations
regarding the applicant’s covered
application may have access to the
applicant’s responses regarding the
applicant’s minority-owned business
status, women-owned business status,
LGBTQI+-owned business status, and its
principal owners’ ethnicity, race, and
sex). Final comment 108(d)–2 also
notes, for clarity, that if a financial
institution establishes and maintains a
firewall and chooses to use the sample
data collection form, it may delete the
sample language for the firewall notice
from the form because employees and
officers involved in making
determinations concerning applicants’
covered applications will not have
access to the applicants’ responses to
inquiries for protected demographic
information.
Section 1002.109 Reporting of Data to
the Bureau
Final § 1002.109 addresses several
aspects of financial institutions’
obligations to report small business
lending data to the Bureau. First,
§ 1002.109(a) requires data to be
787 Regarding the comment that the Bureau
should develop and provide the notice in Spanish
as well as English when it publishes the final rule
and add other translations over time, the Bureau
notes that it will be translating the sample data
collection form in appendix E (including the
sample language for the notice on the form) into
several languages. See also the discussion regarding
compliance and technical assistance at the end of
part I above.
PO 00000
Frm 00251
Fmt 4701
Sfmt 4700
35399
collected on a calendar year basis and
reported to the Bureau by June 1 of the
following year, and addresses several
related issues. Second, § 1002.109(b)
details the information that financial
institutions must provide about
themselves when reporting data to the
Bureau. Finally, § 1002.109(c) addresses
technical instructions for submitting
data to the Bureau.
The Bureau is finalizing § 1002.109 to
implement ECOA section 704B(f)(1) and
pursuant to its authority under
704B(g)(1) to prescribe such rules and
issue such guidance as may be
necessary to carry out, enforce, and
compile data pursuant to section 1071.
The Bureau is also finalizing
§ 1002.109(b) pursuant to 704B(e)(2)(H),
which requires financial institutions to
compile and maintain as part of their
data any additional data that the Bureau
determines would aid in fulfilling the
purposes of section 1071.
Details regarding each aspect of final
§ 1002.109, including a discussion of
what the Bureau proposed and
comments received, are provided in the
section-by-section analyses that follow.
109(a) Reporting to the Bureau
109(a)(1) Annual Reporting
Proposed Rule
ECOA section 704B(f)(1) provides that
‘‘[t]he data required to be compiled and
maintained under [section 1071] by any
financial institution shall be submitted
annually to the Bureau.’’
Proposed § 1002.109(a)(1)(i) would
have required that by June 1 following
the calendar year for which data are
collected and maintained as required by
proposed § 1002.107, a covered
financial institution shall submit its
small business lending application
register in the format prescribed by the
Bureau. This approach to reporting
frequency and reporting period is
consistent with the annual submission
schedule specified in the statute. The
Bureau sought comment on this aspect
of the proposal, and how best to
implement it in a manner that
minimizes cost and burden to small
financial institutions.
Proposed § 1002.109(a)(1)(ii) would
have required that an authorized
representative of the covered financial
institution with knowledge of the data
submitted certify to the accuracy and
completeness of data submitted
pursuant to proposed § 1002.109(a). A
similar provision exists in Regulation C
(§ 1003.5(a)(i)), and the Bureau believed
it appropriate to adopt a similar
requirement here as well. Based on the
Bureau’s experience with HMDA and
Regulation C, the Bureau believed that
E:\FR\FM\31MYR2.SGM
31MYR2
35400
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
lotter on DSK11XQN23PROD with RULES2
having a specific person responsible for
certifying to the accuracy and
completeness of data is likely to lead to
financial institutions providing better
quality data.
Proposed § 1002.109(a)(1)(iii) would
have clarified that when the last day for
submission of data prescribed under
proposed § 1002.109(a)(1) falls on a date
that is not a business day, a submission
is considered timely if it is submitted no
later than the next business day.
The Bureau sought comment on its
proposed approach to the aspects of
reporting addressed in proposed
§ 1002.109(a), including that the
reporting frequency be annual, that the
reporting period be the calendar year,
and that the submission date be June 1
of the next calendar year. In particular,
the Bureau sought comment with
respect to proposed § 1002.109(a)(1)(i)
on whether requiring the submission of
small business lending application
registers by June 1 might give rise to
complications for any persons or
entities relying on data from the
registers for other purposes, such as
Federal regulators scheduling
examinations.
Comments Received
In response to proposed
§ 1002.109(a)(1)(i), the Bureau received
comments from lenders, trade
associations, community groups, and
others. Commenters discussed the
reporting deadline of June 1, the
calendar year reporting period, and the
annual reporting frequency. Several
commenters supported the Bureau’s
reporting frequency and period, as well
as the reporting deadline of June 1. One
bank urged the Bureau to permit
reporting as early as March 1 for
institutions who wished to do so. A few
community groups and a CDFI lender
supported the reporting frequency and
period, but only supported the proposed
deadline of June 1 contingent upon the
Bureau’s timely publication of the data
later on in the year.
Some commenters supported the
reporting frequency and period but did
not support the reporting deadline. Of
this group of commenters, one trade
association urged the Bureau against
aligning the section 1071 reporting
deadline with the HMDA reporting
deadline of March 1, citing a strain on
resources. A trade association and a
bank supported annual reporting but
requested a later deadline. Finally, two
trade associations requested the Bureau
to permit ongoing reporting alongside
annual reporting. Both of these
commenters suggested the Bureau create
a portal or centralized system where
banks could input data as it is received.
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
Both commenters mentioned the burden
that would come along with
maintaining a database internally, as
well as concerns about system
maintenance, cost, and risk. One of
those trade associations also described
an alternative whereby the Bureau could
provide a link where small business
loan applicants could input their own
data or opt out of sharing their data
altogether.
One bank did not support any aspect
of proposed § 1002.109(a)(1)(i). This
bank argued that adding another
reporting regime, in addition to HMDA
and CRA, would add significant burden
to their staff, both at the loan origination
stage and at the reporting stage. It also
argued that having a mid-year reporting
deadline would tie up critical
compliance resources and would
require them to spend one quarter of the
year on reporting requirements.
Two trade associations touched on
quarterly reporting. The first
commented that large banks (for CRA
purposes) should be required to provide
their data within 30 days of a request to
do so. They argued that if the Bureau
absolves lenders of the requirement to
respond to individual requests, then
data should be reported quarterly. The
second commented that the frequency of
reporting that financial and regulatory
agencies expect to receive is quarterly
(Call Reports). They also stated that
non-regulated lenders, CDFIs and other
similar providers should be required to
report no less than semi-annually.
Many commenters did not support the
June 1 reporting deadline and the
calendar year reporting period in
particular. A lender and a business
advocacy group urged the Bureau to
adopt a reporting deadline of July 1
instead of June 1 to provide more time
between HMDA reporting and section
1071 reporting. The business advocacy
group stated that for institutions who
report HMDA data quarterly, 60 days
after quarter end, a deadline of June 1
would leave no separation between
reporting requirements. A cross-sector
group of lenders, community groups,
and small business advocates urged the
Bureau to adopt a May 1 to April 30
reporting period with a reporting
deadline in July, citing that staggering
reporting periods would ease regulatory
burden for lenders who also report
HMDA data. A joint letter from
community groups suggested a reporting
period of July 1 to June 30, citing that
covered lenders would benefit by
having six months to prepare before
data collection begins.
Several banks requested the reporting
deadline be no earlier than June 30 so
that there would be more time to
PO 00000
Frm 00252
Fmt 4701
Sfmt 4700
perform data integrity reviews for those
lenders that are HMDA and/or CRA
reporters. Several commenters
requested, as a general matter, that
reporting-related changes be effective
January 1 rather than midyear.
Finally, several lenders urged the
Bureau to coordinate section 1071
reporting with CDFI Fund reporting.
They argued that CDFIs are required to
report for a three-year period through
the CDFI Fund’s Transaction Level
Reporting data points that are well
beyond the scope of section 1071. They
also suggested that the Bureau
standardize data formats to match those
used in CDFI Fund reporting, and to
coordinate across agencies in order to
streamline data collection and reporting
requirements. This, they argue, would
minimize the burden on CDFIs.
The Bureau did not receive any
comments in response to proposed
§ 1002.109(a)(1)(ii) and (iii).
Final Rule
For the reasons set forth herein, the
Bureau is finalizing § 1002.109(a)(1)(i)
and (ii) as proposed, and finalizing
§ 1002.109(a)(1)(iii) with a revision for
clarity. Specifically, under final
§ 1002.109(a)(1)(i), on or before June 1
following the calendar year for which
data are compiled and maintained as
required by § 1002.107, a covered
financial institution shall submit its
small business lending application
register in the format prescribed by the
Bureau. While several commenters
advocated for more frequent reporting,
the Bureau believes that its approach is
consistent with the annual submission
schedule specified in the statute. The
Bureau is not permitting financial
institutions to submit their data on a
real-time basis or ongoing basis, as this
approach could result in financial
institutions treating the Bureau as their
official recordkeeper for their data.788
Regarding the comments supporting a
June 1 submission date, contingent on
rapid publication of data soon after, the
Bureau addresses such comments in the
section-by-section analyses of
§ 1002.110(a) and (b), and the privacy
section in part VIII. While some
commenters requested that financial
institutions have the ability to submit
data as early as March 1, the Bureau
intends to make it possible for financial
institutions to report as early as possible
before June 1 each year once the small
788 With respect to comment that it should build
an online platform to receive data from applicants
on a real-time basis, the Bureau does not, at this
time, intend to take this step, in line with its
analysis of demographic data submission in the
section-by-section analysis of § 1002.107(a)(19).
E:\FR\FM\31MYR2.SGM
31MYR2
lotter on DSK11XQN23PROD with RULES2
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
business lending data reporting platform
is established.
While some commenters suggested
alternate reporting periods, the Bureau
believes there are advantages to having
data collected and reported on a
calendar year basis. Calendar year
reporting may facilitate other aspects of
the rule that depend on data that is
typically recorded on a calendar year
basis. For instance, other parts of the
rule look to annual data, such as
§ 1002.105(b), which would use a
financial institution’s loan volumes over
the prior two calendar years to
determine whether it is a covered
financial institution. Further, the
Bureau understands that financial
institutions would generally prefer to
have such data collections occur on a
calendar year basis because such an
approach would be generally consistent
with their operations. An annual
reporting period other than the calendar
year—such as July 1 to June 30—could
result in additional challenges for
financial institutions in complying with
the rule, which could in turn increase
the probability of errors in collecting
and reporting data to the Bureau.789
Regarding submission date, several
commenters requested alternate
deadlines such as March 1 or July 1.
However, the Bureau believes that a
June 1 submission deadline gives the
compliance staff of financial
institutions, especially smaller
institutions, adequate time and
resources to dedicate to preparing a
small business lending application
register, after meeting other reporting
obligations earlier in the year, such as
under HMDA or CRA. This remains true
even though the final rule excludes all
HMDA-reportable loans and even
though the Federal prudential regulators
have proposed amendments to the CRA
rules that would use small business and
small farm data from this rule. Many
institutions will still have March
deadlines for their HMDA and CRA
reporting obligations unrelated to small
business lending, and the Bureau
believes a later deadline for reporting
data collected under this final rule
remains appropriate. Financial
institutions with quarterly HMDA filing
deadlines generally handle a high
volume of mortgage loan originations
and are more likely to have sufficient
resources to cope with a June 1 deadline
for this rule (and, indeed, any filing
deadline set by the Bureau would be
789 Regarding concerns that a January 1 collection
date would be too soon after the publication of the
rule, the Bureau addresses all concerns about the
amount of time lenders have to comply with this
rule in the section-by-section analysis of
§ 1002.114(b).
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
within 60 days of a quarterly HMDA
filing deadline).
Final § 1002.109(a)(1)(ii) specifies that
an authorized representative of the
covered financial institution with
knowledge of the data shall certify to
the accuracy and completeness of the
data reported pursuant to
§ 1002.109(a)(1)(i). The Bureau has
modified final § 1002.109(a)(1)(iii) for
clarity; it now provides that when June
1 falls on a Saturday or Sunday, a
submission shall be considered timely if
it is submitted on the next succeeding
Monday.
109(a)(2) Reporting by Subsidiaries
Proposed Rule
ECOA section 704B(f)(1) states that
‘‘any’’ financial institution obligated to
report data to the Bureau must do so
annually; the statute does not expressly
address financial institutions that are
themselves subsidiaries of other
financial institutions.
Proposed § 1002.109(a)(2) would have
stated that a covered financial
institution that is a subsidiary of
another covered financial institution
shall complete a separate small business
lending application register. The
proposal would have provided that a
subsidiary shall submit its small
business lending application register,
directly or through its parent, to the
Bureau. Proposed comment 109(a)(2)–1
would have explained that a covered
financial institution is considered a
subsidiary of another covered financial
institution for purposes of reporting
data pursuant to proposed § 1002.109 if
more than 50 percent of the ownership
or control of the first covered financial
institution is held by the second
covered financial institution. This
proposed provision would have
mirrored one that exists for HMDA
reporting under Regulation C in
§ 1003.5(a)(2). The Bureau believed that
the proposed provision would facilitate
compliance by permitting parent
financial institutions to coordinate the
reporting of all their subsidiaries’ small
business lending data together.
The Bureau sought comment on this
aspect of its proposal. Additionally, the
Bureau sought comment on proposed
§ 1002.109(a)(2) in light of proposed
§ 1002.105(b), which would have
defined a covered financial institution
as a financial institution that originated
at least 25 covered credit transactions
for small businesses in each of the two
preceding calendar years. The Bureau
sought comment on whether this
provision may risk creating ambiguity
with respect to compliance and whether
additional safeguards may be required
PO 00000
Frm 00253
Fmt 4701
Sfmt 4700
35401
to dissuade financial institutions from
creating subsidiaries for the sole
purpose of avoiding the collection and
reporting of 1071 data. The Bureau also
sought comment on all other aspects of
this proposal.
Comments Received
The Bureau received comments from
a bank, a trade association, and a
community group on the proposed
provision regarding reporting by
subsidiaries. The community group had
no objections to the Bureau’s proposal.
The bank recommended that the Bureau
define subsidiary in subpart B, stating
that the term was used extensively in
this proposed provision and to dissuade
financial institutions from creating
subsidiaries in order to avoid reporting
data. The community group
recommended that the Bureau create
safeguards against the possibility that a
lender will develop an ownership
structure that will evade reporting
requirements, specifically that
originations be counted at the parent or
holding company level for the purposes
of determining institutional coverage
under § 1002.105(b).
Final Rule
For the reasons set forth herein, the
Bureau is finalizing § 1002.109(a)(2) and
associated commentary as proposed.
The Bureau believes that this provision
will help facilitate compliance through
consistency with an existing provision
in a separate regulation (Regulation C)
familiar to many financial institutions
and by also permitting financial
institutions to coordinate the reporting
of all their subsidiaries’ small business
lending data. The final rule provides a
definition of subsidiary in comment
109(a)(2)–1.
The Bureau does not believe it is
necessary to add to the rule a
requirement to count originations at the
parent or holding company level for the
purposes of determining whether a
financial institution has met the
institutional coverage threshold. Final
§ 1002.105(b) defines a covered
financial institution as a financial
institution that originated at least 100
covered credit transactions for small
businesses in each of the two preceding
calendar years. The Bureau believes that
the process and costs of establishing a
new charter to avoid reporting data,
along with other associated obligations
in forming a new legal entity, will
generally dissuade lenders from creating
subsidiaries through whom to make
small business loans specifically for the
purpose of avoiding coverage under this
final rule.
E:\FR\FM\31MYR2.SGM
31MYR2
35402
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
109(a)(3) Reporting Obligations Where
Multiple Financial Institutions Are
Involved in a Covered Credit
Transaction
lotter on DSK11XQN23PROD with RULES2
Background
Section 1071’s requirement to collect
and report data for any ‘‘application to
a financial institution for credit’’ could
be read as applying to more than one
financial institution when an
intermediary provides an application to
another institution that takes final
action on the application. It might also
apply in cases where one application is
simultaneously sent to multiple
financial institutions for review. This
broad reading may serve a useful
function, such as comprehensive
reporting by all financial institutions
involved in a small business lending
transaction, but could also generate
duplicative compliance costs for
financial institutions and potentially
detract from the quality of reported data,
increasing the risk that certain
applications are reported multiple times
with potential inconsistencies.
During the SBREFA process, several
small entity representatives voiced
support for aligning reporting
requirements for financial institutions
that are not the lender of record with the
approach taken for HMDA reporting in
the Bureau’s Regulation C. Other small
entity representatives expressed concern
in adopting the Bureau’s approach in
Regulation C, noting the differences
between small business and residential
mortgage loan products, and advocated
for simpler approaches.
SBREFA feedback from other
stakeholders included support for a
HMDA-like approach when multiple
lenders are involved in a transaction,
praising the Bureau’s consistent
approach and interest in limiting
duplicative information. However,
several stakeholders advocated against
the HMDA approach, generally by
proffering other ideas rather than
criticizing the rules or outcomes of the
HMDA approach. Alternative
suggestions varied, but included
suggesting that data collection and
reporting should be required only for
the company most closely interacting
with the loan applicant; if a financial
institution receives a covered
application, then the application should
be subject to reporting, regardless of
outcome; the financial institution that
funded (or would have funded) the loan
should be required to collect and report;
and the financial institution that
conducts the underwriting and
determines whether the small business
credit applicant qualifies for credit
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
using its underwriting criteria should be
required to report and collect.
Proposed Rule
Proposed § 1002.109(a)(3) would have
provided that only one covered
financial institution shall report each
covered credit transaction as an
origination, and that if more than one
financial institution was involved in an
origination, the financial institution that
made the final credit decision approving
the application shall report the loan as
an origination, if the financial
institution is a covered financial
institution.
Proposed § 1002.109(a)(3) would have
further provided that if there was no
origination, then any covered financial
institution that made a credit decision
shall report the application. The Bureau
explained that under certain lending
models, financial institutions may not
always be aware of whether another
financial institution originated a credit
transaction. The Bureau believed that
information on whether there was an
origination should generally be
available, or that lending models can be
adjusted to provide this information at
low cost.
Proposed comment 109(a)(3)–1 would
have provided general guidance on how
to report originations and applications
involving more than one institution. In
short, if more than one financial
institution was involved in the
origination of a covered credit
transaction, the financial institution that
made the final credit decision approving
the application would report the
covered credit transaction as an
origination. Proposed comment
109(a)(3)–2 would have offered
examples illustrating how a financial
institution should report a particular
application or originated covered credit
transaction. Proposed comment
109(a)(3)–3 would have explained that if
a covered financial institution made a
credit decision on a covered application
through the actions of an agent, the
financial institution reports the
application, and provided an example.
State law determines whether one party
is the agent of another. While these
proposed comments assumed that all of
the parties are covered financial
institutions, the same principles and
examples would apply if any of the
parties were not a covered financial
institution.
The Bureau sought comment on this
aspect of its proposal. In particular, the
Bureau sought comment with respect to
proposed § 1002.109(a)(3) on whether,
particularly in the case of applications
that a financial institution is treating as
withdrawn or denied, the financial
PO 00000
Frm 00254
Fmt 4701
Sfmt 4700
institution can ascertain if a covered
credit transaction was originated by
another financial institution without
logistical difficulty or significant
compliance cost.
Comments Received
The Bureau received comments on
this aspect of the proposal from a range
of stakeholders, including lenders, trade
associations, and community groups.
Several commenters, including trade
associations and a community group,
expressed general support for the
Bureau’s proposed approach, stating
that it would help avoid duplicative
reporting, the originating lender is best
positioned to obtain the necessary
information from the borrower, and the
approach will increase the accuracy of
the reported data, especially in an
increasingly complex lending market. In
addition, two credit union trade
associations said that the proposal takes
the correct approach for loan
participation arrangements. Another
trade association said that, to ensure
simplicity, the Bureau should make the
rule identical to Regulation C.
Conversely, several other industry
commenters asserted that the proposal
may be too complex or not feasible. A
bank requested that the Bureau consider
different reporting rules in cases where
coordination among financial
institutions is not feasible. A trade
association stated that financial
institutions are not aware of credit
extensions made by competitors and are
prohibited from sharing nonpublic
personally identifiable information,
including the existence of an account,
with other financial institutions. This
commenter pointed out that in indirect
financing, the loan might be offered to
multiple parties, so several financial
institutions might be in this position.
Similarly, a joint letter from several
insurance premium finance trade
associations stated that insurance
premium lenders generally do not know
whether an application was originated
by another financial institution, and it
would be difficult, if not impossible to
find out. These commenters suggested a
new exception where insurance
premium finance lenders are permitted
to report data regarding any signed
premium finance agreement they
receive and take action upon (without
requiring them to determine whether
another lender originated the rare
premium finance loan that is not
approved and funded).
A joint letter from community and
business advocacy groups argued that
the proposal does not address the
complexity of modern online lending.
These commenters stated that online
E:\FR\FM\31MYR2.SGM
31MYR2
lotter on DSK11XQN23PROD with RULES2
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
lenders often ‘‘rent a charter’’ to evade
the limitations of State lending laws, the
terms of these partnerships are often
unknown, but under the proposal only
one party would report the data without
it being clear which one. They further
noted that the final credit decision
might be made by a digital algorithm but
then approved by the depository
institution. In addition, two credit
union trade associations expressed
uncertainty regarding who is
responsible for errors or
noncompliance—that is, credit union
service organizations or the member
credit union.
A joint letter from two motor vehicle
dealer trade associations requested
clarification on the rule’s application,
stating their belief that for indirect auto
lending, the responsible party would
typically be the indirect lender that
advances funds, not the motor vehicle
dealer. They further asserted that the
dealer typically is identified on the
credit contract as the seller-creditor
even though the indirect lender as
assignee-creditor performs the
underwriting, funding, and servicing
functions and determines whether, and
on what terms, it will agree to take
assignment of the credit contract. They
argued that when an origination occurs,
the lender taking assignment of the
credit contract should be the entity
responsible for compliance with section
1071, and that when an origination does
not occur, then reporting responsibility
should rest with the lender that
conducted underwriting and
determined that they would not take
assignment of the credit contract.
A financial services trade association
characterized the transaction differently,
explaining that indirect vehicle finance
transactions involve two separate, but
related transactions. The commenter
stated that a customer purchases a car
from a motor vehicle dealer and
executes a retail installment sales
contract that finances the purchase price
and any other products the customer
elects to purchase. The dealer is the
original creditor and negotiates the
financing terms with the customer.
Separately, the dealer communicates
with one or more other financial
institutions to determine which one will
purchase the completed contract and at
what terms. As purchaser of the credit
contract, the financial institution takes
assignment of the contract and begins
servicing the contract until it is paid in
full.
In addition, two trade associations
pointed to Board regulations
implementing ECOA and argued that
the dealer would be prohibited under
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
the law from asking the business owner
for protected demographic information.
Some commenters expressed
uncertainty regarding the Bureau’s use
of the term ‘‘final credit decision’’ in the
proposal. Two commenters asserted that
it was unclear which lender makes the
final credit decision in situations where
two lenders are required to make a
credit decision to approve an
application. A number of certified
development companies, their trade
association, and other lenders provided
the example of the SBA’s 504
Development Company Loan Program,
which requires loans to be financed by
both a certified development company
and a private lender, asking who reports
in such cases.
Several farm credit institutions and a
trade association requested that the
Bureau clarify that its rule does not
apply to credit decisions made after
loan approval. The commenters
explained that farm credit institutions
are required to make an independent
judgment on the creditworthiness of the
borrower, even in secondary market
transactions, so it would be helpful to
make clear that those judgments are not
subject to data collection and reporting
obligations. In addition, a group of trade
associations requested that the rule text
should more closely match the text in
proposed comment 109(a)(3)–1.ii,
saying that otherwise it could be
misinterpreted to mean that as long as
one institution reports its decision, then
others need not do so.
A law firm commented that the
Bureau should clarify that third-party
review, even if for the purposes of
telling the creditor that the third party
will only purchase the post-origination
loan under certain conditions, does not
mean that the third party/potential
purchaser made the final credit
decision. The commenter explained that
in these types of ‘‘forward flow’’
transactions, the third party does not
originate the credit nor does it have any
particular interest in whether the
creditor approves and originates the
transaction.
A group of trade associations stated
that in the case of withdrawn
applications, it would be impractical
and burdensome for a financial
institution to determine whether an
applicant received credit elsewhere.
Commenters offered some alternative
suggestions. Two industry commenters
stated that if a loan is originated, only
the creditor to whom the obligation is
initially payable should be required to
collect and report data. When there is
no origination, only the institution that
initially received the application should
be required to collect and report data.
PO 00000
Frm 00255
Fmt 4701
Sfmt 4700
35403
These commenters asserted that this
was a simpler approach, and the
originating creditor is in the best
position to collect and report all of the
required data points.
A joint letter from community and
business advocacy groups stated that the
Bureau should assign reporting
responsibility to the financial institution
that has the predominant economic
interest in and bears the predominant
risk of a loan (or that would have had
such an interest had the loan been
consummated). These groups further
asserted that it is important in online
lenders’ ‘‘rent a charter’’ arrangements
for the Bureau to collect data on both
the identity of the online lender and the
depository institution because they are
both ECOA creditors, but at a minimum
the Bureau should collect data on the
party that bears the bulk of the risk.
Another commenter stated that the
Bureau should consider adding a nonunique (i.e., shared across institutions)
loan identifier that would allow
matching of loans reported by multiple
institutions (e.g., a new data point). The
commenter asserted that this would
allow data users to match loans reported
by multiple financial institutions and
obviate the need to have such reporting
rules.
Comments addressing partial interests
and participation loans are discussed in
the section-by-section analysis of
§ 1002.104(b). Moreover, several farm
credit institutions urged the Bureau to
clarify that in the syndicated loan
context, the administrative agent is the
sole lender with responsibility under
the rule. Commenters explained that
syndicated loans differ from
participations in that multiple lenders
enter into a contractual relationship
with the borrower, but there is typically
an administrative agent, which is
primarily responsible for interacting
with the applicant or borrower. A farm
credit institution noted that the
proposal’s ambiguity with respect to
syndicated loan reporting would create
inaccuracies in reported information.
Final Rule
For the reasons set forth herein, the
Bureau is finalizing § 1002.109(a)(3)
with modifications. Final
§ 1002.109(a)(3) states the general rule
that each covered financial institution
shall report the action that it takes on a
covered application. Where it is
necessary for more than one financial
institution to make a credit decision in
order to approve the covered credit
transaction, however, only the last
covered financial institution with
authority to set the material terms of the
covered credit transaction shall report
E:\FR\FM\31MYR2.SGM
31MYR2
lotter on DSK11XQN23PROD with RULES2
35404
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
the application. In addition, financial
institutions report the actions of their
agents.
Final comment 109(a)(3)–1 provides
general guidance on how to report
applications involving more than one
institution. Final comment 109(a)(3)–2
provides a variety of examples to
illustrate which financial institution
reports a particular application when
multiple financial institutions are
involved in a covered credit transaction
and how such applications are reported.
The Bureau has revised language in
proposed § 1002.109(a)(3) that discussed
outcomes ‘‘if more than one financial
institution was involved in an
origination’’ both for clarity, and to
avoid complexity, logistical challenges,
and potential data accuracy issues.
Initially, final § 1002.109(a)(3) provides
that each covered financial institution
shall report the action that it takes on a
covered application. Final comment
109(a)(3)–1.ii sets forth the various
actions that a financial institution may
take on a covered application. Certain of
the examples in final comment
§ 1002.109(a)(3)–2 illustrate credit
transactions that involve a single
financial institution with responsibility
for making a credit decision on a
covered application. Those examples
make clear that where a financial
institution is only passively involved in
a covered credit transaction or is only
involved after the time of origination
(for example, to purchase the loan), it
has not taken action on the covered
application and so does not report. For
example, the Bureau understands that a
non-originating financial institution
may be ‘‘involved’’ with a covered
credit transaction after closing (for
example, if it purchases the covered
credit transaction); however, such postclosing transactions (with the exception
of applications for line increases) are
generally not covered by the final rule.
The Bureau further notes that whether
an entity meets the definition of
‘‘creditor’’ under ECOA and Regulation
B is not determinative of who reports
under this rule.
Despite the general rule that all
financial institutions shall report action
taken on a covered application, final
§ 1002.9(a)(3) and final comment
109(a)(3)–1.i provide that where it is
necessary for more than one financial
institution to make a credit decision in
order to approve the covered credit
transaction, only the last financial
institution with authority to set the
material terms of the covered credit
transaction is required to report. Setting
the material terms of the covered credit
transaction includes, for example,
selecting among competing offers or
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
modifying pricing information, amount
approved or originated, or repayment
duration. The fact that it is necessary for
more than one financial institution to
make a credit decision in order to
approve the covered credit transaction
does not mean that there was an actual
approval or origination of the covered
application. Rather, and in contrast to
the passive conduit scenario described
above, this provision applies when a
financial institution would not originate
a covered credit transaction unless it
was approved by at least one other
financial institution prior to closing.
The changes to § 1002.109(a)(3) are
intended to address commenters’
concerns that the NPRM approach was
too complex or infeasible. Many of these
commenters stated that it would be
difficult for a financial institution to
know if a loan was originated by
another financial institution. Unlike the
NPRM approach, final § 1002.109(a)(3)
is not limited to requiring only one
financial institution to report an
origination. Final § 1002.109(a)(3) states
that where it is necessary for more than
one financial institution to make a
credit decision to approve the covered
credit transaction, only the last covered
financial institution with authority to
set the material terms of the covered
credit transaction is required to report
the application (i.e., whether or not it
was originated). In making this change,
the Bureau seeks to avoid duplicative
reporting in more than just cases of
originated transactions; it seeks to
clarify that only one financial
institution is required to report on the
application, no matter the action taken.
While the Bureau recognizes there
may be some benefit in having multiple
financial institutions reporting the same
application, there are logistical
challenges and potential data accuracy
issues that could result from reporting
by multiple financial institutions. For
example, the Bureau understands that in
some typical indirect lending situations,
one application may be transmitted to
several financial institutions to
determine interest in purchasing an
originated transaction, and requiring
reporting from each of these financial
institutions (even if the small business
applicant is not aware of their
involvement or the action taken by these
institutions) would significantly
increase reporting volumes for these
types of transactions. Moreover, in this
example, while this approach means a
lack of visibility into purchase offers
and an inability to compare them to the
resulting credit contract, the Bureau
believes that reporting of such data
could undermine data quality and
would provide only limited additional
PO 00000
Frm 00256
Fmt 4701
Sfmt 4700
benefits where the purchase decisions
are later accepted, declined, or altered
by a different financial institution that
ultimately presents (or does not present)
a credit offer to the applicant. Thus, the
Bureau believes data quality, along with
the purposes of section 1071, will be
better served if the financial institution
with the last authority for setting the
material terms of the covered
transaction is the reporter.790
Final comment 109(a)(3)–1.i
emphasizes that the determinative factor
is not which financial institution
actually made the last-in-time credit
decision, but rather which financial
institution had last authority for setting
the material terms of the covered credit
transaction, even if it did not actually
exercise this authority in a particular
case. For example, a financial
institution that has the authority to
modify the total loan amount prior to
origination has the last authority for
setting the terms of the covered credit
transaction, even if it makes no changes
to the total loan amount. The Bureau is
adopting a categorical, rather than a
case-by-case rule, to enable financial
institutions to identify a reporting party
at the outset of a transaction. The
Bureau believes that this will help
eliminate uncertainty and logistical
challenges concerning which institution
reports, and thus provide a more
straightforward and administrable bright
line.
This approach will also address
requests for clarification from
commenters. For example, one
commenter suggested that the Bureau
clarify that third-party review, even if
for the purposes of telling the creditor
that the third party will only purchase
the post-origination loan under certain
conditions, does not mean that third
party/potential purchaser made the final
credit decision. The Bureau believes
that final comment 109(a)(3)–2.vii
addresses this scenario, illustrating that
where another financial institution has
ultimate authority for setting the
material terms of the covered credit
transaction, the third party/potential
purchaser does not report. In finalizing
this approach, the Bureau is also
removing the phrase ‘‘final credit
decision’’ from § 1002.109(a)(3) because
the phrase appears to have caused
confusion and is not necessary to
convey the Bureau’s intentions
regarding which financial institution is
790 If the financial institution with last authority
for setting the material terms of the covered credit
transaction is not a covered financial institution,
whether due to a statutory exemption (such as the
one for motor vehicle dealers in section 1029) or
other reasons, then the application is not reported
under this rule.
E:\FR\FM\31MYR2.SGM
31MYR2
lotter on DSK11XQN23PROD with RULES2
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
required to report under various
circumstances.
In addition, final comment 109(a)(3)–
1.iii clarifies reporting obligations in
circumstances where it is necessary for
more than one financial institution to
make a credit decision in order to
approve a single covered credit
transaction and where more than one
financial institution denies the
application or otherwise does not
approve the application. In this
circumstance, the reporting financial
institution (the last financial institution
with authority to set the material terms
of the covered credit transaction) shall
have a consistent procedure for
determining how it reports inconsistent
or differing data points for purposes of
subpart B, such as reporting the denial
reason(s) from the first financial
institution that denied the covered
application.
The Bureau believes that the revisions
to § 1002.109(a)(3) and associated
commentary will help ensure clarity
and consistency from the outset
regarding which entity has reporting
responsibility in a variety of fact
patterns involving multiple financial
institutions. In addition, the Bureau
believes that this approach advances
section 1071’s purposes by reducing
logistical challenges and potential data
accuracy issues resulting from reporting
by multiple financial institutions on the
same application.
In response to commenters who urged
consistency with HMDA, the Bureau
notes that it initially sought alignment
with Regulation C given its
understanding of how well the approach
has worked in the residential mortgage
context and the similarities that exist
with various indirect lending scenarios
in the small business lending context.
While the Bureau’s approach in final
§ 1002.109(a)(3) in many situations is
consistent with Regulation C outcomes,
it deviates in some ways because, unlike
Regulation C, this final rule does not
cover purchase transactions. In
addition, the Bureau believes that
commenters’ concerns about alignment
with HMDA are mitigated by the
Bureau’s decision to exclude reporting
of all HMDA-reportable transactions, as
set forth in final § 1002.104(b)(2).
Unlike section 1071, HMDA expressly
contemplates data collection for loan
purchases, and Regulation C thus
requires financial institutions to report
purchases of covered loans.791
791 See 12 U.S.C. 2803(a)(1) (stating that
institutions ‘‘shall compile and make available . . .
the number and total dollar amount of mortgage
loans which were (A) originated (or for which the
institution received completed applications), or (B)
purchased by that institution’’); Regulation C
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
Moreover, Regulation C commentary
clarifies that if more than one institution
approved an application prior to closing
or account opening and one of those
institutions purchased the loan after
closing, the institution that purchased
the loan after closing reports the loan as
an origination.792 The preamble to the
2015 final HMDA rule explained that
requiring that only one institution
report the origination of a covered loan
eliminates duplicative data.793 Identical
language was included in proposed
comment 109(a)(3)–1.i.
Upon further consideration, the
Bureau believes that Regulation C’s
approach involving a purchasing
institution is incongruous with section
1071 requirements and thus the final
rule adopts a different approach. As
described in the section-by-section
analysis of § 1002.104(b) above,
purchases of covered credit transactions
are not, in themselves, covered by the
rule. Thus, the Bureau is removing
language from proposed comment
109(a)(3)–1.i that would have required
reporting by a purchasing financial
institution that also approved an
application prior to closing or account
opening, and is instead placing the
reporting obligation on the last covered
financial institution with authority to
set the material terms of the covered
credit transaction. The Bureau believes
that this approach is more broadly
applicable to the small business
financing context (particularly since the
Bureau is excluding HMDA-reportable
transactions) where there are some
salient differences to the mortgage
lending context.
For example, while there may also be
intermediaries in a mortgage loan
transaction, an intermediary typically
does not have the discretion and
authority to materially deviate from the
terms expected by a secondary-market
purchaser. In some small business
lending contexts, even where a
subsequent bona fide purchaser and
holder in due course of a covered credit
transaction has been identified, an
intermediary may have the authority to
sort through different purchase offers,
select one, and present it to the
applicant. Such an intermediary may
also have the authority to change
material terms of the covered credit
transaction prior to closing, such as
modifying the pricing terms, loan
amount, or repayment duration. As the
only party to interact with the applicant
§ 1003.4(a) (stating that a financial institution ‘‘shall
collect data regarding . . . covered loans that it
purchases for each calendar year’’).
792 Regulation C comment 4(a)–2.i.
793 80 FR 66128, 66173 (Oct. 28, 2015).
PO 00000
Frm 00257
Fmt 4701
Sfmt 4700
35405
prior to closing, the intermediary can be
the party with the most fair lending risk.
The Bureau believes, given section
1071’s statutory purposes, this last
financial institution with the authority
to set the terms of the small business’s
credit obligation should be the one to
report on an application.
Indirect auto lending transactions are
a common example of situations
involving multiple financial
institutions. It is common for motor
vehicle dealers to assess specific credit
information about the applicant,
negotiate and set credit terms (such as
the duration of the transaction),
negotiate and charge for add-on
products, and include loan pricing
markups. Likewise, the dealer is
typically the original creditor, executing
and setting the terms of a retail
installment sales contract with the
customer, and then selling it to another
financial institution. Even if the motor
vehicle dealer interacts with several
financial institutions to make a credit
decision and originate a credit
transaction, the dealer is typically the
last entity with authority to set the
material credit terms of the covered
credit transaction. Final comments
109(a)(3)–2.vii and viii provide
examples of such scenarios.
In some cases, a financial institution’s
purchase of the retail installment sales
contract may not even occur until well
after the contract has been signed and
the vehicle has been driven off the lot.
The fact that a contract may be
conditioned on a financial institution’s
purchase of the contract at a later time
does not alter the analysis. In these
situations, often known as ‘‘spot
delivery,’’ the applicant has met the
underwriting and creditworthiness
conditions used by the motor vehicle
dealer and has been approved. The fact
that a motor vehicle dealer has imposed
other conditions on the execution of the
contract (i.e., a financial institution
purchasing the contract) that are outside
of the applicant’s control does not
change the conclusion. Once the
contract has been signed and the terms
of credit set, there is no credit decision
on a covered application by a
subsequent purchaser.
The Bureau recognizes that its rules
generally do not apply to motor vehicle
dealers, as defined in section 1029(f)(2)
of the Dodd-Frank Act, that are
predominantly engaged in the sale and
servicing of motor vehicles, the leasing
and servicing of motor vehicles, or
both.794 This provision is codified in
final § 1002.101(a). The Dodd-Frank Act
also specifies that in general, ‘‘nothing
794 12
E:\FR\FM\31MYR2.SGM
U.S.C. 5519.
31MYR2
lotter on DSK11XQN23PROD with RULES2
35406
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
in this title . . . shall be construed as
modifying, limiting, or superseding the
operation of any provision of Federal
law, or otherwise affecting the authority
of the Board of Governors . . . with
respect to a [motor vehicle dealer that is
predominantly engaged in the sale and
servicing of motor vehicles, the leasing
and servicing of motor vehicles, or
both].’’ 795 Thus, consistent with this
provision, if the motor vehicle dealer is
the last financial institution with
authority to set the material credit terms
of the covered credit transaction, that
application will not be reported under
subpart B.
Relatedly, several commenters
asserted that motor vehicle dealers are
prohibited by the Board’s Regulation B
from asking for protected demographic
information in order to furnish it to
another financial institution for
reporting under the Bureau’s rule. As
noted above, the Bureau believes that
dealers are often the last entity with
authority to set the material credit terms
of the covered credit transaction, and so
are generally unlikely to be collecting
1071 data on behalf of other reporting
financial institutions. But even in
situations where the dealer is acting as
a mere conduit, and thus may be
collecting information on behalf of
another financial institution, comment
5(a)(2)–3 to the Board’s Regulation B
states that persons such as loan brokers
and correspondents do not violate
ECOA or Regulation B if they collect
information that they are otherwise
prohibited from collecting, where the
purpose of collecting the information is
to provide it to a creditor that is subject
to HMDA or another Federal or State
statute or regulation requiring data
collection.796
The Bureau appreciates the range of
potential alternatives raised by
commenters as to the entity that should
be required to report data when a
covered credit transaction involves
multiple financial institutions, but is
not implementing these alternative
suggestions. For the reasons described
above, the Bureau believes that the last
financial institution with the authority
to set the material terms of the covered
credit transaction should be the one to
report.
The Bureau believes that the final rule
is also consistent with arrangements
where an online lender partners with a
bank and provides further clarity
795 12
U.S.C. 5519(c).
language aligns with comment 5(a)(2)–3
in the Bureau’s Regulation B, to which the Bureau
is adding a reference to subpart B for additional
clarity.
796 This
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
regarding who reports when multiple
financial institutions are involved.
Commenters’ concerns regarding
reporting of insurance premium
financing transactions are rendered
moot by the Bureau’s exclusion of such
transactions from coverage under the
rule. See the section-by-section analysis
of § 1002.104(b)(3) for additional details.
Regarding farm credit institutions’
request that the Bureau clarify that the
rule does not apply to credit decisions
made after loan approval, the Bureau
has made clear in final § 1002.109(a)(3)
and associated commentary that only
the action taken on the application is
reportable.
Regarding partial purchase interests
and participation loans, as explained in
the section-by-section analysis of
§ 1002.104(b), the Bureau has added
commentary to clarify that a partial
purchase of a loan does not, in itself,
generate an obligation for a covered
financial institution to report small
business lending data. The Bureau
believes that applications for covered
credit transactions will generally be
reported by one covered financial
institution, i.e., the financial institution
that sold portions of the loan to other
participants. The examples provided in
final comments 109(a)(3)–2.ix and .x
speak to such scenarios.
The Bureau further believes that the
rule is consistent with loan syndication
arrangements where multiple lenders
come together to fund a large loan for
a single borrower. Syndication is
distinguishable from loan
participations. In participations, the
contractual relationship runs from the
borrower to the lead bank and from the
lead bank to the participants. In
syndications, the borrower signs a loan
agreement with multiple creditors, each
of whom has a direct contractual
relationship with the borrower. Usually,
each creditor in a syndicated loan
transaction receives its own promissory
note from the borrower. In fact, the
Farm Credit Administration legally
distinguishes between the Farm Credit
System’s loan-making authority (which
includes syndication transactions) and
its participation authority.797 The
Bureau believes that syndication is
typically used for large commercial
projects and a limited number of
reportable applications are likely to
involve syndicated loans. The Bureau
also understands that typical
syndication arrangements have a
syndicate agent/lead bank. If the lead
bank has the last authority to set the
material terms of the covered credit
797 See
PO 00000
69 FR 8407 (Feb. 24, 2004).
Frm 00258
Fmt 4701
Sfmt 4700
transaction, it has the reporting
obligation.
The Bureau also believes that the rule
is consistent with lending through
Certified Development Companies
(CDCs) for SBA loans. CDCs are
nonprofit organizations that are certified
by, but independent of, the SBA. SBA
504 loans involve two applications—
one to a CDC and one to another
participating SBA lender. Generally, the
transaction begins with the applicant
submitting an application to the CDC to
obtain approval for up to 40 percent of
a project’s costs. Once the application is
approved by the CDC, the applicant
works with another lender—typically a
bank—to apply for the other portion of
the financing. The other lender’s loan
typically covers 50 percent of a project’s
cost and is secured by a first lien, while
the CDC’s loan covers up to 40 percent
of the project’s cost and is secured by a
second lien. The CDC loan is backed by
a 100 percent SBA-guaranteed
debenture. The bank earns interest from
the debenture, which it receives semiannually. The borrower contributes
equity of at least 10 percent, sometimes
up to 20 percent, of the project cost. The
CDC and the other lender separately
underwrite the loan, and the terms and
conditions on the CDC and bank loans
may differ. Because both the CDC and
the other lender make their own credit
decisions on separate covered
applications, they are each responsible
for reporting the application covering
their portion of the financing.
109(b) Financial Institution Identifying
Information
As explained in the NPRM, beginning
in 1989, Regulation C required financial
institutions reporting HMDA data to use
a discrete transmittal sheet to provide
information on themselves separate
from the loan/application registers used
to submit HMDA data.798 The 2015
HMDA final rule incorporated
information previously submitted on the
transmittal sheet into the regulatory
reporting requirements.799 The FFIEC
publishes information on financial
institutions that report HMDA data in
798 See 54 FR 51356, 51361 (Dec. 15, 1989)
(requiring financial institutions to use the
transmittal sheet and loan/application register in
appendix A).
799 80 FR 66128, 66526 (Oct. 28, 2015) (deleting
appendix A and relocating its substantive
requirements to § 1003.5(a)(3)). The information
now required by Regulation C includes: (i) the
financial institution’s name; (ii) the calendar year
the data submission covers; (iii) the name and
contact information of a person who may be
contacted with questions about the institution’s
submission; (iv) its appropriate Federal agency; (v)
the total number of entries contained in the
submission; (vi) its Federal taxpayer identification
number; and (vii) its Legal Entity Identifier (LEI).
E:\FR\FM\31MYR2.SGM
31MYR2
lotter on DSK11XQN23PROD with RULES2
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
the HMDA Reporter Panel, which
includes the required submission
information provided by financial
institutions under § 1003.5(a)(3), as well
as other data derived from this
information.800
The Bureau proposed to collect
similar information regarding financial
institutions that report small business
lending data. Specifically, proposed
§ 1002.109(b) would have required that
a financial institution provide the
following information about itself as
part of its submission: (1) its name; (2)
its headquarters address; (3) the name
and business contact information of a
person who may be contacted with
questions about the financial
institution’s submission; (4) its Federal
prudential regulator, if applicable; (5) its
Federal taxpayer identification number;
(6) its LEI; (7) its Research, Statistics,
Supervision, and Discount
identification (RSSD ID) number, if
applicable; (8) its parent institution
information, if applicable (including the
name, LEI, and RSSD ID number of its
immediate parent entity and topholding parent entity, if applicable); (9)
the type of financial institution, chosen
from a list provided; and (10) whether
the financial institution is voluntarily
reporting data.
The Bureau sought comment on its
approach to collecting information on
financial institutions, including each of
the items listed in proposed
§ 1002.109(b)(1) through (10) as well as
whether the Bureau should require the
reporting of any other information on
financial institutions. The Bureau did
not receive any comments on the
requirement to provide financial
institution identifying information
generally, although comments received
regarding each of the items listed in
proposed § 1002.109(b)(1) through (10),
are discussed in turn below. The Bureau
also received comments discussing the
benefits and privacy risks of financial
institution identifying information,
which are discussed in part VIII below.
For the reasons set forth herein, the
Bureau is finalizing § 1002.109(b) with
modifications to move examples
regarding when to report changed
financial institution identifying
information to new comment 109(b)–1
to streamline and ensure uniformity in
the guidance, with revisions to
§ 1002.109(b)(3) to clarify which contact
person’s information must be provided,
and to adjust the list provided in
800 See, e.g., Fed. Fin. Insts. Examination Council,
HMDA Public Panel, https://ffiec.cfpb.gov/
documentation/2017/panel-data-fields/ (last visited
Mar. 20, 2023).
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
comment 109(b)(9)–1 based on
comments received.
The Bureau believes it is appropriate
to require each of these pieces of
information regarding financial
institutions reporting small business
lending data. As a practical matter, the
Bureau anticipates that this information
will be provided by a financial
institution when it initially sets up an
account with the Bureau’s small
business lending data submission
platform to allow it to file data as
required by the rule. Thus, this
information will exist in the Bureau’s
data submission system and will be
updated by the financial institution as
needed.
The Bureau believes that collecting a
financial institution’s name (as well as
all the other identifying information in
proposed § 1002.109(b)) is necessary to
carry out, enforce, and compile data
under section 1071, and will aid in
fulfilling the purposes of section 1071.
For both of section 1071’s statutory
purposes, the identity of the financial
institution taking covered applications
and originating covered credit
transactions is critical as it will (1) make
fair lending enforcement possible, and
(2) make analyzing business and
community development needs of small
businesses more effective.
With the possible exception of the LEI
(in final § 1002.109(b)(6) and (8)(ii) and
(v)) in certain circumstances, the Bureau
believes that financial institutions
already have all the information that is
required of them under final
§ 1002.109(b), and that being required to
provide this information to the Bureau
should not pose any particular
difficulties or costs on financial
institutions.
Paragraph 109(b)(1)
Proposed § 1002.109(b)(1) would have
required a financial institution to
provide its name. Regulation C
(§ 1003.5(a)(3)(i)) requires financial
institutions to provide their names
when filing HMDA data, and the Bureau
believed that a similar requirement
would have been appropriate here.
The Bureau detailed several practical
considerations for proposing to require
a financial institution to provide its
name, including identification for
examination purposes and
administration of the Bureau’s website
for data submissions. Additionally, the
Bureau noted that it proposed in
§ 1002.110(c) that financial institutions’
statutory obligation to make data
available to any member of the public,
upon request, pursuant to ECOA section
704B(f)(2)(B) would have been satisfied
by the institutions’ directing the public
PO 00000
Frm 00259
Fmt 4701
Sfmt 4700
35407
to the Bureau’s website for this
information. Without the financial
institution’s name (and other relevant
identifying information), proposed
§ 1002.110(c) would not have satisfied
this statutory requirement.
The Bureau received two comments
on this aspect of the proposal from
community groups, both of which
supported § 1002.109(b)(1) as proposed.
For the reasons set forth herein, the
Bureau is finalizing § 1002.109(b)(1) as
proposed.
Paragraph 109(b)(2)
Proposed § 1002.109(b)(2) would have
required a financial institution to
provide the physical address of its
headquarters location. The headquarters
address of a financial institution would
provide geographic information that
would aid in fulfilling the statutory
purposes of section 1071, including, for
instance, analyses of the connection
between a financial institution’s
location and the business and
community development needs where it
operated. It would also help identify
and differentiate financial institutions,
particularly nondepository financial
institutions, that have similar names.
Having received no comments on this
aspect of the proposal and for the
reasons set forth herein, the Bureau is
finalizing § 1002.109(b)(2) as proposed.
Paragraph 109(b)(3)
Proposed § 1002.109(b)(3) would have
required a financial institution to
provide the name and business contact
information of a person who may have
been contacted with questions about the
financial institution’s data submission.
The Bureau noted that Regulation C
includes a similar requirement in
§ 1003.5(a)(3)(iii), and the Bureau
believed it would have been appropriate
to require such information here. In
general, the Bureau found, from its
experience with HMDA and Regulation
C, that requiring the name and business
contact information of a person who
may have been contacted with questions
generally facilitated communication in
the event that follow-up on a
submission is required.
Having received no comments on this
aspect of the proposal and for the
reasons set forth herein, the Bureau is
generally finalizing § 1002.109(b)(3) as
proposed. However, the Bureau is
revising final § 1002.109(b)(3) to make
clear that the contact reported is a
person responsible for responding to
Bureau or other regulator inquiries
about the submission, rather than
inquiries from the general public.
E:\FR\FM\31MYR2.SGM
31MYR2
35408
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
Paragraph 109(b)(4)
Proposed § 1002.109(b)(4) would have
required a financial institution that is a
depository institution to provide the
name of its Federal prudential regulator,
if applicable. Proposed comment
109(b)(4)–1 would have explained how
to determine which Federal prudential
regulator (i.e., the OCC, the FDIC, the
Board, or the NCUA) a financial
institution should report. Proposed
comment 109(b)(4)–2 would have
provided guidance on when a financial
institution would be required to report
a new Federal prudential regulator, for
instance, in the event of a merger or a
change of charter.
The Bureau noted that Regulation C
includes a similar provision in
§ 1003.5(a)(3)(iv), requiring financial
institutions to identify the appropriate
Federal agency. In the Regulation C
context, the purpose of this requirement
is to identify the agency to which a
financial institution must report its
HMDA data—often the financial
institution’s Federal prudential
regulator for depository institutions.801
For small business lending data, the
Bureau believed a requirement to report
a financial institution’s Federal
prudential regulator would be
appropriate for different reasons. The
reporting of a financial institution’s
Federal prudential regulator would
enable analysts to more easily identify
other information about a financial
institution that its Federal prudential
regulator makes publicly available, such
as Call Report data; further, such
additional data may be used by
regulators to perform analyses of the
characteristics of financial institution’s
data. Nondepository institutions
generally do not have Federal
prudential regulators and would not
have reported one under this
requirement.802
Having received no comments on this
aspect of the proposal and for the
reasons set forth herein, the Bureau is
finalizing § 1002.109(b)(4) as proposed,
but has moved the example in proposed
comment 109(b)(4)–2 to new comment
109(b)–1.
Paragraph 109(b)(5)
Proposed § 1002.109(b)(5) would have
required a financial institution to
801 12
U.S.C. 2803(h).
while some nondepository
institutions have Federal regulators, those Federal
regulators may not meet the definition of Federal
prudential regulator provided in comment
109(b)(4)–1 and this data point still may not be
applicable. For example, while Farm Credit System
institutions are regulated and supervised by the
Farm Credit Administration, the Farm Credit
Administration is not a Federal prudential regulator
as defined in comment 109(b)(4)–1.
lotter on DSK11XQN23PROD with RULES2
802 Additionally,
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
provide its Federal taxpayer
identification number (TIN). Proposed
comment 109(b)(5)–1 would have
explained when a financial institution
should report a new Federal TIN in the
event that it obtained a new Federal TIN
(for instance, because the financial
institution merged with another
financial institution and adopted the
Federal TIN of the other financial
institution). The Bureau noted that
Regulation C § 1003.5(a)(3)(vi) requires
financial institutions to report Federal
TIN with their HMDA submissions, and
the Bureau believed such a requirement
would be appropriate here as well. A
financial institution’s Federal TIN may
be used to identify other publicly
available information on a financial
institution, and combined with a
financial institution’s small business
lending application register to enhance
the types of analysis that can be
conducted to further the two statutory
purposes of section 1071.
Having received no comments on this
aspect of the proposal and for the
reasons set forth herein, the Bureau is
finalizing § 1002.109(b)(2) as proposed,
but has moved the example in proposed
comment 109(b)(5)–1 to new comment
109(b)–1.
Paragraph 109(b)(6)
Proposed § 1002.109(b)(6) would have
required a financial institution to
provide its LEI. Proposed comment
109(b)(6)–1 would have explained what
an LEI is and would have made clear
that financial institutions that do not
currently have an LEI must obtain one,
and that financial institutions would
have an ongoing obligation to maintain
an LEI in order to satisfy proposed
§ 1002.109(b)(6).
The Bureau explained that an LEI is
a unique, 20-digit identifier issued by an
entity endorsed or otherwise governed
by the Global LEI Foundation.
Regulation C requires financial
institutions to obtain and use an LEI,
which facilitates the analysis of HMDA
data and aids in the recognition of
patterns by more precisely identifying
financial institutions and affiliated
companies.803 The LEI also helps
financial institutions that report HMDA
data generate the universal loan
identifier used to identify application or
application-level records in Regulation
C. Similarly, in the section 1071
context, a financial institution’s LEI
would also likely facilitate data
803 80 FR 66128, 66248 (Oct. 28, 2015) (noting
that, despite the cost, the Bureau believed that the
benefit of all HMDA reporters using an LEI justified
the associated costs by improving the ability to
identify the financial institution reporting the data
and link it to its corporate family).
PO 00000
Frm 00260
Fmt 4701
Sfmt 4700
analyses,804 by helping the Bureau and
other stakeholders better understand a
financial institution’s corporate
structure. Proposed § 1002.107(a)(1)
would have also required that financial
institutions use their LEIs in creating
unique identifiers for covered
applications. The Bureau believed this,
in turn, would result in more
sophisticated and useful analyses of the
financial institution’s data.
The Bureau received a few comments
on this aspect of the proposal. These
commenters were supportive of
proposed § 1002.109(b)(6), agreeing with
the Bureau’s assertion that an LEI would
help facilitate analyses. One commenter
stated that the Bureau needed to ensure
data users could identify parent and
affiliate connections. The comments
also supported requiring financial
institutions to provide LEI information,
stating that it would be consistent with
HMDA, as discussed in the proposal.
For the reasons set forth herein, the
Bureau is finalizing § 1002.109(b)(6) as
proposed. Regarding the comment
requesting the Bureau make
identification of parent and affiliate
connections easier, the Bureau notes
that it is requiring LEI information in
part for this reason, as discussed in the
proposal. As explained in comment
109(b)(6)–1, financial institutions are
required to report the current LEI
number, and if the financial institution
does not currently possess one, to obtain
one. Financial institutions also have an
ongoing obligation to maintain their LEI
number. As part of maintaining an LEI
number, a financial institution must
make sure the LEI number and
associated information are current,
including any relationship data. The
Bureau believes that publication of a
financial institution’s LEI, as well as any
parent and top parent LEIs, as
applicable, will allow data users to
identify these relationship connections.
Paragraph 109(b)(7)
Proposed § 1002.109(b)(7) would have
required a financial institution to report
its RSSD ID number, if applicable. The
Bureau explained that an RSSD ID is a
unique identifying number assigned to
institutions, including main offices and
branches, by the Federal Reserve
System. All depository institutions
know and regularly report their RSSD ID
numbers on FFIEC regulatory forms.
The Bureau believed that an RSSD ID
would help data users link the data for
804 Id. (‘‘By facilitating identification, this
requirement will help data users achieve HMDA’s
objectives of identifying whether financial
institutions are serving the housing needs of their
communities, as well as identifying possible
discriminatory lending patterns.’’).
E:\FR\FM\31MYR2.SGM
31MYR2
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
a particular financial institution to other
regulatory data, including the
connections between a particular
financial institution with other financial
institutions. The Bureau believed that
this additional information would result
in more sophisticated and useful
analyses of the financial institution’s
small business lending data.
Proposed comment 109(b)(7)–1 would
have explained what an RSSD ID
number is and how financial
institutions that have one might find it.
Financial institutions that do not have
RSSD IDs, typically nondepository
institutions, would not have been
required to obtain them, and would
report ‘‘not applicable’’ in that field.
The Bureau received one comment
from a community group supporting
this aspect of the proposal. For the
reasons set forth herein, the Bureau is
finalizing § 1002.109(b)(7) as proposed.
lotter on DSK11XQN23PROD with RULES2
Paragraph 109(b)(8)
Proposed § 1002.109(b)(8) would have
required a financial institution to
provide certain information on its
parent entities, if applicable. This
information would have included the
name, the LEI (if available), and the
RSSD ID (if available) of the financial
institution’s immediate parent entity
and the financial institution’s topholding parent entity.
Proposed comments 109(b)(8)–1 and
–2 would have provided guidance on
how to identify a financial institution’s
immediate parent entity and a financial
institution’s top-holding parent entity.
Proposed comment 109(b)(8)–3 would
have explained that a financial
institution would have reported its
parent entities’ LEIs if they have them,
but that no parent entity would be
required to obtain an LEI if it did not
already have one. Proposed comment
109(b)(8)–4 would likewise have
explained that a financial institution
would report its parent entities’ RSSD
ID numbers if they had them.
In the NPRM, the Bureau explained
that it believed that the collection of
information on a financial institution’s
structure would further both of the
statutory purposes of section 1071. Data
on a financial institution’s
organizational structure that is selfreported would be more accurate than
would be the case if the Bureau
attempted to generate such information
from publicly available sources.805
805 With respect to HMDA, the Bureau, on behalf
of the FFIEC and HUD, does currently attempt to
generate and publish information on filers,
including parent company and top holder
information obtained from the LEI provided. See
Fed. Fin. Insts. Examination Council, Public
Panel—Data Fields with Values and Definitions,
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
The Bureau further explained that
better structural information would, for
instance, improve the accuracy of peer
analyses, which would facilitate fair
lending enforcement. The Bureau stated
that analyzing trends over time would
be useful for identifying institutions that
may give rise to fair lending risk. Given
structural changes to institutions over
time, information that enables the
identification of institutions
consistently and accurately over time is
important to this trend analysis.
In addition, the Bureau believed that
information on a financial institution’s
structure would advance the business
and community development purpose
of section 1071 by facilitating the
analysis of whether and how corporate
structure impacts how a financial
institution provides access to credit to
small businesses. In particular, this
structural information could be used to
understand how regulation in one part
of a corporate structure impacts
unregulated entities within the same
corporate group.
Proposed § 1002.109(b)(8) would have
resulted in more accurate and
https://ffiec.cfpb.gov/documentation/2021/paneldata-fields/ (last visited Mar. 20, 2023). But the
Bureau has encountered difficulties in using the LEI
to obtain parent company and top holder
information, and thus proposed for this rulemaking
to require that it be provided directly by financial
institutions.
From 1989 to 1998, Regulation C required
financial institutions to report their parent entity
information on transmittal sheets. 54 FR 51356,
51361, 51368 (Dec. 15, 1989) (adding the transmittal
sheet requirement, including parent institution
information, to appendix A to Regulation C); 63 FR
52140, 52141 (Sept. 30, 1998) (stating that the Board
believed that the availability of information from
the FFIEC website makes the continuation of the
requirement for parent company information on the
transmittal sheet unnecessary). In 2002, Regulation
C again required financial institutions to report
parent information on transmittal sheets on the
grounds that data users asserted the importance of
having the parent institution information associated
with the HMDA data itself, rather than in a separate
database provided by the National Information
Center. 67 FR 7221, 7232 (Feb. 15, 2002).
In the 2014 HMDA NPRM, the Bureau proposed
to continue requiring that financial institutions
identify their parent companies. The Bureau stated
that because information about parent companies
was not yet available through the LEI, the Bureau
believed it was necessary to maintain this
requirement to ensure that financial institutions’
submissions can be linked with those of their
corporate parents. 79 FR 51731, 51861 (Aug. 29,
2014). However, required reporting of parent
company information stopped under the 2015
HMDA final rule on the grounds that once the LEI
is fully implemented, parent entity information was
expected to become available. 80 FR 66128, 66248
(Oct. 28, 2015) (citing Fin. Stability Bd., LEI
Implementation Grp., Fourth Progress Notes on the
Global LEI Initiative, at 4 (Dec. 11, 2012), https://
www.financialstabilityboard.org/wp-content/
uploads/r_121211.pdf?page_moved=1) (noting that
the LEI Implementation Group is developing
proposals for additional reference data on the direct
and ultimate parent(s) of legal entities and on
relationship data more generally).
PO 00000
Frm 00261
Fmt 4701
Sfmt 4700
35409
comprehensive corporate structure
information by requiring financial
institutions to provide not only the
name of one parent entity, but the
immediate parent entity of the financial
institution as well as the top-holding
parent of the financial institution (for
some financial institutions, this would
be a bank holding company). For the
reasons set out above in the section-bysection analyses of § 1002.109(b)(6) and
(7), the reporting of LEI and RSSD ID of
parent entities would improve the
ability of regulators and other
stakeholders to map out more precisely
and fully the often-complex networks of
a financial institution’s corporate
structure. This more detailed and
accurate structural data, in turn, might
be used to perform more sophisticated
and useful analyses of the financial
institution’s small business lending
data. In addition, this information
would have helped the Bureau confirm
whether data were appropriately being
reported by financial institutions on
behalf of their subsidiaries pursuant to
proposed § 1002.109(a)(2).
With respect to proposed
§ 1002.109(b)(8), the Bureau sought
comment on whether it should require
any other parent entity information to
be provided by financial institutions
reporting data.
The Bureau received comments on
this aspect of the proposal from a
community group and a trade
association. These commenters were
supportive of proposed § 1002.109(b)(8).
One commenter supported identifying
the parent and top holder parent entities
under proposed § 1002.109(b)(8)(i) and
(iv). Both commenters supported the
inclusion of LEI information for both the
parent and top holder parent entities
under proposed § 1002.109(b)(8)(ii) and
(v). For the reasons set forth herein, the
Bureau is finalizing § 1002.109(b)(8) as
proposed.
Paragraph 109(b)(9)
Proposed § 1002.109(b)(9) would have
required a financial institution to report
the type of financial institution it is,
selecting the applicable type or types of
institution from a list in proposed
comment 109(b)(9)–1. The comment
would also have explained that a
financial institution would select all
applicable types. The list provided in
the proposed comment included: (i)
bank or savings association, (ii) minority
depository institution, (iii) credit union,
(iv) nondepository institution, (v) CDFI,
(vi) other nonprofit financial institution,
(vii) Farm Credit System institution,
(viii) government lender, (ix)
commercial finance company, (x)
equipment finance company, (xi)
E:\FR\FM\31MYR2.SGM
31MYR2
lotter on DSK11XQN23PROD with RULES2
35410
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
industrial loan company, (xii) fintech,
and (xiii) other. Proposed comment
109(b)(9)–2 would have explained that a
financial institution reports the type of
financial institution as ‘‘other’’ where
none of the enumerated types of
financial institution appropriately
describe the applicable type of financial
institution, and the institution reports
the type of financial institution as freeform text.
The Bureau believed that information
regarding the type of financial
institution reporting small business
lending data would greatly assist in the
analysis conducted by the Bureau and
other data users. Information providing
further details on types of financial
institutions would help advance the
statutory purposes of section 1071; fair
lending analysts might use this
information on the financial institution
type (for instance, depository
institutions compared to nondepository
institutions) as a control variable for
their analyses. The inclusion of this
information may also assist in an
assessment of the business and
community development needs of an
area as it may provide analysts a means
of determining what types of financial
institutions serve certain geographic
areas.
In addition, the Bureau believed that
this information, combined with the
parent entity information required by
proposed § 1002.109(b)(8), would offer
more accurate and granular data on
nondepository institutions within the
same corporate group as depository
institutions. The Bureau noted that, at
the time of the NPRM, the National
Information Center database, which
contains information on the structure of
corporate groups that contain banks and
other financial institutions, provided
little information on nondepository
institutions. In connection with
proposed § 1002.109(b)(8), information
on corporate structure that financial
institutions self-report could fill in
reporting gaps, including more specific
information on financial institution
types.
With respect to proposed
§ 1002.109(b)(9), the Bureau sought
comment on whether it should consider
removing, modifying, or adding any
types of financial institutions to the list
in proposed comment 109(b)(9)–1,
including in order to manage unique
privacy interests (such as, for example,
whether a category for captive finance
companies that lend to applicants that
share the same branding should be
included on the list). The Bureau also
sought comment on whether it should
consider defining any of the types of
financial institutions in the proposed
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
list, in particular whether and how to
define the term ‘‘fintech.’’
The Bureau received comments on
this aspect of the proposal from several
community groups and a software
vendor. Generally, these commenters
were supportive of proposed
§ 1002.109(b)(9), though some requested
certain modifications. Two commenters
stated that the use of ‘‘fintech’’ in the
list of financial institution types in
proposed comment 109(b)(9)–1 was not
a clear descriptor, and that ‘‘online
lender’’ would be a better term. One
commenter also requested the Bureau
make clear that selection of ‘‘other’’ as
a type of financial institution does not
qualify the financial institution for
exemption from coverage of this rule.
Additionally, the commenter requested
the Bureau make clear that selection of
multiple financial institution types from
the list provided in proposed comment
109(b)(9)–1 is permitted. Finally, a
commenter requested the Bureau
require financial institutions to identify
the types of products they offer, in
addition to the type of financial
institution.
For the reasons set forth herein, the
Bureau is finalizing § 1002.109(b)(9)
with a revision in comment 109(b)(9)–
1 to replace the financial institution
type ‘‘fintech’’ with ‘‘online lender’’ and
to add commentary about how the
Bureau may add additional financial
institution types in the future. The
Bureau agrees with commenters that
using ‘‘online lender’’ as a financial
institution type will help better identify
the type of financial institution that is
being described rather than ‘‘fintech.’’
As commenters noted, ‘‘fintech’’ has a
wide variety of uses over different
industries. That variety may make it
difficult to determine what ‘‘fintech’’
means as a financial institution type and
under what circumstances a financial
institution must report ‘‘fintech’’ as one
of their types. Using ‘‘online lender’’ as
the financial institution type helps make
clear the financial institution’s business
model is to conduct business primarily
online. For example, an online lender
would include a platform or peer-topeer lender that generally only receives
applications and originates loans
through a website and that does not
have in-person encounters with small
businesses, such as accepting
applications or having meetings with
loan officers, at a physical office. In
such a case, the financial institution
would select ‘‘online lender’’ as the type
of financial institution (in addition to
any other applicable financial
institution types listed in final comment
109(b)(9)–1).
PO 00000
Frm 00262
Fmt 4701
Sfmt 4700
For similar reasons as those discussed
in the section-by-section analysis of
§ 1002.107(a) regarding the addition of
comment 107(a)–4, the Bureau is also
adding a comment in § 1002.109(b)(9) to
facilitate flexibility and account for the
evolution of small business lending
market, identifying how the Bureau may
add additional financial institution
types in the future. Comment 109(b)(9)–
3 provides that the Bureau may add
additional types of financial institutions
via the Filing Instructions Guide and
related materials. Comment 109(b)(9)–3
refers financial institutions to the Filing
Instructions Guide for any updates for
each reporting year.
Regarding commenters’ requests for
clarity regarding selection of multiple
financial institution types, and that
selecting ‘‘other’’ does not exempt an
institution from coverage under the rule,
final comment 109(b)(9)–1 states a
financial institution shall select all
applicable types, confirming that
multiple financial institution types
should be selected if more than one type
applies to the financial institution.
Additionally, the Bureau notes that final
§ 1002.105 addresses institutional
coverage under this rule. Financial
institution type is not a determinative
factor for coverage; in fact, an exempt
institution (unless voluntarily reporting
data pursuant to §§ 1002.107 through
1002.109 as discussed in comment
105(b)–6) would not be submitting
information pursuant to § 1002.109 in
the first instance. Final comment
109(b)(9)–2 explains the circumstances
for which a financial institution is
required, or permitted, to report
‘‘other.’’
Finally, the Bureau does not believe it
is necessary to add a requirement for
financial institutions to provide their
product types as part of the financial
institution identifying information, as
suggested by one commenter. Section
1002.107(a)(5), as finalized, requires a
financial institution to identify the
credit type for each application or
origination reported. This information,
together with the other financial
institution identifying information
required pursuant to § 1002.109(b), will
allow data users to identify the product
types offered by each financial
institution in the dataset.
Paragraph 109(b)(10)
Proposed § 1002.109(b)(10) would
have required a financial institution to
indicate whether it was not a covered
financial institution under proposed
§ 1002.105(a) and was thus voluntarily
reporting covered applications.
The Bureau believed it was important
to be able to specifically identify these
E:\FR\FM\31MYR2.SGM
31MYR2
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
institutions’ transactions in the dataset.
If reporting were restricted to only
financial institutions required to report,
the data would accurately reflect the
overall population of financial
institutions subject to the final rule.
However, institutions that do not meet
the rule’s loan-volume threshold in
proposed § 1002.105(b) could choose to
voluntarily report small business
lending data pursuant to proposed
§ 1002.5(a)(4)(vii) through (ix). Those
institutions that voluntarily reported
data might not be representative of all
potential voluntary reporters and might
differ from required reporters. Without
a specific designation, it might not be
possible to distinguish an institution
voluntarily reporting data after a single
year of exceeding the loan-volume
threshold from an institution reporting
because it had already exceeded the
loan-volume threshold in two
consecutive years. The Bureau believed
that data users would benefit from being
able to use this information as a control
variable, resulting in better fair lending
as well as business and community
development analyses, to account for
certain differences that might exist as
between required and voluntary
reporters.
The Bureau received one comment on
this aspect of the proposal from a
community group. The commenter
supported inclusion of
§ 1002.109(b)(10), agreeing with the
Bureau’s assertion that data users will
need to identify voluntary reporters. For
the reasons set forth herein, the Bureau
is finalizing § 1002.109(b)(10) as
proposed.
109(c) Procedures for the Submission of
Data to the Bureau
lotter on DSK11XQN23PROD with RULES2
Proposed Rule
Proposed § 1002.109(c) and comment
109(c)–1 would have directed financial
institutions to a publicly available
website containing the Bureau’s Filing
Instructions Guide, which would have
set out technical instructions for the
submission of data to the Bureau
pursuant to proposed § 1002.109.
Regulation C § 1003.5(a)(5) contains a
comparable provision, which directs
users to a Bureau website that sets out
instructions for the submission of
HMDA data, and the Bureau believed a
similar approach would be appropriate
here.
The Bureau sought comment on this
aspect of the proposal, including the
provision of technical instructions for
data submission via a Bureau website
and how best to implement the
provisions of this section in a manner
that minimizes cost and burden
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
particularly to small financial
institutions while implementing all
statutory obligations. The Bureau also
sought comment on ways it could
streamline reporting for small financial
institutions.
Comments Received
The Bureau received comments from
two lenders, several trade associations,
and a community group concerning the
Bureau’s publication of a Filing
Instructions Guide to assist lenders in
their submission of small business
lending data to the Bureau. A CDFI
lender and two trade associations
supported the publication of technical
instructions for data submission in the
Filing Instructions Guide, stating that it
would greatly aid in complying with the
rule. One of these commenters
requested that the Bureau dedicate staff
to provide answers that can be relied on,
such that community banks could not
be criticized or penalized during
subsequent examinations.
A bank and several trade associations
expressed concern about the possible
timing for the Bureau’s publication of its
Filing Instructions Guide, noting the
importance of receiving such
instructions well in advance such that
lenders could comply with the rule and
provide accurate and reliable data. Two
of these commenters requested that the
Bureau release the Filing Instructions
Guide at least six months before any
required data collection begins.
A trade association inquired whether
the Filing Instructions Guide for this
regulation would be similar to the one
for HMDA and Regulation C, and
whether the Bureau would make the
Filing Instructions Guide available for
comment. A joint letter from community
and business advocacy groups suggested
that certain data categories for race and
ethnicity be contained in the Filing
Instructions Guide, so they could be
adjusted from time to time to align any
changes in the OMB’s Federal Data
Standards on Race and Ethnicity, rather
than being codified in the commentary
to this regulation.
Final Rule
The Bureau is finalizing § 1002.109(c)
as proposed. The Bureau is developing
a system to receive, process, and
publish the data collected pursuant to
this final rule. In doing so, the Bureau
has benefitted from what it learned in
its multiyear effort in developing the
HMDA Platform, through which entities
file data as required under HMDA and
Regulation C. As it did in developing
the HMDA Platform, the Bureau’s
ongoing work in developing the small
business lending data submission
PO 00000
Frm 00263
Fmt 4701
Sfmt 4700
35411
system focuses on satisfying all legal
requirements, promoting data accuracy,
and reducing burden. The Bureau is
publishing, concurrently with this final
rule, a Filing Instructions Guide and
related materials for financial
institutions.806 The Bureau does not
believe proposed comment 109(c)–1 is
necessary as it is duplicative of the
regulatory text, and thus has removed it
from the final rule.
ECOA section 704B(g)(1) authorizes
the Bureau to prescribe rules and issue
such guidance as may be necessary to
carry out, enforce, and compile data
pursuant to section 1071. Section
704B(g)(3) provides for the Bureau to
issue guidance to facilitate compliance
with the requirements of section 1071.
Here, final § 1002.109(c) is justified
under both ECOA provisions because
the issuance of the means of submitting
data to the Bureau are both necessary to
compile data pursuant to section 1071
and to facilitate compliance with
section 1071.
The Bureau agrees with commenters
that the Filing Instructions Guide will
significantly facilitate compliance with
section 1071. Regarding the request that
the Bureau provide staff to answer
questions about complying with the rule
before the rule’s compliance date,
Bureau staff will be available after the
publication of this final rule to provide
guidance to lenders in complying with
the rule. The Bureau will make other
compliance and technical resources
available as well, as described at the end
of part I above.
The Bureau notes, in response to the
question of whether the Filing
Instructions Guide would be similar to
the one for HMDA, that many aspects of
the Filing Instructions Guide for this
regulation are based on the HMDA
guide. The Bureau does not believe it is
necessary to request public comment on
the Filing Instructions Guide, as it is a
technical document that reflects the
regulatory requirements of § 1002.107
and § 1002.109(b) such that data can be
submitted to the Bureau’s small
business lending data submission
platform. However, as with HMDA,
various iterations of the Filing
Instructions Guide will be published
over time with changes based in part on
feedback from financial institutions and
third-party providers. Regarding the
comment that certain data categories for
race and ethnicity contained in the
Filing Instructions Guide be adjusted
from time to time to align any changes
in the OMB’s Federal Data Standards on
806 See https://www.consumerfinance.gov/dataresearch/small-business-lending/filing-instructionsguide/.
E:\FR\FM\31MYR2.SGM
31MYR2
35412
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
lotter on DSK11XQN23PROD with RULES2
Race and Ethnicity, the Bureau
recognizes that it may need to adjust
some data categories over time, but that
the statute may not permit exact
alignment with all future developments
by another agency that is not itself
implementing section 1071.
Other Reporting Issues
With respect to HMDA data,
Regulation C § 1003.5(a)(1)(i) provides
that a financial institution shall submit
its annual loan/application register in
electronic format to the appropriate
Federal agency. Regulation C does not
provide for the submission of HMDA
data by unaffiliated third parties
directly on behalf of financial
institutions in the way that a parent
institution may submit HMDA data on
behalf of its subsidiary under
§ 1003.5(a)(2) and comment 5(a)–3. The
Bureau understands from financial
institutions that report HMDA data to
the Bureau that most institutions use
third-party software vendors in some
way to help them prepare or submit
their loan/application registers to the
Bureau. The Bureau sought comment on
whether it should permit third parties
(such as financial software vendors) to
submit to the Bureau a small business
lending application register on behalf of
a financial institution, including
whether financial institutions should be
required to designate third parties
authorized to submit registers on their
behalf.
Commenters did not directly address
the topic of third-party submissions of
small business lending application
registers on behalf of financial
institutions. One trade association, in
the context of proposed § 1002.109,
noted that its members rely on thirdparty vendors for many important
business processes, and the
contributions of such vendors to
support financial institution innovation
is important. Industry commenters,
including trade associations and
lenders, widely noted their reliance on
third-party vendors for many important
business processes in commenting on
other sections of the proposed rule, as
is noted, for instance, in the section-bysection analysis of § 1002.114(b). The
commenter asked that the Bureau
encourage vendors to develop solutions
to help financial institution clients
comply with section 1071.
The Bureau is finalizing § 1002.109 as
proposed. While there is no explicit
provision addressing financial
institution use of service providers in
connection with submission of
applicant registers, informed by its
HMDA experience, the Bureau is open
to such submission, so long as it
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
complies with all applicable provisions
of the final rule, including the
restrictions on disclosure of protected
demographic data contained in final
§ 1002.110(e). In addition, the Bureau
will continue to engage with vendors
and industry to assess future demand
for service provider use in this area.
Regarding the comment asking the
Bureau to encourage third-party
solutions to help covered financial
institutions comply with section 1071,
the Bureau agrees and has engaged in
outreach to third-party vendors, as
discussed in part III above, since the
issuance of the NPRM to facilitate their
development of solutions to assist
financial institutions in complying with
this rule.
Section 1002.110 Publication of Data
Final § 1002.110 addresses several
issues surrounding publication of small
business lending data. First, final
§ 1002.110(a) addresses annual
publication of application-level data on
the Bureau’s website, subject to
modification and deletion decisions by
the Bureau based on consideration of
privacy interests. Second, final
§ 1002.110(b) states that the Bureau may
compile and aggregate data submitted
by financial institutions and may
publish such compilations or
aggregations as the Bureau deems
appropriate. Third, final § 1002.110(c)
requires a covered financial institution
to publish on its website a statement
that its small business lending data, as
modified by the CFPB, are or will be
available on the CFPB’s website.
Finally, final § 1002.110(d) provides
when a covered financial institution
shall make the notice required by final
§ 1002.110(c) available to the public and
how long it shall maintain the notice on
its website.
The Bureau is finalizing § 1002.110 to
implement ECOA section 704B(f)(2)(B)
and (C), which require the Bureau to
adopt regulations addressing the form
and manner that data are made available
to the public, and pursuant to its
authority under 704B(g)(1) to prescribe
such rules and issue such guidance as
may be necessary to carry out, enforce,
and compile data pursuant to section
1071. The Bureau is also finalizing
§ 1002.110(b) pursuant to 704B(f)(3),
which permits the Bureau to compile
and aggregate small business lending
data, and to publish such aggregate data.
110(a) Publication of Small Business
Lending Application Registers and
Associated Financial Institution
Information
ECOA section 704B(f)(2)(C) requires
the Bureau to annually make the small
PO 00000
Frm 00264
Fmt 4701
Sfmt 4700
business lending data it receives from
financial institutions available to the
public in such form and in such manner
as the Bureau determines by regulation.
Proposed Rule
Proposed § 1002.110(a) would have
provided that the Bureau shall make
available to the public generally the data
reported to it by financial institutions
pursuant to proposed § 1002.109,
subject to deletions or modifications
made by the Bureau if the Bureau
determines that, based on the proposed
balancing test, the deletion or
modification of the data would advance
a privacy interest.807 The Bureau
proposed to make such data available on
an annual basis, by publishing it on the
Bureau’s website. The Bureau sought
comment on its proposed approach to
implementing ECOA section
704B(f)(2)(C).
Comments Received
In response to proposed § 1002.110(a),
the Bureau received comments from a
range of lenders, trade associations,
community groups, individual
commenters, and others. Many
commenters supported the Bureau’s
proposal to make data available on an
annual basis by publishing it on the
Bureau’s website. Some noted that
publication of disaggregated data is
critical to achieving the statutory
purposes of section 1071. Some
commenters indicated the Bureau
should make clear that the Bureau must
publish data annually, citing their
concern that any discretion in data
publication could allow for inconsistent
data publication in the future. A
commenter further supported
publication on the Bureau’s website,
stating that it preferred the Bureau as
the singular source for published data
because it would ensure the data was
uniform and consistent in data and
publication formats, which would help
to prevent obfuscation efforts by bad
actors. The commenter noted that, based
on their historical experience with
HMDA data, without publication on the
website, the public would need to
request data from each financial
institution individually and the data
807 As discussed in part VIII below, the Bureau is
not announcing how it will consider different
factors when implementing its discretion to delete
or modify application-level data before publication.
The Bureau will continue to engage with
stakeholders on publication and it intends to make
final decisions only after that continued
engagement and receipt of a full year of application
data. Part VIII lays out the CFPB’s preliminary
views, in light of comments received on the
balancing test articulated in the NPRM, on how to
assess and protect privacy interests through
modifications and deletion.
E:\FR\FM\31MYR2.SGM
31MYR2
lotter on DSK11XQN23PROD with RULES2
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
provided may not be in the same file
format, may not be in an accessible file
format, and the data may have
variations in formatting, which could
hide data anomalies or patterns of
discrimination.
Some commenters opposed
publication of disaggregated data
entirely, citing various privacy risks, or
otherwise preferred the Bureau publish
small business lending data only in
aggregate form.808 Some commenters
supported publication of disaggregated
data publication, but also supported
modifications in light of privacy risk.
Commenters also discussed timing of
data publication. Some supported
annual publication, as proposed. Others
requested publication as soon as
possible but did not suggest a specific
schedule. Two requested quarterly data
publication, and one suggested
publication every six months. A few
commenters requested the Bureau also
establish a deadline by which it would
annually publish data; some did not
suggest a specific deadline while others
requested a fall publication deadline,
shortly after data are submitted to the
Bureau, in order to maximize the data’s
currency and usefulness.
Many commenters requested the
Bureau ensure that published data are
accessible to the general public. These
commenters noted that the data should
be easily searchable or filterable so that
anyone with an interest in fair lending
can use and understand the data. Some
of these commenters noted that data can
sometimes be inaccessible if provided in
a very technical manner, such that only
those with expertise in data analysis can
understand and use the data. One
commenter suggested that this concern
was of particular concern for ethnicity
and race data. Additionally, a few
commenters pointed to previous Bureau
data releases as examples of publication
that worked well, such as the consumer
complaint database, and those that they
would prefer the Bureau not follow,
including the current data tool used to
publish HMDA data.
Some commenters requested the
Bureau add disclaimers or explanations
to data fields when the data is published
to aid in user understanding about the
data, such as data limits, caveats, or
exceptions. For example, several
commenters requested the Bureau add a
disclaimer to data submitted by Farm
Credit System lenders identifying their
unique statutory coverage limitations
and dividend structures. Other
commenters requested a disclaimer that
identifies when ethnicity, race, and sex
data was collected on the basis of visual
808 See
also part VIII below.
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
observation pursuant to proposed
§ 1002.107(a)(20). One commenter
requested a publication disclaimer for
amount of credit applied for and
amount of credit approved or originated,
that would explain that applicantprovided information can be arbitrary
and may not match the amount of credit
approved or originated. Another
commenter requested that the Bureau
include a disclaimer for private label
credit because, they said, private label
credit should not be compared to other
small business credit products because
it is based on the availability of the
financial institution’s retail partners and
those partners’ geographic locations.
Conversely, one commenter requested
the Bureau not add any disclaimers to
pricing data points on the grounds that
they would cause further
misunderstanding of the data.
Two commenters suggested the CFPB
establish an advisory group to offer
advice or it should seek public feedback
on ways to improve publication and
enhance data accuracy. One commenter
asked that it establish an authorization
program to certify as ‘‘CFPB-approved’’
particular data products and programs
created from 1071 data. Another
commenter stated that when publishing
the data, the Bureau should ensure that
the data are organized by institution and
credit product type as a default setting,
rather than only by institution, to ensure
proper comparison by data users.
Final Rule
For these reasons set forth herein, the
Bureau is finalizing § 1002.110(a)
largely as proposed. As finalized,
subject to modification or deletion
decisions made by the Bureau to
advance privacy interests as discussed
in part VIII below, the Bureau has
committed itself in § 1002.110(a) to
making application-level data available
to the public via annual publication.
Because publication is subject to any
modification or deletion decisions made
by the Bureau pursuant to its privacy
analysis, the Bureau concludes that
§ 1002.110(a) itself adequately addresses
commenter concerns about privacy
risks. As discussed in part VIII, the
CFPB is also of the view that
application-level data have significant
disclosure benefits that will facilitate
the fair lending and business and
community development purposes of
section 1071. This determination
strongly supports disclosure of the data
in a disaggregated format to the extent
consistent with the privacy interests. As
a result, the Bureau does not intend to
publish only aggregate data
compilations pursuant to § 1002.110(b).
PO 00000
Frm 00265
Fmt 4701
Sfmt 4700
35413
Publication of application-level data
on an annual basis is appropriate. While
a few commenters proposed shorter
cycles, the Bureau would not have new
data to publish more frequently because,
as discussed in the section-by-section
analysis of § 1002.109(a), the Bureau is
requiring financial institutions to report
annually. Further, the Bureau concludes
that until it obtains a full year of
reported data and performs a full
privacy analysis, as discussed in part
VIII below, it cannot know with
certainty the amount of time it will take
to analyze the privacy risks, and make
modifications or deletions as needed,
particularly for the first publication of
application-level data. Accordingly, the
final rule does not set a publication
deadline.
Because the Bureau is still creating its
data publication platform, it takes under
advisement commenter concerns about
accessibility and ease of use, and will
make efforts to be responsive to those
comments as the platform and user tools
are built. The Bureau is also taking
under advisement suggestions on how
to organize and display data.
Similarly, the Bureau is taking under
advisement requests to make data
limitations, such as related to credit or
financial institution type, clear to data
users. But it does not intend to state that
the amount of credit applied for and
amount of credit approved or originated
may have discrepancies because the
applicant underestimated their credit
limitations. As discussed in the sectionby-section analyses of § 1002.107(a)(7)
and (8) above and in the NPRM, there
are several other reasons for discrepancy
between the amount an applicant
applies for and the amount for which
they are approved. A disclaimer
asserting the discrepancy may be
attributable to applicant overconfidence
would minimize the serious risk of fair
lending concerns that these data points
may otherwise identify. For similar
reasons, the Bureau does not intend to
add disclaimers to pricing data.
Finally, the Bureau notes that while it
does not have an advisory group
dedicated to small business lending data
publication, there are several avenues
through which it expects to receive
feedback from the public on small
business lending data in the future,
including the Bureau’s Advisory
Committees, as well as any regulatory or
technical assistance function created for
data submitters. The Bureau also
intends to pursue continued public
engagement, including with respect to
its intended privacy assessment and
associated modification and deletion
decisions, as discussed in part VIII
below. Further, the Bureau will not
E:\FR\FM\31MYR2.SGM
31MYR2
35414
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
lotter on DSK11XQN23PROD with RULES2
approve or endorse any particular
entity’s use of or republication of data,
although entities may use and republish
the data once it is made available in the
public domain pursuant to this rule.
Because the statutory purposes and
noted benefits of data publication (as
discussed herein) include providing
information to the public to identify and
address fair lending issues in the small
business lending market, the Bureau
encourages data users to analyze the
data to address the statutory purposes.
It also encourages technologists to
develop tools to assist in this analysis.
110(b) Publication of Aggregate Data
ECOA section 704B(f)(3) provides that
the Bureau may ‘‘compile and aggregate
data collected under this section for its
own use’’ and ‘‘make public such
compilations of aggregate data.’’
Proposed § 1002.110(b) would have
provided that the Bureau may compile
and aggregate data submitted by
financial institutions pursuant to
proposed § 1002.109, and make any
compilations or aggregations of such
data publicly available as the Bureau
deems appropriate. The proposal
explained that publication of certain
such compilations and aggregations
would provide useful data to the public
to supplement the Bureau’s publication
of application-level data. In particular,
the Bureau noted the importance of
providing aggregations for the
application-level data fields that may be
modified or deleted before publication
to protect privacy interests.
The Bureau received comments on
this aspect of the proposal from several
community groups, business advocacy
groups, and a software provider. These
commenters were supportive of
proposed § 1002.110(b), though some
requested modifications. Several
commenters requested the Bureau make
specific aggregations available, based on
their experience with HMDA or for
specific user purposes. Additionally,
two commenters requested that the
Bureau commit to annual publication of
aggregate data.
For the reasons set forth herein, the
Bureau is finalizing § 1002.110(b) as
proposed. It is unnecessary for the rule
to commit to specific timing for
publication of aggregate data or to
identify the specific aggregations that it
will make available. ECOA section
704B(f)(3) provides the Bureau
discretion to compile and aggregate data
collected, and to make those
aggregations publicly available. Any
aggregations compiled using the data
collected will be dependent on multiple
factors, including privacy
considerations, the volume of data, and
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
the trends in the data received. For
these reasons, the Bureau believes it is
important to preserve flexibility as to
both the content and timing of any
aggregate data publications, although it
anticipates publishing aggregate data
before releasing application-level data.
110(c) Statement of Financial
Institution’s Small Business Lending
Data Available on the Bureau’s Website
and 110(d) Availability of Statements
Proposed Rule
ECOA section 704B(f)(2)(B) requires
that the data compiled and maintained
by financial institutions shall be ‘‘made
available to any member of the public,
upon request, in the form required
under regulations prescribed by the
Bureau.’’
Proposed § 1002.110(c) would have
required that a covered financial
institution make available to the public
on its website, or otherwise upon
request, a statement that the covered
financial institution’s small business
lending application register, as modified
by the Bureau pursuant to proposed
§ 1002.110(a), is or will be available on
the Bureau’s website.
Proposed § 1002.110(c) would have
also stated that a financial institution
shall use language provided by the
Bureau, or substantially similar
language, to satisfy this requirement to
provide a statement. Proposed comment
110(c)–1 would have provided model
language that a financial institution
could use to comply with proposed
§ 1002.110(c). Proposed comment
110(c)–2 would have provided guidance
to financial institutions that do not have
websites.
Proposed § 1002.110(d) would have
provided that a covered financial
institution shall make the notice
required by proposed § 1002.110(c)
available to the public on its website
when submitting its small business
lending application register to the
Bureau pursuant to proposed
§ 1002.109(a)(1), and shall maintain the
notice for as long as it has an obligation
to retain its small business lending
application registers pursuant to
proposed § 1002.111(a).
The Bureau sought comment on its
proposed approach to implementing
ECOA section 704B(f)(3), including how
best to implement proposed
§ 1002.110(c) and (d) in a manner that
minimizes cost and burden particularly
on small financial institutions while
implementing all statutory obligations.
Comments Received
In response to proposed § 1002.110(c)
and (d), the Bureau received comments
PO 00000
Frm 00266
Fmt 4701
Sfmt 4700
from a number of lenders, trade
associations, and community groups,
along with one individual commenter.
A majority of those commenters
supported the proposed approach to
making financial institutions’ data
available to the general public on the
Bureau’s website, citing reasons
including reduction of compliance
burden, cost, and redundant data.
However, a few commenters argued that
covered financial institutions should be
required to make their data available on
their own websites. One such
commenter asserted that financial
institutions (particularly large banks)
should be required to make their data
available within 30 days of a request to
do so, which they stated has worked
well for HMDA.809 This commenter also
stated that if the Bureau were to adopt
proposed § 1002.110(c), it should
require quarterly public data reporting.
An individual commenter suggested
that without a requirement that
financial institutions release their own
data, the public would have no way to
confirm the ‘‘legitimacy’’ of data
released by the Bureau.
Final Rule
For the reasons set forth herein, the
Bureau is finalizing § 1002.110(c) with a
minor modification and § 1002.110(d) as
proposed, to implement ECOA section
704B(f)(2)(B). The Bureau’s revision to
§ 1002.110(c) removes the specific URL
at which the Bureau will publish 1071
data on its website. The Bureau has
made several small revisions to the
notice language set forth in comment
110(c)–1 for clarity. The Bureau is also
adopting new comment 110(c)–3 to
explain that the Bureau may modify the
location specified in the notice language
provided in comment 110(c)–1, at
which small business lending data are
available, via the Filing Instructions
Guide and related materials.
The approach set forth in final
§ 1002.110(c) and (d) will reduce
potential burdens on financial
institutions associated with publishing
modified data. It will also reduce
privacy risks resulting from errors by
individual financial institutions
implementing any modifications or
deletions required by the Bureau, and
would be more efficient overall.
Regulation C (§ 1003.5(c)(1))
implements a similar statutory
requirement regarding the form of data
reporting and requires financial
institutions to direct any public requests
809 The Bureau’s approach to § 1002.110(c) aligns
with Regulation C § 1003.5(c)(1). However, prior to
the 2015 HMDA Amendments, covered financial
institutions were required to make their HMDA data
available upon request.
E:\FR\FM\31MYR2.SGM
31MYR2
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
lotter on DSK11XQN23PROD with RULES2
for HMDA data they receive to the
Bureau. A similar provision is
appropriate here to maintain continuity
across reporting regimes, and because
this centralized approach will help
ensure consistent implementation of
any modifications or deletions made to
protect privacy interests. Commenters’
concerns regarding the timing of
financial institutions making their own
data available are thus rendered moot.
The Bureau does not believe that
financial institutions should be required
to make their data available within 30
days of a request to do so. Such requests
can be fulfilled as easily by accessing
small business lending application
registers on the Bureau’s website, after
modifications or deletions are made to
protect privacy interests. Nor does the
Bureau believe that quarterly public
data reporting is appropriate, as
discussed in the section-by-section
analysis of § 1002.110(a) above. Further,
the Bureau does not believe that a
requirement that financial institutions
release their own data is necessary to
confirm the ‘‘legitimacy’’ of data
released by the Bureau. The Bureau will
conduct examinations of unredacted
small business lending data, and will
make application-level data (subject to
privacy modifications and deletions)
available for review and analysis by
members of the public.
110(e) Further Disclosure Prohibited
ECOA section 704B(e) and (f) require
financial institutions to compile and
maintain records of information
provided by applicants and to submit
such data annually to the Bureau.
However, the statute does not expressly
address what a financial institution may
do with data collected pursuant to
section 1071 for purposes other than
reporting such data to the Bureau, nor
did the proposal specify restrictions on
a financial institution’s use or
disclosure of data collected pursuant to
this rulemaking for purposes other than
collecting, maintaining, and reporting
such data to the Bureau.
The Bureau received comments from
individuals and industry that raised
concerns about potential misuse of
protected demographic data provided
pursuant the small business lending
rulemaking. For example, one
commenter expressed concern that
LGBTQ community members are at risk
that their data may be used for
unintended and harmful purposes
outside of 1071 data collection.
Commenters further noted that
applicants may be hesitant to provide
certain information if the data can be
inappropriately used. The Bureau also
received comments from industry
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
commenters urging that protected
demographic data be reported directly
to the Bureau, stating, in part, that such
a regime would likely increase response
rates because applicants would not be
concerned that financial institutions
would improperly use the data.
In order to safeguard protected
demographic data against possible
misuse and encourage applicant
responses, and in response to
comments, the Bureau is adding new
§ 1002.110(e) pursuant to its authority
under ECOA section 704B(g)(1) to
prescribe such rules and issue such
guidance as may be necessary to carry
out, enforce, and compile data pursuant
to section 1071. New § 1002.110(e)
prevents misuse of applicants’ protected
demographic information in two ways.
First, § 1002.110(e)(1) prohibits a
financial institution from disclosing or
providing to a third party the protected
demographic information it collects
under subpart B except in limited
circumstances. First, a financial
institution may disclose such
information to a third party to further
compliance with ECOA or Regulation B.
This exception permits disclosure, for
example, to a third-party service
provider that is assisting the financial
institution in auditing or submitting
small business lending data to the
Bureau. This exception also permits
disclosure to a third party for uses
consistent with how such protected
demographic information may currently
be used under ECOA and Regulation B,
such as to conduct internal fair lending
testing or to extend special purpose
credit programs. Section 1002.110(e)(1)
further states that a financial institution
may disclose or provide protected
demographic information collected
pursuant to this rule as required by law.
Second, § 1002.110(e)(2) prohibits
further redisclosure of protected
demographic information by a third
party that initially obtains such
information for the purposes of
furthering compliance with the ECOA
and Regulation B. In such situations, the
third party is prohibited from disclosing
the protected demographic information
except to further compliance with
ECOA and Regulation B or as required
by law.
Section 1002.111 Recordkeeping
Final § 1002.111 addresses several
aspects of the recordkeeping
requirements for small business lending
data. First, final § 1002.111(a) requires a
covered financial institution to retain
evidence of its compliance with subpart
B, which includes a copy of its small
business lending application register,
for at least three years after the register
PO 00000
Frm 00267
Fmt 4701
Sfmt 4700
35415
is required to be submitted to the
Bureau pursuant to final § 1002.109.
Second, final § 1002.111(b) requires a
financial institution to maintain,
separately from the rest of the
application and accompanying
information, an applicant’s responses to
the financial institution’s inquiries
regarding whether an applicant for a
covered credit transaction is a minorityowned business, a women-owned
business, and/or an LGBTQI+-owned
business under final § 1002.107(18) and
regarding the ethnicity, race, and sex of
the applicant’s principal owners under
final § 1002.107(19). Finally, final
§ 1002.111(c) requires that, in
compiling, maintaining, and reporting
data pursuant to final § 1002.109 or
§ 1002.111(a) or (b), a financial
institution shall not include personally
identifiable information concerning any
individual who is, or is connected with,
an applicant.
The Bureau is finalizing § 1002.111 to
implement ECOA section 704B(f)(2)(A),
which requires financial institutions to
compile and maintain data for at least
three years; 704B(b)(2), which requires
financial institutions to maintain a
record of the responses to the inquiry
required by 704B(b)(1), separate from
the application and accompanying
information; and 704B(e)(3), which
provides that in compiling and
maintaining data, a financial institution
may not include personally identifiable
information concerning an individual
who is, or is connected with, an
applicant. The Bureau is also finalizing
§ 1002.111 pursuant to its authority
under 704B(g)(1) to prescribe such rules
and issue such guidance as may be
necessary to carry out, enforce, and
compile data pursuant to section 1071.
111(a) Record Retention
Proposed Rule
ECOA section 704B(f)(2)(A) requires
that information compiled and
maintained under section 1071 be
retained for not less than three years
after the date of preparation. Proposed
§ 1002.111(a) would have required that
a financial institution retain a copy of
its small business lending application
register for three years after the register
is submitted to the Bureau pursuant to
proposed § 1002.109. By way of
comparison, under Regulation C,
financial institutions must retain the
loan/application registers that they
submit to the Bureau for three years.810
This reflects the requirement in HMDA
itself that a loan/application register be
810 Regulation
E:\FR\FM\31MYR2.SGM
C § 1003.5(a)(1).
31MYR2
35416
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
lotter on DSK11XQN23PROD with RULES2
retained for three years after it is made
available.811
Proposed comment 111(a)–1 would
have provided examples of what
evidence of compliance with the
proposed provision is likely to include.
Proposed comment 111(a)–2 would
have required that a creditor that is
voluntarily, under proposed
§ 1002.5(a)(4)(vii) and (viii), collecting
information pursuant to subpart B but is
not required to report that data to the
Bureau, complies with proposed
§ 1002.111(a) by retaining evidence of
compliance with subpart B for at least
three years after June 1 of the year
following the year that data was
collected.
The Bureau sought comment on its
proposed approach to implementing
ECOA section 704B(f)(2)(A), including
how best to implement proposed
§ 1002.111(a) in a manner that
minimizes cost and burden particularly
on small financial institutions while
implementing all statutory obligations.
Comments Received
The Bureau received comments from
several lenders, trade associations, and
others on this aspect of its proposal.
One trade association supported the
proposed requirement that financial
institutions retain their data for at least
three years after submission to the
Bureau, noting that this retention period
is congruent with the five-year period
that banks must maintain data under the
Bank Secrecy Act. A CDFI lender agreed
the proposal was reasonable and stated
that it did not foresee issues with
compiling and maintaining data for
three years.
A trade association, a business
advocacy group and a software vendor
recommended that the Bureau instead
align the recordkeeping requirement
with ECOA’s 25-month retention period
rather than HMDA’s three-year retention
period. The software vendor asserted
that the proposed provision appeared to
be in conflict with ECOA’s 12-month
record retention period for commercial
loans under $1 million. The trade
association recommended avoiding
requirements that would necessitate the
acquisition of costly record retention
systems. Another industry commenter
said that the proposed provision would
unnecessarily burden community banks.
A joint letter from two trade
associations recommended that the
Bureau expressly state that financial
institutions without a reporting
obligation under the rule, in particular
motor vehicle dealers, are not required
to comply with the other obligations in
811 12
U.S.C. 2803(j)(6).
VerDate Sep<11>2014
18:47 May 30, 2023
the rule, including the recordkeeping
requirements of the rule.
Final Rule
The Bureau is finalizing § 1002.111(a)
as proposed. The Bureau is also
finalizing the associated commentary
with an adjustment as discussed below.
The Bureau is finalizing this provision
to implement section 1071’s
recordkeeping requirement as set forth
in ECOA section 704B(f)(2)(A).
Regarding commenters’ requests that
the Bureau should adopt either existing
Regulation B’s 25-month retention
period for consumer credit or its 12month retention period for business
credit, rather than a three-year period,
ECOA section 704B(f)(2)(A) mandates
that the Bureau adopt a three-year
recordkeeping requirement for
applications for small business loans. In
any case, the Bureau notes that, in
contrast to these commenters, at least
one lender suggested that § 1002.111(a)
was congruent with other recordkeeping
requirements applicable to certain
extensions of credit.812 The Bureau is
finalizing comment 111(a)–1 (regarding
evidence of compliance) with an
additional sentence to reiterate that final
§ 1002.111(a)’s three-year record
retention requirement applies to any
records covered by § 1002.111(a),
notwithstanding the more general 12month retention period for records
related to business credit specified in
existing § 1002.12(b). The Bureau is
finalizing comment 111(a)–2 (regarding
record retention for creditors that
voluntarily collect data under
§ 1002.5(a)(4)(vii) and (viii)) as
proposed.
The Bureau acknowledges
commenters’ concerns that this
provision would necessitate the
acquisition of costly record retention
systems or about its impact on
community banks, but does not believe
that further adjustments would be
appropriate. While financial institutions
may incur added expenses in complying
with final § 1002.111(a), the provision
does not itself suggest or mandate that
lenders must acquire new record
systems; the provision simply requires
that financial institutions adjust their
procedures if they do not already retain
certain records for the period specified
in § 1002.111(a). In any case, as noted
above, final § 1002.111(a) implements
the record retention period set forth in
the statute.
Regarding the comment concerning
the obligations of financial institutions
that are not required to report data
under the rule, the Bureau agrees that a
812 See,
Jkt 259001
PO 00000
e.g., 31 CFR 1010.410(a) and 1010.430(d).
Frm 00268
Fmt 4701
Sfmt 4700
financial institution that is not covered
by the rule is not subject to its
provisions, including the recordkeeping
provisions. However, a covered
financial institution must keep records
in accordance with § 1002.111(a). In
order to satisfy its own recordkeeping
obligations, a covered financial
institution must ensure that it has
obtained the necessary records from
third parties through which it receives
applications or ensure that those third
parties keep adequate records on its
behalf.
111(b) Certain Information Kept
Separate From the Rest of the
Application
Proposed Rule
ECOA section 704B(b)(2) requires
financial institutions to maintain a
record of the ‘‘responses to [the]
inquiry’’ required by 704B(b)(1) separate
from the application and accompanying
information. Consistent with the
approach the Bureau is finalizing as set
forth in E.2 of the Overview to this part
V, the Bureau proposed to interpret the
term ‘‘responses to such inquiry’’ in
704B(b)(2) to be the applicant’s
responses to inquiries regarding
protected demographic information—
that is, whether the applicant was a
minority-owned business or a womenowned business, and the ethnicity, race,
and sex of the applicant’s principal
owners.
Proposed § 1002.111(b) would have
stated that a financial institution shall
maintain, separately from the rest of the
application and accompanying
information, an applicant’s responses to
the financial institution’s inquiries to
collect data pursuant to proposed
subpart B regarding whether an
applicant for a covered credit
transaction is a minority-owned
business under proposed
§ 1002.107(a)(18) or a women-owned
business under proposed
§ 1002.107(a)(19), and regarding the
ethnicity, race, and sex of the
applicant’s principal owners under
proposed § 1002.107(a)(20).
Proposed comment 111(b)–1 would
have explained that a financial
institution may satisfy this requirement
by keeping an applicant’s responses to
the financial institution’s request
pursuant to proposed § 1002.107(a)(18)
through (20) in a file or document that
is discrete or distinct from the
application and its accompanying
information. For example, such
information could be collected on a
piece of paper that is separate from the
rest of the application form. In order to
satisfy the requirement in proposed
E:\FR\FM\31MYR2.SGM
31MYR2
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
lotter on DSK11XQN23PROD with RULES2
§ 1002.111(b), proposed comment
111(b)–1 would have clarified that an
applicant’s responses to the financial
institution’s request pursuant to
proposed § 1002.107(a)(18) through (20)
need not be maintained in a separate
electronic system, nor need they be
removed from the physical files
containing the application. However,
the financial institution may
nonetheless need to keep this
information in a different electronic or
physical file in order to satisfy the
requirements of proposed § 1002.108.
The Bureau sought comment on its
proposed approach to implementing
ECOA section 704B(b)(2), including
how best to implement proposed
§ 1002.111(b) in a manner that
minimizes cost and burden, particularly
on small financial institutions, while
implementing all statutory obligations.
The Bureau also sought comment on
whether, for financial institutions that
determine that underwriters or other
persons should have access to
applicants’ demographic information
pursuant to proposed § 1002.108(b), it
should likewise waive the requirement
in proposed § 1002.111(b) to keep that
information separate from the
application and accompanying
information.
Comments Received
A number of lenders and trade
associations commented on the
proposed requirement that protected
demographic information be kept
separate from application or loan files.
A CDFI lender said the proposal was
reasonable and did not foresee issues
with maintaining demographic
information separate from applications.
A trade association, while claiming
proposed § 1002.111(b) would be
difficult to comply with, acknowledged
that the provision was mandated by
section 1071. Another trade association
agreed with the Bureau that ECOA
section 704B(b)(2) should be interpreted
as referring to applicants’ responses to
the inquiries regarding minority-owned
and women-owned business status in
proposed § 1002.107(a)(18) and (19), as
well as the ethnicity, race, and sex of
applicant’s principal owners in
proposed § 1002.107(a)(20). A joint
letter from two trade associations
supported the limitation on accessing
protected demographic information but
expressed concern about the effort and
cost it would take to segregate and limit
this information and ensure the
accuracy of reports and files that must
be maintained. These trade associations
suggested that all regulations and
guidance related to record retention be
consistent with the FTC’s newly
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
amended Gramm-Leach-Bliley
Safeguards Rule and Privacy Rule.
A trade association and a business
advocacy group requested clarifications
to improve feasibility and reduce
technical challenges, expressing
concern that compliance with proposed
§ 1002.111(b) could require expensive
technical solutions to separate protected
demographic information from
applications in different electronic or
physical files. One sought clarity as to
what proposed comment 111(b)–1
meant, stating that, to satisfy § 1002.108,
some financial institutions may need to
keep protected demographic
information in a different electronic or
physical file.
Some industry commenters opposed
the proposal on the grounds of cost,
complexity and practicality. A few of
these commenters argued that proposed
§ 1002.111(b) would add unnecessary
cost and complexity to compliance and
would make audits of data more
difficult. Others asserted the provision
would be difficult to implement or
unworkable. One commenter stated that
this requirement would impact small
lenders in particular and would increase
ongoing costs.
Several industry commenters
requested that the Bureau exercise
exemption authority to exempt all
lenders from having to comply with this
provision on the grounds that it would
make examinations and audits more
cumbersome and costly because
demographic information would need to
be retrieved from separate files.
Commenters also requested that, to
remain consistent with proposed
§ 1002.108(b), the Bureau waive this
requirement for financial institutions
that determine that underwriters or
other persons should have access to
applicants’ demographic information.
They also stated that both provisions
were operationally burdensome without
any benefit, and that if a firewall was
infeasible, so was the proposed
recordkeeping provision.
Several industry commenters
requested that the Bureau not prohibit
the collection of demographic
information on the same form as the rest
of the application, explaining that such
a prohibition would disrupt SBA’s 7(a)
loan process, and because section 1071
itself does not prohibit including
demographic questions on an
application form; rather, it requires
‘‘recording’’ the information separately.
A bank also that such a prohibition
would disrupt loan processes and data
integrity audits. Another bank requested
that the Bureau not specify that
protected demographic information be
kept in a separate file, which it said
PO 00000
Frm 00269
Fmt 4701
Sfmt 4700
35417
would be costly and burdensome for
financial institutions, but rather that the
Bureau leave to lenders how to comply
with this provision.
A bank and a trade association
asserted that proposed § 1002.111(b)
was not feasible or necessary, and noted
that Regulation C does not require
lenders to keep demographic
information separate from mortgage loan
files. They also asserted that there was
no evidence of violations of Regulation
B because demographic information was
not kept separate from loan files.
Another bank requested that the Bureau
align the requirements of HMDA and
section 1071 by waiving § 1002.111(b)
for applications reportable under both
regimes.
Final Rule
The Bureau is finalizing § 1002.111(b)
with adjustments to reflect updated
cross-references to other portions of the
final rule and to refer to LGBTQI+owned businesses along with womenand minority-owned businesses, as per
final § 1002.107(a)(18). The Bureau is
also finalizing the comment 111(b)–1
with one adjustment as discussed
below, and the Bureau is adding a new
comment 111(b)–2.
As discussed in detail above in part
V.E.2, the Bureau believes the best
reading of the statutory provisions that
mention the inquiry made under ECOA
section 704B(b)(1)—in 704B(b)(2) as
well as in 704B(c) regarding the right to
refuse and 704B(d) regarding the
firewall—is that they refer to applicants’
responses to the inquiries regarding
protected demographic information:
minority-owned, women-owned, and
LGBTQI+-owned business statuses in
final § 1002.107(a)(18) and the ethnicity,
race, and sex of applicants’ principal
owners in final § 1002.107(a)(19). Each
of these data points require financial
institutions to request demographic
information that has no bearing on the
creditworthiness of the applicant.
Moreover, a financial institution
generally could not inquire about this
demographic information absent section
1071’s mandate to collect and report the
information, and ECOA prohibits a
creditor from discriminating against an
applicant on the basis of the
information. The Bureau accordingly
believes that the best effectuation of
congressional intent is to apply section
1071’s special-protection provisions to
this demographic information,
regardless of whether the statutory
authority to collect it originates in
704B(b)(1) (women-owned business
status and minority-owned business
status), 704B(e)(2)(G) (race, sex, and
ethnicity of principal owners), or
E:\FR\FM\31MYR2.SGM
31MYR2
35418
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
lotter on DSK11XQN23PROD with RULES2
704B(e)(2)(H) (LGBTQI+-owned
business status, which is additional data
that the Bureau has determined would
aid in fulfilling the purposes of section
1071). The Bureau similarly believes
that Congress did not intend these
special protections to apply to any of
the other applicant-provided data points
in final § 1002.107(a), which the
financial institution is permitted to
request whether or not it is covered
under section 1071, which are not the
subject of Federal antidiscrimination
laws, and many of which financial
institutions already collect and use for
underwriting purposes.
The Bureau does not believe it would
be appropriate to modify the statutory
requirements implemented in final
§ 1002.111(b) (or elsewhere in
§ 1002.111), as requested by some
commenters, for consistency with the
FTC’s newly amended Gramm-LeachBliley Safeguards Rule 813 and Privacy
Rule.814 Commenters did not identify
any inconsistency between § 1002.111
and the requirements of the GrammLeach-Bliley Act.815 The Bureau notes
that the privacy and data security
provisions of these rules apply to
consumer information, and the GrammLeach-Bliley Act defines consumer to
mean an individual who obtains, from
a financial institution, financial
products or services which are to be
used primarily for personal, family, or
household purposes. The Bureau is
finalizing comment 111(b)–1 with
updated cross-references to other
portions of the final rule and additional
text explaining that while § 1002.111(b)
does not always require that a financial
institution maintain certain information
in separate physical or digital files, a
financial institution may nonetheless as
a practical matter need to keep this
information in a different electronic or
physical file in order to satisfy the
requirements of § 1002.108(b) to
establish and maintain a firewall. Final
comment 111(b)–1, as revised, is
intended to clarify, and facilitate
compliance with, the statutory directive
that financial institutions must keep
certain information separate from the
credit application. The Bureau is also
adding comment 111(b)–2 to the final
rule, which states that a financial
institution is permitted to maintain
information regarding the applicant’s
number of principal owners pursuant to
final § 1002.107(a)(20) with an
813 Fed. Trade Comm’n, Standards for
Safeguarding Customer Information, Final Rule, 86
FR 70272 (Dec. 9, 2021).
814 Fed. Trade Comm’n, Privacy of Consumer
Financial Information Rule Under the GrammLeach-Bliley Act, 86 FR 70020 (Dec. 9, 2021).
815 15 U.S.C. 6801 through 6809.
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
applicant’s responses to the financial
institution’s request pursuant to
§ 1002.107(a)(18) and (19). The Bureau
believes that as a practical matter, the
demographic information that financial
institutions would have to maintain
separately would inherently and
necessarily include the applicant’s
number of principal owners. For
example, if an applicant had three
principal owners, the separately
maintained demographic information
would necessarily contain three sets of
responses to questions about principal
owners’ race, sex and ethnicity, even if
no part of the separately maintained
information explicitly listed ‘‘3’’ as the
information responsive to
§ 1002.107(a)(20).
Regarding comments seeking further
clarification of § 1002.111(b) and
comment 111(b)–1, the Bureau intended
in these provisions to provide financial
institutions with flexibility in
complying with § 1002.111(b), which
some industry commenters favored. The
Bureau believes that some commenters
overstate the complexity of
§ 1002.111(b); several appeared to
interpret this provision as requiring
financial institutions to create separate
physical or digital files in all instances.
This is contrary to proposed comment
111(b)–1, which explicitly states that
the demographic information need not
be maintained in a separate electronic
system, nor removed from the physical
files containing the application. The
Bureau’s intent was to acknowledge that
different lenders may implement
§ 1002.111(b) in varying ways,
depending on how they choose to
comply with the firewall requirement.
For instance, a lender that complies
with § 1002.108(b) may determine that
to keep demographic information from
underwriters and other employees, it
must maintain such information in a
separate file from the application, rather
than on a separate piece of paper in the
same file as the application. However,
for those financial institutions that,
pursuant to § 1002.108(c), determine it
is not feasible to limit access to an
applicant’s protected demographic
information, the Bureau believes that
compliance with ECOA section
704B(b)(2), as implemented in
§ 1002.111(b), does not necessitate
maintaining such information in
separate files.
Regarding several commenters’
request that the Bureau use its
exemption authority generally to
exempt all lenders from having to
comply with § 1002.111(b) and should,
in any case, waive the requirement for
lenders where the firewall under
§ 1002.108(b) is infeasible, the Bureau
PO 00000
Frm 00270
Fmt 4701
Sfmt 4700
does not believe it would be appropriate
to do so. The request for a general
exemption appears to be based on the
premise that proposed § 1002.111(b)
would have required demographic
information be stored in separate files.
As explained above, final § 1002.111(b)
and final comment 111(b)–1 make clear
that there is not a mandate for all
financial institutions to maintain
protected demographic information in
separate files, and the commenters do
not explain why financial institutions
would choose to maintain separate files
for protected demographic information
when they have determined that one or
more officers or employees should have
access to that information.
Regarding the various comments
opposing § 1002.111(b) on the grounds
of cost, complexity, and feasibility of
compliance, the Bureau acknowledges
that the provision adds effort and
expense to complying with this rule.
However, the Bureau believes that
comments overstate the magnitude of
the costs, complexity, and purported
infeasibility of complying with
§ 1002.111(b). Comment 111(b)–1
provides for flexibility in complying
with § 1002.111(b) in retaining records
containing demographic information
required by section 1071. The
commenters addressing the cost,
complexity, and feasibility did not
identify any less costly, complex, and
more feasible methods of compliance,
especially for those financial
institutions that found it infeasible to
maintain a firewall pursuant to
§ 1002.108(b). In any case, several other
commenters, including a lender, agreed
with the Bureau that compliance with
§ 1002.111(b) is feasible.
The Bureau does not believe that
§ 1002.111(b) would be
counterproductive in the conduct of
examinations or audits, as suggested by
some commenters. As with the
comments concerning cost, complexity
and feasibility, these comments—
assuming the necessity of separate
electronic or physical files in all cases—
overstate the complexity of
§ 1002.111(b). As final comment 111(b)–
1 establishes, in many instances,
simpler means of separating protected
demographic information from other
information within an application file
would suffice, and, the Bureau believes,
would not impede audits or
examinations. Further, the Bureau
believes that for purposes of complying
with ECOA and subpart A of Regulation
B, many financial institutions already
maintain certain documents in files
separate from the application, such as
copies of drivers’ licenses, that may
reveal protected demographic
E:\FR\FM\31MYR2.SGM
31MYR2
lotter on DSK11XQN23PROD with RULES2
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
information about business applicants’
owners, such as race and sex.
The Bureau likewise disagrees with
the assertion that § 1002.111(b) is not
necessary; this provision implements a
statutory requirement in ECOA section
704B(b)(2). In addition, in its
interpretation of 704B(b)(2), the Bureau
has endeavored to minimize cost and
complexity by reading the provision
narrowly. Regarding the comment that
§ 1002.111(b) would impact small
lenders in particular and increase
ongoing costs, the Bureau does not
believe the cost and complexity of small
lenders’ compliance efforts will
necessarily be greater than for other
institutions, as discussed in part IX
below.
Regarding comments that the Bureau
should not prohibit the collection of
demographic information on the same
form as the rest of the application, the
Bureau disagrees. The Bureau interprets
ECOA section 704B(b)(2), which
§ 1002.111(b) implements, to suggest
that collection of protected demographic
information on separate forms may be a
practical necessity. That is, it would be
difficult, if not impossible, to determine
whether a financial institution had
complied with § 1002.111(b), or the
firewall provision, if demographic
information is collected with the
information from which it must be kept
separate. This is also illustrated in final
comment 107(a)(18)–5.
The Bureau does not believe that
§ 1002.111(b) would disrupt the SBA’s
7(a) loan process, as a commenter
suggested—neither § 1002.111(b) nor
§ 1002.107(a)(18) and (19) affect how
demographic information gathered for
purposes other than compliance with
this final rule are to be collected or
retained.
Regarding the request that the final
rule mirror HMDA’s approach to the
collection of demographic information,
the Bureau notes that HMDA does not
include a requirement comparable to the
one in ECOA section 704B(b)(2)
mandating the separation of certain
information from the application;
Regulation C thus permits demographic
information required under HMDA to be
retained as part of the application.816
Regarding the claim that no evidence
exists of fair lending violations from a
failure to separate demographic
information separate mortgage files, the
Bureau reiterates that § 1002.111(b)
implements a statutory requirement in
ECOA. Regarding the request to exempt
HMDA-reportable loans from complying
with § 1002.111(b), the request is
mooted by the Bureau’s adoption of new
816 See
80 FR 66128, 66192–93 (Oct. 28, 2015).
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
§ 1002.104(b)(2), which excludes
HMDA-reportable transactions from the
requirements of this final rule.
111(c) Limitation on Personally
Identifiable Information Retained in
Certain Records Under This Section
Proposed Rule
ECOA section 704B(e)(3) provides
that in compiling and maintaining any
record of information under section
1071, a financial institution may not
include in such record the name,
specific address (other than the census
tract), telephone number, electronic
mail address, or any other personally
identifiable information (PII) concerning
any individual who is, or is connected
with, an applicant.
The Bureau proposed in § 1002.111(c)
that in compiling and maintaining any
records under proposed § 1002.107 or
§ 1002.111(b), or reporting data
pursuant to proposed § 1002.109, a
financial institution shall not include
any name, specific address, telephone
number, email address, or any PII
concerning any individual who is, or is
connected with, an applicant, other than
as required pursuant to proposed
§ 1002.107 or § 1002.111(b). The
prohibition on the inclusion of PII in
ECOA section 704B(e)(3), which covers
the ‘‘compiling and maintaining [of] any
record of information,’’ implicates
proposed §§ 1002.107, 1002.109, and
1002.111, which together would address
the compilation, maintenance, and
reporting of data by financial
institutions.
Proposed comment 111(c)–1 would
have clarified that the prohibition in
proposed § 1002.111(c) applies to data
compiled and maintained pursuant to
§ 1002.107, data in the small business
lending application register submitted
by the financial institution to the
Bureau under proposed § 1002.109, the
version of the register that the financial
institution maintains under proposed
§ 1002.111(a), and the separate record of
certain information created pursuant to
proposed § 1002.111(b).
Proposed comment 111(c)–2 would
have addressed the types of information
(including PII) that a financial
institution is prohibited from including
in the data it compiles and maintains
pursuant to proposed § 1002.107, in its
records under proposed § 1002.111(b),
or in data reported to the Bureau under
proposed § 1002.109.
Proposed comment 111(c)–3 would
have clarified that the prohibition in
proposed § 1002.111(c) does not extend
to the application or any other records
that the financial institution maintains.
This comment was intended to address
PO 00000
Frm 00271
Fmt 4701
Sfmt 4700
35419
the request by stakeholders in the
SBREFA process that the Bureau clarify
that this prohibition does not extend
more broadly to a financial institution’s
application or loan-related files.
Proposed comment 111(c)–4 would
have clarified that the prohibition in
proposed § 1002.111(c) does not bar
financial institutions from providing to
the Bureau, pursuant to proposed
§ 1002.109(b)(3), the name and business
contact information of the person who
may be contacted with questions about
the financial institution’s submission.
The Bureau sought comment on its
proposed approach to implementing
ECOA section 704B(e)(3), including how
best to implement this requirement in a
manner that minimizes cost and burden,
particularly on small financial
institutions, while implementing all
statutory obligations. Regarding
comments by stakeholders in the
SBREFA process that reporting small
business lending data to the Bureau
could give rise to a potential conflict
with the data protection and privacy
laws prohibiting the disclosure of
nonpublic personal information to
unaffiliated third parties, the Bureau
noted that such laws typically provide
an exemption for disclosures made
pursuant to Federal and State law.817
The Bureau sought comment on
whether the requirements in this
proposed rule could conflict with other
data privacy or data protection laws,
and whether the Bureau might need to
use its preemption authority under
ECOA,818 Regulation B,819 and/or
section 1041(a)(1) of the Dodd-Frank
Act to ensure that financial institutions
do not violate State law in reporting
1071 data to the Bureau. The Bureau
also sought comment on whether it
should include a provision to preempt
any State data privacy or data protection
laws that would prohibit the collection,
maintenance, and reporting to the
Bureau of 1071 data. In the SBREFA
process before the publication of the
proposed rule, some industry
817 See, e.g., California Consumer Privacy Act,
Cal. Civ. Code 1798.145(a)(1) (noting that the
obligations imposed on businesses by CCPA ‘‘shall
not restrict a business’ ability to . . . comply with
federal, state, or local laws’’). Some other laws on
this topic may apply only to consumers acting
primarily for personal, family, or household
purposes, but they also provide an exemption for
disclosures made pursuant to Federal and State law.
See Gramm-Leach-Bliley Act section 502(e)(8), 15
U.S.C. 6802(e)(8), and Regulation P
§ 1016.15(a)(7)(i) (stating that the limitations on
disclosing nonpublic personal information to
unaffiliated third parties do not apply if the
information is disclosed to comply with Federal,
State, or local laws, rules and other applicable legal
requirements).
818 15 U.S.C. 1691d(f).
819 Existing § 1002.11.
E:\FR\FM\31MYR2.SGM
31MYR2
35420
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
stakeholders expressed concern
regarding a different issue related to
data privacy, specifically that reporting
1071 data to the Bureau may cause them
to violate other data privacy laws,
including State data privacy laws.
lotter on DSK11XQN23PROD with RULES2
Comments Received
The Bureau received comments on
this aspect of the proposal from several
lenders and trade associations. A CDFI
lender said the proposed provision was
reasonable and that it did not foresee an
issue with ensuring that the enumerated
PII is not connected to the applicant. A
trade association stated the Bureau, in
proposing this provision, identified a
consistent and correct approach to
protecting PII. Another trade association
said that the Bureau should issue a
provision clarifying when PII must be
excluded in the compiling and
maintaining of any record of
information at the different stages in the
process.
A bank opposed the proposal,
observing that most small community
banks correlate documents to a specific
borrower and application using PII, and
that if the rule prohibited the inclusion
of such information on the collection
form, there would be no way to tie
demographic information to the specific
application in order to aggregate and
accurately report the data.
A credit union trade association
stated that the proposed visual
observation and surname data collection
requirement for principal owners’
ethnicity and race (pursuant to
proposed § 1002.107(a)(20)) may expose
covered financial institutions to
compliance costs related to an evolving
patchwork of State personal data
privacy laws, including in California,
which provides financial institutions
only an information-level exemption
from its data privacy law.820
Final Rule
The Bureau is finalizing § 1002.111(c)
and associated commentary with
revisions for clarity. Final § 1002.111(c),
and the associated commentary, is
intended to implement ECOA section
704B(e)(3), which provides that in
compiling and maintaining any record
of information under section 1071, a
financial institution may not include in
such record the name, specific address
(other than the census tract), telephone
number, electronic mail address, or any
other PII concerning any individual who
is, or is connected with, an applicant.
The Bureau further clarifies in final
§ 1002.111(c) that it does not interpret
ECOA section 704B(e)(3) as prohibiting
820 4
Cal. Civ. Code 1798.145(c).
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
a financial institution from including PII
in its application or other files, but only
the small business lending application
register submitted by the financial
institution to the Bureau, the copy of the
submitted register that is retained for
inspection, and the separately
maintained record of protected
demographic information kept pursuant
to § 1002.111(b).
Final § 1002.111(c), along with
corresponding passages in the
commentary, now states that in
reporting a small business lending
application register pursuant to
§ 1002.109, maintaining the register
pursuant to § 1002.111(a), and
maintaining a separate record of
information pursuant to § 1002.111(b), a
financial institution shall not include
any name, specific address, telephone
number, email address, or any other PII
concerning any individual who is, or is
connected with, an applicant, other than
as required pursuant to § 1002.107 or
§ 1002.111(b). Final § 1002.111(c) and
final comment 111(c)–2 now refer to
‘‘any other personally identifiable
information’’ for the sake of clarity and
to better conform with ECOA section
704B(e)(3). Final § 1002.111(c) and
associated commentary incorporate
several revisions compared to the
proposal. First, to address a potential
misunderstanding regarding the first
cross-reference to § 1002.107 in
proposed § 1002.111(c)—as some
comments reflected—as to whether a
financial institution is prohibited from
maintaining PII with not only the small
business lending application register but
also any other records related to the
collection and maintenance of data
points specified in § 1002.107,
including an application for a covered
credit transaction. The Bureau
acknowledges the comment that, as
drafted, the reference to ‘‘compiling and
maintaining any records under
§ 1002.107’’ in proposed § 1002.111(c)
made it unclear exactly what
documents, beyond the small business
lending application register and the
separately maintained demographic
information of applicants, are subject to
the prohibition on the inclusion of PII.
The Bureau understands that the
initial collection of records relevant to
the data points specified in § 1002.107
will commence in the normal course of
business for financial institutions when
they receive a covered application from
a small business. At that phase, and
during the underwriting of the
application, it would be impractical to
expect that financial institutions could
keep the PII of the individuals
associated with an application separate
from all of the other information in the
PO 00000
Frm 00272
Fmt 4701
Sfmt 4700
application from which the various data
points in § 1002.107(a) would be
derived. The Bureau acknowledges
comments suggesting that a prohibition
on including PII on forms—such as the
applicant’s name—to tie an application
for credit to the separately kept
demographic information would likely
impede the accurate compiling and
reporting of data.
As a result, the Bureau has revised
§ 1002.111(c) to clarify that financial
institutions are prohibited from
maintaining certain types of PII in
reporting data pursuant to § 1002.109,
the provision concerning the creation
and maintenance of the small business
lending application register. Likewise,
final comments 111(c)–1 and 111(c)–2
now refer to the reporting of data
pursuant to § 1002.109, rather than the
compilation and maintenance of any
records pursuant to § 1002.107, to focus
on PII associated with the small
business lending application register,
rather than any records, even those
loosely associated with, the data points
under § 1002.107.
Second, the Bureau is finalizing
§ 1002.111(c) and comment 111(c)–2 to
refer explicitly to § 1002.111(a) for
clarity. Proposed comment 111(c)–1
referred to § 1002.111(a) in prohibiting
PII in the copy of the small business
lending application register maintained
by the financial institution, but
proposed § 1002.111(c) and proposed
comment 111(c)–2 did not explicitly
mention § 1002.111(a). Final
§ 1002.111(c) and final comment 111(c)–
2 have been modified to remedy this
omission. If financial institutions are
prohibited from including PII not only
in the small business lending
application register they submit to the
Bureau pursuant to § 1002.109, logically
they must also be prohibited from
including PII in the copy of the register
they retain pursuant to § 1002.111(a).
The Bureau clarifies in final
§ 1002.111(c) that it is the Bureau’s
interpretation that ECOA section
704B(e)(3) should be read as prohibiting
lenders from including PII in the small
business lending application register
submitted to the Bureau pursuant to
§ 1002.109, and, logically, as requiring
lenders to also exclude PII from the
copy of this register that a financial
institution is required to retain pursuant
to § 1002.111(a).
Third, the Bureau is finalizing
§ 1002.111(c) and comment 111(c)–2 to
refer explicitly to § 1002.111(b) earlier
in both provisions. Section 1002.111(b)
is mentioned towards the end of both
proposed § 1002.111(c) and proposed
comment 111(c)–2; however, in neither
provision is it abundantly clear that the
E:\FR\FM\31MYR2.SGM
31MYR2
lotter on DSK11XQN23PROD with RULES2
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
protected demographic information that
lenders must maintain separately from
the application pursuant to
§ 1002.111(b) must itself be free of PII.
This lack of clarity is remedied in final
§ 1002.111(c) and final comment 111(c)–
2.
Fourth, the Bureau is finalizing
§ 1002.111(c) and comment 111(c)–2 to
clarify that financial institutions are
prohibited from including in the
enumerated records certain enumerated
types of PII specified in the statute, as
well as any other PII. The proposed
§ 1002.111(c) referred simply to ‘‘any’’
PII (rather than ‘‘any other’’), which the
Bureau believes could have been
misinterpreted to suggest that the list of
specific items preceding ‘‘any’’ (name,
specific address, telephone number,
email address) were not themselves
forms of PII. As a result, to avoid any
potential confusion, in both final
§ 1002.111(c) and final comment 111(c)–
2, the Bureau refers to ‘‘any other’’ PII,
which also better conforms with the text
of ECOA section 704B(e)(3).
Finally, the Bureau is finalizing
comment 111(c)–3 to specify that the
prohibition in § 1002.111(c) does not
extend to an application for credit, or
any other records that the financial
institution maintains that are not
specifically enumerated in final
§ 1002.111(c). Proposed comment
111(c)–3 simply noted that § 1002.111(c)
did not apply to an application for
credit or any other records that the
financial institution maintains. The
addition of the phrase ‘‘that are not
specifically enumerated in
§ 1002.111(c)’’ is intended to eliminate
any uncertainty about the scope of
application of § 1002.111(c).
Regarding the comment requesting
clarification on whether the prohibition
on PII includes different stages in the
process of compiling and maintaining
any record of information, the Bureau
addresses these concerns in final
§ 1002.111(c), and comments 111(c)–1
and 111(c)–2, as revised, as well as
comment 111(c)–3, which is finalized as
proposed. Final comment 111(c)–1
specifies the categories of information
that § 1002.111(c) applies to, and final
comment 111(c)–3 makes clear that the
prohibition on PII does not extend to the
application or other records that the
financial institution maintains beyond
the small business lending application
register.
Regarding the comment that a
prohibition on the inclusion of PII on
forms—such as the applicant’s name—
to tie an application for credit to the
separately kept demographic
information would impede the accurate
aggregation and reporting of data, the
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
Bureau believes that for this specific
purpose, other identifiers not involving
PII may be used. For instance, the
unique identifier data point in
§ 1002.107(a)(1) is specific to a
particular applicant and can be used to
tie an application to the separately
maintained demographic information
for that applicant. By definition and
according to comment 107(a)(1)–3, the
unique loan identifier may not include
PII prohibited by § 1002.111(c).
The concern that the visual
observation and surname provision of
the proposal would expose covered
lenders to compliance costs related to
State personal data privacy laws, such
as California’s, is rendered moot by the
Bureau’s decision not to finalize its
proposal for financial institutions to use
visual observation and surname analysis
to determine principal owners’ ethnicity
and race in certain circumstances.
Section 1002.112
Enforcement
Final § 1002.112 addresses several
issues related to the enforcement of
violations of the requirements of
proposed subpart B. First, § 1002.112(a)
states that a violation of section 1071 or
subpart B of Regulation B is subject to
administrative sanctions and civil
liability as provided in sections 704 and
706 of ECOA. Second, § 1002.112(b)
provides that a bona fide error in
compiling, maintaining, or reporting
data with respect to a covered
application is an error that was
unintentional and occurred despite the
maintenance of procedures reasonably
adapted to avoid such an error. This
provision also addresses the
maintenance of procedures reasonably
adapted to avoid such errors. Third,
§ 1002.112(c) identifies four safe harbors
under which certain errors—namely,
certain types of incorrect entries for the
census tract, NAICS code, and
application date data points, or
incorrect determination of small
business status, covered credit
transaction, or covered application—do
not constitute violations of ECOA or
Regulation B.
The Bureau is finalizing § 1002.112 to
implement sections 704 and 706 of
ECOA, pursuant to its authority under
ECOA section 704B(g)(1) to prescribe
such rules and issue such guidance as
may be necessary to carry out, enforce,
and compile data pursuant to section
1071 and pursuant to its authority under
704B(g)(2) to adopt exceptions to any
requirement of section 1071 and to
exempt any financial institution or class
of financial institutions from the
requirements of section 1071, as the
Bureau deems necessary or appropriate
PO 00000
Frm 00273
Fmt 4701
Sfmt 4700
35421
to carry out the purposes of section
1071.
112(a) Administrative Enforcement
and Civil Liability
Proposed Rule
A violation of section 1071 is subject
to the enforcement provisions of ECOA,
of which section 1071 is a part. ECOA
contains administrative enforcement
provisions in section 704,821 and it
provides for civil liability in section
706.822 The enforcement provisions in
existing Regulation B (§ 1002.16(a)(1)
and (2)) cross-reference and paraphrase
these administrative enforcement and
civil liability provisions of ECOA.
Proposed § 1002.112(a) would have
provided that a violation of section 1071
or subpart B of Regulation B is subject
to administrative sanctions and civil
liability as provided in sections 704 and
706 of ECOA, where applicable. The
Bureau sought comment on its proposed
approach to administrative enforcement
and civil liability.
Comments Received
Several lenders and several trade
associations commented on the
proposed administrative and civil
enforcement provisions of the rule. A
CDFI lender and two trade associations
supported the proposed provision as
appropriate and in line with other
regulations. Several commenters
observed that, with respect to Farm
Credit lenders, the Farm Credit
Administration examines and enforces
compliance with fair lending laws,
including compliance with any rule
implementing section 1071. A trade
association observed that for banks with
$10 billion or less in assets, this
regulation will be enforced under
section 8 of the Federal Deposit
Insurance Act by the appropriate
Federal banking agency.
One community group asked that the
final rule provide for the recording and
enforcement of whistleblower
complaints in the event that rural farm
lenders retaliate against farmers for the
good faith exercise of their rights under
various Federal consumer protection
laws, as protected by ECOA and subpart
A of Regulation B. The community
group had cited farm loan servicing in
particular as an area where minority
famers faced the most discriminatory
terms and conditions.
One bank opposed the proposed
administrative enforcement and civil
liability provisions in general. A trade
association requested that the Bureau
prohibit private causes of action based
821 15
822 15
E:\FR\FM\31MYR2.SGM
U.S.C. 1691c.
U.S.C. 1691e.
31MYR2
lotter on DSK11XQN23PROD with RULES2
35422
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
on 1071 data, including discovery in
private proceedings. The commenter
claimed that the Bureau had
overemphasized the use of these data by
non-governmental entities such as
researchers, economists, industry, and
community groups, and that only
governmental agencies should have the
power to use such data for supervision
and enforcement because only they
were capable of providing appropriate
governance to covered institutions. The
same commenter opposed the Bureau’s
use of such data in its own enforcement
and supervision actions because the
right of applicants to refuse to provide
demographic information would render
the data incomplete, unreliable, and
inherently inaccurate. The commenter
also claimed that the Bureau had not
explained how it would acquire data on
the broader business credit market,
without which accurate decisions on
potential violations of fair lending or
other laws could not be made.
One trade association requested that
the Bureau, and any regulators
responsible for implementing section
1071, train examiners well and assign
senior staff to examine CDFI banks. The
commenter further observed that the
small business lending market is mostly
unregulated, and requested that the
Bureau develop examination capacity to
cover currently unregulated lenders
such that it should delay
implementation until it has the capacity
to enforce compliance with section 1071
across all covered lenders. A women’s
business advocacy group indicated
support for auditing by the Bureau to
ensure that financial institutions do not
alter information to manipulate the data
to their benefit. Another trade
association asked what underwriting
imbalance threshold would cause the
Bureau to initiate investigation and
enforcement, and how such a process
would allow for the mitigation of data
anomalies and errors. Finally, one trade
association supported and deferred to
the views of covered lenders, and other
trade associations, and their opinions on
the proposed administrative and civil
enforcement provisions of the rule.
A trade association said that because
small business loans vary widely in
design and purpose, use of the same
analytical techniques and examination
approaches applicable to HMDA’s
enforcement may yield erroneous
results, and that the Bureau must
coordinate with other FFIEC agencies,
including NCUA, to develop model
examination procedures in advance of a
final rule. A bank asked that the Bureau
limit the use of data by regulators to
conduct fair lending exams only, and
not to subject financial institutions to
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
technical audit and compliance
requirements, based on its experience
with HMDA.
Final Rule
The Bureau is finalizing § 1002.112(a)
as proposed. Final § 1002.112(a) is
necessary to implement the
administrative and civil enforcement
provisions of ECOA. A violation of
section 1071 is subject to the
enforcement provisions of ECOA, of
which section 1071 is a part. ECOA
contains administrative enforcement
provisions in section 704, and it
provides for civil liability in section
706. The enforcement provisions in
existing Regulation B (§ 1002.16(a)(1)
and (2)) cross-reference and paraphrase
these administrative enforcement and
civil liability provisions of ECOA. The
Bureau notes that several commenters,
including trade associations to industry,
agreed with the Bureau’s proposed
implementation of the administrative
and civil enforcement provisions of
ECOA. Regarding the comments noting
the role of other statutory regimes in the
enforcement of section 1071, the Bureau
agrees and notes that the administrative
enforcement provisions of ECOA crossreference the enforcement authority of
other Federal regulators, including the
agencies mentioned by the commenters.
Regarding the request to record and
enforce whistleblower complaints
against farm lenders, the Bureau notes
that this would be outside of the scope
of this regulation, although the
commenter correctly notes that
retaliation for the good faith exercise of
rights under various Federal consumer
protection laws could violate ECOA and
subpart A of Regulation B.
Regarding the comment opposing
§ 1002.112(a) in its entirety, the Bureau
notes that § 1002.112(a) simply
implements, by cross-reference, the
existing administrative enforcement and
civil liability provisions of ECOA.
Regarding a commenter’s request that
the Bureau prohibit private causes of
action, including discovery proceedings,
the Bureau is not making such a change
as § 1002.112(a) implements, by crossreference, the existing administrative
enforcement and civil liability
provisions of ECOA, of which section
1071 is a part. Further, as specified in
the preamble to the proposed rule, the
Bureau expressed its belief in response
to stakeholders’ comments on the
SBREFA Outline that the administrative
enforcement mechanisms under ECOA
would be appropriate to address most
instances of non-compliance by
financial institutions that report small
business lending data to the Bureau,
based on its experience with Regulation
PO 00000
Frm 00274
Fmt 4701
Sfmt 4700
C and HMDA.823 Further, other
provisions would serve to limit private
liability, especially for unintentional
errors, including the bona fide error
provision of § 1002.112(b) and the
various safe harbors in § 1002.112(c).
The same commenter claimed that the
proposal overemphasized the use of
data by non-governmental entities such
as researchers, economists, industry,
and community groups, and that only
government agencies should have access
to these data. However, ECOA section
704B(a) explicitly states that one of the
purposes of the statute is to enable
communities and creditors to identify
business and community needs and
opportunities; researchers and
economists work at community groups
and within industry to assist their
analyses in identifying business and
community needs. Moreover, the
Bureau does not believe the statute’s
other purpose—facilitating enforcement
of fair lending laws—was intended to be
limited to enforcement by only
governmental entities. Regarding the
commenter’s claim that only
governmental agencies should have the
power to use such data for supervision
and enforcement because only they are
capable of providing appropriate
governance to covered institutions, the
commenter undercuts this claim by, in
the same comment letter, also opposing
the Bureau’s use of small business
lending data in its own enforcement and
supervision actions on the grounds that
applicants’ right to refuse to answer
demographic information would render
the data incomplete, unreliable, and
inherently inaccurate. The Bureau
recognizes that the applicant’s right to
refuse pursuant to 704B(c) may result in
a less complete dataset, but compared to
the status quo, this rule will result in a
vastly expanded dataset on the market
for small business credit.
Regarding the varied supervisionrelated requests for ensuring sufficient
examiner training, assigning senior staff
to CDFI banks, training for examiners to
supervise currently unregulated lenders,
and conducting audits to check for the
manipulation of data, the Bureau notes
that such requests are outside of the
scope of this rulemaking; the Bureau
establishes supervisory and examination
procedures only after a regulation has
been finalized, and such procedures
will be consistent with the Bureau’s
existing policies regarding supervision
and examinations. The Bureau does not
believe it would be appropriate to state,
at this time, what would cause the
Bureau to initiate investigation and
enforcement, and how it would allow
823 86
E:\FR\FM\31MYR2.SGM
FR 56356, 56503 (Oct. 8, 2021).
31MYR2
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
for the mitigation of data errors. The
Bureau notes, however, that
§ 1002.112(b) and appendix F establish
thresholds for errors in the reporting of
data.
Regarding the comment concerning
how the Bureau should conduct
examinations, the Bureau observes that
such comments are outside of the scope
of this regulation. In any case, the
Bureau agrees that the analytical
techniques and examination approaches
for HMDA may differ somewhat from
the small business credit context, in part
because small business credit products
differ widely in design and purpose,
and the Bureau’s supervision and
enforcement will reflect this. However,
because HMDA as implemented by
Regulation C is a data collection regime
that shares similar structures and goals
as section 1071 and this regulation,
including the manner in which HMDA
data facilitates fair lending enforcement,
the Bureau believes that its experience
with HMDA/Regulation C is instructive
for this rulemaking and will inform its
enforcement and supervisory work.
Regarding the comment that the Bureau
must coordinate with other FFIEC
agencies, including NCUA, to develop
examination procedures in advance of a
final rule, the Bureau notes that
examination procedures normally
follow after the publication of a new
rule. Regarding the comment that the
Bureau should only use the data it
receives to conduct fair lending
examinations, and not technical
compliance examinations, the Bureau
does not believe that such a limitation
would be appropriate and notes that fair
lending examinations are less effective
if the underlying data are not accurate;
technical compliance examinations help
ensure the accuracy of data.
112(b) Bona Fide Errors
lotter on DSK11XQN23PROD with RULES2
Background
During the SBREFA process, small
entity representatives and other
industry stakeholders expressed
concern about private litigants suing
them for non-compliance with the
rule.824 In addition, several small entity
representatives requested that the
Bureau not assess penalties for the first
year of data collection and reporting, as
it did following the 2015 HMDA final
rule; prior to the compliance date for
that rule, the Bureau issued a policy
statement announcing it would not seek
penalties for errors for the first calendar
year (2018) of data collected under the
824 The small entity representative feedback
discussed in this section-by-section analysis can be
found in the SBREFA Panel Report at 34–36.
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
amended Regulation C.825 Stakeholders
asked the Bureau to emulate that
approach for this rulemaking. Other
stakeholders expressed concern about
the potential consequences of
committing what they viewed as
technical or inadvertent errors in
collecting or reporting data. One
financial institution stakeholder
suggested that the rule adopt or emulate
the good faith error provisions set out in
Regulation C, including § 1003.6(b)(1),
which provides that an error in
compiling or recording data for a
covered loan or application is not a
violation of HMDA or Regulation C if
the error was unintentional and
occurred despite the maintenance of
procedures reasonably adapted to avoid
such an error. Stakeholders also referred
to the existing error-related exemptions
in ECOA and Regulation B.826 ECOA’s
civil liability provision states that
creditors will not be liable for acts done
or omitted in good faith in conformity
with any official rule, regulation, or
interpretation thereof by the Bureau.827
Proposed Rule
Proposed § 1002.112(b) would have
provided that a bona fide error in
compiling, maintaining, or reporting
data with respect to a covered
application is an error that was
unintentional and occurred despite the
maintenance of procedures reasonably
adapted to avoid such an error. A bona
fide error is not a violation of ECOA or
subpart B. A financial institution would
be presumed to maintain procedures
reasonably adapted to avoid errors with
respect to a given data field if the
number of errors found in a random
sample of the financial institution’s
submission for the data field does not
equal or exceed a threshold specified by
the Bureau for this purpose in proposed
appendix H. However, an error would
not be a bona fide error if either there
is a reasonable basis to believe the error
was intentional or there is other
evidence that the financial institution
did not maintain procedures reasonably
adapted to avoid such errors.
The Bureau believed that a similar
approach to Regulation C, modified and
combined with the approach taken by
Federal agencies in HMDA
examinations, would be appropriate
825 CFPB, CFPB Issues Public Statement On Home
Mortgage Disclosure Act Compliance (Dec. 21,
2017), https://www.consumerfinance.gov/about-us/
newsroom/cfpb-issues-public-statement-homemortgage-disclosure-act-compliance/ (noting that
the Bureau did not intend to require data
resubmission unless data errors were material, or
assess penalties with respect to errors for HMDA
data collected in 2018 and reported in 2019).
826 See, e.g., § 1002.16(c).
827 15 U.S.C. 1691e(e).
PO 00000
Frm 00275
Fmt 4701
Sfmt 4700
35423
here. Regulation C § 1003.6(b)(1)
provides that an error in compiling or
recording data for a covered loan or
application is not a violation of HMDA
or Regulation C if the error was
unintentional and occurred despite the
maintenance of procedures reasonably
adapted to avoid such an error. In an
examination of a financial institution for
compliance with Regulation C, a
financial institution may make a certain
number of unintentional errors in a
testing sample of applications for a
given data field in the institution’s loan/
application register, the HMDA analog
to the small business lending
application register, before it must
resubmit its loan/application register.
These tolerance thresholds are based on
the number of loans or applications in
a loan/application register as set out in
the HMDA tolerances table in the
FFIEC’s Interagency HMDA examination
procedures.828
The Bureau provided a table of
thresholds in proposed appendix H and
incorporated it in the bona fide error
provision in proposed § 1002.112(b).
Under this proposed provision and the
table of thresholds in proposed
appendix H, financial institutions that
report a number of errors equal to or
below the applicable thresholds would
have been presumed to have in place
procedures reasonably adapted to avoid
errors; those that report a number of
errors above the applicable thresholds
would not be presumed to have in place
procedures reasonably adapted to avoid
errors.
Proposed comment 112(b)–1 would
have explained that a financial
institution is presumed to maintain
procedures reasonably adapted to avoid
errors with respect to a given data field
if the number of errors found in a
random sample of the financial
institution’s submission for the data
field does not equal or exceed a
threshold specified by the Bureau for
this purpose. Proposed comment
112(b)–1 would also have explained that
the Bureau’s thresholds appear in
column C of the table in proposed
appendix H, and that the size of the
random sample shall depend on the size
of the financial institution’s small
business lending application register, as
shown in column A of the table in
appendix H.
Proposed comment 112(b)–2 would
have provided that, for purposes of
determining bona fide errors under
§ 1002.112(b), the term ‘‘data field’’
828 Fed. Fin. Insts. Examination Council,
Interagency Examination Procedures: HMDA (Apr.
2019), https://files.consumerfinance.gov/f/
documents/cfpb_supervision-and-examinationmanual_hmda-exam-procedures_2019-04.pdf.
E:\FR\FM\31MYR2.SGM
31MYR2
35424
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
lotter on DSK11XQN23PROD with RULES2
generally refers to individual fields, but
that, with respect to information on the
ethnicity or race of an applicant or
borrower, or co-applicant or coborrower, a data field group may consist
of more than one field. Proposed
comment 112(b)–2 would have provided
that if one or more of the fields within
an ethnicity or race field group have
errors, they count as one (and only one)
error for that data field group.
Proposed comment 112(b)–3 would
have provided that an error that meets
the criteria for one of the four safe
harbor provisions in proposed
§ 1002.112(c) would not be counted as
an error for purposes of determining
whether a financial institution has
exceeded the error threshold for a given
data field.
The Bureau sought comment on its
proposed approach to bona fide errors,
including whether the tolerance levels
in proposed appendix H were
appropriate.
Comments Received
The Bureau received comments on
this aspect of the proposal from lenders,
trade associations, a community group,
a women’s business advocacy group,
and a third-party service provider.
Several lenders and trade associations
expressed support for the proposed
provision on bona fide errors. One trade
association also noted that the
provision, with a table of thresholds,
was broadly consistent with HMDA.
A women’s business advocacy group
and a community group expressed some
concerns about the provision. The trade
association understood that the proposal
would hold financial institutions
harmless for bona fide errors, and
encouraged a limit to the number of safe
harbors. The community group
expressed the concern that the
tolerances must not be overly generous
because if the rule was too lax, data
quality would suffer and the statutory
purposes of the rule would be
imperiled.
A community group asked the Bureau
to clarify that certain types of errors
might still prompt an examination or
enforcement action even if the number
of errors in a sample did not exceed the
threshold, citing the example provided
by the Bureau in proposed comment
112(b)–1 in which a lender coded
withdrawn applications as denials to
conceal a potential fair lending
deficiency. The commenter asked that
the Bureau further spell out these
examples so as not to completely
overrule the proposed table of
tolerances, noting that perhaps extra
scrutiny should apply mainly to the
action taken categories, revenue size,
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
and ethnicity, race, and sex data points
and fields.
A CDFI lender observed that, as a
lender focused on women and
minority-owned small businesses, it had
noticed discrepancies in self-reporting
ethnicity and race, where a minority
self-reported as non-minority, and vice
versa. The commenter said that this
could have serious consequences for
non-profit lenders focused on
minorities, and that it used software and
other relevant information to reconcile
ethnicity and race information when
possible. The commenter asked if the
Bureau recognized this as an issue, and
if the Bureau would have an issue with
lenders correcting or overriding
inaccurate self-reported ethnicity and
racial data.
A group of trade associations asked
that any errors associated with special
lending programs, such as the SBA’s
Paycheck Protection Program, that
would require financial institutions to
quickly provide credit to their
communities and that involved
changing guidance, should not be
counted toward the tolerances.
A service provider requested
clarification of the ‘‘good faith’’
compliance provision of ECOA,
especially what would fall outside of
the definition of ‘‘good faith’’ under
ECOA’s civil liability provision, which
provides that ‘‘creditors will not be
liable for acts done or omitted in good
faith in conformity with any official
rule, regulation, or interpretation thereof
by the CFPB.’’ The commenter also
suggested that clarity on this provision
would reduce compliance friction, and
lenders would feel secure in providing
information to the Bureau if they had
certainty that the data would not be
used against them.
A community group suggested that an
example identified in proposed
comment 112(b)–2 should constitute
two errors, not one, for purposes of the
thresholds. The commenter stated that
the example involved the Bureau
examining a lender’s data finding an
error in the ethnicity and race fields of
the applicant and co-applicant in the
same data record, and counting the two
errors in the applicant and co-applicant
field as only one error.
Final Rule
The Bureau is finalizing
§ 1002.112(b), associated commentary,
as well as appendix F (renumbered from
appendix H in the proposal), with minor
revisions. The Bureau has revised
comment 112(b)–2 slightly by changing
references from ‘‘data field groups’’ to
‘‘data fields,’’ because the Bureau will
not use data field groups as it does in
PO 00000
Frm 00276
Fmt 4701
Sfmt 4700
the HMDA data collection. The Bureau
has also revised an example in comment
112(b)–2 to clarify that, regarding the
example provided in the comment, one
error rather than two would be reported
for purposes of the tolerance thresholds.
The Bureau believes that a similar
approach to Regulation C, modified and
combined with the approach taken by
Federal agencies in HMDA
examinations, is appropriate here. These
tolerance thresholds are based on the
number of applications in a register. as
set out in the HMDA tolerances table.829
Accordingly, the Bureau believes that
the approach set out in § 1002.112(b),
including the accompanying comments
and appendix F, is broadly consistent
with the approach it has taken for
HMDA.830 The Bureau also believes that
this approach addresses the concerns
first expressed by stakeholders in the
SBREFA process regarding liability for
some data reporting errors, especially in
the earlier years of reporting, as
processes are first being implemented.
Moreover, the Bureau believes that this
provision will help to ensure the
accuracy of the data submitted by
requiring the maintenance of
appropriate procedures; at the same
time, this provision will prevent
financial institutions from being
subjected to liability for some difficultto-avoid errors that could drive those
institutions from the small-business
lending market. Therefore, the Bureau
believes this provision is necessary to
carry out, enforce, and compile data
pursuant to section 1071, as well as
necessary or appropriate to carrying out
section 1071’s purposes.
The Bureau notes that while a handful
of commenters expressed concern about
this provision, the vast majority
approved of the inclusion of the bona
fide error provision, even if most
criticized the tolerance thresholds, as
further described in the section-bysection analysis of appendix F. The
Bureau agrees with the comment that
expressed its strong support on the
grounds that the bona fide error
approach was consistent with HMDA.
Regarding the concern that the bona
fide error provision might make it
harder to hold lenders accountable for
data errors, the Bureau acknowledges
the potential trade-offs between
829 For HMDA, similar error tolerance thresholds
are set forth in the FFIEC’s Interagency HMDA
examination procedures, rather than in Regulation
C itself. Fed. Fin. Insts. Examination Council,
Interagency Examination Procedures: HMDA (Apr.
2019), https://files.consumerfinance.gov/f/
documents/cfpb_supervision-and-examinationmanual_hmda-exam-procedures_201904.pdf.
830 Home Mortgage Disclosure (Regulation C), 80
FR 66128, 66269 (Oct. 28, 2015).
E:\FR\FM\31MYR2.SGM
31MYR2
lotter on DSK11XQN23PROD with RULES2
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
maximizing data quality and
practicability of implementation for
lenders, and believes that the tolerances
in appendix F strike a reasonable
balance between these factors based on
the experience of the tolerance
thresholds in HMDA. Regarding the
request to clarify the types of errors that
might prompt regulatory action even if
the number of errors in a sample did not
exceed the tolerance threshold, the
Bureau notes that the example of
denials coded as withdrawals in
comment 112(b)–1 was merely
illustrative; the bona fide error
provision is a general standard.
Regarding the concerns of erroneous
self-reporting of ethnicity or race, the
Bureau notes that for purposes of
reporting data under this regulation, as
specified in § 1002.112(b) and comment
107(a)(19)–1, a financial institution
relies on an applicant’s self-reporting of
ethnicity and race.
The final rule does not include a
provision that errors associated with
applications and loans associated with
emergency or special lending programs
such as the Paycheck Protection
Program not be counted towards the
tolerances, as requested by some
commenters. The Bureau appreciates
the logistical difficulties that might have
been encountered by financial
institutions in compiling accurate data
associated with the Paycheck Protection
Program and the Economic Impact
Disaster Loan Program, but believes it is
more appropriate to consider guidance
in the future tailored to emergency
programs as they arise.
Regarding the request to clarify ‘‘good
faith’’ in the ECOA provision absolving
creditors of liability for ‘‘acts done or
omitted in good faith in conformity with
any official rule, regulation, or
interpretation thereof by the CFPB,’’ the
Bureau notes that the provision speaks
for itself and applies generally to any
ECOA violation, not only violations of
this regulation. The Bureau does not
believe it would be appropriate to state
that data collected under this rule
would not be used in supervisory or
enforcement actions against covered
financial institutions, given that one of
the statutory purposes of this regulation
is the facilitation of fair lending
enforcement.
Regarding the comment stating that
the example in comment 112(b)–2
should have constituted two errors, not
one, for purposes of the thresholds, the
commenter referenced the ethnicity and
race fields of the applicant and coapplicant in the same data record, but
the example did not mention these. In
any case, the example in comment
112(b)–2 expresses how the Bureau
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
intends to treat certain types of errors
within data fields.
112(c) Safe Harbors
Proposed Rule
Proposed § 1002.112(c) would have
established four safe harbor provisions,
providing that certain types of errors
would not constitute violations of ECOA
or Regulation B. Proposed
§ 1002.112(c)(1) would have provided a
safe harbor for an incorrect entry for
census tract obtained by correct use of
a geocoding tool provided by the FFIEC
or the Bureau. Proposed § 1002.112(c)(2)
would have provided a safe harbor for
an incorrect NAICS code determined by
a financial institution under certain
circumstances. Proposed
§ 1002.112(c)(3) would have provide a
safe harbor for the collection of
applicants’ protected demographic
information pursuant to proposed
§ 1002.107(a)(18) through (20) after an
initially erroneous determination that
an applicant is a small business.
Proposed § 1002.112(c)(4) would have
provided a safe harbor for the reporting
of an application date that is within
three calendar days of the actual
application date.
Comments Received
The Bureau received a number of
comments from banks, trade
associations, banks concerning the safe
harbor provision generally or not
addressing the specific safe harbors in
(c)(1) to (c)(4). A women’s business
advocacy group encouraged the Bureau
to generally limit the number of safe
harbors. Two banks encouraged the
general expansion of safe harbors.
Several banks and trade associations
requested a general safe harbor from
liability applying to data if the financial
institution reports what the applicant
submitted in the application process,
even if that data are incorrect or
inaccurate. One bank further asserted
that it is burdensome for a financial
institution to review each data point for
accuracy, and the ability to rely on
applicant provided data would limit the
corrections needed. A trade association
pointed out that under the proposal,
lenders may rely on some but not all
data provided by applicants, and
recommended that the Bureau permit
lenders to rely on all data, without
verification, in all circumstances.
Two industry commenters suggested
that the Bureau adopt a general safe
harbor for any data that is reasonably
documented, and the financial
institution can demonstrate that it has
policies and procedures in place to
capture the data. Another commenter
PO 00000
Frm 00277
Fmt 4701
Sfmt 4700
35425
recommended a safe harbor setting a
reasonableness standard for data
collection and/or relying on selfreporting, where lenders are not held
liable for the accuracy of the applicant’s
responses because they are in jeopardy
of violating other laws.
A number of commenters suggested
more specific safe harbors. Two
suggested that the Bureau provide an
express safe harbor for applicantprovided data on the applicant’s
number of workers, § 1002.107(a)(16),
and the applicant’s time in business,
§ 1002.107(a)(17). Another suggested
that the Bureau provide an express safe
harbor for gross annual revenue,
§ 1002.107(a)(14), asserting that
ensuring precision in the data is
difficult, often requiring manual review,
that the precision of the data does not
affect interpretation of data. The bank
stated that, for instance, an applicant
might report an initial estimate (e.g.,
$900,000), but that during underwriting,
preliminary financials may show a
different amount (e.g., $915,000), and
audited financials yet another (e.g.,
$912,000), making it likely that the final
number may not be the one reported to
the Bureau. To penalize such errors,
which the commenter described as
immaterial, would, according to the
commenter, burden lenders and
regulators as well. The bank suggested
that the Bureau should institute a 10
percent tolerance for errors made in
reporting gross annual revenue. A trade
association suggested a safe harbor for
when an applicant misidentifies itself as
a women- or minority-owned business,
which would then cause the lender to
ask questions about ethnicity, race, and
sex that may be in violation of ECOA.
Another trade association asked the
Bureau to consider adding a safe harbor
related to the feasibility of the firewall,
allowing for variations in determining
feasibility.
Final Rule
As described in further detail below,
the Bureau is finalizing four safe harbors
established in final § 1002.112(c) with
modifications. In addition, the Bureau
has renumbered the four subsections to
be more aligned with the order in the
data points these safe harbors address.
The Bureau is finalizing these safe
harbors pursuant to its authority under
ECOA and as amended by section 1071.
ECOA section 703 provides the Bureau
the authority to prescribe regulations to
carry out the purposes of ECOA,
including such adjustments and
exceptions for any class of transactions
that in the judgment of the Bureau are
necessary or proper to effectuate the
purposes of ECOA, to prevent
E:\FR\FM\31MYR2.SGM
31MYR2
lotter on DSK11XQN23PROD with RULES2
35426
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
circumvention or evasion thereof, or to
facilitate or substantiate compliance
therewith. Section 704B(g)(1) provides
that the Bureau shall prescribe such
rules as may be necessary to carry out,
enforce, and compile data pursuant to
section 1071. Section 704B(g)(2)
authorizes the Bureau to adopt
exceptions to any requirement of section
1071 and to exempt any financial
institution or class of financial
institutions from the requirements of
section 1071, as the Bureau deems
necessary or appropriate to carry out the
purposes of section 1071.
The Bureau is not further modifying
the safe harbor provisions in response to
commenters’ requests that the Bureau
either generally limit or expand the
number of safe harbors. Regarding the
request for a safe harbor from liability
when a financial institution submits
applicant-provided data, the Bureau
does not believe a safe harbor is
necessary because pursuant to
§ 1002.107(b) and comment 107(b)–1,
financial institutions are already
permitted to rely upon applicantprovided data in accord with those
provisions. Regarding the comment that
it is burdensome for financial
institutions to review each data point
for accuracy, the Bureau again notes that
financial institutions may rely upon
applicant-provided data and need not
verify such data, subject to the
requirements of § 1002.107(b) and
comment 107(b)–1. Regarding the
comment that the Bureau should permit
lenders to report and rely solely on
applicant-provided data even when they
have verified some of that data for their
own business purposes, the Bureau
believes that such a safe harbor would
result in a reduction of data quality. The
Bureau believes that final § 1002.107(b)
and comment 107(b)–1 strikes a
reasonable balance between data quality
and cost and effort incurred by lenders.
Regarding the comment that the
Bureau adopt a general safe harbor for
any data that is reasonably documented
by financial institutions with policies
and procedures in place, the Bureau
does not believe such a safe harbor
would be consistent with the statutory
purposes of section 1071. Such a safe
harbor would appear to shield a lender
from liability even if the data submitted
to the Bureau were not accurate, i.e., did
not reflect the underlying
documentation. Regarding the comment
requesting that the Bureau adopt a safe
harbor establishing a general
reasonableness standard for errors in
data reporting, the Bureau does not
believe it consistent with the statutory
purposes of section 1071 to adopt such
an apparently open-ended safe harbor
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
without further consideration of what
the limits to this provision would be.
The Bureau believes the bona fide error
provision in this final rule will serve the
function requested by the commenter’s
suggested safe harbor in a manner
consistent with the statutory purposes
of section 1071, for the reasons set out
in the section-by-section analysis of
§ 1002.112(b).
The Bureau does not believe any of
the more specific safe harbors suggested
by commenters are needed. The Bureau
believes that a safe harbor for the
number of workers data point is not
necessary because final
§ 1002.107(a)(16) does not require the
reporting of a precise numbers of
workers, but rather permits the selection
of ranges of numbers. Similarly, the
Bureau believes that a safe harbor for
the time in business data point is not
necessary because final
§ 1002.107(a)(17) does not require the
reporting of exact years in business for
this data point unless the financial
institution already obtains that
information for its own purposes.
The Bureau also does not believe that
a safe harbor for gross annual revenue
is needed, as § 1002.107(a)(14), and
comments 107(a)(14)–1 and –2, permit
financial institutions to report gross
annual revenue in the manner they
collect it. The Bureau disagrees,
however, with the comment that the
precision of the data would not
materially affect data analysis. The
commenter offered a specific example of
discrepancies between different
estimates of gross annual revenue that
were minor and might not be material;
the commenter did not suggest that in
practice that the differences between
self-reported and verified measures of
revenue would consistently be as small
as in the example presented. In any
case, the commenter did not address
whether the time between when an
application was submitted and when
the financial institution would have to
submit the data related to the
application to the Bureau was
insufficient to arrive at a final gross
annual revenue number. Neither does
the Bureau agree with the comment
offering examples of errors in reporting
gross annual revenue would not really
impact the overall integrity of the data;
based on its experience with other data
reporting regimes such as HMDA, the 10
percent error range suggested by the
commenter in the reporting of gross
annual revenue could be material and
impact the integrity of the data the
Bureau received.
A safe harbor for when an applicant
misidentifies itself as a women-owned
or minority-owned business is likewise
PO 00000
Frm 00278
Fmt 4701
Sfmt 4700
not necessary, as financial institutions
are required to report business statuses
as provided by the applicant, without
verification, pursuant to final
§ 1002.107(a)(18) and comment
107(a)(18)–8. Regarding the request to
add a safe harbor related to the
feasibility of the firewall, allowing for
variations in determining feasibility, the
Bureau notes that its implementation of
the statutory firewall provision, in
§ 1002.108, provides financial
institutions substantial leeway; as
specified in comment 108(c)–1, a
financial institution is not required to
perform a separate analysis of the
feasibility of maintaining a firewall
beyond determining whether an
employee or officer should have access
to an applicant’s protected demographic
information.
112(c)(1) Incorrect Entry for Application
Date
Final § 1002.107(a)(2) requires
financial institutions to report
application date. In the NPRM, the
Bureau proposed § 1002.112(c)(4),
which would have provided that a
financial institution does not violate
proposed subpart B if it reports on its
small business lending application
register an application date that is
within three calendar days of the actual
application date pursuant to proposed
§ 1002.107(a)(2). The Bureau sought
comment on its proposed approach to
this safe harbor.
The Bureau received comments on
proposed application date safe harbor
from a handful of lenders and trade
associations. Most of these commenters
generally supported the safe harbor,
with one commenter stating that it
would reduce the compliance burden of
pinpointing an exact application date. A
trade association supporting the safe
harbor further stated that the
application process is fluid and that it
should be sufficient for the financial
institution to reasonably document the
data point and have policies and
procedures in place to capture the data.
Another trade association stated that the
proposed safe harbor is appropriate, but
questioned its utility. The commenter
noted that it was unclear who or how
the ‘‘actual’’ application date would be
determined and the proposed definition
of a covered application was already
flexible and subjective.
Two banks urged the Bureau to
change ‘‘calendar’’ days to ‘‘business’’
days in the safe harbor. These
commenters stated that they often
operate their business seven days a
week or may approve requests for credit
on non-business days. They argued that
business days would allow for
E:\FR\FM\31MYR2.SGM
31MYR2
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
lotter on DSK11XQN23PROD with RULES2
consistent application of the safe harbor
regardless of the date a business applied
for credit, retaining only calendar days
would mean financial institutions
would lose the flexibility afforded by a
safe harbor when it is most needed, and
that failure to make the change could
preempt the ability of financial
institutions to provide ‘‘off-hour’’
services. Finally, a couple commenters
urged the Bureau to provide additional
clarifications, such as examples of how
to calculate the safe harbor date range or
illustrations in the commentary on how
the safe harbor would operate.
The Bureau is finalizing
§ 1002.112(c)(1) (proposed as
§ 1002.112(c)(4)) with modifications to
provide that a financial institution does
not violate ECOA or subpart B if it
reports on its small business lending
application register an application date
that is within three business days of the
actual application date pursuant to final
§ 1002.107(a)(2). The Bureau believes
this provision will both ensure the level
of accuracy needed for the resulting data
to be useful in carrying out section
1071’s purposes and minimize the risk
that financial institutions will be held
liable for difficult-to-avoid errors, which
might otherwise affect their
participation in the small business
lending market. The Bureau therefore
believes final § 1002.112(c)(1) is
necessary or appropriate to carry out
section 1071’s purposes pursuant to
ECOA section 704B(g)(1) and (2).
In response to commenters’ concerns
that ‘‘calendar’’ days would
disadvantage a financial institution that
receives applications on non-traditional
business days, the Bureau is revising
‘‘calendar’’ days to ‘‘business’’ days. A
business day means any day the
financial institution is open for
business.831 The Bureau agrees with
commenters that the safe harbor should
apply equally regardless of which day of
the week an application is received. In
response to commenters’ request for
illustrations as to how the safe harbor
would work, the Bureau believes the
text of final § 1002.112(c)(1) provides
sufficient guidance on how to calculate
whether a reported date falls within the
safe harbor. For example, in accordance
with final § 1002.112(c)(1), if a covered
application is received by a financial
institution on Saturday, January 5, and
the financial institution is closed for
business on Sunday, January 6, the safe
831 If a financial institution accepts covered
applications online at any time, but under its
procedures does not actually receive or review the
application until the next business day, the mere
willingness to accept applications online does not
mean the financial institution is open for business
seven days a week.
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
harbor would apply so long as the
financial institution reports an
application date that falls between
Wednesday, January 2 (three business
days preceding the actual date of a
covered application) and Wednesday,
January 9 (three business days following
the actual date of a covered application).
Sunday, January 6 does not count as one
of the three business days because it
was not a business day for the financial
institution.
112(c)(2) Incorrect Entry for Census
Tract
Proposed Rule
Proposed § 1002.112(c)(1) would have
provided that an incorrect entry for
census tract is not a violation of ECOA
or this subpart if the financial
institution obtained the census tract by
correctly using a geocoding tool
provided by the FFIEC or the Bureau.
Regulation C § 1003.6(b)(2) contains a
similar provision, and the Bureau
believed a similar approach would be
appropriate here.
Proposed comment 112(c)(1)–1 would
have explained that the safe harbor
provision under proposed
§ 1002.112(c)(1) would not extend to a
financial institution’s failure to provide
the correct census tract number for a
covered application on its small
business lending application register, as
would have been required by proposed
§ 1002.107(a)(13), because the FFIEC or
Bureau geocoding tool did not return a
census tract for the address provided by
the financial institution. In addition,
proposed comment 112(c)(1)–1 would
have explained that this safe harbor
provision would not extend to a census
tract error that results from a financial
institution entering an inaccurate
address into the FFIEC or Bureau
geocoding tool.
The Bureau sought comment on its
proposed approach to this safe harbor.
Comments Received
Several lenders and trade associations
commented on the proposed safe harbor
for incorrect census tract. Some
commenters supported the safe harbor
as proposed; several further requested
that the safe harbor also protect the use
of reasonable processes to identify and
report census tract data where the FFIEC
and Bureau tools did not return a census
tract. Two commenters requested that
the Bureau create an exclusion from
census tract reporting when the
applicant only provides a P.O. Box or
other mailbox that is not connected to
a physical address. Another requested,
because the Bureau census tract tool is
not yet available and because the FFIEC
PO 00000
Frm 00279
Fmt 4701
Sfmt 4700
35427
tool does not permit batch geocoding,
that the Bureau extend the safe harbor
to include commercially available batch
geocoders often found within HMDA
and CRA reporting software. One
commenter supported the safe harbor
but asserted that the safe harbor’s
usefulness was limited because of the
difficulty in proving that a geocoding
tool was used correctly. Two
commenters requested additional
latitude if a census tract is reported for
a business where the business has a
physical location, even if it is not the
business’s main address or where loan
funds are spent.
Final Rule
For the reasons set forth herein, the
Bureau is finalizing § 1002.112(c)(2)
(proposed as § 1002.112(c)(1)) and
comment 112(c)(2)–1 (proposed as
112(c)(1)–1) as proposed. As noted
above, Regulation C § 1003.6(b)(2)
contains a similar provision, and the
Bureau believes a similar approach is
appropriate here. Given the number of
years that financial institutions have
been relying on the FFIEC geocoding
tool in the HMDA context, the Bureau
believes it is reasonable to similarly
permit financial institutions to rely on
information provided by a geocoding
tool offered by the FFIEC or the Bureau,
subject to the caveats in comment
112(c)(2)–1. Additionally, the Bureau
believes that this safe harbor will
ultimately improve the accuracy of the
data submitted by encouraging the use
of reliable FFIEC geocoding tools, and
preventing financial institutions from
being subject to liability for difficult-toavoid errors that some commenters said
could drive those institutions to eschew
these useful tools. The Bureau thus
believes this provision is necessary to
carry out, enforce, or compile data
pursuant to section 1071, and necessary
or appropriate to carry out section
1071’s purposes pursuant to ECOA
section 704B(g)(1) and (2).
Regarding commenters’ request that
the safe harbor be adjusted to protect the
use of reasonable processes to identify
and report census tract data where the
FFIEC and Bureau geocoding tools did
not return a census tract, or that the
Bureau expand the safe harbor to
include commercially available batch
geocoding tools, the Bureau does not
believe that such changes are warranted.
Both Regulation C § 1003.6(b)(2) and
final § 1002.112(c)(2) permit financial
institutions to rely on the accuracy of
tools provided by the Federal
government when they are able to return
a census tract. Where such tools return
no census tract at all, financial
institutions must rely on other tools,
E:\FR\FM\31MYR2.SGM
31MYR2
lotter on DSK11XQN23PROD with RULES2
35428
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
such as geocoding tools provided by
third parties, or must use other means
to determine census tract. The Federal
government does not review, and
therefore cannot verify or take
responsibility for, the accuracy of
commercially available geocoders.
Similarly, the Bureau is not adopting
an exception for situations in which the
applicant only provides a P.O. Box or
other mailbox that is not connected to
a physical address. The ‘‘waterfall’’
reporting method for the census tract
data point implements the statutory
term ‘‘principal place of business.’’
Pursuant to final § 1002.107(c), a
financial institution is required to
maintain procedures reasonably
designed to collect applicant-provided
data, which includes an address or
location for purposes of determining
census tract. Because a P.O. or other
mailbox address is generally unrelated
to the location of the principal place of
business or another location associated
with the business, the Bureau expects
that in most instances (for its own
purposes or as needed to comply with
other regulations) a financial institution
will attempt to collect an address more
suitable for determining the census
tract. If the financial institution is
unable to do so, it may use a P.O. or
other mailbox address for reporting
census tract.
Despite the assertion that this safe
harbor is limited because of the
difficulty in proving that a geocoding
tool was used correctly, the Bureau does
not believe that changes to the safe
harbor would be appropriate. The safe
harbor, which the Bureau notes is
broader than the one in Regulation C
(this safe harbor extends to the Bureau
geocoding tool; the one in Regulation C
does not), is intended to be narrowly
applicable to government-provided
geocoding tools. Financial institutions
have relied for years on existing
geocoding tools, including the FFIEC
tool in the HMDA context. The use of
the FFIEC tool, and the manner that the
Bureau has dealt with any errors
derived from the use of the tool, are well
established. Thus, the Bureau does not
anticipate difficulties identifying
whether an error is caused by user error
(which would not be protected by the
safe harbor) or by the geocoding tool
itself (which would be protected). The
Bureau does not believe that, as
requested by the same commenter, any
further latitude is required in the
reporting of census tract (i.e., if the
census tract is reported for a physical
location, even if it is not the business’s
main address or where the proceeds of
the credit applied for or originated will
be or would have been principally
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
applied) for the reasons set out here and
in the section-by-section analysis of
§ 1002.107(a)(13) above.
112(c)(3) Incorrect Entry for NAICS
Code
Proposed Rule
The Bureau proposed to require
financial institutions to collect and
report an applicant’s 6-digit NAICS code
in proposed § 1002.107(a)(15). A
financial institution would have been
permitted to rely on statements of or
information provided by the applicant
in collecting and reporting the NAICS
code as described in proposed
comments 107(a)(15)–3 and –4. The
Bureau also proposed a safe harbor, in
§ 1002.112(c)(2), to address situations
where a financial institution does not
rely on such information, but instead
identifies the NAICS code for an
applicant itself and the identified
NAICS code is incorrect. Specifically,
proposed § 1002.112(c)(2) would have
provided that the incorrect entry for that
institution-identified NAICS code is not
a violation of ECOA or subpart B,
provided that the first two digits of the
NAICS code are correct and the
financial institution maintains
procedures reasonably adapted to
correctly identify the subsequent four
digits.
The Bureau sought comment on its
proposed approach to this safe harbor.
The Bureau also sought comment on
whether requiring a 3-digit NAICS code
with no safe harbor would be a better
alternative.
Comments Received
The Bureau received a number of
comments on its proposal to require
collection and reporting of a 6-digit
NAICS code, as discussed in the
section-by-section analysis of
§ 1002.107(a)(15) above. The Bureau
received comments from some lenders
and trade associations specifically
regarding the related safe harbor in
proposed § 1002.112(c)(2). Several
industry commenters reiterated their
general opposition to the proposed
NAICS code data point but asserted that
they supported the safe harbor if the
Bureau were to require financial
institutions to collect and report NAICS
code. A trade association stated that as
long as the data point reported is
reasonably documented and the
financial institution can demonstrate it
has policies and procedures in place to
capture the data, the Bureau should
recognize that it is sufficient. A bank
and a trade association for online
lenders stated that where an institution
in good faith reports a NAICS code,
PO 00000
Frm 00280
Fmt 4701
Sfmt 4700
believed to be accurate based on the
attestation and information provided by
the applicant, but was provided with
inaccurate information, a reporting
financial institution should not be
deemed to be in noncompliance with
the regulation. A few commenters
asserted that if the Bureau requires
NAICS code to be collected, then the
Bureau should permit lenders to rely
upon applicant statements or codes
obtained through the use of business
information products as proposed in
comments 107(a)(15)–3 and –4.
A few trade associations and a
business advocacy group expressed the
belief that the safe harbor was
insufficient and should be broader. In
particular, these commenters asserted
that the safe harbor would not apply
when the institution relied on the
applicant’s statement for the NAICS
code. A group of trade associations
concluded that financial institutions
that want to use the safe harbor would
be required to try to determine the
NAICS code themselves and said that
this process would be burdensome and
fraught with the risk of inaccuracies.
Final Rule
For the reasons set forth herein, the
Bureau is finalizing § 1002.112(c)(3)
(proposed as § 1002.112(c)(2)) with
certain adjustments. As discussed in the
section-by-section analysis of
§ 1002.107(a)(15) above, the Bureau is
requiring that financial institutions
collect and report a 3-digit NAICS code
for the applicant. The Bureau is revising
the safe harbor to account for this
modification for the required number of
digits and to clarify what information
the financial institution may rely on in
reporting NAICS codes. In addition,
while the bona fide error provision in
final § 1002.112(b) continues to apply
(provided its requirements are met), the
Bureau is deleting that language from
comment 112(c)–2 for consistency
across the safe harbor provisions and
because comment 112(b)–3 addresses
the issue.
Specifically, final § 1002.112(c)(3)
makes clear that an incorrect entry for
a 3-digit NAICS code is not a violation
of ECOA or subpart B, provided that the
financial institution obtained the 3-digit
NAICS code by: (i) Relying on an
applicant’s representations or on an
appropriate third-party source, in
accordance with § 1002.107(b),
regarding the NAICS code; or (ii)
identifying the NAICS code itself,
provided that the financial institution
maintains procedures reasonably
adapted to correctly identify a 3-digit
NAICS code.
E:\FR\FM\31MYR2.SGM
31MYR2
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
As discussed above, some
commenters believed that the proposed
safe harbor would not apply when the
institution relied on the applicant’s
statement for the NAICS code, and as a
result financial institutions could be
penalized for reporting erroneous
NAICS codes provided by applicants
and thus may have to re-check such
NAICS codes themselves in order to
qualify for the safe harbor. Given the
provisions in proposed
§ 1002.107(a)(15) and (b) (finalized in
§ 1002.107(b) with additional detail)
that expressly permitted a financial
institution to rely on applicant-provided
information in reporting NAICS code,
the Bureau did not believe that such a
safe harbor was necessary. However, to
address commenters’ concerns, the
Bureau is expressly including NAICS
codes provided by applicants or
obtained from an appropriate thirdparty source, in accordance with
§ 1002.107(b), within the scope of final
§ 1002.112(c)(3).
The Bureau is adopting this safe
harbor pursuant to its statutory
authority under section 704B(g)(1) and
(2). The Bureau believes that this safe
harbor, as revised, is responsive to
commenters’ concerns about the
difficulties in correctly classifying an
applicant’s NAICS code (whether
because the business may change over
time, codes may have overlapping
definitions, small businesses may not
know their NAICS code, or because
classifications may otherwise be prone
to human error). The Bureau also
believes that the safe harbor will help to
ensure the accuracy of the data
submitted by requiring the maintenance
of appropriate procedures when the
financial institution is determining an
applicant’s NAICS code itself; at the
same time, the safe harbor prevents
financial institutions from being
subjected to liability for some difficultto-avoid errors. Therefore, the Bureau
believes final § 1002.112(c)(3) is
necessary or appropriate to carry out
section 1071 purposes pursuant to
ECOA section 704B(g)(1) and (2).
lotter on DSK11XQN23PROD with RULES2
112(c)(4) Incorrect Determination of
Small Business Status, Covered Credit
Transaction, or Covered Application
Proposed Rule
Proposed § 1002.112(c)(3) would have
provided that a financial institution that
initially determines that an applicant for
a covered credit transaction is a small
business, as defined in proposed
§ 1002.106(b), but later concludes the
applicant is not a small business, does
not violate ECOA or Regulation B if it
collected information pursuant to
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
subpart B regarding whether an
applicant for a covered credit
transaction is a minority-owned
business or a women-owned business,
and the ethnicity, race, and sex of the
applicant’s principal owners. Proposed
§ 1002.112(c)(3) would further have
provided that a financial institution
seeking to avail itself of this safe harbor
would have to comply with the
requirements of subpart B as otherwise
required pursuant to proposed
§§ 1002.107, 1002.108, and 1002.111
with respect to the collected
information.
The Bureau proposed this safe harbor
to address situations where a financial
institution may otherwise be uncertain
about whether it ‘‘may obtain
information required by a regulation’’
under existing § 1002.5(a)(2), which
could deter financial institutions from
complying with the rule implementing
section 1071. The Bureau believed that
this safe harbor would facilitate
compliance with ECOA by eliminating a
situation in which a financial institution
might be deterred from appropriately
collecting applicants’ protected
demographic information due to the
possibility that their understanding of
an applicant’s small business status
might change during the course of the
application process.
Proposed § 1002.112(c)(3) would have
made it clear that a financial institution
seeking to avail itself of this safe harbor
must comply with the requirements of
subpart B as otherwise required
pursuant to proposed §§ 1002.107,
1002.108, and 1002.111 with respect to
the collected information. Relatedly,
proposed comment 106(b)–1 would
have clarified that, in such a situation,
the financial institution does not report
the application on its small business
lending application register pursuant to
§ 1002.109.
The Bureau sought comment on its
proposed approach to this safe harbor.
Comments Received
As set out above in the section-bysection analysis of § 1002.112(c), the
Bureau received comments generally
supporting all four of the proposed safe
harbors, including proposed
§ 1002.112(c)(3), as well as comments
suggesting that the proposed safe
harbors were too narrow. With respect
to proposed § 1002.112(c)(3)
specifically, a CDFI lender and two
trade associations supported this safe
harbor generally. The trade association
further urged the Bureau to allow banks
to rely on applicant-provided revenue
data in determining whether to collect
data pursuant to this regulation. Several
other industry commenters, apparently
PO 00000
Frm 00281
Fmt 4701
Sfmt 4700
35429
unaware of proposed § 1002.112(c)(3),
requested that the Bureau adopt a safe
harbor, in substance, identical to
proposed § 1002.112(c)(3). A bank and a
business advocacy group suggested that
the Bureau adopt a new safe harbor
applying to an application for a covered
credit transaction where the applicant
ultimately accepts a product that is not
reportable; the trade association
suggested that the collection of data for
such applications would not advance
the statutory purposes of section 1071.
Final Rule
For the reasons set forth herein, the
Bureau is finalizing this safe harbor,
renumbered as § 1002.112(c)(4), with
revisions. The Bureau has expanded the
safe harbor for the reasonable, yet
erroneous, collection of demographic
data beyond an initial determination
that an applicant is a small business, to
also cover an initial determination that
the application is for a covered credit
transaction and that there is a covered
application.
Specifically, final § 1002.112(c)(4)
provides that a financial institution that
initially collects protected demographic
data—regarding whether an applicant
for a covered credit transaction is a
minority-owned business, a womenowned business, or a LGBTQI+-owned
business, and the ethnicity, race, and
sex of the applicant’s principal owners
pursuant to final § 1002.107(a)(18) and
(19)—but later concludes that it should
not have collected such data does not
violate ECOA or Regulation B if the
financial institution, at the time it
collected these data, had a reasonable
basis for believing that the application
was a covered application from a small
business for a covered credit transaction
pursuant to §§ 1002.103, 1002.104 and
1002.106. Consistent with the proposal,
final § 1002.112(c)(4) further states that
a financial institution seeking to avail
itself of this safe harbor shall comply
with the requirements of subpart B as
otherwise required pursuant to
§§ 1002.107, 1002.108, and 1002.111
with respect to the collected data. The
Bureau is also adopting new comment
112(c)–3 to provide an example of the
kinds of errors covered by the safe
harbor in final § 1002.112(c)(4).
The Bureau is adopting this safe
harbor pursuant to its authority under
ECOA sections 703(a), 704B(g)(1), and
704B(g)(2). The Bureau has determined
it is appropriate to expand the safe
harbor to address other situations which
could pose the same challenges to
financial institutions as the one
addressed by proposed § 1002.112(c)(3).
Specifically, the safe harbor as revised
addresses several determinations a
E:\FR\FM\31MYR2.SGM
31MYR2
lotter on DSK11XQN23PROD with RULES2
35430
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
financial institution must make as a
threshold matter in order to collect
applicants’ protected demographic data
pursuant to the rule: whether an
application is reportable pursuant to
§ 1002.103, for a covered credit
transaction under § 1002.104, and from
a small business applicant pursuant to
§ 1002.106.
Comments the Bureau received on the
safe harbor in proposed § 1002.112(c)(3),
and on the underlying substantive
provisions including proposed
§§ 1002.103, 1002.104 and 1002.106,
suggested that financial institutions
need additional leeway in making
threshold determinations, particularly
when those determinations are based on
applicant-provided data that may later
change or otherwise turn out to be
incorrect. Under existing § 1002.5(a)(2),
a creditor may only obtain otherwise
protected information if ‘‘required by a
regulation,’’ or some other express
exception applies. Absent this expanded
safe harbor, financial institutions may
be deterred from appropriately
collecting applicants’ protected
demographic information for fear of
running afoul of existing § 1002.5(b) due
to the possibility that their
understanding of an application—
whether the application is for a covered
credit transaction, and is from a small
business applicant—may change during
the course of the application process
and so collection of demographic data
will no longer be ‘‘required by a
regulation.’’ The Bureau thus believes
that the safe harbor in § 1002.112(c)(3),
as revised from the proposal, will
facilitate compliance with ECOA and
the rule.
The Bureau agrees, as suggested by
several commenters, that the safe harbor
in proposed § 1002.112(c)(3) may have
been too narrow, focused as it was on
errors in determining the small business
status of an applicant. For the reasons
explained herein, the Bureau believes it
is appropriate to extend the safe harbor
to other threshold determinations:
whether an application is reportable at
all under § 1002.103 and whether the
application in question is for a covered
credit transaction under § 1002.104.
Regarding a commenter’s request that
banks should be allowed to rely on
applicant-provided revenue information
in deciding to collect demographic data,
the Bureau notes that, pursuant to final
§ 1002.107(b), financial institutions may
rely on unverified applicant-provided
gross annual revenue (although if the
financial institution verifies that
information, it must use the verified
information instead).
Regarding the same commenter’s
request to expand the safe harbor to
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
include any application for a covered
credit transaction where the applicant
accepts an offer for a financing product
that is not reportable, the Bureau does
not believe any further expansion of
final § 1002.112(c)(4) is warranted. Final
§ 1002.112(c)(4) addresses the collection
of demographic data from a small
business that initially applies for a
covered credit transaction but, before
final action is taken, instead seeks a
non-covered transaction, such as a
lease.832 The safe harbor suggested by
the commenter, on the other hand,
would be unnecessarily broad, reaching
a covered application from a small
business that accepted a non-covered
product after final action has been taken
on the covered application for a covered
credit product. In such circumstances,
the initial decision of the financial
institution to collect demographic data
on such applications for covered credit
transactions was not erroneous and
would not have violated ECOA or
Regulation B, and thus a safe harbor is
not necessary. Further, the commenter
did not explain why a safe harbor
covering the situations it described
would be consistent with the statutory
purposes of section 1071, which
requires the collection of ‘‘any
application to a financial institution for
credit’’ (emphasis added).
Section 1002.113
Severability
Proposed § 1002.113 would have
provided that the provisions of subpart
B are separate and severable from one
another, and that if any provision is
stayed or determined to be invalid, the
remaining provisions shall continue in
effect.
One trade association said that it had
no comments on proposed § 1002.113.
The Bureau is finalizing § 1002.113
with revisions to clarify that
applications of provisions are also
severable. This is a standard severability
clause of the kind that is included in
many regulations to clearly express
agency intent about the course that is
preferred if such events were to occur.
Section 1002.114 Effective Date,
Compliance Date, and Special
Transitional Rules
Final § 1002.114 addresses when the
final rule becomes effective and when
financial institutions will be required to
comply with the rule, as well as how
financial institutions can choose to
comply with the rule during this
transitional period. Final § 1002.114(a)
states that this small business lending
data collection rule will become
effective 90 days after the final rule is
published in the Federal Register. Final
§ 1002.114(b) provides a tiered approach
to compliance dates. Specifically, the
dates by which covered financial
institutions are initially required to
comply with the requirements of this
rule are specified in four provisions
based on the number of covered
originations. Compliance with the rule
beginning October 1, 2024 is required
for financial institutions that originate
the most covered credit transactions for
small businesses. However, institutions
with a moderate transaction volume
have until April 1, 2025 to begin
complying with the rule, and those with
the lowest volume have until January 1,
2026.
Final § 1002.114(c)(1) permits covered
financial institutions to begin collecting
information pursuant to final
§ 1002.107(a)(18) through (19) beginning
12 months prior to the compliance date.
Final § 1002.114(c)(2) permits a
financial institutions that do not have
ready access to sufficient information to
determine their compliance tier (or
whether they are covered by the rule at
all) to use reasonable methods to
estimate their volume of originations to
small businesses for this purpose.
114(a) Effective Date and 114(b)
Compliance Date
Background
Section 1071 does not specify an
implementation period, though
pursuant to ECOA section 704B(f)(1)
financial institutions must report data to
the Bureau on an annual basis. In the
SBREFA Outline, the Bureau noted that
it sought to ensure that financial
institutions have sufficient time to
implement the rule, and stated that it
was considering proposing that
financial institutions have
approximately two calendar years for
implementation.833
Small entity representative and
stakeholder feedback regarding the twoyear period for implementation under
consideration during the SBREFA
process was mixed.834 Some found the
two-year period to be adequate, some
requested more time, and a few urged
for less. Some provided related feedback
about adopting a grace period for data
errors in the first year(s) after the rule
becomes effective. A fuller discussion of
the feedback from small entity
representatives and stakeholders on
implementation period is included in
833 SBREFA
832 See
also comment 103(a)–9, which discusses
reporting where there is a change in whether there
is a covered credit transaction.
PO 00000
Frm 00282
Fmt 4701
Sfmt 4700
Outline at 42.
small entity representative feedback
discussed in this section-by-section analysis can be
found in the SBREFA Panel Report at 36–37.
834 The
E:\FR\FM\31MYR2.SGM
31MYR2
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
lotter on DSK11XQN23PROD with RULES2
the NPRM and in the SBREFA Panel
Report.
Proposed Rule
The Bureau proposed in § 1002.114(a)
that its small business lending data
collection rule become effective 90 days
after the final rule is published in the
Federal Register. At that time, the rule
would become part of the Code of
Federal Regulations; this would permit
financial institutions to avail themselves
of the special transitional rule in
proposed § 1002.114(c)(2), discussed
below. However, pursuant to proposed
§ 1002.114(b), compliance with the final
rule would not have been required until
approximately 18 months after the final
rule is published in the Federal
Register.
The Bureau’s proposed approach was
a compromise between the two-year
implementation period under
consideration at SBREFA that a slight
majority of stakeholders found
acceptable and the shorter one-year
implementation period requested by
certain stakeholders. The Bureau
believed that the statutory purposes of
section 1071 are better served by an
earlier compliance date that would, in
turn, result in earlier publication of data
by the Bureau. The Bureau
acknowledged the preference of various
small entity representatives and other
stakeholders for a compliance period of
two or more years to comply. The
Bureau noted, however, that some small
entity representatives and other
industry stakeholders said that they
could be ready in less than two years.
The Bureau agreed with the
stakeholders that asserted that a shorter
implementation period is preferable
given the length of time that has elapsed
since the passage of section 1071 of the
Dodd-Frank Act.
The Bureau believed that permitting
or requiring a partial year collection in
the initial year of compliance would
further the purposes of section 1071 by
expediting the collection and,
potentially, the publication of data to be
used to further the fair lending and
community development purposes of
the statute.
The Bureau sought comment on its
proposed effective date of 90 days
following publication of an eventual
final rule and its proposed compliance
date of approximately 18 months after
the publication of its final rule to
implement section 1071. In particular,
the Bureau sought comment on which
aspects of the Bureau’s proposed rule
might require more or less time to
implement, and ways in which the
Bureau could facilitate implementation
for small financial institutions,
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
especially those that have had no
experience with other Federal data
reporting regimes. The Bureau further
sought comment on two alternatives: (a)
whether the Bureau should adopt a
compliance date of two years after the
publication of the final rule; and (b)
whether the Bureau should adopt
different compliance dates based on the
size of a financial institution (e.g., one
year for large financial institutions, two
years for smaller institutions).
Comments Received
The Bureau received several
comments in response to proposed
§ 1002.114(a). A CDFI lender approved
of the proposed effective date of 90 days
after Federal Register publication of this
rule. A joint letter from several trade
associations did not object to the 90-day
effective date. A business advocacy
group requested a that there be no
retroactive application of the rule prior
to the effective date. They noted that the
proposed rule would require numerous
complex compliance burdens based on
the collection of new data, the
establishment of new internal processes,
and the development of new systems,
and urged the Bureau to clearly explain
that the final rule does not apply
retroactively, including as to draws
made after the effective date on loans
made before the effective date.
The Bureau received a large number
of comments in response to proposed
§ 1002.114(b). Several comments
supported an 18-month compliance
period or requested a shorter period, but
the vast majority of comments suggested
a longer compliance period, for varied
reasons.
Support. One community group
preferred a 1-year implementation but
was satisfied that the Bureau did not
provide for a 2-year period as requested
by lenders. A trade association offered
appreciation that the proposed
compliance period reflected
consideration by the Bureau for the
lenders but still requested a longer
compliance period than proposed.
Requests to publish data quickly and
frequently. A number of commenters
urged the Bureau to finalize the rule
quickly to collect and publish data as
soon as possible. A range of commenters
emphasized the urgency of the Bureau
implementing this rule carefully and
quickly. Two commenters stated that
the ongoing failure to collect and
publish data harms women-owned and
minority-owned small businesses and
communities because discriminatory
practices are permitted to continue. One
also said that the absence of 1071 data
would compromise the goals of missiondriven lenders. A joint letter from
PO 00000
Frm 00283
Fmt 4701
Sfmt 4700
35431
community groups and community
oriented lenders said that swift
implementation was critical for
consumers, regulators, and advocates to
assess markets given the limited data
currently available.
A number of commenters asserted
that the Bureau should move quickly to
implement the rule, collect and publish
data given that more than 10 years have
passed since the Dodd-Frank Act
required the promulgation of this rule.
A minority business advocacy group
requested that initial data findings be
published as soon as possible, and every
six months so that stakeholders can
monitor progress and utilize data.
Less than 18 months. Several
commenters asserted that an 18-month
compliance period was too long. Some
commenters, including a joint letter
community groups, community oriented
lenders, and business advocacy groups,
requested that the compliance date for
this rule be January 1, 2024. Another
commenter argued that a one-year
period better served the statutory
purposes of the rule. Several CDFI
lenders stated that mission-based
lenders ready to report within 18
months should be permitted to opt-in to
report data. A community group
suggested that section 1071’s statutory
purposes are better served by shorter
compliance period considering Congress
enacted section 1071 in the Dodd-Frank
Act in 2010.
More than 18 months. A large number
of commenters, including lenders, trade
associations, and a community group,
opposed the proposed compliance date.
Many of these commenters asked for a
longer compliance period without
specifying how much time lenders
needed. One commenter stated that
even if the final rule were shorter than
the NPRM, lenders would need more
than 18 months.
Resources. Two industry commenters
asserted that lenders needed more
resources for new data collection and
reporting systems to comply. A bank
noted that it already faced thin margins
and already had to comply with the
Financial Accounting Standards Board’s
Current Expected Credit Losses rule.835
835 Off. of the Comptroller of the Currency,
Treasury; Bd. of Governors of the Fed. Rsrv. Sys.;
and Fed. Deposit Ins. Corp., Regulatory Capital
Rule: Revised Transition of the Current Expected
Credit Losses Methodology for Allowances, Final
Rule, 85 FR 61577 (Sept. 30, 2020) (delaying for two
years the requirement that banking organizations
implement the estimated impact on regulatory
capital stemming from the implementation of
Accounting Standards Update No. 2016–13,
Financial Instruments—Credit Losses, Topic 326,
Measurement of Credit Losses on Financial
Instruments).
E:\FR\FM\31MYR2.SGM
31MYR2
lotter on DSK11XQN23PROD with RULES2
35432
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
Scope and complexity. Two trade
associations claimed that lenders
needed more time to understand the
scope of the final rule and to apply new
processes to various lines of business.
One commenter noted that the much of
the data to be collected would be novel
for lenders.
Previous experience. Two lenders
requested additional time because of
their lack of experience with Federal
data collections, such as HMDA or CRA.
Policies and procedures. A number of
commenters requested more time to
develop and/or update policies and
procedures for application intake and
data collection. Several small lenders
asserted that they would have to
implement new application processes
and adopt new forms. One bank noted
that it would have to create formal
applications and associated procedures
for agricultural or business loans.
Technology. A number of commenters
identified the need to purchase or
upgrade compliance software in support
of extending the compliance period.
Some banks said they needed time—for
some, years—to rewrite core processors
to add data points for this rule. Several
banks said they needed to automate
their small business lending processes,
a difficult task with many systems to
choose from, review, develop and
implement. Several banks asked for
more time to buy software from vendors,
including time to conduct due
diligence, allow vendors to develop
systems, test integration with existing
systems, and manage vendors. One
lender stated that 10 percent of
agricultural loans are made using a
scoring system called AgScore, which
must be re-engineered to support this
rule, a costly and time-consuming task.
Training. A number of banks said they
needed more time to hire new staff and/
or train existing employees.
Other regulations. Commenters
asserted that other comparably complex
data collection regulations provided for
longer compliance periods. A number of
banks and two credit union trade
associations noted that the 2015 HMDA
rule had a two-year compliance period,
and by contrast that this rule is a major
regulation covering many different
products, requiring even more time for
vendors to adapt. Several commenters
cited their experience with the TILA/
RESPA integrated disclosure rule,
which gave two years to comply with
updated requirements, as proof that 18
months was not sufficient to comply
with this new rule.
Specific industries. Different types of
lenders requested longer compliance
periods for their industries. One
commenter stated that 18 months was
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
insufficient because most mission-based
lenders were small, and that compliance
would take time and resources. They
also suggested that CDFIs unable to
meet the 18-month deadline should get
more time to comply. Two trade
associations claimed that 18 months
was insufficient even for larger credit
unions, and that most credit unions had
to wait for vendors to create compliance
products. One commenter requested
more time because equipment finance
companies are not accustomed to
Federal regulators. A commenter
requested more time for community
banks because they would have to rely
on software and vendors, not internal
staff.
Other comments. One bank claimed
that a short deadline would cause
unintended errors, leading to actions
against the bank. Another bank claimed
that compliance costs will increase cost
of small business and agricultural
lending, affecting customer profitability.
A different bank claimed that it needed
more time because many borrowers may
not have or want to provide this data,
and that small business owners require
education to be willing to provide data
for this rule. Another said rushed
implementation would lead to
unintended consequences.
Two years. Many banks, credit
unions, and trade associations requested
a two-year compliance period. A joint
letter from several trade associations
suggested a compliance period starting
the January 1, two full years after the
calendar year of the effective date. A
bank asserted that an 18-month period
would make the rule an undue
regulatory burden, costly, and not
commensurate to any reporting benefit.
Scope and complexity. Several
industry commenters asserted that
lenders needed two years to understand
the full scope and complexity of the
rule. One argued that two years was
warranted because the scope of rule
expanded after the SBREFA process,
adding additional data points pursuant
to ECOA section 704B(e)(2)(H) and a
visual observation and surname
requirement. The commenter also
argued that car dealers face open scope
and coverage issues, specifically the
involvement of dealers exempt from
Bureau rulemaking. One lender asked
for more time because the rule is a new
regulatory paradigm, applying to
multiple credit products and loan
systems even within one bank. Another
lender justified two years because small
businesses need more time to
understand the requirements of the final
rule.
Policies and procedures. Several
industry commenters requested two
PO 00000
Frm 00284
Fmt 4701
Sfmt 4700
years to permit lenders to develop and
test new policies and procedures.
Technology. Some industry
commenters requested at least two years
to comply to have enough time to deal
with all of the steps related to
purchasing or upgrading compliance
software, including finding and
onboarding vendors, conducting due
diligence on vendors (some lenders said
they were required to vet third parties),
integrating compliance software with
existing software, testing software, and
reconfiguring platforms, all before the
compliance deadline. Some noted that
no vendors, at the time comments were
submitted, offered compliance software
for this rule. One bank asked for more
time to ensure that their software
differentiated between data reported
under different overlapping regulations,
including CRA, HMDA, and FinCEN’s
beneficial owner rule. Two industry
commenters noted that lenders needed
more time to accommodate core
providers to adjust and update their
software. One bank observed that, by
way of example, its core provider only
finished software six weeks before the
end of the two-year compliance period
for the beneficial owner rule.
Staff and training. Several lenders
said they needed at least two years to
adjust staffing and train staff. A number
of banks stated that they would need to
hire new staff. Some industry
commenters stated that lenders would
need to train staff on compliance
policies as well as new software.
Two industry commenters argued that
small financial institutions in particular
needed more time. One trade
association said that early stage online
lenders would be burdened by the rule
while seeking to expand access to credit
for small businesses. A bank asserted
that small banks needed two years
because, unlike large banks, vendors
and not internal staff would develop
compliance systems.
Other regulations. Several industry
commenters justified a two-year period
based on the compliance periods for
comparable data collection regulations,
including HMDA. One bank said that
this rule was no less complex than
HMDA and that no less time should be
given to comply. Another bank observed
that the 2015 HMDA rule justified a
two-year period in part on the new timeconsuming and complex requirement to
collect open-end mortgage data; the
bank argued that this rule was also new
and complex. Two commenters noted
that lenders’ experience with HMDA
showed how much time was needed to
implement new systems, policies,
procedures, data privacy, data security,
staff training and compliance programs.
E:\FR\FM\31MYR2.SGM
31MYR2
lotter on DSK11XQN23PROD with RULES2
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
One trade association noted that this
rule would be harder for financial
institutions with no experience with
data reporting regimes such as HMDA.
Other comments. A trade association
argued that the proposed 18-month
period was inconsistent with the twoyear period in the SBREFA Outline of
proposals under consideration.
30 months. Some industry
commenters requested at least 30
months to comply with the final rule,
for several reasons.
Scope and complexity. Several banks
asserted that the scope and complexity
of the rule warranted a 30-month
compliance period. One bank stated that
each product had a unique application
process and record system, and different
personnel. Another bank stated that the
rule would result in far-reaching,
expensive changes across the bank’s
many branches, including front and
back-end staff. Several banks requested
more time because of the strain on
dedicated resources. One bank said it
needed more time to ensure compliance
as to all its products.
Processes. Several industry
commenters requested 30 months to
comply to create or change processes
and procedures in response to the rule,
including new collection and reporting
processes.
Software. Some industry commenters
requested 30 months to have time to
purchase or upgrade software. Several
noted that software to comply with this
rule does not yet exist. Commenters also
noted that vendor management requires
time, including conducting third-party
due diligence, integrating compliance
software with existing software, and
training staff on new software. One bank
said that 30 months would give vendors
time to develop and test solutions, and
banks time to evaluate these solutions.
One software vendor asserted that
vendors needed 30 to 36 months to
work with business partners, such as
form vendors, to coordinate, make
changes, and distribute work to lenders.
The commenter noted that it needed
lead time to analyze, plan, design,
develop, test, document and distribute
software changes to its financial
institution clients before the compliance
date. A bank stated that the collection
of new data points would require
extensive changes to software for
applications, loan processing, core
processing, data collection and fair
lending, and that each update required
testing and training.
Commenters offered specific concerns
regarding small lenders and software.
One trade association noted that core
providers that small banks rely on do
not now offer tools to comply with this
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
rule. One bank, not a HMDA filer,
expressed that it was at the mercy of its
core provider regarding timing and
expense. Another bank said it needed
more time because it did not have ready
access to its vendors because it was
small compared to other lenders.
Several industry commenters
requested 30 months to have time to
hire new staff and/or train existing staff
to comply with this rule. One bank
noted that such training would involve
staff from different areas of the bank,
including commercial lending,
compliance, underwriting, applications
support, and business systems support.
A community bank said that it would
not have a dedicated team for this rule,
but rather existing staff, including a loan
operations manager, loan audit clerk,
and compliance officer, with competing
concerns, would meet monthly to work
slowly through the rule. One bank noted
the particular importance of training its
lending staff.
A trade association requested a 30month period on the grounds that a
shorter period would result in flawed
data the first few years, which could
negatively impact analysis. Another
commenter noted that small business
lending is varied, involves more
negotiation than consumer lending, and
is therefore more difficult to capture
consistent data for.
Some commenters justified a 30month period on compliance periods for
other complex regulations. Several
lenders cited their experience with
HMDA to justify a 30-month period.
One noted that many HMDA software
kits barely met deadlines, and
significant updates were still needed
after the deadline. Another bank, based
on its experience with the TILA/RESPA
integrated disclosure rule, stated that it
would take longer than 18 months to
comply with this rule.
Several lenders commented that they
needed 30 months to comply because
they had no experience with other data
collection regulations such as HMDA or
CRA.
Two banks expressed a concern that
an 18-month period would hamper their
ability to serve customers. One also said
it would be challenging to comply with
the new rule while still serving
customers and maintaining day-to-day
bank operations. Another said that to
ensure data consistency, the adoption of
new processes may produce less access
to credit.
Some commenters supported a 30month period for specific small business
lenders. Some stated that 18 months
was not sufficient for small and
community banks to review, develop
and implement collection systems. A
PO 00000
Frm 00285
Fmt 4701
Sfmt 4700
35433
number of smaller lenders and a trade
association stated that while large
lenders have dedicated compliance
staff, smaller banks need more time
because they rely on vendors and
software. One bank stated that
regulations should target large and not
small banks, that rules often apply to
lenders regardless of size, and that the
Bureau should set a longer period for all
lenders for the sake of small ones. A
bank emphasized that a 30-month
period would give smaller community
banks time to prepare processes that
work for both the bank and its
customers.
A number of mission-based lenders
stated that small CDFIs had limited
capacity and needed more time to
develop compliance systems. Several
commenters stated that mission-based
lenders should be able to opt-in to
comply in 18 months if they were ready
to do so.
A trade association expressed concern
that banks it represented would have
difficulties with the proposed 18-month
period, especially for rural lenders with
no HMDA experience, which would
have to create new processes.
A software provider identified a
sequence of factors justifying a 30month period. First, this rule would
require new data collection fields to
collect, store, and report data. Such
changes could only begin when this rule
is finalized. After software changes are
distributed, lenders must test software,
implement procedural changes, and
train employees on system updates prior
to compliance date. Further, some
clients may operate on different releases
of software so multiple versions will
have to be supported, requiring changes
for multiple versions. The commenter
requested more time to address these
steps in an orderly fashion.
Several other comments supported a
30-month period. One bank noted that
the time is needed to resolve
unanticipated implementation issues.
Another bank supported a 30-month
period to match compliance
examination cycles. A third bank argued
that a 30-month to three-year period was
not much more time than the proposed
18-month period, given that the Bureau
justified its proposal on the 10 years
that elapsed since the passage of the
Dodd-Frank Act.
Three years. A plurality of
commenters requesting a longer
compliance period than proposed
suggested three years to comply,
including a wide variety of trade
associations, as well as midsized and
smaller banks, credit unions, and
agricultural lenders.
E:\FR\FM\31MYR2.SGM
31MYR2
lotter on DSK11XQN23PROD with RULES2
35434
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
General comments. Several
commenters stated that a three-year
period would permit lenders to make
changes to achieve the statutory
purposes of section 1071. One lender
suggested a compliance date of January
1, 2026. A trade association asserted
that the compliance period should be
three years and should start on January
1 on the grounds that a partial year of
data would not provide meaningful
benefits and would be ignored because
data users would want to make yearover-year comparisons.
Several industry commenters favoring
a three-year period argued that it was
inappropriate for the Bureau to use its
10-year delay in issuing this rule
pursuant to the Dodd-Frank Act as
grounds to burden lenders with a short
compliance period. Two bank trade
associations asserted that it was
arbitrary and unreasonable for the
Bureau to propose an 18-month period
to comply with the broader
requirements of the NPRM compared to
the SBREFA outline of proposals under
consideration, which contemplated a
two-year compliance period.
Sequential changes. Two trade
associations noted that compliance
steps in sequence, each step dependent
on the completion of prior one—
vendors create new data collection and
reporting systems, lenders develop and
test procedures for these systems, staff
are trained on the systems and
procedures, then further testing may
identify issues that require revisions
and iterating again before the deadline.
One commenter stated that, ideally, at
least six months before the compliance
date, lenders would receive software
that can be tested and validated.
Scope and complexity. Some industry
commenters based a three-year period in
part on the need for time to understand
and interpret this rule. Several
commenters noted that this new rule
involves the collection of new data and
would be a ‘‘sea change’’ for small
business lenders, especially those with
no experience with HMDA or data
reporting. A trade association stated it
did not know how much more time to
request without knowing the content of
the final rule. Another trade association
stated that a three-year period would
give the Bureau time to educate and
support lenders as they implement this
rule, based on the experience with the
Paycheck Protection Program.
Many banks and several trade
associations cited the scope and
complexity of the rule to justify a threeyear period, specifically, that the rule
would cover many different products
with different processes. Two
commenters requested a three-year
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
period because compliance involves
changes across many business units,
systems, and small business lending
channels. A group of trade associations
asserted that the rule would require the
collection of 21 data points, the separate
maintenance of demographic
information, and the firewall. Two trade
associations stated that compliance with
this rule would be significant and timeconsuming. One bank noted that small
business lending involved a wider
variety of solutions than consumer
lending. One bank noted that the rule as
proposed would have required the
reporting of 6,500 loans, 44 percent
more than its 4,500 CRA-reportable
small business loans.836
A number of industry commenters
and a business advocacy group justified
a three-year period to create, update,
and test non-software processes and
policies. Some commenters stated that
lenders would need new procedures or
workflows for applications and data
collection. One bank stated that existing
workflows would change to align with
firewall. Several commenters stated that
lenders would need to overhaul or
obtain new forms and applications after
the final rule. Other commenters
claimed not to use written applications
for small business and farm loans. One
bank stated that it needed to develop a
high-touch data collection system
because of its variety of small business
lending products. One trade association
noted that lenders must wait for the
final rule to change their policies and
procedures, and that clarifications and
questions regarding the rule would take
months to address, especially new
proposed provisions not discussed at
SBREFA. One bank said it needed to
establish controls and processes to train
staff. A trade association stated lenders
needed time to assign responsibility
across departments, including
836 This comment highlights the extent to which
this final rule will greatly improve the
comprehensiveness of application-level small
business lending data available for analysis,
compared to the data available under the status quo,
such as current CRA regulations. The CFPB has
worked closely with the OCC, FDIC, and Federal
Reserve Board to harmonize this rule with those
agencies’ proposed CRA amendments; more
comprehensive small business lending data from
this final rule can lead to better analysis of business
and community development needs in the context
of the amended CRA regulations. See, e.g., Bd. of
Governors of the Fed. Rsrv. Sys.; Fed. Deposit Ins.
Corp.; and Off. of the Comptroller of the Currency,
Treasury, Community Reinvestment Act, Joint
Proposed Rule, 87 FR 33884, 33941 (June 3, 2022)
(‘‘[T]he agencies propose using section 1071 data,
once available, to develop market benchmarks.’’);
id. at 33998 (‘‘In the longer term, the CRA’s data
collection and reporting requirements for small
business loans and small farm loans would be
eliminated and replaced by the CFPB’s section 1071
data collection and reporting requirements.’’).
PO 00000
Frm 00286
Fmt 4701
Sfmt 4700
compliance. Another bank observed that
it would take time to receive direction
from compliance vendors.
Software. Many comments supported
a three-year compliance period based in
part on technological issues. Some
industry commenters justified a threeyear period on the need to automate
processes and update small business
lending applications. One bank stated
that it needed to build data collection
procedures for its manual lending
processes, and that small business
lending is not automated to same extent
as consumer lending. One bank stated
that many lenders report HMDA and
CRA data via a manual process, and this
will need to be automated to collect the
significantly expanded data under
section 1071.
A number of industry commenters
stated that lenders would need time to
choose, onboard and integrate new
software. Several banks said no existing
software complies with this rule, and
one bank stated that many providers
were waiting for this rule to be finalized
and would still take time to make a
proven and accurate solution available.
Some lenders and trade associations
noted that many lenders need to find
and vet vendors before buying a
software system. Some industry
commenters stated that lenders do not
have technology in place to collect data
for the rule. One bank offered a contrary
view, reporting that its software vendor
was already working on software to
comply with this rule. A large bank
stated that it would need additional
time to build compliance software itself.
One bank said that it had no
relationship with vendors and no data
collection programs. A trade association
stated that this rule would require
significant infrastructure investments
for credit unions. Another bank that it
needed addition time to implement
software before updating its processes.
A trade association stated that lenders
needed software before training staff. A
group of trade associations stated that
the integration of compliance systems
would be an iterative process of testing,
finding and fixing problems, and testing
again, all across multiple lines of small
business lending products. Another
commenter identified a sequential
process to purchasing software,
including selection, installation,
training and testing.
Several commenters offered other
details on why their technology
requirements justified three years to
comply. One bank stated that it needed
at least 24 months to implement new
software, and 12 months more to have
accurate reporting. Another bank stated
that 18 months suffice for vendors to
E:\FR\FM\31MYR2.SGM
31MYR2
lotter on DSK11XQN23PROD with RULES2
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
develop and install a data collection and
reporting system but would not suffice
for lenders to implement the software
and train staff. A different bank stated
that it searched for 1071 software for
over two years and would need 18
months to integrate the software with
other systems. Another bank said it
needed more than two years to develop,
test, and implement systems of this
scope. One bank stated that its vendor
would take six months to upgrade
software after the final rule is released.
Yet another bank needed 18 months for
software to become available, vetted and
installed, and 18 months more to train
staff. A trade association claimed that
lenders needed more time because they
decide what technology to build one to
two years in advance, and more time
was needed to take into account
‘‘blackout’’ periods, during which
technology builds stop eight weeks
before calendar year end, which the
commenter believed could add up to
four months to timeline to comply with
this rule.
A number of industry commenters
stated that lenders needed time to wait
for vendors to prepare new software or
update existing software, and time to
test it. Several industry commenters and
a business advocacy group also stated
that lenders needed more time to
onboard and test software.
A number of lenders, particularly
small and mid-sized banks, requested
more time to comply because they
lacked control over the speed and
preparation of third-party software
vendors. A trade association for
community banks stated that small
banks depend more on vendors to
develop new systems. Several
commenters stated that core providers,
particularly relied upon by community
banks, need more time to adjust to
collect new data points. That is,
community banks must wait for core
providers to update their systems, test
updates and resolve problems, after
which compliance vendors can develop
systems to integrate with the core
system. The same commenter stated that
community banks that use a platform,
not a core provider, to originate loans
must ensure that, once their core
provider has built the fields for all of the
data points, each is mapped
individually to the small business
lending platform, requiring the creation
of multiple APIs, which would result in
more costs and delays.
Smaller lenders described
complications they would face in
obtaining software for this rule. One
bank stated that lenders needed time to
conduct due diligence on these vendors.
Another bank stated that many financial
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
institutions may make demands on the
same vendors at the same time, slowing
implementation. A third bank stated
that covered financial institutions
would compete for software
implementation dates to comply with
this rule, and that the smallest lenders
will be at the greatest disadvantage for
getting software in time to comply with
this rule. Another commenter stated that
community banks face higher costs to
buy compliance software.
Two trade associations asserted that
three years would suffice for credit
unions to work with vendors to revise
systems for this rule. Another trade
association stated that credit unions
required more time than 18 months
because they are at the mercy of vendors
and must train staff and update forms
and processes.
A business advocacy group stated that
the rule would result in significant,
time-consuming changes to reprogram
software because online lenders do not
currently collect demographic
information so as to avoid accessing
data that would make intentional
discrimination possible.
Staffing. A number of commenters,
including a number of lenders and trade
associations, justified a three-year
compliance period on the time lenders
needed to hire and/or train existing staff
to collect, verify, and report data for this
rule.
Some industry commenters stated that
lenders would have to hire new staff for
data collection, verification, and
reporting. One bank stated that time
would be needed to determine staffing
needs. Two smaller banks stated that
they would need an additional
employee to collect and verify data for
this rule. A State bankers association
said that lenders needed more time
because they and their small business
customers were struggling with the
lasting effects of the pandemic and labor
market shortages.
Many commenters, including a
number of lenders and trade
associations, justified a three-year
compliance period in part on the need
to train staff, both new and existing
employees, to comply with the rule.
Several banks stated that they could not
start to train staff until software and
processes exists for compliance with
this rule; one bank said that 18 months
was not sufficient to do this well.
Several commenters said that lenders
would need to train a variety of staff on
compliance and software for this rule,
including loan officers and customerfacing staff as well as compliance, risk,
legal, and technology employees.
Further, several banks and a business
advocacy group observed that lenders
PO 00000
Frm 00287
Fmt 4701
Sfmt 4700
35435
needed to train staff on what to collect,
including data points for this rule. A
group of trade associations noted that
some lenders are not accustomed to
collecting data to the accuracy standards
of the Bureau, and that staff familiar
with HMDA and CRA would require
more training not to be confused with
overlaps with this rule.
Several industry commenters noted
that the rule would require greater
staffing resources. One bank said it
would increase staff hours to collect and
review data, which would impact
operations. Another bank stated that the
biggest hurdle to compliance would be
allocating employee resources. Yet
another bank noted that staff training is
time consuming. One bank noted that it
needed several months to train its 3,000
employees. A credit union trade
association stated that a tight labor
market, global pandemic, and economic
crisis make updating services harder.
Some commenters stated that they
needed three years to comply to
communicate changes caused by the
rule to consumer to minimize
disruption. Several commenters noted
the need to accustom small business
applicants to the collection of ethnicity,
race, and sex information. One bank
stated that borrowers may resist this
type of inquiry. Another bank said that
customer education for this rule was
important, that many customers already
believe that lenders ask for too much
information, and that customers may be
driven from traditional banking to less
safe products as a result.
Access to credit. Several commenters
supported a longer compliance period
on the grounds that financial
institutions might need to pause or stop
their small business lending until they
were in compliance with this rule,
hurting vulnerable small businesses that
section 1071 was intended to benefit.
Data accuracy. A number of
commenters stated that hasty
implementation of the rule would result
in data errors, bad data quality and bad
analysis based on that data. A group of
State banking regulators asked the
Bureau to consider a longer compliance
period so that financial institutions can
better prepare to compile and accurately
report data. Several banks and trade
associations asserted that rushed
implementation generally would make
data in the first few years after the
compliance date flawed, incomplete, or
unusable, limiting the usefulness of the
data for fair lending and business and
community development purposes.
Some commenters asserted that more
time to comply would make data more
accurate, or otherwise justified a threeyear compliance period on the grounds
E:\FR\FM\31MYR2.SGM
31MYR2
lotter on DSK11XQN23PROD with RULES2
35436
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
of data accuracy. Several commenters
stated that rushed compliance would
result in errors which, in turn, would
lead to Bureau actions against lenders as
well as unnecessary public scrutiny,
ultimately harming small businesses
that section 1071 was intended to help.
One bank stated that the
implementation of policies and
procedures, acquisition of software, and
training of employees would take more
than 18 months to implement, but that
three years would suffice to ensure the
collection of reliable data. Another bank
stated that data will be error-laden in
early years of collection until systems
can be refined. A different bank stated
that the proposed 18-month period will
likely lead to flawed initial data
reporting and flawed analyses. A trade
association asserted that a three-year
period more closely adhered to the
expectation in the statute. Another trade
association stated that a compliance
period of fewer than three years would
risk the viability of CDFI lending
programs.
Many industry commenters requested
a longer compliance period because
many lenders lacked experience with
data reporting regulations, such as
HMDA or CRA. Specifically, a number
of lenders and trade associations stated
that lenders not subject to HMDA
reporting needed three years to comply
because they will start from scratch
without existing vendors, processes or
procedures to adapt to small business
lending or train staff. A group of trade
associations stated that banks that do
not report HMDA/CRA data will meet
vendors for first time and will not have
experience with testing process. One
bank stated that for lenders with limited
staffing resources and no existing
reporting mechanisms, 18 months to
comply is unreasonable. Another bank
stated that many lenders have not had
to collect this amount of data.
Other regulations. A number of
commenters compared the proposed
compliance date with those of other
regulations. One said that the proposed
18-month period was short compared to
those of other complex rules. A bank
said, based on past regulatory reporting
rollouts, it would take three years to
comply with this rule. Another
commenter stated that historically, short
implementation periods for complex
rules are not feasible.
Some commenters compared the
proposed 18-month period to comply
with a new, complex rule with the more
than two years that lenders had to
comply with the 2015 HMDA rule,
which only modified existing
requirements. Commenters pointed out
that, unlike the 2015 HMDA rule, this
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
rule requires the construction of new
systems for a new data collection regime
rather than building on systems already
in place. One commenter encouraged
the Bureau to consider a period of three
years or longer, especially to ensure that
smaller lenders would have time to
comply. A large bank pointed out that,
unlike HMDA, this rule covers
numerous credit products offered by
lenders to small businesses, including
loans, lines of credit, and credit cards,
each of which uses a unique application
process and system of record, and
different personnel.
Other lenders and trade associations
expressed concern about the proposed
compliance period based on their
experience with HMDA, noting that
vendors were not ready before the initial
deadlines established by the Bureau,
which then had to provide leniency
related to data accuracy for HMDA data,
as well as issue multiple corrections and
clarifications to HMDA rule since 2015.
Several commenters noted that the 2015
HMDA rule took several years and
resulted in Congress amending HMDA
in 2018. One bank noted that, as with
HMDA, lenders will spend many hours
reviewing data to avoid errors and
resubmission.
Commenters also compared the
proposed § 1002.114(b) with compliance
periods of other Federal rulemakings.
One bank said that, based on its
experience with the CRA, this rule
would require more than 18 months.
Several commenters stated that the
experience with the TILA/RESPA
integrated disclosure rule shows that 18
months were insufficient for major
changes. One commenter requested
three years to comply based on its
experience with that same rule, noting
that vendors sought clarity on that rule
to make and deploy solutions, and the
Bureau answered questions until the
effective date, making implementation
challenging. A trade association
observed that industry had two years to
comply with the FinCEN’s customer due
diligence rule,837 which it said was a
simpler regulation.
Two industry commenters took the
opposite view, noting that lender
experiences with past regulations are
irrelevant. A bank said that a successful
rollout would take more than 18 months
even if a lender was experienced with
837 FinCEN’s customer due diligence rule requires
financial institutions to have procedures for each of
its legal entity customer to identify each 25 percent
natural person who owns more than 25 percent of
the legal entity as well as one natural person
executive of the legal entity. Fin. Crimes Enf’t
Network, Customer Due Diligence Requirements for
Financial Institutions, Final Rules, 81 FR 29397
(May 11, 2016).
PO 00000
Frm 00288
Fmt 4701
Sfmt 4700
data collection regulations. A trade
association stated that even current
HMDA reporters would find compliance
with this rule challenging because of the
differences between small business and
agricultural lending and mortgage
lending, specifically because small
business lending involves different loan
platforms, small business lending units
do not offer a ‘‘menu’’ of standardized
credit products, and clear application
procedures do not exist because small
business customers are unique.
Industry-specific rationales. A
number of industry commenters
suggested rationales specific to their
industries to justify a three-year
compliance period. An agricultural
lender stated that many FCS lenders,
community banks, and small credit
unions would incur great expense if
required to obtain new technology and
train new employees within 18 months.
A trade association noted that a
compliance period of less than three
years would burden CDFIs.
Some commenters, including a trade
association and a number of banks,
stated that small and community banks
needed three years to comply rather
than 18 months. One commenter
emphasized that stakeholders it
consulted stated that an 18-month
period was inadequate, and that small
lenders may take three years to comply.
A bank emphasized that while larger
banks have more resources for
compliance, small banks will struggle
without more time to comply and will
be disadvantaged. A trade association
noted that smaller banks that are not
HMDA reporters would find a new data
collection regime challenging. A group
of State banking regulators stated that
small lenders would face particular
challenges early on in implementation.
A trade association and a bank noted
that small banks depend on vendors to
develop systems. A bank stated that
small and mid-sized lenders are a lower
priority for vendors, which would erode
their participation in small business
lending. Two banks noted that small
and community banks would struggle
because of shortfalls in staffing and
technology.
A trade association stated that midsized banks were unlikely to stand up
systems in 18 months despite best
efforts, based on the experience of
lenders with other data reporting
regimes.
A business advocacy group stated that
innovative start-ups, small banks, and
credit unions would struggle to
implement the rule given the resources
at their disposal.
A group of State banking regulators
requested a longer compliance period,
E:\FR\FM\31MYR2.SGM
31MYR2
lotter on DSK11XQN23PROD with RULES2
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
in part, so that the Bureau could
‘‘demonstrate’’ its ability to collect data
from nondepository institutions subject
to the rule.
A joint comment from two auto dealer
trade associations requested a three-year
period because they said the proposed
18-month period is untenable for
dealerships in general and small
dealerships in particular, which must
coordinate compliance efforts with
credit application system providers,
vendors, and finance sources, after
which systems must be updated and
tested, and staff must be trained.
More than three years. One
commenter said that the compliance
period should be three to five years
because the bank would have to make
hard decisions on staffing and its
lending capacity due to the additional
reporting measures, and may exit the
market. The commenter expressed
concern that a short implementation
period would force the bank to exit the
small business lending market and hurt
its current customers.
Tiered compliance. Some commenters
supported some kind of phased or tiered
compliance under which larger lenders
would have earlier compliance dates
and smaller lenders would have later
compliance dates. Many industry
commenters requested tiered
compliance dates in addition to, or as an
alternative to, a longer single
compliance period for all lenders. Two
commenters suggested tiered
compliance starting not less than three
years after the final rule is issued
because the process of implementation
would raise issues that require time and
deliberate action to frame and solve.
Industry commenters justified tiered
compliance on a number of grounds,
including the scope and complexity of
the rule, as well as the need for smaller
lenders to implement and test
automated collecting and reporting. One
trade association observed that some
lenders needed time to test systems to
ensure accurate collection and
reporting, and asserted that with an 18month period, a bank would have just
six months to collect data to do a trial
run with one year of data before the
compliance date.
Many commenters, including lenders
and trade associations for State banks
and credit unions, argued for tiered
compliance because of the need to
purchase or develop new software to
comply with the rule. Industry
commenters also pointed to other
factors requiring a longer compliance
period, include the time to find vendors,
time to develop software, time for
vendors to plan and execute network
changes, and time to train and hire staff
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
to integrate systems with software for
this rule.
Two industry commenters
emphasized the dependence of smaller
lenders on third-party vendors to justify
tiered compliance—that small lenders
would need time to evaluate lenders
and complete due diligence, that
vendors would need time to develop
new compliance software, and that
lenders would need time to integrate
and test software with existing systems.
Several trade associations emphasized
that many lenders needed the additional
time that tiered compliance would
provide to permit them to hire and/or
train compliance staff, and train existing
lending staff, to comply with the rule.
Two trade associations suggested that
tiered compliance dates were necessary
for credit unions to educate their
members and allow for the development
of member notifications.
A number of commenters justified
tiered compliance based on industry
experience with complying with other
regulations. Several commenters noted
lenders had more than two years to
comply with the 2015 HMDA rule,
which amended existing regulations,
while this rule is new and complicated.
Several trade associations pointed to
industry experience with Financial
Accounting Standards Board’s Current
Expected Credit Loss rule as an example
of rushed implementation; after initially
setting a single compliance date,
regulators later staggered
implementation, requiring smaller
institutions to comply later, recognizing
high one-time costs and advantages
large institutions had in negotiating
with vendors.
A bank justified tiered
implementation on the grounds that
hasty implementation would lead to
inaccurate data in the first few years of
the rule.
Two trade associations stated that
phased compliance is important for
lenders not experienced with data
collection rules to give them time to
build infrastructure. One commenter
noted that lenders that are not federally
insured depositories in particular need
more time to start training programs
from scratch, and that it would be hard
for such lenders to find and hire enough
staff with coding expertise without
regulatory data systems in place.
Another commenter said that banks that
do not comply with HMDA would need
more time to comply with this rule than
money-center banks that have HMDA
experience.
Smaller lenders and trade associations
justified longer compliance dates for
smaller lenders on various grounds. One
bank stated that smaller lenders could
PO 00000
Frm 00289
Fmt 4701
Sfmt 4700
35437
learn from the earlier compliance
rollouts of large banks. Others said that
tiered compliance would give smaller
lenders more time to resolve
unanticipated issues.
Several commenters suggested several
compliance dates, tiered by lender type.
A trade association suggested that
smaller lenders should have a later
compliance date to learn from largest
banks, and to have time to resolve
unanticipated issues. In particular, the
commenter said that rural and
underserved communities need more
time than money-center banks.
Amongst commenters that supported
tiered compliance dates, there was a
variety of comments on how to
determine which financial institutions
should report later. Two commenters
requested tiered or staggered
compliance in any manner, whether by
transaction type, lender type, or lender
size. A community bank asked that the
Bureau tier compliance dates based on
asset-size or some other factor to
provide a longer compliance period for
community banks. One CDFI lender
requested that the Bureau extend the
compliance date to at least 30 months
for mission-based lenders.
Two trade associations and a large
credit union supported tiering based on
loan volume. One of the trade
associations asked for tiered compliance
with the earliest date starting three years
after the final rule is issued, on the
grounds that credit unions often have
little bargaining power with vendors
and are often the last to receive system
upgrades.
Several lenders suggested two
compliance dates, with tiers set by asset
size. One lender suggested two tiers,
giving more time to lenders with less
than $2 billion in assets because smaller
institutions have smaller compliance
and information technology staffs. The
lender did not place much weight to the
$2 billion threshold it proposed other
than it would match ‘‘small lender’’
definitions in other areas of consumer
financial law.
Several industry commenters
suggested two compliance date tiers.
One bank suggested giving smaller
lenders 24 to 36 months more than large
banks. Two banks suggested giving
smaller lenders one year more than
larger banks, which they argued could
reduce competition for software
installation, implementation help, and
training, which in turn could reduce
costs and resource issues for small
lenders. These commenters believed
that smaller lenders could learn best
practices from larger banks. A trade
association said that large lenders ($10
billion or more in assets), should have
E:\FR\FM\31MYR2.SGM
31MYR2
lotter on DSK11XQN23PROD with RULES2
35438
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
two years to comply, while smaller
lenders should have three years. The
commenter stated this manner of tiering
compliance dates would allow the
Bureau to collect a large amount of data
earlier, and would also give vendors
more time to develop and integrate
compliance products.
Several commenters suggested three
compliance date tiers by asset size. A
trade association suggested that the
Bureau adopt three compliance
tranches, giving large lenders one year
to comply, medium-sized lenders two
years, and small lenders three years.
The commenter suggested the third tier
should include the smallest lenders,
community banks, and lenders to small
businesses that the Bureau trusts and
knows to be successful. Another bank
proposed giving lenders with $5 billion
or more in assets 18 months to comply,
lenders with $1 billion or more 24
months to comply, and banks with $1
billion or less 30 months to comply.
One bank suggested three tiers by size,
without defining size, and proposing
that the largest lenders comply in the
first year, mid-sized lenders comply in
second year, and small lenders comply
in the third year. The commenter
justified the earliest compliance date for
large lenders because of the greater staff
expertise, capacity and resources that
these institutions had to comply with
the rule.
Several commenters opposed tiered
compliance dates. The industry
commenters asserted that this rule
represents a major change for small and
large lenders alike, from a ban on
collecting protected demographic
information data to requiring collection
of it for small business loans. These
commenters claimed that no vendors
have a compliance software ready for
this rule, that all lenders need sufficient
time to understand the content of this
rule, change processes, build and test
systems, train employees, and
implement procedures and controls.
These commenters warned that a failure
to give financial institutions of all sizes
adequate implementation time will limit
access to small business credit, which
negatively impact the economy. A
community group opposed tiered
compliance dates on the grounds that
the proposed 18-month period was
sufficient for all institutions, and that
lenders had from the release of the
NPRM in September 2021 to begin
preliminary planning to comply with
this rule.
Final Rule
The Bureau is finalizing § 1002.114(a)
as proposed. The small business lending
data collection rule will become
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
effective 90 days after it is published in
the Federal Register. The Bureau
confirms, as requested by a commenter,
that this final rule does not apply
retroactively, including for funds drawn
after the effective date where the loan
was originated before the effective date.
See also final comment 114(c)–2, which
makes clear that covered applications
received prior to a financial institution’s
compliance date, but final action is
taken on or after that date, are not
required to be reported.
The Bureau is not finalizing
§ 1002.114(b) as proposed, which would
have required compliance with the final
rule approximately 18 months after
publication of the final rule in the
Federal Register. Instead, the Bureau is
finalizing a tiered approach to
compliance dates. Specifically, the dates
by which covered financial institutions
are initially required to comply with the
requirements of this rule are specified in
four provisions:
First, under § 1002.114(b)(1), a
covered financial institution that
originated at least 2,500 covered credit
transactions for small businesses in each
of calendar years 2022 and 2023 shall
comply with the requirements of this
subpart beginning October 1, 2024. This
compliance date is 18 months after the
Bureau’s issuance of this final rule.
Second, under § 1002.114(b)(2), a
covered financial institution that is not
subject to § 1002.114(b)(1) and that
originated at least 500 covered credit
transactions for small businesses in each
of calendar years 2022 and 2023 shall
comply with the requirements of this
subpart beginning April 1, 2025. This
compliance date is 24 months after the
Bureau’s issuance of this final rule.
Third, under § 1002.114(b)(3), a
covered financial institution that is not
subject to § 1002.114(b)(1) or (2) and
that originated at least 100 covered
credit transactions for small businesses
in each of calendar years 2022 and 2023
shall comply with the requirements of
this subpart beginning January 1, 2026.
This compliance date is 33 months after
the Bureau’s issuance of this final
rule.838
Finally, under § 1002.114(b)(4), a
financial institution that did not
originate at least 100 covered credit
transactions for small businesses in each
of calendar years 2022 and 2023 but
838 The Bureau considered giving Tier 3 financial
institutions 36 months to comply with the rule, as
requested by many commenters. This would have
resulted in a Tier 3 compliance date of April 1,
2026. However, the Bureau believes that there is no
material difference between the 3 years (36 months)
requested by certain commenters and the 33 months
provided to covered financial institutions subject to
Tier 3.
PO 00000
Frm 00290
Fmt 4701
Sfmt 4700
subsequently originates at least 100
such transactions in two consecutive
calendar years shall comply with the
requirements of this subpart in
accordance with § 1002.105(b), but in
any case no earlier than January 1, 2026.
This compliance date is 33 months after
the Bureau’s issuance of this final rule.
In addition, the Bureau has added a
number of provisions to the
commentary accompanying § 1002.114.
New comment 114(b)–1 explains that
the applicable compliance date in
§ 1002.114(b) is the date by which a
covered financial institution must begin
to compile data as specified in
§ 1002.107, comply with the firewall
requirement of § 1002.108, and begin to
maintain records as specified in
§ 1002.111. In addition, the covered
financial institution must comply with
§ 1002.110(c) and (d) no later than June
1 of the year after the applicable
compliance date. New comment 114(b)–
2 provides that when the compliance
date of October 1, 2024 specified in
§ 1002.114(b)(1) applies to a covered
financial institution, the financial
institution is required to collect data for
covered applications during the period
from October 1 to December 31, 2024.
The financial institution must compile
data for this period pursuant to
§ 1002.107, comply with the firewall
requirement of § 1002.108, and maintain
records as specified in § 1002.111. In
addition, for data collected during this
period, the covered financial institution
must comply with §§ 1002.109 and
1002.110(c) and (d) by June 1, 2025.
New comment 114(b)–3 addresses
informal names for compliance date
provisions, providing for informal,
simplified names to facilitate discussion
of the compliance dates specified in
§ 1002.114(b)(1), (2), and (3). Under this
new comment 114(b)–3, Tier 1 refers to
the cohort of covered financial
institutions that have a compliance date
of October 1, 2024 pursuant to
§ 1002.114(b)(1), Tier 2 refers to the
cohort with a compliance date of April
1, 2025 pursuant to § 1002.114(b)(2),
and Tier 3 refers to the cohort with a
compliance date of January 1, 2026
pursuant to § 1002.114(b)(3). New
comments 114(b)–4(i) through (vii)
provide examples of various scenarios
that illustrate how to determine which
compliance date specified in
§ 1002.114(b) applies to financial
institutions.
The Bureau is adopting § 1002.114(b)
pursuant to its authority under ECOA
section 704B(g)(1) to prescribe such
rules and issue such guidance as may be
necessary to carry out, enforce, and
compile data pursuant to section 1071.
E:\FR\FM\31MYR2.SGM
31MYR2
lotter on DSK11XQN23PROD with RULES2
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
The Bureau is adopting a tiered
approach to compliance for a number of
reasons. The Bureau believes, all else
equal, that the statutory purposes of
section 1071 are better served by an
earlier compliance date because it will
result in the earlier publication of data
by the Bureau and use by the public.
Most industry commenters that
addressed the issue of the compliance
date opposed § 1002.114(b) as proposed,
and requested more than 18 months to
comply with the rule. Views varied
widely on how much more time was
necessary. While commenters suggested
compliance periods of 24 months, 30
months, three years, and in one case 3.5
years or more, a plurality of industry
commenters supported a single
compliance date of three years for all
lenders. A sizable number of
commenters also supported tiered
compliance dates based on the size of
the lender, as an alternative to single,
compliance period longer than 18
months.
The Bureau gives credence to a set of
three major factors commenters cited in
requesting additional time, beyond 18
months, to comply with the rule
(whether from 24 months to 3.5 years):
the need to purchase or upgrade
compliance software (including time to
find and perform due diligence on
vendors, purchase software, integrate
compliance software with other
systems, and test all of these); the need
to create or adjust policies and
procedures to comply with the rule; the
need to train and, in some cases, hire
staff to use the new software and
implement the policies and procedures
to collect data. Commenters did not
clearly tie these factors to precise
periods of time.
Many commenters identified the
sequential and iterative nature of these
major factors. Generally, a lender must
purchase and integrate new software
before developing new policies and
procedures concerning the use of the
software, and the lender must have new
policies in place before hiring and
training staff to implement the software
and follow the new processes. These
processes are also iterative in that, in
testing software, procedures and staff
training, lenders may identify errors in
software, processes, or training, and
need to make adjustments that may then
require additional changes in other
aspects of the overall compliance
program or system.
The Bureau believes from comments
received, and consistent with feedback
received in SBREFA, that smaller
financial institutions may face
particular difficulties that justify
providing them additional time to
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
comply with the rule. Several industry
commenters expressed their concern
that they were at the mercy of their
software vendors and other third-party
providers and could not start
compliance steps, such as establishing
new policies and training employees, in
the absence of such software. By
contrast, one large bank requested more
time to comply to develop in-house
compliance software.
Other commenters noted that with a
shorter compliance period, vendors may
be overloaded with requests from a
market of financial institutions
attempting to comply at the same time
with this rule. Several commenters cited
their experience in attempting to obtain
the services of third-party vendors to
comply with other rules such as the
TILA/RESPA integrated disclosure rule
and the HMDA 2015 updates, and
observed that vendors tended to service
larger lenders first, leaving smaller
lenders with little time to integrate
software, update policies and
procedures, train and hire employees,
and test all of these systems.
Compounding these issues, many
commenters—generally smaller lenders,
some of which were rural or community
financial institutions—stated that they
did not have previous experience with
data collection rules, such as HMDA or
CRA. The Bureau is aware that this rule
may be the first contact that many
covered non-depository institutions
have with a Federal data collection
regime. Further, a substantial number of
commenters noted that they used
manual or analog systems and claimed
that they would have to automate their
operations to comply with the rule. The
Bureau believes that the increased
originations threshold under in final
§ 1002.105(b) may preclude many
financial institutions that expressed
concern that they would have to
automate their processes from having to
report data at all.
All of these factors suggest that
smaller financial institutions would face
particular difficulties in complying with
this rule within 18 months. The
comments suggested a variety of
potential consequences stemming from
insufficient time to comply. Some
suggested that financial institutions
would exit the market, that they would
face greater costs to comply more
quickly (for instance, a financial
institution that might be able to use
existing staff over the course of three
years may need instead to hire
additional staff to comply with the rule
in 18 months), and/or that they may
submit inaccurate or data of lesser
quality to the Bureau than they would
have if given more time to the comply.
PO 00000
Frm 00291
Fmt 4701
Sfmt 4700
35439
The Bureau does not believe that
financial institutions would exit the
small business lending market because
of the compliance date, but rather
believes that many smaller institutions
may simply find it challenging to
comply within the 18-month
compliance period. The Bureau gives
some credence to the concern that a
shorter compliance period may result in
somewhat higher, though not
significant, costs that in turn may be
passed on to customers. The Bureau
believes that smaller financial
institutions, especially those
unaccustomed to data collection rules,
may stay in the market but may be
unable to comply within 18 months for
reasons at least partly out of their
control. The Bureau believes, based on
comments received, that generally
smaller financial institutions are more
likely to be at the mercy of vendors that
may prioritize larger customers.
While a plurality of commenters
requested a single, three-year
compliance period for all lenders, the
Bureau does not believe that such a
change is justified. The Bureau received
comparatively few comments from large
banks regarding the sufficiency of an 18month compliance period. One large
bank stated that it would require
additional time to develop its own
compliance software. A trade
association requested three years to
comply with the rule on the grounds
that larger lenders have more complex
compliance systems to establish and
operate because such lenders often had
different divisions dedicated to different
small business lending products. The
Bureau does not believe, given the
dearth of comments on this point, that
the quality of data from large financial
institutions is compromised by an 18month compliance period. The Bureau
thus believes that it would not be
consistent with the statutory purposes
of this rule to provide large financial
institutions a longer compliance period.
As a result, the Bureau believes that
tiered compliance dates balance several
factors at once; that the statutory
purposes of section 1071 are best
advanced by, in aggregate collecting as
much data as possible, as accurately as
possible, as soon as possible; and that a
system of tiered compliance dates
accomplishes this better than a single
18-month compliance period.
In part, the Bureau believes that is
accomplished by maintaining the
existing 18-month compliance period
for the largest-volume financial
institutions that are likely to report the
bulk of the application-level data, and
are likely to do so accurately. These
financial institutions are more likely
E:\FR\FM\31MYR2.SGM
31MYR2
lotter on DSK11XQN23PROD with RULES2
35440
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
than smaller and even mid-sized
institutions to have the resources and
experience to, with relative celerity,
upgrade or purchase compliance
software, create pertinent policies and
procedures, and train or hire existing
staff. The Bureau believes that the
experience that many of these largervolume financial institutions have with
other Federal data collection regimes,
such as HMDA or CRA, gives them the
ability to adapt to this rule within the
time given to collect and submit data.
Further, by maintaining the 18-month
compliance period for larger-volume
financial institutions in Tier 1,
collection and reporting of most small
business lending data will begin
quickly. That is, covered financial
institutions will report to the Bureau the
vast majority of small business lending
applications—approximately 90 percent
of the applications covered by this rule,
as detailed in part IX.D.2 Table 4—on
the timeline proposed in the NPRM.
The Bureau also believes that the
statutory purposes of section 1071 are
best advanced in aggregate by
permitting small and mid-sized
financial institutions, by volume of
originations, to have more than 18
months to comply with this rule. As
discussed above, the Bureau believes,
based on the large volume of comments
and the rationale provided by them, that
an 18-month compliance period
increases the likelihood that small and
mid-sized financial institutions, for a
variety for reasons that are unique to
them, will have difficulty collecting and
reporting data, and that the data
reported would be more likely to be
inaccurate or unreliable. Further, the
Bureau believes based on the comments
it has received, feedback received in
SBREFA, and its own observations
about the small business lending market
that the smallest financial institutions,
especially those that do not already
report data to Federal agencies, have
more manual processes and relatively
few employees, which increases the
likelihood that they submit unreliable
and inaccurate data to the Bureau.
The Bureau believes that tiered
compliance dates will improve the
accuracy of data from smaller and midsized financial institutions. Later
compliance dates for smaller and midsized financial institutions will mean
they do not have to compete with larger
financial institutions for the time and
attention of software and compliance
vendors. The Bureau understands that
while the largest lenders are more likely
to rely on in-house capacity to comply
with the final rule, many other financial
institutions with loan volumes likely to
place them in Tier 1 may still rely on
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
software vendors and may compete with
smaller-volume financial institutions for
the time and attention of software
vendors. With a longer timeframe to
comply, smaller and mid-sized financial
institutions might also be able to avoid
expedited and more costly overtime and
overflow work, and would have time to
learn lessons from the compliance
experience of larger institutions.
Regarding the criteria for tiering, most
commenters who addressed the issue
suggested asset size as the criteria to
determine which financial institutions
should comply later. The primary virtue
of that approach is its simplicity—most
depositories know their total assets.
However, many financial institutions
that will be covered by this rule are
nondepository institutions that may
originate a large volume of loans but
may have relatively few assets
compared to depository institutions.
Conversely, some depositories with a
large volume of assets may have a low
volume of small business loans. A
tiering approach based on assets may
require early reporting by large
depositories with little interest in small
business lending and exclude largevolume small business lenders with
comparatively few assets. The Bureau
does not believe that this approach
would be as consistent with the
statutory purposes of section 1071 as a
criterion for tiering directly tied to a
financial institution’s relative activity in
the small business lending market. As a
result, the Bureau believes that the
number of annual originations of
covered credit transactions for small
businesses should be the basis for
tiering compliance dates
On the number of tiers, commenters
tended to favor two tiers rather than
three. The Bureau believes that the
statutory purposes of the rule are better
served by three tiers. The Bureau
determined from reviewing all of the
comments that there were meaningful
differences in the compliance
challenges faced by smaller volume,
middle-volume, and large-volume
financial institutions. The Bureau
believes that three compliance dates
will help vendors better manage their
capacity to serve their customers. The
Bureau also believes that three
compliance dates may also help the
Bureau be more responsive to industry
during the transition period. By
extending the implementation period,
the Bureau will be better able to provide
more tailored attention to smaller and
mid-sized financial institutions.
General responses to comments
received. The Bureau observes that the
vast majority of comments it received
identified specific factors or concerns
PO 00000
Frm 00292
Fmt 4701
Sfmt 4700
regarding compliance with this rule that
justified a longer compliance period.
Nearly all of these comments also
identified multiple factors or steps in
the process of complying with this rule
that justified a compliance period longer
than the one proposed in the NPRM. As
noted above, the Bureau observes that
these comments, with very few
exceptions, did not quantify specific
amounts of additional time attributable
to each specific factor or step in the
compliance process that were identified.
For instance, a frequent industry
comment might have requested a threeyear, rather than 18-month, compliance
period, citing the need to purchase and
implement software, create processes,
and train staff, without attempting to
attribute the additional 18 months to
each of these three steps in the
compliance process.
Requests to publish data quickly and
frequently. Regarding requests to collect
and publish small business lending data
as soon as possible, the Bureau agrees
that the absence of these data will
continue to hinder vital capital flow to
small businesses, as small business and
community development needs cannot
be effectively identified without this
data. However, the Bureau must
conduct its privacy analysis, so the
publication of data will not immediately
follow its collection. Regarding the
request to publish data as soon as
possible, and to publish data every six
months so that stakeholders can monitor
progress and utilize data, the Bureau is
not adopting a 6-month reporting
requirement because requiring financial
institutions to provide multiple data
submissions a year may be
administratively challenging for both
financial institutions to comply with
and for the Bureau to process. However,
the Bureau may consider publishing
aggregate data more often than once a
year in the future if administratively
feasible.
Less than 18 months. The Bureau has
considered comments asserting that 18
months is too long a compliance period.
While some financial institutions could
comply with this rule in less than 18
months, the Bureau believes that most
financial institutions appear unable to,
given the volume and intensity of
comments requesting more time. The
Bureau believes a one-year compliance
period would be inconsistent with the
statutory purposes of the rule because it
appears that such a short period could
be costly for financial institutions and
result in inaccurate data. The Bureau
agrees that mission-based lenders (or
any other lenders) ready to report
within 18 months should be permitted
E:\FR\FM\31MYR2.SGM
31MYR2
lotter on DSK11XQN23PROD with RULES2
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
to do so, and the rule permits them to
do so.
More than 18 months. Regarding the
comments requesting a compliance
period of more than 18 months, the
Bureau agrees in part. As discussed
above, the Bureau believes that many
lower-volume financial institutions,
with either lower assets or a low volume
of small business lending and thus
potentially fewer resources dedicated to
that line of business, may need
additional time to comply with the rule
for the reasons provided above.
Regarding comments concerning
resources, the Bureau agrees in part. The
Bureau does not believe that more time
is justified solely because the rule may
cause a financial institution to expend
resources to comply with the rule.
However, the Bureau agrees that smaller
financial institutions may need more
time to marshal the necessary resources,
as discussed above.
The Bureau has considered comments
stating that financial institutions needed
more time to understand the final rule
and its scope. While the application of
this rule would be new to some lines of
business, and while some data would be
novel the Bureau believes that financial
institutions have had enough time to
understand the concepts in the rule,
especially for those financial
institutions that have had experience
with other Federal data collection rules,
such as HMDA, CRA, or CDFI Fund.
The concepts in the rule implement
2010 statutory language, and the rule’s
implementation of those statutory
concepts relies on well-known concepts
from existing rules, particularly the
HMDA and the CRA regulatory
requirements. Nonetheless, the Bureau
acknowledges that preparing for
compliance may be somewhat more
difficult for financial institutions,
particularly smaller institutions, with
no previous experience with Federal
data collections. The Bureau believes
that final § 1002.114(b) provides
sufficient additional time for such
financial institutions to come into
compliance with the final rule.
Regarding comments that financial
institutions need more time to establish
policies and procedures, the Bureau
does not believe this is necessary for
larger-volume lenders. The Bureau’s
proposed 18-month compliance period
was intended to accommodate the need
of financial institutions to develop or
update policies and procedures to
comply with the rule. The Bureau
believes, however, that more time may
be warranted for smaller financial
institutions that do not have existing
written policies or procedures and do
not currently use written applications
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
for small business or agricultural
lending applications. The Bureau does
not have reason to believe that there are
larger-volume lenders that do not
currently use forms or formal written
applications.
Regarding comments requesting more
time to comply because of technological
issues, the Bureau acknowledges the
various steps that may be involved in
obtaining software needed to imply with
this rule, including updating core
processors, automating analog systems,
conducting due diligence, choosing
vendors, and testing and integrating
systems.
The Bureau agrees with commenters
that smaller-volume lenders may need
more time than proposed to prepare
software before the rule’s compliance
date. In particular, the Bureau
understands that smaller financial
institutions may need time to transition
from informal applications to automated
systems. Regarding the reengineering of
agricultural credit scoring systems, the
Bureau understood this issue to apply to
smaller FCS lenders and believes that
the additional time provided by the
final compliance period provision
would suffice for changes to be made to
AgScore and for them to adjust
accordingly.
Regarding the comments that banks
needed more time to hire new staff and/
or train existing employees, the Bureau
notes that not enough detail was
provided by commenters that explained
why this factor on its own justified more
than 18 months to comply with this
rule.
Regarding the comments that the
compliance periods for other similar
regulations provided more time, the
Bureau acknowledges that this rule,
unlike HMDA and the TILA/RESPA
integrated disclosure rule, covers a
variety of different product types, that
this rule is a new rulemaking rather
than an amendment to existing
regulations. The Bureau notes from its
experience that smaller financial
institutions in particular appeared to
face challenges complying within the
timeframe given for the 2015 HMDA
rule amending Regulation C and the
TILA/RESPA integrated disclosure rule.
The Bureau agrees, from the experience
of past rulemakings, that smaller
financial institutions may wait longer
than larger institutions for vendors to
prioritize them.
Regarding various industry-specific
rationales given for extending the
compliance period, the Bureau observes
that many of the comments advocated
for types of financial institutions that
tended to be smaller, such as CDFIs,
credit unions, and community banks.
PO 00000
Frm 00293
Fmt 4701
Sfmt 4700
35441
The Bureau believes that final
§ 1002.114(b) will provide most of the
smaller volume lenders the additional
time they need to comply.
Regarding comments that even larger
credit unions would have to wait for
vendors to create compliance products,
the Bureau agrees only in part. The
Bureau believes that vendors are more
likely to focus on larger financial
institutions—including larger credit
unions—earlier, but that smaller
financial institutions, including credit
unions, are more likely to have to wait
longer.
Regarding the comment that
equipment finance companies may be
less accustomed to Federal regulators,
the Bureau agrees but does not believe
that this justifies a longer compliance
period specifically for this type of
lender. The Bureau believes that
equipment finance companies with
larger volumes of originations are likely
to have sufficient experience and
resources to prepare to come into
compliance more quickly.
Regarding the comment that a short
compliance period would promote
unintentional errors, the Bureau agrees
in part. The Bureau believes that faced
with limited time and resources, smaller
financial institutions are more likely to
submit inaccurate data, and that this is
one of the rationales for providing
lower-volume institutions additional
time to comply with the rule. Regarding
the concern that compliance costs will
directly increase lending costs, the
Bureau acknowledges in its impacts
analysis in part IX below that this may
take place, but that the per-loan impact
of this rule will be relatively low.
Regarding the comments that many
borrowers do not possess or are
unwilling to provide data pursuant to
this rule, the Bureau agrees that
educating small business applicants
would improve their responses to
requests for data under this rule.
Regarding the comment that rushed
implementation would lead to
unintended consequences, the Bureau
observes that the notice and comment
processes has identified potentially
unintended consequences of an 18month compliance period, and that the
final tiered compliance provision is
intended to address these concerns.
Two years. Regarding the comments
favoring a two-year compliance period
for financial institutions, the Bureau
agrees in part. Based on a consideration
of a variety of factors, including the
comments it has received, the Bureau
has determined that a two-year
compliance period is appropriate for
mid-sized financial institutions. The
Bureau does not believe that two years
E:\FR\FM\31MYR2.SGM
31MYR2
lotter on DSK11XQN23PROD with RULES2
35442
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
is an appropriate compliance period for
all institutions. The Bureau believes that
two years more time than is needed by
the largest volume financial institutions,
which have the ability to comply earlier,
and too little time for the smallest
volume financial institutions, which
need closer to three years to comply
with this rule.
The Bureau has considered the
comment asserting that the proposed
compliance period would make the rule
an undue regulatory burden, costly, and
not be commensurate to any potential
reporting benefit. As set out above, the
Bureau believes that a shorter
compliance period would be
challenging for many smaller and midsized financial institutions, and the
Bureau believes that it is more likely to
obtain more accurate data if it provides
smaller volume financial institutions
more time to comply with this rule.
Scope and complexity. The Bureau
has considered comments stating that
financial institutions needed a two-year
compliance period to understand the
full scope and complexity of the new
rule. While the proposed rule included
provisions not considered during
SBREFA, such as additional data points
pursuant to ECOA section
704B9(e)(2)(H), the Bureau does not
believe that the increased complexity of
the rule alone justifies additional time.
Most of the new provisions in the
NPRM are well-known outside of the
context of this rule. In addition, the
Bureau has in some ways limited the
scope of this rule further by, for
instance, not finalizing certain more
complex provisions, such as the
proposed visual observation and
surname analysis requirement.
Regarding scope and coverage issues
faced by motor vehicle dealers, the
Bureau does not believe that there are
open issues requiring resolution as
suggested by some commenters. The
issues raised concerning the application
of Bureau regulations to indirect motor
vehicle lenders are well-established and
not unique to this rulemaking. The
Bureau likewise does not believe that
this rule represents an entirely new
regulatory paradigm; the many
comments the Bureau received
concerning the overlap between this
rule and HMDA, CRA, and CDFI Fund
data collections suggest that the
concepts in this rule are already well
understood by many financial
institutions and not necessarily novel or
paradigm-shifting. While the Bureau
agrees that this rule is the first to
attempt to collect application-level data
comprehensively from the entire small
business lending market, the Bureau
does not believe that this alone is a
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
reason to extend the compliance period
of the rule.
Policies and procedures. The Bureau
has considered comments stating that
financial institutions needed two years
to develop and test new policies and
procedures. However, the comments did
not provide enough detail to support
extending the compliance period based
on this factor alone.
Technology. Regarding comments
requesting two years to comply because
of the need to purchase or upgrade
compliance software, the Bureau agrees
in part. The Bureau acknowledges the
various steps related to implementing or
updating compliance software,
including finding and vetting vendors,
integrating compliance software with
other systems. The Bureau
acknowledges the concerns of some
commenters that vendors may not be
ready with compliance software before
the proposed compliance date. The
Bureau, as noted in part II above, has
worked proactively with vendors and
technology departments of financial
institutions since the release of the
NPRM to help them speed their work
The Bureau believes that the tiered
compliance schedule will ensure that
financial institutions in need of time to
buy or upgrade software will have that
time.
Staff and training. Regarding
comments requesting a two-year
compliance period in order to have
additional time to hire new staff and
train existing staff, the Bureau took
those factors into account when
proposing an 18-month compliance
date. However, the Bureau agrees that
small financial institutions may require
additional time to comply because they
may not have the staff to develop
compliance systems that larger financial
institutions may have. The Bureau
believes that smaller institutions may be
particularly reliant upon vendors and
third-party software and, as mentioned
before, may not be prioritized by these
providers.
Other regulations. Regarding the
comments that a two-year period based
was justified based on the compliance
periods for other similar data collection
regulations, the Bureau agrees in part for
the reasons specified above. The Bureau
acknowledges that industry’s experience
with the 2015 HMDA rule suggests that
more time is required for smaller
financial institutions in particular, and
especially those with no past experience
with a data collection regime like
HMDA.
Other comments. Regarding concerns
that the proposed compliance period
was inconsistent with the two-year
period that the Bureau previously
PO 00000
Frm 00294
Fmt 4701
Sfmt 4700
considered in the SBREFA process, the
Bureau now believes that the two-year
period is appropriate for financial
institutions with a moderate volume of
originations.
30 months. The Bureau has
considered comments requesting a
single 30-month compliance period but
does not believe this approach would be
appropriate, for the reasons provided
below.
Scope and complexity. Regarding the
comments that the scope and
complexity of the rule warrants a 30month compliance period, the Bureau
acknowledges the breadth and
complexity of this rule but does not
believe that the time needed to
understand the rule in itself justifies one
additional year to comply with the rule.
Processes. The Bureau acknowledges
that compliance with the rule may itself
entail complex changes to the various
processes pertaining to small business
lending, including front and back-end
operations, and operations across
different branches. The Bureau notes
that while industry commenters
explained the complexity of changing
processes and procedures with some
clarity, the Bureau anticipated these
types of changes in proposing an 18month compliance period. In any case,
these commenters identified various
changes they would have to make in
response to the rule without explaining
why these changes justified extending
the proposed compliance period by 12
months.
Software. Regarding the comments
requesting 30 months to comply with
the rule because of the need to purchase
new software or upgrade existing
software, the Bureau agrees in part. The
Bureau acknowledges the various steps
and complexities in the process to
upgrade or purchase software that
commenters have identified, but the
Bureau does not believe that all
financial institutions need more time to
purchase or upgrade software. The
Bureau also acknowledges concerns that
compliance software for this rule did
not exist when comments were
submitted in response to the NPRM. The
Bureau understands from its outreach
that software providers have been
developing compliance products since
the release of the NPRM, and while such
products cannot be finalized until after
the final rule, the Bureau believes that
such software will be available for
timely implementation by financial
institutions, especially because the
Bureau is committed to providing
assistance to technology departments
from financial institutions and software
providers to develop compliance
solutions in time to meet the final tiered
E:\FR\FM\31MYR2.SGM
31MYR2
lotter on DSK11XQN23PROD with RULES2
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
compliance dates. Regarding the
comment that software providers need
30 to 36 months to work with their
business partners, the Bureau believes
based on its outreach and comments
received from some banks that this work
had already begun with the release of
the NPRM, and that the compliance
dates provided in final § 1002.114(b)
should be sufficient for software
providers to work with their business
partners and financial institutions.
The Bureau acknowledges
commenters’ concerns about small
financial institutions and their ability to
implement software before the proposed
compliance date. The Bureau believes
that lower volume lenders, especially
those without previous experience with
data collection rules, are likely to be at
the mercy of compliance software
providers and core providers, and are
not as likely to have priority access to
new software or provider assistance in
implementing it. The Bureau does not,
however, agree that these concerns
justify a single 30-month compliance
period. Instead, the Bureau believes that
these concerns justify tiered compliance
based on the financial institution’s
transaction volume.
Staffing and training. Regarding
comments that a single, 30-month
compliance period is needed to
accommodate the hiring of new staff
and/or training of existing staff, the
Bureau agrees in part. The Bureau
acknowledges that this rule may require
the hiring or training of staff in variety
of different areas and roles across
financial institutions. The Bureau
emphasizes, however, the comment
specific to smaller volume lenders that
a community bank would not have a
dedicated implementation team for this
rule, but rather would assign
responsibility for rule implementation
to existing employees across the bank in
addition to their existing tasks.
Data accuracy. The Bureau
acknowledges the comments that the
proposed compliance period may result
in data inaccuracies, but does not
believe that a single, 30-month
compliance period would be the most
appropriate way to address these
concerns. The Bureau, for the reasons
provided already, believes that smaller
and even moderate volume lenders, if
subject to an 18-month compliance
period data, may be at particular greater
risk of collecting and submitting
inaccurate data to the Bureau. The
Bureau acknowledges the comment that
small business lending is varied,
involves more negotiation than
consumer lending, and therefore makes
it more difficult to capture consistent
data for, but the Bureau does not believe
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
that this factor alone justifies extending
the compliance period. The Bureau
observes that the existing regulations
that collect data on small business and
small farm lending already take into
account the varied and more
individually negotiated nature of such
transactions.
Other regulations. The Bureau
acknowledges the comments concerns
that other comparably complex
regulations identified by commenters,
such as the 2015 HMDA rule
amendments and the TILA/RESPA
integrated disclosure rule, provided for
compliance periods longer than the 18
months proposed by this rule. The
Bureau acknowledges the comment
observing that in response to the 2015
HMDA amendments, many software
providers barely met the compliance
date for that rule, and that significant
updates were still required after the
deadline. The Bureau agrees that
smaller lenders may need more time to
comply because of their lack of
experience with data collection
regulations such as those under HMDA
or CRA. However, the Bureau does not
believe that a uniform, 30-month
compliance period would be the
appropriate way to address all these
concerns. The Bureau believes that the
specific comments it received
advocating for a 30-month compliance
period for smaller volume lenders or for
those inexperienced with data
collection rules support the tiered
compliance dates set forth in the final
rule.
Customer relationships. Regarding the
concerns that a short compliance period
would hamper the ability of their ability
to serve commercial lending customers,
the Bureau agrees in part. The Bureau
believes that smaller lenders and, to a
lesser extent, moderate volume lenders
may find it challenging to comply with
the new rule while still serving
customers and maintaining day-to-day
bank operations. The Bureau
acknowledges the concern that some
commenters may adopt new processes
to ensure data quality but provide less
access to credit for applicants. The
Bureau does not believe that a uniform,
30-month compliance period would be
the appropriate way to address these
concerns in a manner consistent with
the statutory purposes of the rule.
Rather, the Bureau believes that the
customer relationships of smaller
volume lenders are likelier to be
affected by a shorter compliance period
than the customer relationships of larger
lenders.
Sector specific. Regarding the
comments that 18 months was not
sufficient for smaller lenders, the
PO 00000
Frm 00295
Fmt 4701
Sfmt 4700
35443
Bureau agrees. The Bureau believes the
differences between the compliance
challenges faced by smaller and larger
lenders suffice to justify a longer
compliance period for smaller-volume
lenders. The Bureau agrees with the
multiple comments stating that smaller
institutions, such as community banks,
CDFIs, and rural lenders, are more
limited in their capacity to expend the
additional time and resources needed to
comply with this rule within 18 months,
and with comments that larger lenders
do not have such limitations and often
have staff dedicated to regulatory
compliance. Regarding the comment
that regulations should apply only to
large banks, not smaller banks, the
Bureau notes that while the Dodd-Frank
Act contains provisions specific to
larger institutions, it does not apply
exclusively to larger lenders. The
Bureau, however, agrees that the
compliance date provision of this rule
should not apply to all financial
institutions regardless of size, given the
differences in the relative capacity to
comply quickly, as the final tiered
compliance date provision recognizes.
Regarding the comments of a software
provider concerning the various steps in
the process to implementing compliance
software, the Bureau appreciates the
complexity of the process and the backand-forth between software vendors and
lenders. The Bureau, however, believes
that the tiered compliance provision
provides for more time for a majority of
smaller and moderate volume lenders to
work through the software
implementation process. The Bureau is
providing resources, such as the Filing
Instructions Guide, concurrent with the
release of this final rule to aid software
vendors’ and financial institutions’
development of software expeditiously.
Other comments. Regarding the
comment requesting for 30 months to
address unanticipated implementation
issues, the Bureau believes that the final
compliance date provision provides
enough time and leeway for lenders to
address any such issues. Regarding the
comment that a 30-month compliance
period would match the normal
compliance examination cycle, the
Bureau disagrees as not every financial
institution subject to this rule has
examinations on this schedule.
Regarding the comment that an 18month compliance period is not
justified by the length of time that has
elapsed since the passage of the DoddFrank Act, the Bureau notes that in part,
it agrees, providing an additional six to
18 months to most lenders.
Three years. The Bureau is not
adopting a single compliance period of
three years for all covered financial
E:\FR\FM\31MYR2.SGM
31MYR2
lotter on DSK11XQN23PROD with RULES2
35444
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
institutions, for the reasons below. The
Bureau acknowledges that much of the
reasoning provided in support of a
single, three-year compliance period
justifies the compliance period for Tier
3 financial institutions. As noted above,
the Bureau believes that there is no
material difference between 33 months
and three years for purposes of this rule
and the compliance of Tier 3
institutions.
General comments. Regarding the
comments that a single, three-year
period would achieve the statutory
purposes of the rule, the Bureau
believes that having larger- and
moderate-volume lenders begin
collecting data in 18 or 24 months,
respectively, rather than 33 months,
while waiting to obtain more accurate
data from smallest-volume financial
institutions, is most likely to maximize
the speed with which the Bureau
receives the largest possible volume of
accurate data. Because of this, the
Bureau believes that the final tiered
compliance provision better
accomplishes the statutory purposes of
the rule. Regarding the comment that
such a three-year compliance period
should start on January 1, the Bureau
believes that earlier collection of data is
consistent with the purposes of section
1071, even if it results in the collection
of a partial year of data. While less
useful in a year-over-year comparison, a
partial year of data would not be
ignored entirely. Given the new data
points that would be collected under the
final rule, a partial year of collection
will give data users valuable
information they could not access from
other sources, for the purposes of
facilitating fair lending enforcement and
identifying business and community
development needs.
The Bureau has considered comments
asserting that by proposing an 18-month
compliance period, the Bureau has
shifted the burden of rapidly complying
with the rule onto lenders. The
proposed compliance date reflected an
attempt to balance competing concerns,
and the final compliance date reflects a
reconsideration of how best to balance
the need to collect data quickly, and the
need to collect it accurately.
Regarding the comments that it was
arbitrary and unreasonable for the
Bureau to propose a broader rule with
an 18-month compliance period in the
NPRM, compared to a rule of lesser
scope and a two-year compliance period
in the SBREFA process, the Bureau is
not finalizing a blanket 18-month
compliance period in this final rule, as
explained above. And even if the
Bureau were finalizing an 18-month
compliance period as proposed, the
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
Bureau would disagree with the
commenters for a number of reasons.
First, the Bureau does not believe that
the scope of data collection and
reporting under the NPRM expanded
greatly compared to the SBREFA outline
of proposals under consideration. While
several data points were proposed
pursuant to ECOA section
704B9(e)(2)(H), most of these data
points (such as pricing, application
method, application recipient, reasons
for denial) are data in possession of
financial institutions, as items that are
part of the underwriting or lending
process. Some of the other items, such
as time in business and NAICS Code,
are captured by some lenders in any
case. Similarly, the NPRM (but not the
SBREFA Outline) included several
provisions giving leeway to financial
institutions attempting to comply in
good faith, such as the bona fide error
and safe harbor provisions.
Second, even assuming that the scope
of data collection and reporting under
the NPRM were greatly expanded as
compared to the SBREFA Outline, the
final rule includes a variety of
provisions intended to streamline
compliance as compared to the NPRM.
For instance, the Bureau has simplified
the approach to pricing, time in
business, and NAICS code (requiring the
collection of just 3 digits rather than 6),
and the Bureau is no longer requiring
the use of visual observation and
surname analysis. The Bureau is also
providing a grace period during which
it does not intend to assess penalties, so
long as financial institutions attempts to
comply with this rule in good faith (see
part VII below). The Bureau also
believes that the materials it has
prepared for concurrent release with the
final rule, including the initial version
of the Filing Instructions Guide, will
have the effect of facilitating compliance
with the rule.
Regarding the comment that the
Bureau was shifting the burden of its
delay in issuing the rule to industry, the
Bureau disagrees. The Bureau’s
intention in proposing an 18-month
compliance period was balancing two
factors—providing sufficient time to
comply while obtaining data as soon as
possible. The Bureau believes that the
final tiered compliance provision better
strikes that balance by differentiating
between lenders more likely to be able
to comply earlier with accurate data,
and lenders that are likely to need more
time to report accurate data.
Sequential changes. The Bureau
acknowledges the comments that the
implementation of compliance systems
involves numerous steps in a specific
order. However, the Bureau does not
PO 00000
Frm 00296
Fmt 4701
Sfmt 4700
believe that this justifies a single, threeyear compliance period for all financial
institutions. The Bureau believes that it
is generally correct that compliance
must proceed in a specific order, and it
also believes that larger lenders are
more likely to have the capacity and
resources to work on different steps of
compliance implementation in parallel
rather than purely sequentially, and
thus comply in a shorter amount of time
than smaller-volume lenders with less
capacity and resources.
Scope and complexity. Regarding the
comments that a three-year period is
needed to carefully understand and
interpret the new rule, the Bureau
agrees that this rule will be entirely new
to many lenders with no experience
with other data collection rules.
However, the Bureau believes that such
lenders are likelier to be smaller, lowervolume lenders, and that the final tiered
compliance regime give them the
additional time they need to understand
this rule. Regarding the comment that
lenders could only understand the
content of the regulations after the
issuance of the final rule, the Bureau
observes that it has endeavored to
simplify this final rule compared to the
content of the NPRM. Regarding
comments that a single three-year
period would give the Bureau time to
educate and support lenders as they
implemented this rule, the Bureau
believes that the finalized system of
tiered compliance dates provides
sufficient time to educate and support
smaller, lower-volume lenders more
likely to need this help.
The Bureau acknowledges that this
rule would cover many different
financial products and services, often
with different processes, involving
many changes across business units and
systems, but the Bureau does not believe
that a single three-year compliance
period for all financial institutions is
warranted on these grounds. The Bureau
acknowledges that this rule is more
comprehensive than existing collections
of small business lending data, both in
terms of how many financial
institutions will be required to report
under the rule, and in terms of the scope
of what is required of any given
financial institutions. However, the
Bureau observes that many larger
volume lenders have already complied
with similar data reporting requirements
for small business lending, including
CRA and the Paycheck Protection
Program, which also involved many
data points and, for larger volume
lenders, compliance across different
business units and systems. The scope
of this rule is somewhat more expansive
than past data collections, but, as many
E:\FR\FM\31MYR2.SGM
31MYR2
lotter on DSK11XQN23PROD with RULES2
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
other commenters have pointed out, the
significant overlap between this rule
and the data required by other rules
means that the content of this rule is
likely to be well understood by many
financial institutions.
Regarding the comments that the rule
requires the collection of 21 data points,
the separation of demographic
information, and consideration of the
feasibility of a firewall, the Bureau notes
that these comments summarized the
provisions of the rule without
explaining how compliance with these
provisions would require three years
rather than 18 months. Regarding the
comment that the regulatory burden of
the rule would be significant and timeconsuming, the Bureau refers to the
impacts analysis in part IX. In short,
such comments do not explain how the
Bureau’s specific attempts to quantify
costs were erroneous, and do not
address specific amounts of time that
tasks would take.
Policies and processes. Regarding
comments that lenders need three years
to create, update, and test non-software
processes and policies, the Bureau
acknowledges that some lenders do not
currently use written applications for
small business and farm loans, and
would need to start using them. The
Bureau believes that these lenders are
more likely to be smaller lenders with
lower volumes of originations. The
Bureau also acknowledges that lenders
would not be able to change procedures,
forms, policies, and systems until the
final rule is issued, and that
clarifications and questions may take
some time to address. The Bureau does
not believe this justifies a single threeyear compliance period for all lenders.
Further, while stating that 18 months
was insufficient, commenters did not
specify the additional amount of time
needed to create new procedures or
workflows for applications, change
existing workflows to align with the
firewall requirement, overhaul their
forms and applications, or to obtain new
ones. The Bureau believes that the
proposed compliance date would have
provided sufficient time for these
processes. The Bureau believes,
however, that smaller lenders with
lower volumes of originations may need
more time than other lenders to adjust
their processes and procedures to
comply with the rule for the reasons
provided.
Technology. The Bureau
acknowledges the many comments that
it received requesting a longer
compliance period to implement
software solutions, and the various steps
in that process, including identifying,
vetting, and choosing vendors, and
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
integrating and testing software. The
Bureau acknowledges that the
implementation process for software can
be iterative and sequential. The Bureau
understands that many lenders,
especially smaller and community
banks, that will need to automate
currently manual lending processes to
collect data for this rule. In particular,
primarily lower-volume lenders, such as
community banks and rural institutions,
will need additional time to automate
their processes with software to
accurately collect data, including some
lenders that collect HMDA and CRA
data by manual processes. The Bureau
also understands that many lenders not
experienced with data collection rules
have no relationships with vendors.
While some lenders said that they
could not begin to implement software
until vendors create it, the Bureau notes
that one commenter had identified a
vendor already at work on compliance
software for this rule as of early 2022.
Regarding the comment from a larger
lender stating that it would need
additional time to build compliance
software itself, the Bureau notes that it
received relatively few comments from
larger lenders.
The Bureau notes that of the
comments citing software changes to
justify a three-year compliance period,
only several provided any estimates of
the time needed to implement software.
The few estimates there were ranged
from as few as six months from the
issuance of the final rule to upgrade
software to 18 months to two years to
implement software, and further time
still to train staff and test software. The
Bureau believes that these comments
may overestimate the time vendors will
take to prepare compliance software.
Some estimates assumed that vendors
would not start their work until after the
release of the final rule, but the Bureau
understands from comments and other
feedback that some software vendors
started work on compliance software for
this rule not long after the release of the
NPRM. The Bureau also believes, based
on other comments received, that the
longer periods suggested by commenters
are most likely to apply to smaller and
mid-sized lenders, for the reasons
discussed before—that vendors are
likely to prioritize larger lenders in
implementing new or upgraded
software.
Regarding the comment that lenders
should have software six months before
the compliance date for testing, the
Bureau believes that the tiered
compliance provision would provide
most lenders this extra time. In any
case, the Bureau believes that the grace
period discussed in part VII may permit
PO 00000
Frm 00297
Fmt 4701
Sfmt 4700
35445
lenders to continue testing after their
compliance dates, if needed. Regarding
the comment that lenders need more
than 18 months to comply because they
make build technology decisions one to
two years in advance, the Bureau
believes that the release of the NPRM
gave lenders time to plan and budget for
compliance technology well in advance
of this final rule. Regarding the
comment that some lenders adopt
blackout periods of eight weeks at the
end of the year, which could add four
months to the time needed by lenders,
the Bureau does not believe additional
changes are needed to final
§ 1002.114(b). The commenter did not
suggest how common such blackouts
were amongst lenders, nor how an eightweek blackout period would necessitate
a four-month compliance date delay.
The Bureau acknowledges
commenters’ concerns that small and
mid-sized banks will likely need more
time to comply because of their greater
dependence on the timing of third-party
software vendors because these
comments were based on industry
experience with software vendors in the
context of past rulemakings. The Bureau
believes comments that vendors may
become time or resource-constrained
and have difficulties serving many
lenders at once, and, given a single
compliance date, are less likely to
prioritize smaller lenders. The Bureau
gives credence to comments that small
lenders struggled to implement
compliance systems for the TILA/
RESPA integrated disclosure and HMDA
rulemakings before their respective
compliance dates because small lenders
competed with larger lenders for the
limited time and attention of vendors in
advance of regulatory deadlines.
Staffing. The Bureau acknowledges
the many comments that lenders need
more time to hire new staff and train
existing staff to collect, verify, and
report data for this rule; that training
may apply to staff across different
departments and business units within
financial institutions; and that training
can be time-consuming. The Bureau
observes that comments requesting a
three-year period based in part on
staffing concerns did not estimate how
much of the additional time requested
was attributable to staffing issues. One
exception was a comment from a lender
that said it would need several months
to train its staff of 3,000 employees; the
Bureau believes that this comment tends
to support an 18-month compliance
period for larger lenders.
The Bureau understands that certain
staff training—on compliance software
for this rule—may occur only after
software is implemented. However, the
E:\FR\FM\31MYR2.SGM
31MYR2
lotter on DSK11XQN23PROD with RULES2
35446
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
Bureau believes that other training may
be conducted in parallel with the
development of software, such as the
training on the content of this rule. The
Bureau agrees that lender staff with no
familiarity with data collection rules
may need more time to be trained in
complying with this rule. The Bureau
notes that the concern that staff already
familiar with the HMDA and CRA rules
would need training to avoid confusion
with this rule is mooted by the Bureau’s
decision to exclude HMDA-reportable
loans from reporting under this rule,
and the proposed amendments to the
CRA rules that would eliminate the
existing CRA reporting regime.
Regarding other comments, the
Bureau agrees that part of the
compliance process will involve
communicating operational changes
resulting from this rule to customers to
minimize disruption and increase the
likelihood that they will answer
inquiries related to protected
demographic information. The Bureau
acknowledges that some customers may
believe that lenders already request too
much data but believes that it is
speculative to say that customers may
be driven to less safe financial products
to avoid providing data for this rule.
Access to credit. Regarding comments
requesting a longer compliance period
because lenders might need to pause or
stop their small business lending until
they were in compliance with this rule,
hurting the small businesses that section
1071 was intended to benefit, the
Bureau does not believe that a reduction
in access to credit is likely for the
reasons set out in part IX.
Data accuracy. The Bureau, for the
reasons stated above, agrees that smaller
and mid-sized lenders are more likely to
need more time to comply with this rule
to ensure the accuracy of the data that
they will submit. The Bureau agrees
with the group of State banking
regulators that the implementation
timeframe should be increased for many
financial institutions to better equip
them to accurately report data.
The Bureau makes particular note of
comments from smaller lenders and
their representatives that lenders
lacking experience with data reporting
regulations, such as HMDA or CRA,
require more time to report accurate
data. Inexperienced lenders must create
processes from scratch, develop vendor
relationships, and become accustomed
to new procedures, such as testing
software and other systems, to ensure
the accuracy of data. The Bureau also
agrees that the proposed 18-month
period is not sufficient for lenders with
lower-volume small business lending
operations that may face limited staffing
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
resources and that have never before
collected the amount of data required by
this rule.
The Bureau agrees in principle that
rushed implementation generally would
make data in the first few years after the
compliance date flawed, incomplete, or
unusable, limiting the usefulness of the
data for section 1071’s fair lending and
business and community development
purposes. The Bureau believes that the
tiered compliance date approach it is
taking in this final rule will not result
in rushed implementation. Rather, its
final compliance provisions will
provide sufficient time for especially
smaller and mid-sized lenders to
implement compliance systems and
prepare to collect and report accurate
data.
Regarding the comments that data
will be error-laden in the first few years
of collection until systems, policies, and
procedures can be refined, the Bureau
has accounted for this in its final rule,
with its bona fide error provision and
additional safe harbors for certain data
points. As discussed in part VII, the
Bureau is also providing a grace period
for lenders during which it does not
intend to assess penalties for errors, so
long as lenders engaged in good faith
compliance efforts.
Regarding the assertion that a threeyear compliance period more closely
adhered to the expectation in the
statute, the Bureau notes that text of the
statute does not identify a specific
compliance period, much less one as
specific as three years. The Bureau
interprets section 1071 as requiring a
compliance period that best advances
the statutory purposes of the rule. For
the reasons specified above, the Bureau
believes that its tiered compliance
provision does this. In any case, the
Bureau believes that the majority of
covered financial institutions will report
data with Tier 3, and thus will have 33
months to comply with the rule from its
issuance.
Other regulations. Regarding the
comments that other comparably
complex regulations—such as the 2015
HMDA rule, CRA, the TILA/RESPA
integrated disclosure rule, and FinCEN’s
customer due diligence rule—provided
for more time to comply that the
proposed 18-month compliance period,
the Bureau agrees that these other rules
may be instructive as to how much time
smaller and mid-sized lenders might
need to prepare to comply with this
rule. However, the Bureau does not
believe that this necessitates a single
compliance period of three years.
The Bureau acknowledges the
comment that, unlike the 2015 HMDA
rule, this rule does not involve building
PO 00000
Frm 00298
Fmt 4701
Sfmt 4700
on an existing system but rather making
a new data collection system, and that
smaller-volume lenders in particular
should therefore have closer to three
years to comply. The Bureau also
acknowledges that this rule, unlike
HMDA, encompasses different credit
products for small businesses which
may use or require different processes,
systems, and personnel.
The Bureau agrees that smallervolume lenders should have more time
because they are more likely to have to
build new systems and face challenges.
The Bureau believes that larger lenders
are less likely to have to start from
scratch in complying with this rule, that
they are more likely to be familiar with
concepts from this rule borrowed or
analogous to provisions in other existing
data collection regulations, such as
HMDA and CRA. This remains true
even if larger lenders are more likely
than smaller lenders to offer different
credit products for small businesses
which use different processes, systems,
and personnel.
The Bureau acknowledges
commenters’ concerns that based on
industry experience with the 2015
HMDA rule, vendors were not likely to
be ready in time for lenders to comply
with this rule. The Bureau believes that
the tiered compliance provision will
give vendors time to work with covered
financial institutions on a timely basis
by spreading out software needs across
three compliance dates. Vendors will be
able to focus on smaller-volume lenders
in Tiers 2 and 3, avoiding the hasty
implementation or inattentive or
delayed service commenters mentioned
experiencing in complying with the
2015 HMDA rule and the TILA/RESPA
integrated disclosure rule.
The Bureau acknowledges comments
that the Bureau to provide leniency
regarding data accuracy for initial
submissions after the 2015 HMDA rule,
and that lenders spent hours reviewing
data to avoid errors and resubmissions
under HMDA. The Bureau notes that the
final rule contains provisions—
including the bona fide error provision
and the various safe harbors for several
data points—that relieve lenders of the
need to provide perfectly accurate data,
especially in early submissions of data.
As discussed in part VII below, the
Bureau is also providing a grace period
for lenders during which it does not
intend to assess penalties for errors.
The Bureau appreciates the concerns
that vendors may need time to make
inquiries to obtain clarity on the
provisions of this final rule after its
release to deploy solutions, as they did
with the TILA/RESPA integrated
disclosure rule. The Bureau intends to
E:\FR\FM\31MYR2.SGM
31MYR2
lotter on DSK11XQN23PROD with RULES2
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
work with vendors to answer inquiries
about this rule as early as possible. The
Bureau is releasing certain compliance
aids and guides concurrently with the
final rule to assist vendors in advance
of the compliance dates; with previous
rules; in the past, such materials were
only made available months after the
release of final rules. The Bureau
believes that the leeway the Bureau is
providing, in the form of the grace
periods for all three compliance tiers,
also may give vendors more time to test,
adjust and improve their systems.
Regarding the comments that
experiences with past regulations are
irrelevant, the Bureau disagrees that
experience with past rules will not help
lenders comply more quickly with this
rule. The Bureau believes that
experienced lenders, especially larger
ones, have developed institutional
knowledge and infrastructure in
complying with regulations that will
enable them to adapt to more quickly to
new rules than lenders without such
experience. The Bureau believes that the
experience with data collection
regulations, such as HMDA and CRA, is
particularly relevant to compliance with
this rule.
Industry-specific rationales. The
Bureau finds compelling the comments
arguing that smaller-volume lenders—
including FCS lenders, community
banks, small credit unions, CDFIs, and
start-up lenders—would face greater
challenges and costs in complying with
the rule within the proposed 18-month
period. The Bureau gives particular
weight to concerns of other regulators
that small financial institutions may
need closer to three years to comply
with the rule because they face
particular challenges in
implementation.
In short, the Bureau finds the specific
explanations compelling and
reasonable—larger banks, as
commenters pointed out, have more
resources for compliance efforts, while
smaller and even midsized banks may
have less resources to, for instance, pay
for staff for overtime or other short-term
capacity to comply within 18 months.
The Bureau also believes that small and
mid-sized financial institutions will be
a lower priority for vendors, based on
the Bureau’s outreach and comments by
smaller lenders that experienced this in
complying with past Bureau
rulemakings. All of this suggests that
smaller and, to a lesser extent, midsized financial institutions may face a
tradeoff between speedy compliance
and expending resources that larger
lenders do not face.
The Bureau acknowledges the
comment that mid-sized banks may face
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
challenges standing up systems in 18
months despite their best efforts. The
Bureau believes, however, that relative
to the lenders with the smallest volume
of small business loans, middle-volume
lenders tend to have more resources and
are more capable of complying
somewhat more quickly with this rule.
The Bureau believes that while a 33month compliance period may be
appropriate for smaller-volume lenders,
a two-year compliance period is
appropriate for middle-volume lenders.
Regarding the comment that the
Bureau should consider a longer
compliance period based on its capacity
to collect data from non-depository
institutions subject to the rule, the
Bureau believes the challenge may be
ensuring compliance by nondepositories that have not previously
been subject to Federal data collection
regimes. Nonetheless, the Bureau
believes that larger non-depository
lenders are likelier to be able to prepare
to comply with this rule more readily
while smaller volume lenders have
additional time to prepare to comply.
Regarding the comments that the
Bureau should provide three years to
comply because the proposed 18-month
period is not tenable for motor vehicle
dealers in general and small dealerships
in particular, the Bureau observes that
motor vehicle dealers are not covered
financial institutions under this rule.
Moreover, as described in the sectionby-section analysis of § 1002.109(a)(3),
the Bureau believes that motor vehicle
dealers are often the last entity with
authority to set the material credit terms
of the covered credit transaction, and so
are generally unlikely to be collecting
small business lending data on behalf of
other reporting financial institutions.
More than three years. Regarding the
comment that the Bureau should adopt
a compliance period of three to five
years because community banks would
have to make hard decisions on staffing
and lending capacity, resulting in
potential market exit, the Bureau does
not believe that such a lengthy
compliance period is necessary for all
financial institutions. The Bureau is
providing Tier 3 lenders—which the
Bureau believes will include many
smaller community banks—33 months,
or nearly three years, to prepare to
comply with the final rule. The
commenter did not provide any details
that would justify an even lengthier
compliance period.
Tiered compliance. Regarding the
large number of comments received
from industry commenters that
requested tiered compliance—often as
an alternative to a single compliance
PO 00000
Frm 00299
Fmt 4701
Sfmt 4700
35447
date longer than 18 months—the Bureau
agrees for the reasons set out above.
The Bureau appreciates industry
comments in support of tiered
compliance periods on the grounds that
such a system would give smaller
lenders would have more time to
comply with the rule, including that the
scope and complexity of the rule and
the need to test systems to ensure
accurate reporting would be particularly
challenging to smaller lenders.
The Bureau observes that many
commenters that requested tiered
compliance periods on the grounds that
smaller banks and credit unions,
especially those serving rural and
underserved communities, needed more
time to comply to have time to
implement new compliance software.
The Bureau acknowledges the
comments identifying discrete steps in
the process of implementing software,
including finding vendors, giving
vendors time to develop software,
planning and executing network
changes, and training staff but notes that
these steps are not unique to smaller or
mid-sized lenders. The Bureau observes
that smaller-volume lenders may find
these steps more challenging for a
number of reasons already articulated
above. The Bureau acknowledges that
smaller lenders may have little
bargaining power with vendors and are
often the last to receive system
upgrades. The Bureau believes that
tiered compliance dates are justified
because hasty implementation by
smaller banks facing difficulties
implementing this rule may result in
inaccurate data.
The Bureau acknowledges certain
factors identified by commenters, such
as the need for lenders to hire and/or
train additional compliance staff, train
existing lending staff, educate customers
on the content of the rule, are not
unique to smaller lenders. However, the
Bureau believes that smaller-volume
lenders, especially those without
previous experience complying with
data collection rules, may face more
challenges with all of these factors than
larger lenders.
The Bureau agrees with the comments
that smaller financial institutions—
including CDFIs, credit unions, and
lenders servicing rural and underserved
communities—should have a later
compliance date to learn from moneycenter banks. The Bureau agrees that
tiered compliance is important for
lenders inexperienced with data
collection rules to give them time to
build compliance infrastructure. The
Bureau agrees that such lenders may
face more challenges than depository
institutions in complying quickly with
E:\FR\FM\31MYR2.SGM
31MYR2
lotter on DSK11XQN23PROD with RULES2
35448
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
this rule, needing to create compliance
training programs from scratch, and that
they may have a harder time obtaining
expertise to implement compliance
software and procedures. The Bureau
agrees with the comment that banks
with no HMDA compliance experience
may need more time to comply with this
rule than larger banks with such
experience. The Bureau believes that the
experience of larger banks with HMDA
will enable them to more quickly
comprehend this rule and implement
compliance systems for this rule. This
experience will also enable such banks
to train their staffs more quickly. The
Bureau further agrees that, under a
tiered compliance system, smallervolume lenders may learn from the
earlier implement of large banks, and
that tiered compliance would give
smaller lenders more time to resolve
unanticipated issues.
The Bureau believes that industry
experience with the staggered effective
dates in the Financial Accounting
Standards Board’s Current Expected
Credit Loss rule somewhat informs the
final tiered compliance provision. The
Bureau believes that the approach taken
by the Financial Accounting Standards
Board and other Federal regulators
regarding the Current Expected Credit
Loss rule support the Bureau’s approach
here.
Regarding the number of compliance
date tiers, the Bureau believes that the
three tiers included in this final rule are
more appropriate than two as suggested
by some commenters, for the reasons
already articulated. However,
commenters distinguished not just
between smaller and larger lenders;
comments also identified mid-volume
lenders as facing unique issues in
complying with the rule, occupying a
space between large and small lenders.
Mid-volume lenders face certain
challenges complying with the rule
compared to larger lenders, but have
greater resources and, often, more
experience with Federal regulations and
data collections than small lenders.
Regarding the comments supporting
the adoptions of three compliance tiers,
the Bureau agrees. Regarding the
comment that the Bureau should adopt
three compliance tiers, giving the largest
lenders one year to comply, mediumsized lenders two years, and small
lenders three years, the Bureau agrees in
part. The Bureau agrees that earlier
compliance dates are justified for large
lenders because they have greater staff
expertise, as well as capacity and
resources, to comply with data
collection regulations. However, the
Bureau believes that a one-year
compliance period may be insufficient
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
for many larger financial institutions to
comply with this rule.
Regarding the comment that the third
compliance tier should include trusted
small business lenders, the CFPB
intends to propose, in a follow-on notice
of proposed rulemaking, that lenders
with strong records under the CRA or
other relevant frameworks be permitted
additional time to come into compliance
with the rule. That approach is
consistent with the statutory purposes
of the rule.
Regarding the request for tiered
compliance starting not less than three
years after the final rule, the Bureau
does not believe such an approach
would be appropriate, for the reasons
specified above concerning the request
for a single three-year compliance
period. The Bureau believes that a threeyear period for the earliest tier is
inconsistent with the statutory purposes
of the rule because larger volume
financial institutions are capable of
adequate compliance with this rule
within 18 months. Further delay for
these lenders would result in a longer
period during which data are
unavailable to facilitate the enforcement
of fair lending laws or to identify
business and community development
needs and opportunities.
Regarding the requests that the
Bureau use asset size to determine
compliance date tiers, the Bureau
acknowledges that asset size can
sometimes be a proxy for determining
the resources and capacity a lender has
to prepare to come into compliance with
the rule. It is also a simple metric to
implement, given that there are
recognized standards for reporting
assets. The Bureau agrees that
institutions with less assets often have
smaller compliance and information
technology staffs.
However, the Bureau notes that this
rule applies to non-depository
institutions as well. Some such lenders
may have high volumes of originations
but relatively low assets. As a result, the
Bureau observes that asset size may not
be as reliable a proxy for the capacity
and resources a non-depository
institution has to comply quickly with
the rule. The Bureau believes that
volume of originations is, in the context
of small business lending, a better proxy
than asset size for determining the
capacity of a lender to comply with this
rule. The Bureau also believes that
tiering based on volume of originations
is proportional to the interest a lender
would have in complying with this rule,
regardless of asset size.
Regarding the comments opposing
tiered compliance dates, the Bureau
appreciates that this rule represents a
PO 00000
Frm 00300
Fmt 4701
Sfmt 4700
great change for small and large
financial institutions that may proceed
through similar steps to implement the
rule, including understanding the rule,
changing processes, building and testing
systems, training staff, and adding
procedures and controls. The Bureau
does not believe, however, that the
magnitude of challenges lenders face is
the same regardless of the size or
capacity of the institution. The Bureau
believes that the largest volume lenders
that will be in Tier 1 have the capacity
to comply with this rule within 18
months, especially given the leeway
provided by this rule—in the form of the
bona fide error thresholds and safe
harbors—and by the grace period to
report data that is sufficiently accurate.
The Bureau agrees with the comment
that limiting access to small business
credit could have a negative impact on
the economy, but does not believe the
final tiered compliance date provision
would ‘‘inevitably’’ result in any
diminishing of access to credit for small
businesses, as discussed in more detail
in part IX below.
Regarding the comment opposing
tiered compliance dates on the grounds
that 18 months was sufficient for all
institutions, the Bureau disagrees for the
reasons specified above. While many
smaller-volume lenders may be able to
comply within 18 months, the Bureau
believes that many such lenders may
find it challenging to comply within 18
months. Regarding the comment that
financial institutions have had since the
release of the NPRM in September 2021
to begin preliminary planning to comply
with this rule, the Bureau agrees in part.
While the final rule differs from the
NPRM in several aspects, many
provisions are based on statutory
requirements—such as the mandatory
data points, the firewall provision, the
recordkeeping requirements, and the
privacy analysis—and would have been
finalized in some manner, permitting
some planning for financial institutions
concerned with preparing for
implementation well in advance of the
eventual compliance date. The Bureau
does not believe, however, that the
September 2021 release of the NPRM
gives smaller volume lenders the ability
to comply with this rule within 18
months of its issuance.
Regarding the comment that the
proposed compliance period of 18
months would give banks just six
months to collect data to do a trial run
with one year of data before compliance
date, the Bureau observes that smaller
volume lenders in Tiers 2 or 3 would
have more time to test their collection
systems. The Bureau also notes that
pursuant to final § 1002.114(c)(1), all
E:\FR\FM\31MYR2.SGM
31MYR2
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
financial institutions may start
collecting data one year before their
respective compliance dates, giving
especially smaller-volume lenders more
time to test their systems.
114(c) Special Transitional Rules
lotter on DSK11XQN23PROD with RULES2
The Bureau is adopting two
transitional rules in § 1002.114(c) to
facilitate the initial compliance of
financial institutions with subpart B.
Final § 1002.114(c)(1) permits, but does
not require, financial institutions as
described by § 1002.114(b)(1) through
(3) to collect information regarding
applicants’ minority-owned business
status, women-owned business status,
LGBTQI+-owned business status, and
the ethnicity, race, and sex of
applicants’ principal owners under final
§ 1002.107(a)(18) and (19) beginning 12
months prior to the financial
institution’s applicable compliance date
as set forth in § 1002.114(b)(1) through
(3). A financial institution collecting
such information pursuant to
§ 1002.114(c)(1) must do so in
accordance with the requirements set
out in §§ 1002.107(a)(18) and (19),
1002.108, and 1002.111(b) and (c). In
addition, comment 114(c)–2 clarifies
that a financial institution that receives
an application prior to its compliance
date under § 1002.114(b), but takes final
action on the application after the
compliance date, is not required to
collect data regarding that application
under § 1002.107 and not required to
report the application pursuant to
§ 1002.109.
Final § 1002.114(c)(2) permits a
financial institution that is unable to
determine the number of originations of
covered credit transactions for small
businesses for calendar years 2022 and
2023, because for some or all of this
period it does not have readily
accessible the information needed to
determine whether its covered credit
transactions were originated for small
businesses as defined in § 1002.106(b),
to use a reasonable method to estimate
its originations to small businesses for
either or both of the calendar years 2022
and 2023.
The Bureau believes that these
transitional rules pursuant to its
authority under ECOA section
704B(g)(1), are necessary to carry out,
enforce, and compile data pursuant to
section 1071.
114(c)(1) Collection of Certain
Information Prior to a Financial
Institution’s Compliance Date
Proposed Rule
Proposed § 1002.114(c)(1) would have
provided that a financial institution that
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
will be a covered financial institution as
of the compliance date in proposed
§ 1002.114(b) is permitted, but not
required, to collect information
regarding whether an applicant for a
covered credit transaction is a minorityowned business under proposed
§ 1002.107(a)(18), a women-owned
business under proposed
§ 1002.107(a)(19), and the ethnicity,
race, and sex of the applicant’s principal
owners under proposed
§ 1002.107(a)(20) beginning 12 months
prior to the compliance date. A financial
institution collecting such information
pursuant to proposed § 1002.114(c)(1)
would have been required to do so in
accordance with the requirements set
out in proposed §§ 1002.107(18) through
(20) and 1002.108.
The Bureau sought comment on the
approach in this proposal.
Comments Received
A joint letter from several trade
associations supported the proposed
provision permitting early collection of
data. A community group agreed with
the reasoning and approach to allowing
voluntary reporting by financial
institutions, inquired whether the
Bureau was permitting voluntary
reporting of date only for demographic
information, and suggested that to
permit the reporting of only
demographic information would be of
limited use. A business advocacy group
commended the Bureau for encouraging
the reporting of data before the start of
the compliance period, and encouraged
the Bureau to offer incentives to enable
collection of data as early as possible to
help enable the analysis of fair lending.
Several CDFI lenders suggested that
mission-oriented lenders ready to report
data in 18 months should be able to opt
in. Two banks recommended that the
12-month period of voluntary collection
in advance of the compliance date
should be extended further, noting that
such a transitional period would be a
critical period for lenders to implement,
test, and if necessary, modify data
collection and maintenance processes
and systems before the compliance date.
One trade association requested that the
Bureau clarify that applications
submitted before the compliance date,
but approved after the compliance date,
not be considered covered applications
for purposes of determining coverage.
Final Rule
The Bureau is finalizing
§ 1002.114(c)(1), maintaining the
provision in principle but making
several changes. First, final
§ 1002.114(c)(1) permits, but does not
require, a financial institution that will
PO 00000
Frm 00301
Fmt 4701
Sfmt 4700
35449
be a covered financial institution by the
compliance dates set out in
§ 1002.114(b)(1) through (3) to collect
protected demographic information
pursuant to § 1002.107(a)(18) and (19)
beginning 12 months prior to the
compliance date applicable to that
financial institution. This regulatory
text has been adjusted to account for the
change from a single compliance date in
proposed § 1002.114(b) to the three
different compliance dates in final
§ 1002.114(b)(1) through (3). Second,
final § 1002.114(c)(1) clarifies that any
protected demographic information
collected under this provision must
comply with the requirements of
§ 1002.107(a)(18) and (19), and
§ 1002.108, as proposed, and adds a new
requirement that any demographic
information collected must comply with
the requirements of § 1002.111(b) and
(c). Third, final § 1002.114(c)(1) clarifies
that a financial institution that receives
an application prior to its compliance
date specified in § 1002.114(b), but takes
financial action on or after that
compliance date, is not required to
collect data regarding that application
pursuant to § 1002.107 nor to report the
application pursuant to § 1002.109.
The Bureau is also finalizing new
comments 114(b)–1 through 4.
Comment 114(b)–1 specifies the
provisions of this rule that a covered
financial institution must comply with
by the compliance date that applies to
it under § 1002.114(b). Comment
114(b)–2 specifies the provisions of this
rule that covered financial institutions
that must comply with the initial partial
year collection pursuant to
§ 1002.114(b)(1), from October 1, 2024
through December 31, 2024. Comment
114(b)–3 establishes informal names for
compliance date provisions (Tier 1, Tier
2 and Tier 3) to facilitate discussion of
the compliance dates specified in
§ 1002.114(b)(1), (2), and (3). Comment
114(b)–4 illustrates the application of
§ 1002.114(b) to determine the
compliance dates of a variety of
financial institutions, based on a variety
of volumes of originations of covered
credit transactions to small businesses.
The Bureau believes that this
provision will give financial institutions
time to test their procedures and
systems for compiling and maintaining
this information in advance of actually
being required to collect and
subsequently report it to the Bureau.
Under this provision, financial
institutions will have time to adjust any
procedures or systems that may result in
the inaccurate compilation or
maintenance of applicants’ protected
demographic information, the collection
of which is required by section 1071 but
E:\FR\FM\31MYR2.SGM
31MYR2
lotter on DSK11XQN23PROD with RULES2
35450
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
otherwise generally prohibited under
ECOA and Regulation B. (Financial
institutions could of course collect the
other information that would be
required by this proposed rule at any
time, without needing express
permission in Regulation B to do so.)
The Bureau believes that this provision
will facilitate compliance and improve
the quality and accuracy of the data
reported to the Bureau and therefore is
necessary to carry out, enforce, and
compile data pursuant to section 1071,
and will carry out the purposes of
ECOA, and is necessary or proper to
effectuate the purposes of ECOA and
facilitate or substantiate compliance
therewith.
Regarding the question as to whether
the proposed provision permits
voluntary reporting only of protected
demographic information, the Bureau
observes that the provision actually only
permits the collection, not reporting, of
demographic information. The
provision is necessary because, in its
absence, ECOA and § 1002.5(b) of
Regulation B would otherwise prohibit
creditors from collecting such
demographic information, while
creditors are not prohibited by ECOA
and Regulation B from collecting the
other data points required by this rule.
Regarding the comments encouraging
the Bureau to offer incentives to collect
data as early as possible to help enable
the analysis of fair lending, the Bureau
notes that the provision exists only to
help financial institutions better prepare
to comply with the rule. The Bureau is
not adopting any additional incentives,
as suggested by commenters, and indeed
it is unclear what incentives it might
offer to further encourage early
reporting.
Regarding the comment that missionoriented lenders ready to report data in
18 months should be able to opt in, the
Bureau agrees. Regarding the request to
extend the transitional period further
such that financial institutions could
collect protected demographic
information without being required to
report it for a period longer than 12
months, the Bureau acknowledges these
concerns but does not believe such a
change would be appropriate. The
Bureau’s decision to provide most
smaller-volume financial institutions
additional time by way of tiered
compliance dates, as well as a grace
period during which it does not intend
to exercise its supervisory or
enforcement authorities, all give
financial institutions additional time
and leeway to establish their
compliance systems. Further,
institutions seeking longer periods to
collect demographic information would
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
not necessarily have even one year of
information upon which to base a
determination that they may have to
begin preparing to comply with the rule,
potentially resulting in the collection
(but not reporting) of protected
demographic data in a way that
completely overrides the general
prohibition in existing § 1002.5(b).
Regarding the request to clarify that
applications submitted before the
compliance date, but approved after, not
be considered covered applications, the
Bureau agrees that such clarity is useful
and thus final § 1002.114(c)(1) addresses
and implements this request.
114(c)(2) Determining Which
Compliance Date Applies to a Financial
Institution That Does Not Collect
Information Sufficient To Determine
Small Business Status
Proposed Rule
Proposed § 1002.114(c)(2) would have
provided that for purposes of
determining whether a financial
institution is a covered financial
institution under proposed
§ 1002.105(b) as of the compliance date
specified in proposed § 1002.114(b), a
financial institution would be
permitted, but not required, to use its
originations of covered credit
transactions for small businesses in the
second and third preceding calendar
years (rather than its originations in the
two immediately preceding calendar
years).
The Bureau sought comment on the
approach in this proposal.
Comments Received
A joint letter from trade associations
representing the commercial real estate
industry supported the proposed
provision and suggested an edit to the
regulatory text of proposed
§ 1002.114(c)(2) specifying that a
financial institution is permitted, but
not required, to use its originations in
the first two full calendar years after the
effective date of the rule, rather than its
originations in the two immediately
preceding calendar years.
A joint letter from trade associations,
in commenting on the proposed
compliance date, claimed that 18
months was not enough time to
determine covered financial institution
status pursuant to § 1002.105(b) because
lenders would be required to collect
gross annual revenue data to determine
the small business status of their
originations for purposes of originations
thresholds, but they could not collect
such data until after the publication of
the final rule. The commenter noted that
many lenders do not collect gross
PO 00000
Frm 00302
Fmt 4701
Sfmt 4700
annual revenue for their commercial
loans (e.g., investment property loans
are underwritten based on net operating
income), and that some lenders that
collected gross revenue data did not
have it readily accessible. The
commenter requested a longer
compliance period to give lenders time
to understand the content of the final
rule before the start of a calendar year
to track originations for small
businesses to avoid retroactive
application of the final rule. The
commenter suggested, instead, a twocalendar-year period to collect gross
annual revenue data, followed by the
compliance date starting the third
calendar year for those financial
institutions that determine they are
covered. The commenter noted that its
proposed schedule was a minimum, and
was predicated on having a gap between
publication of the final rule and the start
of the first calendar year during which
lenders would track the small business
status of originations, and that the
Bureau published technical
specifications sufficiently in advance of
the third calendar year. A trade
association, also commenting on the
compliance period, claimed that two
years would allow for implementation
by lenders, would provide time to track
originations of covered transactions and,
therefore, the small business status of
applicants, and would allow lenders to
make changes necessary to achieve the
statutory purposes of the rule.
Final Rule
The Bureau is not finalizing
§ 1002.114(c)(2) as proposed. The
Bureau is instead implementing a
different provision stating that a
financial institution that is unable to
determine the number of covered credit
transactions it originated for small
businesses for calendar years 2022 and
2023 for purposes of determining its
compliance date pursuant to
§ 1002.114(b), because for some or all of
this period it does not have readily
accessible the information needed to
determine whether its covered credit
transactions were originated for small
businesses as defined in § 1002.106, is
permitted to use any reasonable method
to estimate its originations to small
businesses for either or both of the
calendar years 2022 and 2023. The
Bureau is also implementing new
comments 114(c)–3 through –6.
Comment 114(c)–3 specifies
circumstances under which a financial
institution has readily accessible the
information needed to determine the
small business status of its covered
credit transactions for purposes of
determining its compliance date. Final
E:\FR\FM\31MYR2.SGM
31MYR2
lotter on DSK11XQN23PROD with RULES2
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
comment 114(c)–4 specifies certain
circumstances under which a financial
institution does not have readily
accessible the information needed to
determine small business status of its
covered credit transactions for purposes
of determining its compliance date.
Final comment 114(c)–5 identifies three
reasonable methods that may be used by
financial institutions to estimate the
number of covered credit transactions
for small businesses for purposes of
determining its compliance date. Final
comment 114(c)–6 provides examples of
financial institutions applying each of
the three reasonable methods identified
in comment 114(c)–5 by financial
institutions, as well as financial
institutions applying reasonable
methods not specified in comment
114(c)–5, to estimate the number of
covered credit transactions for purposes
of determining its compliance date.
The Bureau believes that, in the
context of the proposed single
compliance date, proposed
§ 1002.114(c)(2) would have provided
greater clarity and certainty to financial
institutions as to whether or not they
would be covered financial institutions.
This may have been particularly
important for those financial
institutions that originated a volume of
covered credit transactions close to the
threshold under proposed § 1002.105(b)
and a single compliance date. The
Bureau believed this provision would
have been necessary to carry out,
enforce, and compile data pursuant to
section 1071.
However, because of the changes to
the compliance date provision in final
§ 1002.114(b), from a single compliance
date to several tiers of compliance dates,
the Bureau believes that § 1002.114(c)(2)
as originally proposed may no longer
effectively serve the purposes for which
it was originally intended. The Bureau
believes that because the final rule
provides for several compliance dates,
the optionality provided by proposed
§ 1002.114(c)(2) is no longer necessary
and may even make compliance more
confusing. The transition to several
compliance dates in the final rule, from
a single compliance date in the
proposal, means that many lowervolume financial institutions will have
one to two years in advance of their
compliance date to determine whether
they are covered financial institutions
that must report data at all. For instance,
an institution with a compliance date of
January 1, 2026, based on its annual
originations in 2022 and 2023, may not
be a covered financial institution at all
by its compliance date if it has less than
100 annual originations in 2024 or 2025.
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
The Bureau received one comment
directly addressing proposed
§ 1002.114(c)(2). By contrast, the Bureau
received multiple comments on the
difficulty that some financial
institutions may face in determining
their coverage under this rule, and
therefore their compliance date, because
they do not collect information on the
gross annual revenue of their applicants
for business credit. Some industry
commenters, as set out in the sectionby-section analysis of § 1002.107(a)(14),
noted either that they did not collecting
data on gross annual revenue of some
small business applicants, or that there
would be difficulties in collecting such
data.
In response to these comments, the
Bureau has revised § 1002.114(c)(2) to
provide greater flexibility for those
financial institutions that do not have
ready access to data on gross annual
revenue to determine what compliance
date will apply to them for purposes of
§ 1002.114(b). Because of the changes to
this rule after the proposal, the Bureau
believes that this provision, as finalized,
will provide greater clarity and certainty
to those financial institutions that do
not currently collect gross annual
revenue data as to which compliance
date will apply to them. This will be
particularly important for those
financial institutions that originated a
volume of potentially covered credit
transactions close to the threshold
under § 1002.105(b), and those financial
institutions that originated a volume of
potentially covered credit transactions
close to the thresholds in § 1002.114(b).
The Bureau believes this provision is
necessary to carry out, enforce, and
compile data pursuant to section 1071.
Appendix E to Part 1002—Sample Form
for Collecting Certain ApplicantProvided Data Under Subpart B
Proposed Rule
The Bureau proposed a sample data
collection form that financial
institutions could choose to use to
collect minority-owned business status,
women-owned business status, and
principal owners’ ethnicity, race, and
sex. The proposed sample data
collection form would have been similar
to the HMDA data collection form and
would have included a notice of the
applicant’s right to refuse to provide the
information as well as an explanation of
why the financial institution is
requesting the information. The sample
data collection form would have also
included the definitions of minority
individual, minority-owned business,
principal owner, and women-owned
business as they would have been
PO 00000
Frm 00303
Fmt 4701
Sfmt 4700
35451
defined in proposed § 1002.102(l), (m),
(o), and (s), respectively.
Additionally, to aid financial
institutions with the collection of the
information in proposed
§ 1002.107(a)(21), the sample data
collection form would have included a
question about the applicant’s number
of principal owners. The sample data
collection form would have also
included language that a financial
institution would have been able to use
to satisfy the notice requirement under
ECOA section 704B(d)(2) if it
determined that one or more employees
or officers should have access to the
applicant’s protected demographic
information pursuant to proposed
§ 1002.108(b)(2).
The Bureau requested comment on
the proposed sample data collection
form, including the proposed language
for the notice under ECOA section
704B(d)(2). The Bureau also generally
requested comment on whether to
provide additional clarification
regarding any aspect of the sample data
collection form or the related notice
provided pursuant to ECOA section
704B(d)(2). In addition, the Bureau
sought comment on whether the sample
data collection form should identify the
Bureau to applicants as a potential
resource in connection with their
applicable legal rights or for additional
information about the data collection,
including concerns regarding noncompliance. It also sought comment on
whether financial institutions need
additional information on how to adapt
this form for use in digital modes of data
collection, and, if so, what specific
information would be most useful. The
Bureau further requested comment on
whether a sample data collection form
in Spanish or other languages would be
useful to financial institutions.
Comments Received
Commenters were generally
supportive of the Bureau’s inclusion of
a sample data collection form in the
final rule, stating that the sample data
collection form would help financial
institutions meet the demographic data
collection requirements.
Several commenters had suggestions
for language to add to the proposed
sample data collection form. One trade
association suggested that the data
collection form disclose, as the
beginning, that the applicant is not
required to respond to the questions,
and second inquire as to whether the
applicant is a small business based on
its gross annual revenue and establish
that the form is not required if the
applicant is not a small business. One
bank commented that the form should
E:\FR\FM\31MYR2.SGM
31MYR2
lotter on DSK11XQN23PROD with RULES2
35452
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
include language, in bold, to the
applicant stating that the information
provided will not be used against them
and is not derogatory.
A bank urged providing an option on
the proposed form for an applicant to
indicate if the applicant’s principal
owner was present when the form was
completed or if the responses were
provided by the principal owner, to
lessen confusion and discomfort during
the application process. The bank stated
such an option would also improve data
quality where a financial institution
does not meet with a principal owner in
person and thus cannot make ethnicity
and race determinations on the basis of
visual observation and/or surname
analysis. A trade association suggested
including options to indicate on the
form if the applicant declined to answer
and that the applicant was not available,
which could be used if an applicant
representative was uncertain of an
absent principal owner’s ethnicity, race,
and/or sex or was unsure if the
principal owner wished to provide such
information.
A community group commenter
recommended that the sample data
collection form include a notice that the
Americans with Disabilities Act
prohibits discrimination in lending
practices on the basis of an applicant’s
disability.
An individual commenter suggested
that applications include an explanation
of why the Bureau is collecting
protected demographic information after
a demographic information collection
section, which would allow an
applicant to make an informed decision
in providing information and know who
to contact in the event of
discrimination.
A bank and a trade association stated
that the proposed sample data collection
form is misleading because it would
have indicated that the demographic
information is required and would not
have stated that the borrower has the
right to refuse to provide the requested
information. In contrast, however, a
CDFI lender supported the statement on
the proposed form that applicants are
not required to provide the information
requested but are encouraged to do so.
This commenter also supported the
notice on the sample form that while
provided information could not be used
to discriminate against the applicant,
some employees may have access to the
information.
Some lenders and trade associations
expressed concerns about the text on the
proposed sample form that would have
disclosed that, if an applicant does not
provide ethnicity, race, or sex
information for at least one principal
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
owner and the financial institution
meets with a principal owner in person
or via electronic media with an enabled
video component, the financial
institution is required by Federal law to
report at least one principal owner’s
ethnicity and race based on visual
observation and/or surname. Some of
these commenters, who also opposed
the proposed visual observation and
surname data collection requirement
this language would have referenced,
stated that the proposed disclosure
language may discourage an applicant
from seeking an in-person meeting with
the financial institution or pressure
applicants to provide the information to
avoid inaccurate guesses by bank
employees or officers. Other
commenters requested that the
disclosure about the proposed visual
observation and surname data collection
requirement be removed from the form,
because it would inform an applicant
that the financial institution will be
collecting information about their
principal owners’ ethnicity and race
regardless of their choice to not provide
the information. A joint letter from
several trade associations representing
the commercial real estate industry
opposing the proposed visual
observation and surname data collection
requirement stated that the related
disclosure language on the proposed
form should be removed if the data
collection requirement is not adopted
for the final rule.
Some community groups, a CDFI
lender, and a joint trade association
letter recommended that the Bureau
provide non-English translations of any
sample forms, including in Spanish.
Two community groups suggested that
the data collection form be provided in
English, Spanish, and Mandarin
Chinese. They stated that providing the
forms in multiple languages would help
reduce confusion and help lenders.
Other community groups and a lender
suggested that the proposed form be
provided in at least the top ten spoken
languages in the United States, as
determined by the Census, so applicants
can understand the data being collected
and its context. They stated that the
translations are necessary to honor the
statutory intent, and that immigrants are
more likely to start businesses than nonimmigrants, and research shows that
many immigrants and immigrant
entrepreneurs have limited English
proficiency, which leads to difficulties
in navigating the financial marketplace.
A trade association and a bank
requested flexibility to solicit responses
to the questions on the proposed sample
collection form across different
circumstances, and specifically asked
PO 00000
Frm 00304
Fmt 4701
Sfmt 4700
for clarification that financial
institutions could list the response ‘‘I do
not wish to provide this information,’’
as the first response option and not the
last, as it is listed for all the proposed
questions on the form. The commenters
also asked for flexibility, when using an
electronic data collection form, to
collapse subcategories of questions, so
that they appear only when an applicant
clicks on a question to facilitate
readability. The commenters also asked
for clarification for applications taken
orally, as to whether all categories of
responses must be read to the applicant,
even if the applicant has responded to
an earlier response option. These
commenters also requested a safe harbor
from liability for not using the language
of the sample data collection form when
taking a covered application orally,
stating that some words on the form are
long, complex, and may be difficult for
employees to pronounce. These
commenters also stated that the sample
data collection form should disclose
which data points will be published to
allow applicants to make informed
decisions, address privacy concerns,
and improve data quality.
Some commenters had suggestions for
additional forms or materials the Bureau
should issue. A trade association stated
that the Bureau should create a
business-specific form to request
information, which the commenter
stated should be optional for financial
institutions to use. Several commenters,
including banks, community groups,
and a minority business advocacy
group, asked the Bureau to create a
uniform or model data collection or
application form. The commenters
generally stated that such a form would
facilitate accurate data collection. One
bank asserted that the likelihood of a
respondent providing information
would be higher, citing Paycheck
Protection Program data that the
majority of applicants chose not to
provide demographic information. The
bank stated that absent a uniform CFPBissued form, collection and the resulting
data will be flawed. Two commenters
cited the HMDA model application
forms as an example of such a uniform
application, which one said effectively
explains to borrowers why data are
being collected and encourages
completion of the data while also giving
the borrower some assurance that they
will not be discriminated against for
either furnishing (or not) the data. A
trade association and a bank urged the
Bureau to create a specific data
collection form for loans covered by
HMDA and by section 1071, if HMDAreportable loans are included in the
E:\FR\FM\31MYR2.SGM
31MYR2
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
lotter on DSK11XQN23PROD with RULES2
final rule, to facilitate consistent
reporting. A trade association and a
business advocacy group encouraged
the Bureau to evaluate the sample data
collection form and instructions on an
ongoing basis for any necessary changes.
Final Rule
Pursuant to its authority under ECOA
section 704B(g)(1), the Bureau is
finalizing appendix E to help financial
institutions comply with requirements
to collect applicants’ protected
demographic information and to keep
an applicant’s responses to inquiries for
such information separately from the
credit application and accompanying
information. The introductory language
in the sample form includes right to
refuse, firewall, and non-discrimination
notices. When lenders choose to use the
form, this language serves to facilitate
compliance with ECOA section 704B(c)
and, when applicable, 704B(d)(2), as
well as with comment 107(a)(19)–4,
which requires that applicants be
informed that Federal law requires it to
ask for the principal owners’ ethnicity,
race, and sex/gender to help ensure that
all small business applicants for credit
are treated fairly and that communities’
small business credit needs are being
fulfilled. Though the sample form
reflects a number of legal requirements
applicable to collection, the rule does
not require use of the form itself. Rather,
the sample form is intended as a
compliance resource for lenders who
choose to use it.
The Bureau agrees generally with
commenters that the sample data
collection form at final appendix E will
help facilitate financial institutions’
efforts to comply with the data
collection requirements of the final rule,
meet their statutory obligations, and that
it will streamline the data collection
process. To further these goals, the
sample data collection form at final
appendix E reflects edits made by the
Bureau in response to comments
received and further Bureau
consideration. The final version of the
form also considers feedback from user
testing, conducted to learn about small
business owners’ likely experience in
filling out the form and to explore
design and language options to make the
form effective.839
The Bureau received comments
suggesting that the Bureau provide more
guidance or specific text on the form
about the purpose of the data collected
839 CFPB, User testing for sample data collection
form for the small business lending final rule (Mar.
2023), https://www.consumerfinance.gov/dataresearch/research-reports/user-testing-for-sampledata-collection-form-for-the-small-businesslending-final-rule/.
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
through the form. The Bureau agrees
with commenters that it is important to
provide applicants with a general
explanation of the rule and its purpose.
As discussed in the section-by-section
analysis of § 1002.107(a)(19), in
response to similar comments and in
consideration of feedback from the user
testing, comments 107(a)(18)–4 and
107(a)(19)–4 provide that a financial
institution must inform an applicant
that Federal law requires it to ask for the
applicant’s principal owners’ ethnicity,
race, and sex to help ensure that all
small business applicants for credit are
treated fairly and that communities’
small business credit needs are being
fulfilled. The Bureau has also included
sample language for the statement on
the sample form at appendix E. In the
Bureau’s user testing, participants also
generally reflected a preference for
upfront placement of language
establishing that Federal law requires
the collection of the requested
information and emphasizing the
purpose of collecting the information, to
ensure that small business owners are
treated fairly. As revised, the
introduction on the first page of the
final sample data collection form starts
with this statement and also reiterates
the purpose of the data collection in the
last sentence. As discussed in the
section-by-section analysis of
§ 1002.108, the Bureau has also revised
the firewall notice in the introduction.
The Bureau has moved its placement to
the second paragraph of the
introduction. In line with a suggestion
by a commenter, the Bureau has also
generally revised the language of the
non-discrimination notice to emphasize
that the financial institution may not
discriminate against the applicant on
the basis of its answers, by bolding and
capitalizing the phrase, ‘‘Federal law
prohibits discrimination’’ in that
disclosure, along with other edits.840
To accommodate the changes
described above, the right to refuse
notice is now included later in the
introduction. The Bureau received
comments that the proposed sample
data collection form does not state that
applicants have the right to refuse to
provide the information requested—
which the Bureau notes is incorrect—
and a suggestion that the form
emphasize that right at the very
beginning. In the user testing, some
participants also recommended greater
emphasis on the right to refuse.841 After
consideration of all the received
feedback, the Bureau believes that the
introduction of the sample data
840 Id.
at app. A.
841 Id.
PO 00000
Frm 00305
Fmt 4701
Sfmt 4700
35453
collection form appropriately addresses
an applicant’s right to refuse to provide
the information requested. In particular,
the preceding introductory material in
the sample data collection form, as
described above, will inform applicants
about what they are refusing when
exercising that right.
The first page of the final sample form
also includes a question about the
applicant’s business status under final
§ 1002.107(a)(18). Whereas the proposed
sample form originally had separate
inquiries for an applicant’s minorityowned business status and womenowned business status, the final sample
data collection form combines those
questions, along with the inquiry about
whether the applicant is an LGBTQI+owned business, into one question to
streamline the questions on the data
collection form.842 The Bureau also
received feedback during its user testing
of the forms that the term ‘‘business
status’’ was confusing for applicants. In
consideration of that feedback and
comments received generally urging the
Bureau to make the sample data
collection form clearer for applicants,
the Bureau has revised the sample
question heading to read ‘‘Business
ownership status.’’
As discussed in the section-by-section
analysis of § 1002.102(m), the Bureau is
not adopting its proposed definition for
minority individual in the final rule,
because it is incorporating the substance
of the minority individual definition in
the ‘‘minority-owned business’’
definition at final § 1002.102(m). To
facilitate the readability of the combined
business ownership status question on
the final sample data collection form,
the Bureau is including a separate
explanation for what is meant by a
minority individual, which is similar to
the approach to the minority-owned
business question on the proposed
sample data collection form. A financial
institution is permitted to use the
language on the sample form to satisfy
the rule’s requirement to provide certain
definitions when requesting an
applicant’s business status.
The first page of the final sample data
collection form also includes a question
about the number of the applicant’s
principal owners, as did the first page
of the Bureau’s proposed form. The
Bureau has revised the question to
include check boxes for potential
responses instead of a write-in text field
as proposed, to reduce the likelihood of
842 Two versions of a combined question were
tested in the Bureau’s user testing. The version in
final appendix E is the version the Bureau believes
is conceptually simpler for applicants to
understand.
E:\FR\FM\31MYR2.SGM
31MYR2
lotter on DSK11XQN23PROD with RULES2
35454
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
error by applicants in responding to the
question.
Final comments 102(o)–3 and
107(a)(20)–1 clarify that a financial
institution must provide the definition
of principal owner set forth in
§ 1002.102(o) when requesting
information about the number of an
applicant’s principal owners. As
discussed further in the section-bysection analyses of §§ 1002.102(o) and
1002.107(a)(20), in consideration of
overall feedback from commenters to
improve applicant understanding of the
data collection and positive feedback
received in the course of the user
testing, the Bureau has revised the
number of principal owners inquiry on
the final sample data collection form to
use the term ‘‘individual’’ instead of the
term ‘‘natural person’’ when providing
the definition of a principal owner.
As explained in the section-by-section
analysis of § 1002.107(a)(19), the Bureau
has elected to not adopt the proposed
requirement that a financial institution
collect at least one principal owner’s
ethnicity and race information through
visual observation and/or surname
analysis under certain circumstances.
As a result, the Bureau has removed the
proposed disclosure regarding this
requirement from the second page of the
final sample data collection form,
rendering commenters’ objections to the
disclosure moot.
In the Bureau’s user testing, some
participants expressed confusion about
differences between the ethnicity and
race questions on the sample data
collection form. Some users also stated
it was not obvious how many separate
questions they had to answer. To ensure
that the sample data collection form is
clear and easily understood, on the
second page of the form the Bureau has
numbered the sample questions about a
principal owner’s ethnicity, sex (as
‘‘sex/gender’’), and race (from one to
three, in that order) to make more
apparent that the questions are separate
inquiries. The Bureau has also changed
the inquiries on that page to appear as
questions (e.g., for ethnicity, to ask ‘‘Are
you Hispanic or Latino?’’) to make the
substance of each inquiry clearer. The
Bureau has also made edits to rearrange
the questions and to the format of the
ethnicity and race aggregate categories
and disaggregated subcategories on the
final form, to make clearer for the reader
that the disaggregated subcategories are
associated with the aggregate categories.
The Bureau has further updated the
instruction associated with each of the
response options with a write-in text
field to direct the applicant to ‘‘specify’’
a response and not ‘‘print’’ a response
as proposed, to facilitate the use of the
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
instruction for paper, electronic, and
oral applications.
The Bureau carefully considered the
comment suggesting that the sample
form first note applicants’ right to refuse
and, second, establish that if the
applicant is not a small business it does
not need to fill out the form, by
including an inquiry about the
applicant’s gross annual revenue.
However, in the Bureau’s user testing,
participants preferred having
information explaining that the data
collection was required under Federal
law at the beginning of the form and
emphasized the importance of
explaining the purpose of the data
collection.843 And, for the reasons
explained above, the Bureau believes
the placement of the right to refuse in
the introductory text is appropriate.
The Bureau also does not believe that
it is necessary for the sample form to
include an inquiry establishing the
applicant’s small business status.
Financial institutions will be required to
maintain reasonably designed
procedures to collect applicantprovided data, pursuant to
§ 1002.107(c). The Bureau has also
included a safe harbor under
§ 1002.112(c) for a financial institution
that initially collects data under
§ 1002.107(a)(18) and (19) regarding
whether an applicant for a covered
credit transaction is a minority-owned,
a women-owned, and/or an LGBTQI+owned business, and the ethnicity, race,
and sex of the applicant’s principal
owners, but later concludes that it
should not have collected this data, if
certain conditions are met. The Bureau
believes these other regulatory
provisions will mitigate the possibility
that data will be incorrectly collected
and protect financial institutions from
inadvertent collection. As a result, the
Bureau does not believe that it is
necessary for the sample form to include
a question to establish the applicant’s
small business status.
The Bureau considered the
commenter’s suggestion to include a
disclosure about the American with
Disabilities Act on the final sample data
collection form. The sample form has
been developed by the Bureau to
address a financial institution’s
disclosure and data collection
obligations under section 1071 and the
Bureau believes it would be confusing
for the sample form to include text as to
the applicability of other laws.
843 CFPB, User testing for sample data collection
form for the small business lending final rule at
app. A, at 6, 11–12, 14 (Mar. 2023), https://
www.consumerfinance.gov/data-research/researchreports/user-testing-for-sample-data-collectionform-for-the-small-business-lending-final-rule/.
PO 00000
Frm 00306
Fmt 4701
Sfmt 4700
The Bureau is not adopting
commenters’ suggestions that the
sample data collection form include
options for indicating whether an
applicant’s principal owners or the
applicant are not present or available,
that the data was not provided by
principal owner, or that the applicant
declines to fill out the form. As
discussed above, the proposed form
would have included a notice about the
applicant’s right to refuse to provide the
information requested. This right to
refuse notice also appears, with some
edits, on the final sample data collection
form. The Bureau believes it is
reasonable to assume that if the person
filling out the data collection form on
behalf of an applicant does not feel
comfortable providing the information
for any reason, including because they
are not the principal owner at issue or
do not believe they can provide accurate
responses, that they will exercise the
right to refuse to provide the requested
information. Further, an applicant can
also choose to not fill out the entirety
of the form, to not provide responses to
a specific question, or to select the ‘‘I do
not wish to provide this information’’ or
similar response option available for
each of the demographic questions on
the sample data collection form. As a
result, the Bureau does not believe it is
necessary to include the suggested
options on the sample data collection
form to address any discomfort by
persons that may be completing the data
collection form, who are not principal
owners, as suggested by some
commenters. Further, as explained in
the section-by-section analysis of
§ 1002.107(a)(19), the Bureau is not
finalizing its proposal to require a
financial institution to collect at least
one principal owner’s ethnicity and race
on the basis of visual observation and/
or surname analysis under certain
circumstances. All financial institutions
will be required to report only
applicant-provided responses to the
demographic questions on the final
sample data collection form. As a result,
the Bureau does not believe the
suggested options are necessary to
address data quality concerns relating to
the proposed visual observation and
surname data collection requirement, as
suggested by one commenter.
The Bureau has considered comments
suggesting that the sample data
collection form disclose what
information will be published. As
discussed in greater detail in part VIII
below, after receiving a full year of
reported data, the Bureau will assess
privacy risks associated with the data
and make modification and deletion
E:\FR\FM\31MYR2.SGM
31MYR2
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
lotter on DSK11XQN23PROD with RULES2
decisions to the public, applicationlevel dataset. As a result, the Bureau
does not have definitive information
about the public, application-level
dataset available to put on the sample
data collection form. The Bureau takes
the privacy of such information
seriously and, as noted, will be making
appropriate modifications and deletions
to any data before making it public.
However, the Bureau intends to
continue engage with the public about
how to mitigate privacy risk.
The Bureau also considered the
suggestion to translate the sample data
collection form into other languages.
Generally, Bureau stakeholders have
underscored the importance of language
access as a way of ensuring fair and
competitive access to financial services
and products. Persons with limited
English proficiency in the United States
make up a significant portion of the
population. According to a report, more
than one in five immigrant
entrepreneurs, or nearly 773,000 people,
in the United States in 2018 had limited
English proficiency.844 More than 67
million people, or close to 22 percent of
the U.S. population over the age of five,
speak a language other than English at
home.845 In 2021, over five million
households reported that all their
members were of limited English
speaking ability.846
The Bureau believes that competitive,
transparent, and fair markets are
supported by providing translations of
key material in the customer’s preferred
language, along with the corresponding
English-language material. Accordingly,
the Bureau will make available
translations of the sample data
collection form, for financial
844 New Am. Econ. Rsch. Fund, Assessing
Language Barriers for Immigrant Entrepreneurs
(Aug. 13, 2020), https://research.newamerican
economy.org/report/covid19-immigrantentrepreneurs-languages/ (analyzing 2018 data from
the Census Bureau’s American Community Survey).
845 U.S. Census Bureau, American Community
Survey, 2021 American Community Survey 1-Year
Estimates, Table S1601: Language Spoken at Home,
https://data.census.gov/cedsci/table?q=language
%20spoken%20at%20home&tid=
ACSST1Y2021.S1601 (last visited Mar. 20, 2023).
846 U.S. Census Bureau, American Community
Survey, 2021 American Community Survey 1-Year
Estimates, Table S1602: Limited English Speaking
Households, https://data.census.gov/cedsci/
table?q=language%20spoken%20at%20home&tid=
ACSST1Y2021.S1602 (last visited Mar. 20, 2023).
The U.S. Census defines a ‘‘limited English
speaking household’’ as one in which no member
14 years old and over (1) speaks only English or (2)
speaks a non-English language and speaks English
‘‘very well.’’ See U.S. Census Bureau, Frequently
Asked Questions (FAQs) About Language Use,
https://www.census.gov/topics/population/
language-use/about/faqs.html#:∼:text=What%20is
%20a%20Limited%20English,least%20some%20
difficulty%20with%20English (last visited Mar. 20,
2023).
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
institutions that wish to use them. Use
of these translations, like use of the form
itself, is not required under rule, but the
Bureau is providing them as an
implementation resource for lenders.
Some commenters asked for flexibility
as to the presentation of the
information, inquiries, and response
options on the sample data collection
form at final appendix E. Generally, the
Bureau believes that applicants should
have substantially similar experiences,
regardless of a financial institution’s
method of collection, when being
provided with required notices under
the final rule (e.g., the firewall notice,
the non-discrimination notice, and the
right to refuse notice) and when asked
for protected demographic information.
The Bureau has designed the sample
data collection form at final appendix E
to assist financial institutions with their
compliance obligations and to maximize
the likelihood that an applicant will
provide demographic information, after
review of the comments received, user
testing feedback, and other
considerations. However, the Bureau
notes that the use of the sample data
collection form at final appendix E to
collect information required under the
final rule is not mandatory, and
financial institutions are thus not
prohibited from modifying the form, so
long as the resulting collection method
complies with applicable rule
requirements.
With regard to a couple of
commenters’ request for clarification as
to whether a financial institution must
read all of the categories of responses if
collecting over the phone or orally even
if an applicant has responded to an
earlier response option, the Bureau is
uncertain whether the commenters’
request is referring to the collection of
a principal owner’s ethnicity and race
information, which provides aggregate
categories and disaggregated
subcategories as response options. If so,
the Bureau notes that it has revised the
associated commentary for
§ 1002.107(a)(19) to provide financial
institutions with certain flexibility
when inquiring about a principal
owner’s ethnicity and race information.
Generally, comment 107(a)(19)–16
provides that for applications taken
orally through means other than by a
paper or electronic form (e.g., telephone
applications), the financial institution
will not be required to read aloud every
disaggregated ethnicity and race
subcategory, in the manner described in
the comment. Further, because an
applicant using a paper version of the
sample data collection form will
reference all available answer options to
a question at once and may review the
PO 00000
Frm 00307
Fmt 4701
Sfmt 4700
35455
answer options in any order, the Bureau
does not believe that the answer options
for a specified question need to be
provided in a specific order for an
application taken over the phone, as
long as all the answer options are
presented. However, for the requirement
to collect ethnicity and race information
specifically, comment 107(a)(19)–16
clarifies that the financial institution
may not present the applicant with the
option to decline to provide the
information requested without also
presenting specified aggregate categories
and disaggregated subcategories for
ethnicity and race. This would apply
even if the applicant informs the
financial institution, before the financial
institution has asked for a principal
owner’s ethnicity and race information,
that it does not wish to provide such
information.
The Bureau is not including other
sample, uniform, or model applications
or data collection forms in the final rule,
as suggested by some commenters.
There are a variety of products that are
covered transactions under the final
rule, and the Bureau understands that
covered financial institutions may need
to ask for the information (except for the
protected demographic information)
they are required to report to the Bureau
in different ways. The Bureau does not
believe that a sample, uniform, or model
application or data collection form
would be able to account for such
potential variations. Thus, any
additional forms may have limited
utility and could incorrectly suggest that
financial institutions are limited in the
manner in which they collect nondemographic data under this final rule.
As a result, the Bureau is not providing
such a form at this time. The Bureau
may consider issuing other guidance,
tools, and compliance aids if it later
determines doing so is necessary.
The Bureau notes that there is no
need for a specific data collection form
for loans that are reportable under both
HMDA and section 1071, as the Bureau
has decided to exclude HMDAreportable loans from the data
requirements of the final rule as
discussed in the section-by-section
analysis of § 1002.104(b)(2).
Some commenters urged the Bureau
to continue to review the sample data
collection form and its instructions after
these final rules are issued. The Bureau
anticipates receiving and feedback as
the final rules are implemented and, as
with all the regulations it administers,
will issue guidance as necessary and
consider if changes to any aspect of the
final rules are required, whether
through rulemaking or otherwise.
E:\FR\FM\31MYR2.SGM
31MYR2
35456
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
Appendix F to Part 1002—Tolerances
for Bona Fide Errors in Data Reported
Under Subpart B
lotter on DSK11XQN23PROD with RULES2
Proposed Rule
The Bureau proposed appendix H,
which would have set out a Threshold
Table, as referred to in proposed
§ 1002.112(b) and proposed comment
112(b)–1. As these provisions would
have explained, a financial institution is
presumed to maintain procedures
reasonably adapted to avoid errors with
respect to a given data field if the
number of errors found in a random
sample of a financial institution’s data
submission for a given data field do not
equal or exceed the threshold in column
C of the Threshold Table.
Under the Threshold Table in
proposed appendix H, column A listed
the size of the financial institution’s
small business lending application
register in ranges of application register
counts (e.g., 25 to 50, 51–100, 101–130,
etc.). The applicable register count range
would have then determined both the
size of the random sample, under
column B, and the applicable error
threshold, under column C. The error
threshold of column C, as proposed
comment 112(b)–1 would have
explained, identifies the maximum
number of errors that a particular data
field in a financial institution’s small
business lending application register
may contain such that the financial
institution is presumed to maintain
procedures reasonably adapted to avoid
errors with respect to a given data field.
Column D would have been illustrative,
showing the error threshold as a
percentage of the random sample size.
Proposed appendix H would also
have included examples of how
financial institutions would use the
Threshold Table.
The Bureau sought comment on
proposed appendix H. In particular, the
Bureau sought comment on whether the
register count ranges in column A, the
random sample sizes in column B, and
the error thresholds in column C were
appropriate. The Bureau further sought
comment on whether a covered
financial institution should be required
to correct and resubmit data for a
particular data field, if the institution
has met or exceeded the thresholds
provided in appendix H.
Comments Received
A number of commenters, including
banks, trade associations, and a
community group addressed the
proposed appendix H and its tolerance
thresholds. The community group
supported the structure of the tolerances
as sensible, noting that larger lenders
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
should face more stringent tolerances,
expressed as lower percentages, and that
the proposed thresholds were timetested, and balanced reasonableness and
data integrity, because they were
consistent with Regulation C
(implementing HMDA).
Many banks and trade associations
stated that the tolerances set out in
proposed appendix H were too low and
should be raised. One commenter said
that limited error tolerances would
create undue hardships for banks, and
that it was imperative to work through
processes to create valid data, and that
invalid data are likely to raise false red
flags that are burdensome for banks to
defend. Another commenter stated that
the tolerances were too low and needed
to be raised because of the great amount
of time needed to verify and re-verify
data points. A trade association
advocated for higher tolerance
thresholds in recognition of the
substantial implementation efforts
which will need to occur, and to
provide banks a more meaningful
opportunity to effectively implement
the rule.
A number of industry commenters
noted that the thresholds in proposed
appendix H were based on the tolerance
thresholds for resubmitting data under
Regulation C and HMDA, and asserted
that these thresholds were too low for
this rule, citing the number of data
points required and the complexity of
the data reporting requirements. Several
of these commenters asked that the error
threshold be increased to a ‘‘more
reasonable level’’ without specifying
exact threshold percentages. One
commenter requesting higher tolerances
noted that HMDA reporting
requirements had been in place for
decades and that HMDA reporters thus
have had decades to fine tune their
processes and procedures.
A bank said that the proposed
thresholds left a margin of error that is
statistically 0 percent, and claimed that
by adopting error thresholds similar to
the HMDA requirements, financial
institutions would have to conduct a
100 percent audit to ensure accurate
data collection/reporting, which they
said would burden lenders. Another
bank suggested that because data entry
errors are inevitable the tolerance levels
should be changed to a ‘‘reasonable’’
rate, and that a 95 percent confidence
level would be sufficient. A trade
association stated that the tolerance
thresholds were unrealistically low,
given that small business loan data
collection is entirely unprecedented and
would require new systems and
processes. The commenter stated that 90
to 97.5 percent data accuracy was out of
PO 00000
Frm 00308
Fmt 4701
Sfmt 4700
reach for most of the trade association’s
lenders, particularly in the first year.
The commenter also noted that stringent
data accuracy requirements under
HMDA were already costly.
A group of trade associations
similarly requested that the tolerance
thresholds be increased, in recognition
of the substantial implementation efforts
that financial institutions will undertake
for a new data collection and reporting
regime, requiring new processes and
procedures, noting that despite all of
these efforts that bona fide errors are
likely to occur, especially given the
substantial number of data points the
Bureau is mandating.
A bank suggested that the tolerance
thresholds did not appropriately scale,
noting that while there were seven tiers
there were only two threshold levels.
The bank asked that the Bureau
implement more threshold levels and
increase the thresholds, especially for
low and intermediate volume lenders.
Another bank said that the Bureau
should increases the tolerance
thresholds for lenders that had between
191 to 500 applications, to at least 4
percent but preferably 5 percent. A third
bank suggested expanding the threshold
categories, to include different
groupings, by number of applications:
501 to 1,000; 1,001 to 10,000; 10,001 to
100,000; and more than 100,000. The
bank also suggested incremental
increases in the threshold number of
bona fide errors.
Final Rule
The Bureau is finalizing appendix H,
renumbered as appendix F, with
revisions that include the deletion of the
first two rows of Table 1 to appendix F.
These rows, covering small business
lending application register counts of 25
to 50 applications and 51–100
applications, are omitted to correspond
with the change in the originations
threshold to determine if a financial
institution is a covered financial
institution under final § 1002.105(b),
from 25 originations to 100 originations.
While each provision looks to different
metrics—originations for § 1002.105(b)
and applications for appendix F—it is
not possible for a lender to have
originated more than 100 covered credit
transactions for small businesses in a
given year without also having received
more than 100 applications for covered
credit transactions. The Bureau believes
that rows containing register counts of
less than 100 are superfluous. Table 1 of
appendix F is adjusted accordingly.
For the reasons set out in the sectionby-section analysis of § 1002.112(b), the
Bureau is finalizing appendix F
pursuant to its authority under ECOA
E:\FR\FM\31MYR2.SGM
31MYR2
lotter on DSK11XQN23PROD with RULES2
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
section 704B(g)(1) to prescribe such
rules and issue such guidance as may be
necessary to carry out, enforce, and
compile data pursuant to section 1071,
and its authority under 704B(g)(2) to
adopt exceptions to any requirement of
section 1071 and to exempt any
financial institution or class of financial
institutions from the requirements
section 1071 as the Bureau deems
necessary or appropriate to carry out the
purposes of section 1071.
Regarding the various comments on
the tolerance thresholds in proposed
appendix H, the Bureau agrees with the
comment that the structure of the
tolerance thresholds was sensible, that
larger lenders should face more
stringent tolerances, and that the
proposed thresholds were time-tested
because of their use in examinations
under Regulation C. The Bureau has
considered the various comments
asserting that the tolerances, based on
the HMDA examination thresholds, are
too low. The error thresholds were, as
one commenter mentioned, tested in the
HMDA context and reasonably balance
the competing concerns of data quality
and practicability of implementation.
Further, commenters claiming that the
thresholds were too low did not
acknowledge one major difference with
the HMDA thresholds; while the HMDA
thresholds determine when lenders
must resubmit their HMDA data to the
Bureau, § 1002.112(b), with the
thresholds in appendix F, serve to
eliminate financial institution liability
under ECOA and this rule for bona fide
errors under the thresholds. The Bureau
does not believe that limited tolerances
will create undue hardships, given the
need to validate and re-validate data,
nor that they will raise false red flags
that will be burdensome for banks to
defend. The revised compliance date
provision in § 1002.114(b) will provide
the majority of covered financial
institutions more time to validate their
data in advance of the first submission
to the Bureau under this rule. In
addition, the Bureau is providing a
grace period of one year, during which
it does not intend to assess penalties for
errors in data submitted by financial
institutions that make good faith efforts
to comply with rule (see part VII below).
Regarding the comment that higher
tolerance thresholds are needed in
recognition of the substantial
implementation efforts which will need
to occur, the Bureau observes that it is
recognizing these efforts in other ways,
including the added time to comply
under revised § 1002.114(b), and the
grace period offered to all institutions in
their first 12 months of collecting data.
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
Regarding the comment that HMDA
reporting requirements had been in
place for decades, and that HMDA
reporters had decades to fine tune their
processes and procedures, and that the
Bureau should increase the tolerances in
proposed appendix H, the Bureau
acknowledges that many HMDA
reporters have had time to fine tune
their processes, but also notes that the
tolerances apply nonetheless to new
HMDA reporters as well. In any case,
the comment appears to support the
point that the HMDA tolerances have
been time-tested and are reasonable to
implement.
Regarding the comments that the
proposed thresholds leave a margin of
error of 0 percent, that they would
require lenders to conduct a 100 percent
audit to ensure accurate data collection,
and that a 95 percent confidence level
would be sufficient, the Bureau refers
the commenter to appendix F, which
specifies the actual error thresholds
based on the number of transactions,
ranging from 10 percent for the reporters
with the lowest volumes to 2.5 percent
for those with the highest. Regarding the
comment that 90 to 97.5 percent data
accuracy would be out of reach for most
of the trade association’s lenders,
particularly in the first year, the Bureau
notes that in addition to the error
thresholds, lenders will have the benefit
of several other safe harbors, a grace
period, and additional time to comply
for most lenders as specified in
§ 1002.114(b).
Regarding the comment that the
tolerance thresholds do not scale and
that there were only two threshold
levels, the Bureau notes that proposed
appendix H, finalized as appendix F,
specified more than two thresholds
(five) and that final appendix F specifies
four—6.4 percent, 5.4 percent, 5.1
percent, and 2.5 percent. The Bureau is
not implementing more threshold levels
or to increasing the thresholds, as
requested by some commenters, as these
thresholds are already relatively high for
low and intermediate volume lenders.
Regarding the comment requesting that
the Bureau increases the tolerance
thresholds for the lenders that had
between 191 to 500 applications to at
least 4 percent but preferably 5 percent,
the Bureau notes that the error threshold
for lenders in this range is already 5.1
percent. Regarding the suggested
expansion of threshold categories, to
include more groupings between 500
and 100,000, the Bureau notes that no
explanation was given about what such
additional ranges would accomplish, or
what specific thresholds should be
applied to these new ranges, other than
that they should increase incrementally.
PO 00000
Frm 00309
Fmt 4701
Sfmt 4700
35457
The Bureau is also not adopting
incremental increases in the error
thresholds. Appendix F reflects the
experience of HMDA examinations, and
financial institutions with more
applications are expected to have a
lower percentage of errors than those
that receive fewer applications.
VI. Effective Date and Compliance
Dates
The Bureau is adopting an effective
date of 90 days after the publication of
this final rule in the Federal Register
consistent with section 553(d) of the
Administrative Procedure Act 847 and
with section 801(a)(3) of the
Congressional Review Act.848
This final rule includes the addition
of a new subpart B to Regulation B
comprised of final §§ 1002.101 through
1002.114 and related commentary,
appendices E and F. This final rule also
amends certain sections of existing
Regulation B, renumbered as subpart A,
specifically § 1002.5(a)(4) and
commentary related to § 1002.5(a)(2)
and (4). It also makes conforming
changes in several other provisions in
existing Regulation B.
Further, for the reasons specified in
the section-by-section analysis of
§ 1002.114(b), the Bureau is finalizing
three different compliance dates, based
on the number of originations of
covered credit transactions for small
businesses, rather than the single
compliance date in the NPRM, which
proposed a compliance period of 18
months after the publication of the final
rule in the Federal Register. As
specified in § 1002.114(b)(1), covered
financial institutions in Tier 1, which
had at least 2,500 originations of
covered credit transactions for small
businesses in each of calendar years
2022 and 2023, will have a compliance
date of October 1, 2024. As specified in
§ 1002.114(b)(2), covered financial
institutions in Tier 2, which had at least
500 originations of covered credit
transactions for small businesses in each
of calendar years 2022 and 2023, will
have a compliance date of April 1, 2025.
As specified in § 1002.114(b)(3), covered
financial institutions in Tier 3, which
had at least 100 originations of covered
credit transactions for small businesses
in each of calendar years 2022 and 2023,
will have a compliance date of January
1, 2026. As specified in § 1002.114(b)(4),
covered financial institutions which did
not have at least 100 originations of
covered credit transactions for small
businesses in each of calendar years
2022 and 2023, but subsequently
847 5
848 5
E:\FR\FM\31MYR2.SGM
U.S.C. 553(d).
U.S.C. 801(a)(3).
31MYR2
35458
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
originates at least 100 such transactions
in two consecutive calendar years, will
have a compliance date of no earlier
than January 1, 2026.
lotter on DSK11XQN23PROD with RULES2
VII. Grace Period Policy Statement
During the SBREFA process and in
response to the NPRM, the Bureau
received numerous comments
requesting a grace period in the early
period after financial institutions are
required to comply with the Bureau’s
final rule implementing section 1071.
The Bureau agrees that it is appropriate
to provide a grace period during which
it does not intend to exercise its
enforcement and supervisory
authorities, assuming good faith
compliance efforts by financial
institutions; for instance, attempts to
discourage applicants from providing
data would not be in good faith. This
Grace Period Policy Statement explains
how the Bureau intends to implement
such a grace period.
Comments Received
In the context of responding to the
proposal presented during SBREFA for
a two-year implementation period, some
small entity representatives and other
stakeholders suggested that the Bureau
adopt a grace period for data errors in
the first year(s) after the rule goes into
effect. These comments suggested that
the Bureau adopt a grace period of some
kind during which financial institutions
would not be penalized for errors when
trying to comply with the Bureau’s rule
implementing section 1071. This grace
period would be akin to the first year in
which the 2015 revisions to Regulation
C were effective, when examinations
were used to troubleshoot and perfect
data reporting rather than penalize
reporters.849
In response to both the proposed
enforcement and the compliance date
provisions in the NPRM, the Bureau
received a number of comments
requesting a grace period during which
the Bureau would either not examine
financial institutions for compliance
with this rule, or would not assess
penalties for violations of the rule.
Several lenders supported a grace
period without specifying how long the
grace period should be. One of these
commenters asked that the Bureau
provide a grace period for at least one
exam cycle.
Many industry commenters requested
a grace period of one year or more from
Bureau enforcement and examinations
849 CPFB, CFPB Issues Public Statement On Home
Mortgage Disclosure Act Compliance (Dec. 21,
2017), https://www.consumerfinance.gov/about-us/
newsroom/cfpb-issues-public-statement-homemortgage-disclosure-act-compliance/.
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
for data errors. Commenters offered
various reasons in support of this grace
period. Many lenders and trade
associations stated that a one-year grace
period would be consistent with the
Bureau’s approach to the 2015 HMDA
rule. Some commenters with HMDA
experience observed that the one-year
grace period in that context was helpful
for compliance efforts. Several other
industry commenters stated that the
experience with the 2015 HMDA rule
demonstrated that a grace period would
improve data accuracy, as it would
allow financial institutions time to
identity errors and implement corrective
action without penalty.
Several banks stated that a grace
period would be critical to give lenders
an opportunity to ensure systems are
working properly. One said that a oneyear grace period would foster
cooperation and frank discussions
between covered financial institutions
and the Bureau, and that lenders would
be more open and proactive in working
with the Bureau to ensure their
compliance. Other commenters
requested a grace period on the grounds
that compliance with the rule was a
significant change involving the
revamping of systems, and that the grace
period would protect lenders from
scrutiny for unintentional and bona fide
errors. Several stated that a grace period
was necessary to provide banks an
opportunity to implement the rule
effectively, perform testing, and ensure
that loan operation systems, software,
and other technologies are functioning
correctly. A trade association requested
that the Bureau work with other
regulators to provide a grace period so
that lenders are not penalized
immediately for errors. A bank stated
that the numerous data points and the
various reportable sub-parts to those
data points would inevitably lead to
errors. Another industry commenter
requested a one-year grace period to
permit lenders to avoid penalties for
data errors in spite of their best efforts.
Two trade associations requested a oneyear grace period as necessary
protections given the need to implement
substantial changes under the rule. A
trade association and a bank asserted
that a one-year grace period should be
provided because honest errors are only
discovered in the process of
implementation, and a grace period
would permit not only the lenders that
committed these errors to learn from
them, but also the industry as a whole.
Similarly, a bank stated that the grace
period would help ensure that all
lenders were on the same page regarding
all the different circumstances
PO 00000
Frm 00310
Fmt 4701
Sfmt 4700
presented by the rule. Another bank
stated that compliance with the rule
would be new to all financial
institutions. A different bank stated that
the grace period would ensure that the
rule would not cause undue compliance
hardships on banks and would help
banks create valid data. A trade
association urged that the Bureau use
enforcement actions sparingly in the 12
months following the rule’s compliance
date.
A smaller number of industry
commenters requested a two-year grace
period. One bank justified a two-year
period because of the burden of
compiling, maintaining, and reporting
data under the rule. Another bank cited
the magnitude of the rule’s requirements
and the tremendous effort to implement
software, create policies and
procedures, and train staff
appropriately, and noted that such a
grace period would allow for data
quality testing in a real-life environment
and lead to improvements in data
accuracy. Several industry commenters
requested that the Bureau avoid
enforcement actions related to technical
deficiencies for two years. Commenters
also stated, in support of a two-year
grace period, that absent such a grace
period small business credit may be
limited and the economy may be hurt;
that compliance with the rule is spread
across different business units, systems,
and channels for larger lenders, and that
current compliance systems are built to
avoid collecting key data required by
the rule (such as demographic
information).
Some industry commenters stated that
the experience with the 2015 HMDA
rule showed that the Bureau should
provide a two-year grace period. Two of
these commenters noted that the Bureau
should follow its approach in the 2015
HMDA rule, in which the Bureau
imposed no penalties for two years after
the new HMDA data collections took
effect.850 These commenters also stated
that with such a grace period, lenders
could self-correct issues with data
accuracy without threat of enforcement
actions for the inevitable tech and other
challenges that will arise initially.
Policy Statement
The Bureau agrees that a grace period
is appropriate. The following discussion
explains how the Bureau intends to
exercise its supervisory and
enforcement discretion following a
850 CFPB, Statement with respect to HMDA
implementation (Dec. 21, 2017), https://
files.consumerfinance.gov/f/documents/cfpb_
statement-with-respect-to-hmda-implementation_
122017.pdf.
E:\FR\FM\31MYR2.SGM
31MYR2
lotter on DSK11XQN23PROD with RULES2
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
covered financial institution’s initial
compliance date.
With respect to institutions subject to
the Bureau’s supervisory or enforcement
jurisdiction, the Bureau intends to
provide a 12-month grace period for the
initial data submission from covered
financial institutions that have
compliance dates specified in
§ 1002.114(b)(2), and (3) (i.e., Tier 2 and
Tier 3 institutions), covered financial
institutions subject to § 1002.114(b)(4)
that must start collecting data on
January 1, 2026, and any financial
institutions that make a voluntarily
submission for the first time for data
collected in 2025 or 2026.
With respect to covered financial
institutions subject to the Bureau’s
supervisory or enforcement jurisdiction
that make good faith efforts to the
comply with the rule that have a
compliance date specified in
§ 1002.114(b)(1) (i.e., Tier 1 institution),
as well as any financial institutions that
make a voluntarily submission for the
first time for data collected in 2024, the
Bureau intends to provide a grace
period covering the 3 months of data
collected in 2024 (from October 1, 2024
through December 31, 2024) as well as
the first 9 months of data collected in
2025 (from January 1, 2025 through
September 30, 2025).
With respect to covered financial
institutions subject to the Bureau’s
supervisory or enforcement jurisdiction
that make good faith efforts to the
comply with the rule that have a
compliance date specified in
§ 1002.114(b)(2) (i.e., Tier 2 institution),
as well as any financial institutions that
make a voluntarily submission for the
first time for data collected in 2025, the
Bureau intends to provide a 12-month
grace period covering the 9 months of
data collected in 2025 (from April 1,
2025 through December 31, 2025) as
well as the data collected in the first
three months of 2026 (from January 1,
2026 through March 31, 2026).
With respect to covered financial
institutions subject to the Bureau’s
supervisory or enforcement jurisdiction
that make good faith efforts to the
comply with the rule that have a
compliance date specified in
§ 1002.114(b)(3) (i.e., Tier 3 institution),
as well as any financial institutions that
make a voluntarily submission for the
first time for data collected in 2026, the
Bureau intends to provide a grace
period covering the 12 months of data
collected in calendar year 2026 (from
January 1, 2026 through December 31,
2026).
The Bureau believes that a 12-month
grace period will give institutions
further time to diagnose and address
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
unintentional errors without the
prospect of penalties for inadvertent
compliance issues, and may ultimately
assist other covered financial
institutions, especially those in later
compliance tiers, in identifying best
practices. While the Bureau believes
that financial institutions in each
reporting tier are capable of fully
preparing to comply with the rule by
their respective compliance dates, the
Bureau believes that the use of its
discretion providing a grace period that
covers 12 months for each tier may
result in more deliberate and thoughtful
compliance with the rule, while still
providing important data regarding
small business lending as soon as
feasibly possible.
During the grace period, if the Bureau
identifies errors in a financial
institution’s initial data submissions,
the Bureau does not intend to require
data resubmission unless data errors are
material. Further, the Bureau does not
intend to assess penalties with respect
to errors in the initial data submissions.
Any examinations of these initial data
submissions will consider the good faith
efforts of the financial institutions to
comply with the data collection and
reporting requirements. The
examinations will be diagnostic and
will help to identify compliance
weaknesses. However, errors that are
not the result of good faith compliance
efforts by financial institutions,
especially attempts to discourage the
reporting of data, will remain subject to
the Bureau’s full supervisory and
enforcement authority, including the
assessment of penalties.
The Bureau believes that these initial
data submissions will provide financial
institutions an opportunity to identify
any gaps in their implementation of this
rule and make improvements in their
compliance management systems for
future years.
The Bureau agrees with commenters
who said that a grace period will
promote openness and frankness, and
will permit the Bureau to help financial
institutions identify errors and, thereby,
self-correct to avoid such errors in the
future. The Bureau can also use data
collected during the grace period to alert
financial institutions of common errors
and potential best practices in data
collection and submissions under this
rule.
The Bureau believes that a grace
period covering institutions’ first 12
months of data submission is sufficient,
especially given the other
accommodations the Bureau is making
to ensure that financial institutions are
not unduly penalized for good faith
errors, such as the bona fide error
PO 00000
Frm 00311
Fmt 4701
Sfmt 4700
35459
provision and the various safe harbors
the Bureau has finalized in this rule,
and the other provisions that the Bureau
believes are likely to lead to more
accurate data, such as the tiered
compliance date structure, for the
reasons specified in the section-bysection analysis of § 1002.114(b). The
Bureau does not believe that a two-year
grace period is necessary to avoid
impacting small businesses’ access to
credit; as the impacts analysis in part X
below suggests, the Bureau does not
believe that this rule will materially
impact the access small businesses have
to credit.
Regarding the comment that the
Bureau work with other regulators to
provide a grace period so that lenders
are not penalized immediately for
errors, the Bureau notes that, unlike
with HMDA, the Bureau is the sole
agency that will be in a position to
examine financial institutions’
submissions for data errors in the first
instance.
This is a general statement of policy
under the Administrative Procedure
Act.851 It articulates considerations
relevant to the Bureau’s exercise of its
authorities. It does not impose any legal
requirements, nor does it confer rights
of any kind. It also does not impose any
new or revise any existing
recordkeeping, reporting, or disclosure
requirements on covered entities or
members of the public that would be
collections of information requiring
approval by the Office of Management
and Budget under the Paperwork
Reduction Act.852
VIII. Public Disclosure of Data
A. Background
Section 1071 of the Dodd-Frank Act
amended ECOA to require financial
institutions to collect and report to the
Bureau data about applications for
credit for women-owned, minorityowned, and small businesses, and for
those data to be subsequently disclosed
to the public.853 Section 1071 further
states that the Bureau may ‘‘at its
discretion, delete or modify data
collected under [section 1071] which is
or will be available to the public, if the
Bureau determines that the deletion or
modification of the data would advance
a privacy interest.’’ 854 Under the final
rule, financial institutions may not
compile, maintain, or submit any name,
specific address, telephone number,
email address or any personally
identifiable information concerning any
851 5
U.S.C. 553(b).
U.S.C. 3501 through 3521.
853 See ECOA section 704B(e)(1) and (f)(2).
854 ECOA section 704B(e)(4).
852 44
E:\FR\FM\31MYR2.SGM
31MYR2
35460
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
individual who is, or is connected with,
an applicant, other than as would be
required pursuant to final § 1002.107.
Nonetheless, as the statute recognizes,
publication of the data fields set forth in
§ 1002.107(a) in an unedited,
application-level format could
potentially affect privacy interests—for
example, through the re-identification
of, and risk of harm to, small businesses
and related natural persons.
The CFPB is not determining its final
approach to protecting such interests via
pre-publication deletion and
modification because it lacks the
reported data it needs to finalize its
approach and it does not see
comparable datasets to use for this
purpose. In light of comments received
on the NPRM’s privacy analysis, this
part VIII offers a preliminary assessment
of how it might appropriately assess and
advance privacy interests by means of
selective deletion or modification. The
CFPB is not at this point identifying the
specific procedural vehicle for effecting
its privacy assessment. With respect to
both substance and process, it will
continue to engage with external
stakeholders; and it intends to invite
further input on how it plans to
appropriately protect privacy in
connection with publishing applicationlevel data.
B. Preliminary Privacy Assessment
lotter on DSK11XQN23PROD with RULES2
1. Overview
Under ECOA section 704B(e)(4),
Congress provided the CFPB with broad
discretion to modify or delete data prior
to public disclosure to advance privacy
interests.855 The NPRM proposed the
use a balancing test for the exercise of
this discretion. Specifically, it stated
that it would modify or, as appropriate,
delete data fields from collected
application-level data where release of
the unmodified data would pose risks to
the privacy interests of applicants,
related natural persons, or financial
institutions that would not be justified
by the benefits of such release to the
public in light of the statutory purposes
of section 1071. The Bureau explained
that disclosure of an unmodified
individual data field may create a risk
to privacy interests if such disclosure
either would substantially facilitate the
re-identification of an applicant or
related natural person, or would
disclose information about applicants or
related natural persons, or an identified
financial institution, that is not
otherwise public and that may be
harmful or sensitive.
855 Id.
VerDate Sep<11>2014
This balancing test would have
required that the Bureau consider the
benefits of disclosure in light of section
1071’s purposes and, where these
benefits did not justify the privacy risks
the disclosure would create, modify the
public application-level dataset to
appropriately balance privacy risks and
disclosure benefits. The Bureau would
have deleted a data field prior to
publishing the application-level dataset
if other modifications would not
appropriately balance the privacy risks
and disclosure benefits. An individual
data field would have been a candidate
for modification or deletion under the
balancing test if its disclosure in
unmodified form would create a risk of
re-identification or a risk of harm or
sensitivity.
Section 1071 requires financial
institutions to compile and maintain
data and provides that such information
be made available to the public upon
request.856 Accordingly, section 1071
contemplates that the public know what
published application-level data are
associated with particular financial
institutions. As a result, the reidentification risk element of the
balancing test analysis would not have
applied to financial institutions,
although the Bureau would have
considered the risk to a financial
institution that the release of 1071 data
in unmodified form would
inappropriately disclose commercially
sensitive information.
The Bureau sought comment on the
design of the balancing test. It also
sought comment on whether the
balancing test should apply to the
privacy interests of natural persons
generally or only of those related to
applicants.
Comments Received
A wide range of commenters provided
feedback on the proposed balancing test.
Many community groups, as well as a
several members of Congress, generally
supported the NPRM approach. Others,
including industry and several
community groups, saw it as too
subjective. These community groups
stated that future Bureau leadership
could choose to restrict publication by
releasing truncated or aggregated data,
but not application-level data. A lender
and a trade association were concerned
that the balancing test would not
sufficiently protect privacy interests.
Another commenter stated that the
approach would be ineffective if a third
party had personal knowledge of an
applicant or related natural person
because modifications to prevent re856 See
18:47 May 30, 2023
Jkt 259001
PO 00000
ECOA section 704B(e), (f)(2)(B).
Frm 00312
Fmt 4701
Sfmt 4700
identification risk in this scenario
would critically reduce data utility. A
joint letter from community and
business advocacy groups asked the
Bureau to confirm that the balancing
test would evolve. They asked the
Bureau to assess market developments
and how well the final rule achieved
statutory purposes, and to use this
information to modify its publication
approach. Industry commenters asked
the CFPB to limit or wholly abandon
release of application-level data.857 For
example, one commenter said that the
agency should use exception authority
under ECOA section 704B(g)(2) to not
publish application-level data to avoid
risks and burdens to the commercial
and reputational interests of financial
institutions.
Several commenters provided
feedback about what benefits and risks
the balancing test should consider. A
joint letter from community groups,
community-oriented lenders, and
business advocacy groups, along with a
joint letter from several members of
Congress, supported the Bureau’s stated
intent to consider the benefits of public
disclosure and the statutory purposes of
section 1071. In contrast, an industry
commenter said that the balancing test
should not consider fair lending
enforcement as a relevant benefit.
According to this commenter, using the
data for fair lending enforcement would
subject financial institutions to
unjustified scrutiny by regulators and
hinder the development of innovative
underwriting techniques.
Several commenters specifically
stressed the importance of the Bureau
considering the personal privacy
interests of small business owners. More
generally, a number of industry
commenters, as well as several members
of Congress, supported the Bureau’s
considering the privacy interests of
applicants, related natural persons, and
financial institutions. Numerous
commenters said that public
application-level data could pose
significant privacy risks to these
entities. Some noted that publication
carries risks of re-identification and the
disclosure of sensitive commercial and
financial information. Industry
commenters also reported that small
business customers express privacy
concerns whenever the government
mandates disclosure of their business
information. Commenters cited negative
reactions to Paycheck Protection
Program reporting requirements.
857 Commenters also provided feedback on
potential modification and deletions for each of the
Bureau’s proposed data points; those comments are
addressed in detail for each data point in part
VIII.B.6 below.
E:\FR\FM\31MYR2.SGM
31MYR2
lotter on DSK11XQN23PROD with RULES2
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
Some community groups saw the
privacy risks associated with
publication as low. Several asserted that
HMDA data, which contains similar
data fields, has not resulted in an
increase of fraud or identify theft against
mortgage applicants. Some commenters
also noted that the interval between
reporting and publication would reduce
the likelihood of misuse, as would the
public availability of some of the date
from existing sources. Several
community groups and a CDFI lender
urged the Bureau not to give weight to
the privacy interests of financial
institutions. According to these
commenters, publication should not
consider the commercial, proprietary,
litigation, and reputational interests of
financial institutions. A joint letter from
community and business advocacy
groups stated that because section 1071
contemplates the disclosure of financial
institution identity, the Bureau should
not consider any of their privacy
interests. Conversely, some commenters
raised concerns about financial
institution privacy interests. A trade
association said that failing to consider
such interests would result in the
disclosure of trade secrets and other
confidential information.
Some commenters suggested that the
balancing test include various
presumptions for or against the
publication of 1071 data. Community
groups and a CDFI lender generally
agreed that the balancing test should
include a strong presumption in favor of
disclosure. For example, some
commenters stated that the Bureau
should only modify or delete
application-level data where its
unmodified publication would pose
privacy risks that meet a particular
significance threshold—for example,
where data fields would be ‘‘highly
sensitive’’ or ‘‘clear’’ re-identification
risk exists). Several industry
commenters, on the other hand,
suggested that the balancing test
incorporate a presumption in favor of
protecting privacy interests. For
instance, a few commenters suggested
that the Bureau give special
consideration to the privacy interests of
small financial institutions. These
commenters warned that small business
customers may gravitate to larger
lenders because they believe it would be
harder to identify individual applicants
or related natural persons in data
reported by large lenders.
and their owners is the core risk from
which the preponderance of cognizable
privacy risks flow. In this respect, the
Bureau is focused particularly on risks
to personal privacy interests.858 The
Bureau’s preliminary assessment is that
it will consider modification and
deletion techniques to reduce those
risks, while also considering the nonpersonal commercial privacy risks of
small businesses. Lender privacy
interests would be considered only
where publication would create a
compelling risk to those interests.
Although some comments urged that
it not publish any application-level
data, the Bureau does not intend to
withhold all such data from the public
because that would critically undermine
the stated purposes of section 1071 and
run contrary to the express disclosure
provisions in the statute. This drastic
step is also unnecessary to adequately
mitigate relevant privacy risks.
In response to comments positing
harms that could arise from a third party
having personal knowledge of an
applicant or its owners, the Bureau
agrees that this scenario heightens
privacy risks. The Bureau will observe
market developments to assess the
likelihood and nature of this risk as it
considers the appropriate approach to
publication.
The Bureau does not intend to
separately assess disclosure benefits
when making modification and deletion
decisions about individual data points.
After considering commenters’ feedback
about the value of the data fields, the
Bureau is preliminarily of the view that
all of the data fields have significant
disclosure benefits that will facilitate
fair lending enforcement as well as
business and community development.
Most comments on privacy risk
generally supported the Bureau’s
intention to consider the privacy
interests of small businesses, related
individuals, and financial institutions.
While the Bureau cannot conduct the
statistical analysis necessary for a full
re-identification analysis until it
receives reported data from financial
institutions, the Bureau’s preliminary
privacy assessment accepts that some
such data likely could re-identify
applicants and their owners, potentially
disclosing sensitive information. The
personal privacy interests of small
business owners, in particular,
implicate compelling risks of harms or
sensitivities. As acknowledged in the
Current Approach
In light of the comments received on
the balancing test, the Bureau is now of
the preliminary view that reidentification risk to small businesses
858 The Bureau is considering whether the risks
to sole proprietors, where the business and owner
are indistinguishable for tax or legal purposes, may
also qualify as personal risks. This may be the case
where information reflects the sole proprietor’s
personal information, such as creditworthiness.
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
PO 00000
Frm 00313
Fmt 4701
Sfmt 4700
35461
NPRM, some privacy risks are mitigated
by the interval between collection and
publication, and some 1071 data are
already available from other sources.
But publication of some data fields
potentially poses significant risks of
harm or sensitivities to both the
personal privacy interests and nonpersonal commercial privacy interests of
applicants and related individuals.
While public HMDA data do not result
in substantial privacy harms for
mortgage applicants, that is in part
because the Bureau makes modifications
and deletions before publication,
informed by a privacy risk
assessment.859
The Bureau does not intend to ignore
the privacy interests of financial
institutions. As discussed further below,
however, the privacy risks to financial
institutions raised by commenters are
less significant than those to small
businesses and related individuals.
Accordingly, while the Bureau does not
intend to exclude consideration of
financial institution privacy risks, it
anticipates modifying or deleting data to
protect a financial institution’s privacy
interests only when publication poses a
compelling privacy risk. At this time,
commenters have not identified
compelling privacy risks to financial
institutions.
In response to comments, the CFPB
does not believe that a presumption or
threshold would provide the Bureau
with a more administrable standard.
However, partly in response to
comments on these issues, the Bureau’s
preliminary privacy assessment is more
directly focused on the most significant
privacy risks—particularly reidentification risk—than the balancing
test described in the NPRM.
2. Implementation Process
Proposed Approach
The NPRM did not include a full
application of the balancing test to most
of the proposed data points. It stated
that the Bureau would analyze the reidentification risk element, in part,
using a statistical analysis. However, the
absence of an existing dataset or an
alternative set of sufficiently similar
data significantly impeded the Bureau’s
ability to discern whether a proposed
data field, individually or in
combination with other data, would
substantially facilitate re-identification
of small businesses and related persons,
and how specifically to modify data to
reduce that risk. Underestimating the
degree to which a 1071 data field,
individually or in combination with
859 See
E:\FR\FM\31MYR2.SGM
generally 82 FR 44586 (Sept. 25, 2017).
31MYR2
35462
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
lotter on DSK11XQN23PROD with RULES2
other data, facilitates re-identification
risk could unnecessarily increase
privacy risks to an applicant or a related
individual, while overestimating reidentification risk could unnecessarily
reduce data utility. Accordingly, the
Bureau believed that a re-identification
analysis of data other than actual
reported 1071 data would not provide
an accurate basis on which the Bureau
could apply the balancing test to modify
or delete data.
In light of these limitations, the
Bureau considered deferring even initial
analysis until after it had obtained a full
year of reported 1071 data. Doing so,
however, would have reduced
opportunities for public feedback on
privacy issues and their relationship to
the proposed rule. The Bureau saw
substantial value in setting forth its
partial analysis under other aspects of
the balancing test. Specifically, the
Bureau set forth an initial analysis of the
benefits and harms or sensitivities
associated with the proposed data
fields, the capacity and motives of third
parties to match proposed 1071 data
fields to other identifiable datasets, and
potential modification techniques it
might consider to address privacy risks.
The Bureau responds to public feedback
from commenters and updates this
initial analysis below.
In the NPRM, the Bureau indicated
that a policy statement, rather than a
notice-and-comment rulemaking, would
be an appropriate vehicle for
announcing its intentions with respect
to data modifications and deletions. The
Bureau offered several reasons for this
approach. Under section 1071, the
Bureau may delete or modify data at its
discretion, in contrast to other
provisions in the statute that require
legislative rulemaking.860 Further, the
Bureau’s suggested approach with
respect to modifications and deletions
would not impose compliance
obligations on financial institutions.861
In addition, the Bureau stated that
preserving the ability to exercise its
discretion to modify or delete data
through policy statements would allow
the Bureau to manage the relationship
between privacy risks and benefits of
disclosure more actively. The Bureau
believed this flexibility may be
especially important in the event that
the Bureau becomes aware of
860 Compare ECOA section 704B(e)(4), with ECOA
section 704B(f)(2).
861 Section 1071 requires financial institutions to
compile and maintain data and provides that such
data be publicly available upon request. See ECOA
section 704B(e), (f)(2)(B). As discussed in the
section-by-section analysis of § 1002.110, the
Bureau is finalizing its proposal to publish data on
behalf of financial institutions.
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
developments that might contribute to
privacy risks. The Bureau stated that
potential uses of the application-level
data in furtherance of the statute’s
purposes may also evolve, such that the
benefits associated with the disclosure
of certain data may increase to an extent
that justifies providing more
information to the public in less
modified form.
As a result, the Bureau suggested that
after the first full year of data are
reported, but before it releases data to
the public, it would publish a policy
statement setting forth its intentions
with respect to modifications and
deletions to the public application-level
data. Before publishing that policy
statement, the Bureau intended to
conduct a balancing test analysis based
on feedback to the NPRM as well as a
quantitative analysis of re-identification
risk using reported 1071 data. The
Bureau stated that in the interests of
making data available in a timely
manner, it did not intend to put its
ultimate balancing test analysis out for
public comment prior to issuing the
policy statement. The Bureau sought
comment on this approach.
Comments Received
A wide range of commenters provided
feedback on the Bureau’s general
approach to implementing the balancing
test. Several community group and
industry commenters supported the
Bureau’s intention to defer modification
and deletion decisions until it had
obtained a full year of 1071 data. While
not explicitly opposed, other
community groups and a minority
business advocacy group asked the
Bureau to publish data as fast as
possible to help realize the statute’s
purposes. Some noted that the data
remain unavailable despite Congress
amending ECOA on this point more
than a decade ago. Commenters also
provided feedback about when the
Bureau should begin publishing
application-level data. Several
commenters stated that the Bureau
should commit in the final rule to
releasing data by a date certain; some
suggested January 1, 2024 as a target.
Several industry commenters opposed
deferring modification and deletion
decisions until the Bureau received a
full year of 1071 data. Some stated that
if the Bureau published modification
and deletion decisions before lenders
started to collect data, small business
applicants would better understand how
to protect their privacy interests.
Another said that publishing a full
privacy analysis before the rule is
effective is necessary for financial
institutions to evaluate privacy risks.
PO 00000
Frm 00314
Fmt 4701
Sfmt 4700
Other commenters asserted that
deferring re-identification analysis until
after data are reported is unnecessary
because it is already apparent that some
proposed data fields, such as NAICS
code and census tract, create a unique
set of records that can be matched to
public datasets. Several commenters
offered alternative timing for
modification and deletion decisions.
Some suggested that the Bureau publish
such decisions in this final rule.
Another suggested that the Bureau
publish interim decisions in this final
rule, which could then be adjusted
through notice-and-comment
rulemaking after the Bureau receives the
first full year of data. Others asked the
Bureau to publish a full privacy analysis
before the rule becomes effective. One
lender suggested that data not be
published for at least a year after the
final rule is implemented to enable the
Bureau to assess the effectiveness of its
privacy analysis.
The Bureau received a significant
amount of feedback about its intention
of announcing modification and
deletion decisions in a policy statement
without seeking additional comment.
One industry commenter supported this
approach, but most industry
commenters on this issue asked the
Bureau to seek additional comment on
its privacy analysis and on its
modification and deletion decisions,
regardless of whether the Bureau
announced publication decisions in a
policy statement or through a legislative
rulemaking. Commenters stated that the
opportunity to comment would promote
public confidence in the data collection
process and contribute to a more
accurate dataset. A number of
commenters argued that the opportunity
to comment on the full balancing test
and on modification and deletion
decisions would be necessary for
stakeholders to provide meaningful
feedback on privacy risk. According to
some commenters, this would be
particularly important for smaller
financial institutions that were unable
to provide adequate comment on what
they considered to be complex privacy
issues raised in the NPRM. Two lenders
urged the Bureau to hold public
meetings or hearings in compliance
with the Regulatory Flexibility Act to
seek feedback from smaller financial
institutions and small businesses to,
among other things, specifically address
the privacy risks associated with
reporting and publishing applicationlevel data. A few industry commenters
stated that the opportunity to comment
on the full privacy analysis would be
consistent with the Bureau’s approach
E:\FR\FM\31MYR2.SGM
31MYR2
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
lotter on DSK11XQN23PROD with RULES2
adopted in the 2015 HMDA final rule.
One commenter stated that the Bureau’s
analysis of the first full year of reported
data would likely generate additional
privacy issues that would warrant
public input. Two others suggested that
the Bureau seek comment about how it
would release unmodified data to
outside parties for research or other
purposes.
Several industry commenters, as well
as a joint letter from several members of
Congress, specifically requested that the
Bureau implement its privacy
assessment, and make associated
modifications and deletions, via
legislative rule. Some of these
commenters asserted that this was
required under administrative law. A
group of trade associations contended
that section 1071 does not permit the
Bureau to use its discretion to make
modification and deletion decisions
outside an Administrative Procedure
Act rulemaking process. According to
this commenter, two provisions in
section 1071 provide the Bureau
‘‘discretion’’: ECOA section 704B(e)(4)
provides the Bureau discretion to delete
or modify public application-level data
and ECOA section 704B(f)(3) provides
the Bureau discretion to compile and
publish aggregate 1071 data. Noting that
the Bureau proposed § 1002.110(b) to
implement the latter provision in this
rule, the commenter asserted that the
Bureau did not adequately explain how
it was appropriate to implement the
former provision outside a rule. The
commenter said that these provisions
should be implemented in a formal
rulemaking. In addition, some industry
commenters stated that increasing
transparency about forthcoming
publication, including potentially
through a notice-and-comment
rulemaking, would protect the Bureau
from litigation under FOIA. In this
respect, commenters cited litigation
involving the SBA’s publication of
Paycheck Protection Program data.862
Citing the benefits of transparency
and to facilitate information about credit
access and fair lending information, a
joint letter from community groups,
community-oriented lenders, and
business advocacy groups stated that the
Bureau should produce and release
aggregate analyses of 1071 data in
addition to releasing application-level
data.
Current Approach
For reasons discussed below, the
Bureau intends to conduct a full privacy
analysis and issue modification and
862 See, e.g., WP Co. LLC v. U.S. Small Bus.
Admin., 502 F. Supp. 3d 1 (D.D.C. Nov. 5, 2020).
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
deletion decisions with respect to the
publication of application-level data
after it obtains a full year of reported
1071 data. However, the Bureau is not
committing at this time to issue
modification and deletion decisions
through a policy statement. Instead, the
Bureau will continue to consider the
specific timing and vehicle choice for
issuing modification and deletion
decisions, as it remains engaged with
stakeholders on privacy and publication
issues.
Publication of application-level data
will substantially advance the fair
lending enforcement and business and
community development purposes of
section 1071. The Bureau thus intends
to conduct a full privacy analysis and
issue modification and deletion
decisions as soon as practicable. It will
also continue to consider feedback
obtained to date and to engage with the
public on how best to mitigate reidentification risk and other risks to
privacy interests. While the Bureau is
not determining the vehicle with which
it will announce modification and
deletion decisions with respect to
application-level data, or the precise
timing of such decisions, it anticipates
that those decisions will continue to be
informed by public engagement.
The Bureau intends to announce
modification and deletion decisions
only after obtaining a full year of
application-level data. The Bureau lacks
the data needed to perform an accurate
re-identification analysis and
commenters were not able to identify an
alternative dataset that could be used for
this purpose. Without data for an
accurate re-identification analysis, the
Bureau cannot conduct a full privacy
analysis to inform modification and
deletion decisions.863 As discussed
further below, there are certain data
fields that the Bureau anticipates may
present comparatively high risk to
privacy interests, including the
combination of NAICS code and census
tract. However, the Bureau lacks data to
confirm whether these data fields in fact
create unique records that can be
matched to public datasets.
The Bureau is not committing to a
specific timeline for publishing
application-level data. However, a target
date of January 1, 2024 for publication,
as suggested by some commenters, is
not feasible because covered financial
institutions are not required to begin
collecting data under this rule until
October 1, 2024 at the earliest. The
863 As discussed below, the Bureau is announcing
more conclusive intentions with respect to
modifications or deletions for individual contact
information, unique identifier, and the use of freeform text in responses for certain data fields.
PO 00000
Frm 00315
Fmt 4701
Sfmt 4700
35463
Bureau intends to treat data under this
rule as confidential in accordance with
12 CFR part 1070 until such time as it
has completed its privacy analysis and
published the data, and it will work
expeditiously to those ends.
Robust feedback, including in
response to the NPRM, SBREFA, and
other outreach, about the risks and
benefits of 1071 data publication, has
informed the Bureau’s thinking to
date.864 The Bureau intends to continue
to seek further public engagement with
respect to these issues. It does not
believe, however, that such further
engagement must be by formal comment
either to ensure robust engagement or
for the sake of procedural consistency
with the Bureau’s approach in
HMDA.865
The Bureau is not establishing a
separate program by which industry,
community researchers, or academics
will have access to unmodified data; the
published data, subject to the
modifications and deletions made by
the Bureau, will be available to all users.
However, it intends the Bureau plans to
exercise its discretion to provide access
to State or Federal regulators to the
extent such disclosure is relevant to the
exercise of the agency’s authorities, and
subject to appropriate restrictions. The
Bureau plans to provide such access to
Federal regulators that enforce ECOA.866
The Administrative Procedure Act
and other laws do not require the
Bureau to seek comment on the full
privacy analysis or to issue modification
and deletion decisions through a
legislative rule with formal notice and
comment. Section 1071 states that the
Bureau may ‘‘at its discretion, delete or
modify data collected under [section
1071] which is or will be available to
the public, if the Bureau determines that
the deletion or modification of the data
would advance a privacy interest.’’ 867
Statutorily, this provides the Bureau
with flexibility to decide how it will
make modification and deletion
decisions, including the flexibility to do
so without a legislative rulemaking.
Other provisions of section 1071 plainly
require the Bureau to engage in formal
rulemaking, indicating that Congress
did not intend such a requirement
864 See
part III above for additional information.
for HMDA, no data yet exists that the
Bureau could use to conduct a full privacy analysis
and make modification and deletion decisions.
866 Other regulators with authority to enforce
ECOA include the OCC, the Board, the FDIC, the
NCUA, the Surface Transportation Board, the Civil
Aeronautics Board, the Secretary of Agriculture, the
Farm Credit Administration, the SEC, the SBA, the
Secretary of Transportation, and the FTC. See 15
U.S.C. 1691c; Regulation B § 1002.16(a).
867 ECOA section 704B(e)(4).
865 Unlike
E:\FR\FM\31MYR2.SGM
31MYR2
35464
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
here.868 The Bureau does not agree that
it is implementing ECOA section
704B(e)(4) and (f)(3) inconsistently. It is
codifying and implementing these
provisions in final § 1002.110(a) and (b)
to preserve its discretion to make
publication decisions without
legislative rulemaking. Further, the
circumstances of this rulemaking are
distinguishable from the relevant facts
in the PPP litigation that commenters
cited.
At the same time, the Bureau is also
not committing at this time to issuing
modification and deletion decisions
through a policy statement. As the
Bureau has not yet obtained a full year
of reported data to use in completing its
privacy risk assessment, it is prudent to
continue considering specific timing
and vehicle choice for issuing
modification and deletion decisions.
Following further public engagement,
including further opportunities for
input, the Bureau will announce these
decisions at a later date. Finally, the
Bureau agrees with commenters that it
should produce and release aggregate
analyses of 1071 data in addition to
releasing application-level data. The
Bureau anticipates releasing select
aggregated data before it publishes
application-level data.
3. Publication Benefits
lotter on DSK11XQN23PROD with RULES2
Proposed Approach
In the NPRM, the Bureau sought
comment on its understanding of the
benefits of public disclosure of the 1071
dataset as a whole as well as the
disclosure benefits for individual
proposed data fields. The Bureau
expected that users of the data would
rely on this information to help achieve
the statutory purposes of facilitating the
enforcement of fair lending laws, and
enabling communities, governmental
entities, and creditors to identify
business and community development
needs and opportunities of womenowned, minority-owned, and small
businesses.869
Comments Received
The Bureau received robust feedback
on the general benefits of public
disclosure of application-level data from
lenders, trade associations, community
groups, several members of Congress,
individual commenters, and others. It
received comparatively few substantive
comments on the potential disclosure
benefits associated with particular
individual data fields.
Many commenters supported the
publication of application-level data
868 See,
869 See
e.g., ECOA section 704B(g).
ECOA section 704B(a).
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
and agreed that the data will facilitate
enforcement of fair lending laws. Some
community groups stated that the
transparency afforded by the
publication of 1071 data generally
would discourage predatory and
discriminatory practices in the small
business lending market. One of these
commenters noted that action taken
data, particularly categorical
information such as denials,
incompletes, or approved but not
accepted by the applicant, were integral
to promoting the fair lending purpose of
section 1071. Other commenters said
that transparency would protect
responsible lenders from unfair
scrutiny. Many community groups,
along with some lenders, individual
commenters, and others also stated that
1071 data would allow governmental
entities and community groups to
monitor individual lenders’ lending
practices, identify lending disparities on
a granular level, and enforce ECOA to
the benefit of women and minority
business owners. Community groups, a
business advocacy group, and a CDFI
lender further stated that HMDA data
reporting has demonstrated that loanlevel data enables community
organizations, economists, and
governmental entities to identify
disparities between populations, which
facilitates enforcement of fair lending
laws. Other commenters expressed
particular support for the publication of
agricultural lending data, noting that the
inclusion of data from agricultural
creditors would help address
discrimination in farm credit lending.
These commenters cited a long history
of discrimination targeting socially
disadvantaged farmers and producers,
including women-owned and minorityowned farms, in the farm credit market.
Other stated that the 1071 dataset would
help reveal where responsible lenders
are serving small businesses fairly,
aiding in the remediation of
deficiencies, or removing barriers to
equitable lending. A joint letter from
community groups, community-oriented
lenders, and business advocacy groups
stated that the data would reveal
disparities in access to credit in
immigrant communities. Other
community group commenters, along
with two minority business advocacy
groups, stated that application-level
data would improve the understanding
of demographic disparities in small
business lending and support efforts to
identify, address, and eliminate
practices that create lending gaps for
women-owned and minority-owned
small businesses.
PO 00000
Frm 00316
Fmt 4701
Sfmt 4700
Commenters also asserted that the
publication of application-level data
would promote the business and
community development purpose of
section 1071, stating that the data would
provide greater understanding of small
business credit trends, such as lending
dynamics or credit request cycles for
different industries, and would improve
understanding of the small business
lending market more broadly. Some
commenters, including a minority
business advocacy group, stated that
disclosure would help facilitate
development of targeted programs to
help address inequities and foster
efficiency in the small business credit
marketplace. For example, commenters
said disclosure would allow community
groups and lenders to compare how
lenders are meeting community credit
needs, develop score cards on local
lending, identify gaps in lending, and
advocate for low-income and
microbusinesses. A CDFI lender stated
that pricing information data would
allow stakeholders to assess loan
affordability in underserved
communities. Citing the benefits of
increased transparency, a commenter
noted that publishing small business
credit transaction data would support
price discovery by allowing the
comparison of credit costs between
institutions, credit types, and business
types, which is critical for market
efficiency. Commenters also said that
disclosure would help community
groups educate small businesses,
facilitate the development of tools to
effectively identify barriers small
businesses face, and empower owners to
access credit on fair terms.
In contrast, several industry
commenters saw little benefit from
publication because the data would not
include all factors that lenders rely on
to make credit decisions. Some said that
every small business loan is unique and
without contextual information the data
would not meaningfully increase
understanding about the small business
lending market. Others asserted that the
data would be insufficient to conduct
fair lending analyses, suggesting that
data collection and publication are less
effective mechanisms for identifying
discrimination than examinations or
disparate impact analyses. According to
these commenters, HMDA data do not
effectively reveal discrimination in the
mortgage industry. One of these
commenters also stated that publication
would be ineffective because, as
proposed, the data would not enable
identification of additional types of
discrimination, such as discouragement
of particular groups of applicants. Two
E:\FR\FM\31MYR2.SGM
31MYR2
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
lotter on DSK11XQN23PROD with RULES2
lenders suggested that the dataset
duplicate data already required under
HMDA and the CRA. A trade association
suggested that data from credit unions
would not be comparable to data from
other lenders because of communitybased member restrictions. A joint trade
association letter disagreed with the
Bureau’s proposed analysis of the
disclosure benefits of application-level
data, suggesting that the Bureau’s
analysis was vaguely defined and not
clearly linked to the statutory purposes
of section 1071.
Current Approach
The Bureau has considered the
comments above, and also relied on the
NPRM’s discussion of—and requests for
comment on—the potential benefits of
disclosing particular data fields. Given
the comparative lack of comments on
such benefits, the Bureau concludes that
the NPRM’s initial assessments of the
utility of individual data fields were
generally correct.
As Congress recognized, market
transparency through publication of
application-level data will serve to
realize their intended purposes in
section 1071. Publishing such data will
help to identify and discourage
potential fair lending violations in small
business lending, while protecting
responsible lenders from unfair
scrutiny. The Bureau agrees with
commenters that published data will
help address discrimination in
agricultural lending. Publication of this
data will also improve understanding of
small business credit needs and will
provide insights into the small business
lending market, promoting the business
and community development purposes
of section 1071. Increased transparency
can make it easier for small businesses
to access credit efficiently, and easier
for lenders and potential lenders to
identify opportunities in the market,
thereby increasing access to credit.
Moreover, data users, such as
community groups, researchers, and
public officials, will be able to use the
data to help determine whether certain
types of credit are disproportionately
available to different communities.
Insights gained from publication will
enable lenders, advocates, investors,
and the public sector to better meet the
needs of small businesses.
These benefits are material even as
the dataset may not include all factors
that lenders may rely on in making
credit decisions. The Bureau notes the
feedback of SBREFA commenters
discussed in the NPRM and the
numerous comments from lenders, trade
associations, individual commenters,
and community groups discussed above
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
who expressed general agreement that
public data will facilitate the
observation of small business lending
practices in ways that are currently not
possible. For example, data points such
as pricing information and census tract
will facilitate comparison of pricing
data across discrete geographic locations
allowing data users to efficiently
compare credit costs offered by financial
institutions. The relative lack of
substantive comments disagreeing with
the NPRM’s initial assessment of the
benefits of disclosing particular data
fields also speaks to the utility of the
data fields in relation to the stated
statutory purposes.
Commenters did not offer substantive
evidence to back claims that data
collection and publication do not help
facilitate fair lending enforcement. In
addition, whether other approaches to
fair lending enforcement are more or
less effective misses the point that
analysis of data collected under this
rule—as is true for data collected under
HMDA—will contribute to robust and
effective fair lending analysis. Further,
publication of application-level data
collected under the final rule will not
inappropriately duplicate efforts under
HMDA or CRA. Final § 1002.104(b)(3)
excludes HMDA-reportable transactions
from coverage. Data collected under the
final rule will cover more types of
transactions from more institutions than
existing CRA data, and it will include
applications as well as originations. As
discussed in part II.F.2.i and elsewhere,
Federal prudential regulators have
proposed to use data collected under the
CFPB’s final rule, once it becomes
available, for purposes of CRA small
business and small farm lending
assessments, rather than drawing data
from FFIEC Call Reports.870
The benefits from publishing
application-level data are so substantial
that the Bureau is now of the view that
each data field warrants inclusion in
public data, subject to completion of the
Bureau’s full privacy analysis.
Accordingly, the Bureau intends to
publish application-level data except to
the extent that it modifies or deletes
data consistent with its privacy analysis.
4. Privacy Risk
The NPRM considered the risks to
privacy that might result from
publication of application-level data
reported to the Bureau. Based on its
analysis at that time, the Bureau
recognized that publication of the
complete data set, without any form of
modification, could pose risks to
privacy interests. As discussed in more
870 87
PO 00000
FR 33884, 33930 (June 3, 2022).
Frm 00317
Fmt 4701
Sfmt 4700
35465
detail below, this was because certain
data fields could create re-identification
risk and disclosure of some fields would
create a risk of harm or sensitivity.
Accordingly, the Bureau intended to
consider whether pre-publication
modifications or deletions would reduce
these risks to privacy and appropriately
balance them with the benefits of
disclosure.
The Bureau sought comment on the
range of privacy concerns discussed in
the NPRM, including potential reidentification of small businesses and
financial institutions, as well as the
types of harms and sensitivities that
unmodified release of data could have
caused to financial institutions and
small business applicants, which are
described further below. As discussed
above, informed by the comments on
the NPRM, the Bureau’s preliminary
assessment is that it should adjust the
balancing test articulated in the NPRM
to assess, primarily, whether data,
individually or in combination with
other data, create significant reidentification risk for small businesses
and their owners. Though this approach
focuses primarily on re-identification
risk, the privacy harms or sensitivities
discussed below clarify the
consequences of re-identification and
underscore the importance of managing
re-identification risk. Because reidentification is a prerequisite to any
potential harms or sensitivities that may
result from publishing data, the Bureau
also concludes that actions taken to
prevent re-identification will mitigate
those harms or sensitivities for small
business applications and their owners.
In addition, the Bureau’s preliminary
view is that its privacy assessment
should not consider financial institution
privacy interests except where the
Bureau identifies a compelling risk to
such interests.
i. Re-Identification Risk
Proposed Approach
The NPRM explained that, while
information that directly identifies
natural persons, such as name, address,
date of birth, or Social Security number
would not be collected, publication of
application-level data in an unmodified
format potentially could be used to reidentify small business applicants and
related natural persons and potentially
harm their privacy interests. The Bureau
identified two re-identification
scenarios. First, a third party may use
common data fields to match a data
record to a record in another dataset that
contains the identity of the applicant or
related natural person. Second, a third
party may rely on pre-existing personal
E:\FR\FM\31MYR2.SGM
31MYR2
35466
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
lotter on DSK11XQN23PROD with RULES2
knowledge to recognize an applicant’s
record in the unmodified data. The
Bureau used the term ‘‘adversary’’ to
refer to either type of third party.871
Re-identification based on matching.
Under the first scenario, the Bureau
explained that it might be possible to
match a data record to an identified
dataset, either directly or through a
combination of intermediate datasets.872
However, successfully re-identifying a
data record would require several steps
and could present a significant
challenge. An adversary generally
would have to isolate a record that is
unique or rare within the data. A record
is unique or rare when the values of the
data fields associated with it are shared
by zero or few other records. The
Bureau stated that it believed actual
data would be needed to perform an
accurate re-identification analysis.
Thus, it did not intend to apply the
balancing test until after it had analyzed
re-identification risk with a full year of
reported data.
The Bureau explained that a data
record having unique combinations of
values would not automatically result in
re-identification; an adversary would
also have to find a record corresponding
to the applicant or related natural
person in another dataset by matching
similar combinations of data fields.
Once a data record had been matched,
an adversary would possess any
additional fields found in the
corresponding record but not found in
the data record—including, potentially,
the applicant’s identity. However, even
after accomplishing such a match, an
adversary might not have accurately reidentified the true applicant to whom
the data record relates. For example, if
the corresponding record was not the
only record in the other dataset to share
certain data fields with the unique data
record, an adversary would have to
make a probabilistic determination as to
which corresponding record belongs to
the applicant.
The Bureau expected that census tract
and NAICS code, if published as
proposed and without modification,
could significantly contribute to reidentification risk. Geographic and
industry information are publicly
available in a variety of sources and in
a form that directly identifies businesses
or in a way that could be derived with
871 The term does not mean that the adversary’s
motives are necessarily malicious or adverse to the
interests of others. See, e.g., Nat’l Inst. of Standards
& Tech., De-Identification of Personal Information
(2015), https://nvlpubs.nist.gov/nistpubs/ir/2015/
NIST.IR.8053.pdf (using the term ‘‘adversary’’).
872 For these purposes, an ‘‘identified’’ dataset is
one that directly identifies a natural or non-natural
person.
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
reasonable accuracy. This information is
also likely to produce unique instances
in the data, both when used separately,
but particularly when combined. Other
proposed data fields could have resulted
in unique combinations (particularly
when combined with census tract), but
the Bureau stated it would need actual
data to analyze their contribution to
uniqueness.
In this context, the Bureau indicated
that particularly relevant sources of
identified data for matching purposes
were UCC filings, property records, and
titles. Such filings could pose a serious
re-identification risk because of the
availability of information about the
lender, the applicant, and the date of
transaction. For example, an adversary
might be able to use the date and
financial institution listed in UCC
filings to identify the applicants of
originated loans in the public
application-level data. UCC filings also
typically have the address of the
borrower. With this information,
combinations of financial institution
identity, action taken date, and census
tract data might result in unique
combinations that an adversary could
connect to a publicly available source of
information to re-identify the applicant.
With respect to covered loans secured
by residential and commercial property,
publicly available real estate transaction
records and property tax records would
be particularly relevant sources of
identified data, as the Bureau described
in its proposed policy guidance on the
disclosure of loan-level HMDA data.873
Because some of the data fields in such
public records are also present in
application-level data, publication
without any modifications would have
created a risk that these public records
could be directly matched to a data
record. UCC filings also frequently
include the name of the lender, the
name of the business, and the date that
the filing was submitted. Though the
availability differs by State, UCC filings
are often searchable in State databases,
and are frequently mined by data
brokers. UCC statements are often filed
against specific collateral and business
assets generally. The NPRM accordingly
indicated that such filings could pose a
serious re-identification risk.
The NPRM also explained that public
records in loan-level datasets for
programs like the SBA’s 7(a), 8(a), 504,
and Paycheck Protection Program, as
well as State-level registries of womenowned and minority-owned businesses
for contracting purposes, could
contribute to re-identification risk.
These datasets include information such
873 See
PO 00000
82 FR 44586, 44593 (Sept. 25, 2017).
Frm 00318
Fmt 4701
Sfmt 4700
as loan program guarantee information,
industry information or NAICS code,
demographic information about the
business owners, time in business, and
number of employees. As a result, the
time in business and number of workers
data fields might significantly
contribute to reidentification risk,
especially in combination with other
data fields like census tract and NAICS
code. Similarly, loan-level performance
datasets made available by the
Government-Sponsored Enterprises
include information such as borrower
demographic information, loan program
guarantee information, pricing data,
loan term, loan purpose, and the year of
action taken. Asset-backed securities
datasets for securitized mortgage and
auto loans are made available by the
Securities and Exchange Commission
through the Electronic Data Gathering,
Analysis, and Retrieval system. These
datasets, which include information
about the lender, the date of action
taken, pricing data, loan term, loan
amount applied for and approved, are
available online with limited
restrictions on access. But these datasets
do not include the name of the
borrower; as described above, this
means that an adversary who is able to
match a record in one of these datasets
to a record in the data would need to
make an additional match to an
identified dataset to re-identify an
applicant. And some of these datasets
contain restrictions on use, such as a
prohibition on attempting to re-identify
borrowers. Finally, the Bureau noted the
existence of private datasets that might
be matched to the data. For example,
data brokers collect information about
small businesses from a wide range of
sources and sell it for a variety of
purposes, including marketing, identity
verification, and fraud detection.874
These datasets typically include data
collected from commercial, government,
and other publicly available sources and
could contain data such as NAICS code,
location, and estimates of gross annual
income, number of workers, and
information about related natural
persons, including the ethnicity and
race of principal owners.
In addition to considering the steps an
adversary would need to take to reidentify applicants and the various data
sources that may be required to
accomplish re-identification, including
874 See generally Fed. Trade Comm’n, Data
Brokers: A Call for Transparency and
Accountability (May 2014), https://www.ftc.gov/
system/files/documents/reports/data-brokers-calltransparency-accountability-report-federal-tradecommission-may-2014/140527databrokerreport.pdf
(describing the types of products offered and the
data sources used by data brokers).
E:\FR\FM\31MYR2.SGM
31MYR2
lotter on DSK11XQN23PROD with RULES2
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
their limitations, the Bureau considered
the capacity, incentives, and
characteristics of potential adversaries,
including those that might attempt reidentification for harm. In particular, a
competitor or potential competitor
might seek information about a
business’s expansion strategy or
financial condition, including whether
it was able to obtain credit approval. As
the Bureau explained, some adversaries
could possess the resources to use
private datasets in addition to publicly
available records. However, the Bureau
noted the extent to which much of the
commercial benefit to be obtained by reidentifying the data would be more
readily available from private datasets to
which these potential adversaries
already have access without the need for
recourse to the data. In many cases,
information from other datasets could
be timelier than that found in the data.
Furthermore, some of these potential
adversaries might refrain from reidentifying the small business applicant
for reputational reasons or because they
have agreed to restrictions on using data
for these purposes.
Additionally, the Bureau stated that
some academics, researchers, and
journalists may be interested in reidentifying published data for research
purposes. As noted above, however,
some private datasets have contractual
terms prohibiting their use for reidentification purposes and therefore
these persons might be restricted from
actually using the data to re-identify
applicants. Further, some academics or
journalists may be affiliated with
organizations that have reputational or
institutional interests adverse to reidentification efforts.
The Bureau considered whether
parties intending to commit identity
theft or financial fraud may have the
incentive and capacity to re-identify
applicants, but it assessed that the data
would be of minimal use for these
purposes. In addition, such adversaries
are not law abiding and may have
easier, albeit illegal, ways to secure data
for these purposes than attempting to reidentify application-level data.
Re-identification based on personal
knowledge. The NPRM also noted the
potential for re-identification based on
personal knowledge. Location, as well
as demographic and industry
information, might well be known to an
adversary familiar with an applicant,
meaning that they might be able to reidentify an applicant without matching
a record to another dataset. The Bureau
explained that the personal knowledge
possessed by such an adversary would
be limited to information about a subset
of applicants and related natural
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
persons. Thus, any such reidentification would impact a more
limited number of applicants or natural
persons than might be re-identified by
adversaries possessing sophisticated
matching techniques. The Bureau
explained that uncertainty over the
extent of relevant personal knowledge
posed challenges for evaluating how
much individual data fields contribute
to this re-identification risk. For these
reasons, the NPRM generally focused on
matching-based risk. However, the
Bureau sought comment on how to
assess re-identification risk arising from
personal knowledge.
Applications that do not result in
originations. In its final policy guidance
on the disclosure of loan-level HMDA
data, the Bureau explained that the risk
of re-identification to applicants is
significantly lower for applications that
do not result in originated loans.875 A
lack of public information about
applications significantly reduces the
likelihood that an adversary could
match the record of a HMDA loan
application that was not originated to an
identified record in another dataset. In
the NPRM, the Bureau stated that it had
not identified any publicly available
information about applications for
business loans. However, unmodified
data might still contain data fields that
facilitate the re-identification of
applicants. For example, census tract
and NAICS code data could result in
unique combinations that an adversary
could use to match to an identified
public record, such as a business
directory.
Overlap between HMDA and 1071
data generally. The Bureau proposed
that some covered applications would
also be reported under HMDA.876 The
public loan-level HMDA dataset
contains data fields in addition to, or
that overlap with, the proposed data
fields, and the proposed data would
have included data fields not included
in the public loan-level HMDA dataset.
The Bureau recognized that, in cases of
overlap, some data fields may have
required additional analysis with
respect to risks of harm or sensitivity
and re-identification posed by such
overlap. The Bureau sought comment on
this issue and the implications of
potential re-identification risk and
potential risk of harm or sensitivity for
applications reported under both
section 1071 and HMDA.
875 See 84 FR 649, 658 (Jan. 31, 2019); see also
82 FR 44586, 44593 n.55 (Sept. 25, 2017).
876 See the section-by-section analysis of
§ 1002.104 for additional details.
PO 00000
Frm 00319
Fmt 4701
Sfmt 4700
35467
Comments Received
The Bureau received comments from
lenders, trade associations, community
groups, a business advocacy group, a
software vendor, and several
individuals on re-identification risk
posed by the publication of unmodified,
application-level data. Nearly all of
these commenters agreed that reidentification risk, either through
matching or via personal knowledge,
should be considered by the Bureau
when determining whether to modify or
delete data for publication.
Many industry commenters and a
business advocacy group saw a high risk
of data being used to re-identify
applicants and related natural persons
and that this would disclose harmful or
sensitive private information. Some
industry and individual commenters
agreed that re-identification risk will be
higher as a result of data point
combinations; several pointed to the
combination of NAICS and census tract.
One commenter stated that because reidentification risk depends on the
distinctness of the data being published
and on the ability to match that data to
other datasets, the Bureau should
consider privacy risk for the overall
dataset rather than for each data point.
Another stated that unpredictable
changes in re-identification technologies
may make data that are currently
impossible to re-identify susceptible to
re-identification in the future.
Commenters also stated that businesses
in rural areas face particular reidentification risk because of the
likelihood that those areas have low
populations and a low number of small
businesses. Several commenters also
saw re-identification risk in rural areas
as more relevant to certain products,
such as agricultural lending, that are
concentrated in such areas. A group of
trade associations said that CRA data are
not published at the application-level,
in part because geography can
contribute to the increased risk of reidentification.
In contrast, some commenters,
primarily consisting of community
groups, asserted that re-identification
risk, either through matching or because
of personal knowledge, is low. Two
commenters stated that the risk is low
because much of the information that
would be included in the 1071 dataset
is already publicly available, either in
commercial data sources or as a result
of data breaches. Some commenters also
stated that there have been no reported
incidents of HMDA data, which is
similar to 1071 data, being used to reidentify individuals. One said that the
effectiveness of modifications and
E:\FR\FM\31MYR2.SGM
31MYR2
35468
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
deletion techniques for HMDA data
suggest that similar modifications and
deletions will nullify the reidentification risk for 1071 data. The
Bureau did not receive comments about
its assumption that data on applications
that do not result in originations pose
lower re-identification risk than data on
originated applications.
lotter on DSK11XQN23PROD with RULES2
Current Approach
In the Bureau’s preliminary
assessment, re-identification risk of
small business applicants and their
owners is the core privacy risk
associated with data publication. While
the primary focus of the Bureau’s
intended privacy analysis is the impact
of re-identification risk on personal
privacy interests, controlling
reidentification risk will naturally
mitigate other privacy risks and harms,
including commercial privacy risks for
small businesses. The prevailing view of
commenters was that unmodified
application-level data poses reidentification risks that the Bureau
should consider when making
modification and deletion decisions.
The Bureau also agrees with
commenters that data point
combinations, particularly the
combination of NAICS and census tract,
pose particular re-identification risks,
and it intends to take this into account
in making modifications and deletions.
The Bureau agrees that small
businesses in small or rural areas may
face heightened re-identification risk.
However, overall re-identification risk
depends on multiple factors. For
example, while the overall transaction
volume in a rural area may be lower
than in an urban area, concentration of
certain credit products in rural areas
may change how much of an impact low
transaction volume has on reidentification risk. Thus, the Bureau
does not intend to rely on a categorical
determination that geographical area
types or particular census tracts will
contribute to the risk of re-identification
in every circumstance. The Bureau
intends to determine whether targeted
modification of individual data fields
sufficiently mitigates privacy risks from
geographical identifiers, rather than
relying on wholesale deletion of data
from rural areas.
The Bureau agrees that it is difficult
to predict how technology will evolve in
the future and impact re-identification
risk. This is one reason it intends to
track developments in the small
business lending market, continue to
engage with stakeholders, and reassess
its privacy approach as necessary. The
Bureau intends to preserve flexibility so
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
that its privacy analysis can evolve with
changes to privacy risks.
The Bureau assesses that modification
and deletion techniques can effectively
limit re-identification risk and therefore
concludes that completely withholding
data—which would be contrary to
section 1071’s statutory purposes and
express disclosure provisions—is not
necessary to manage re-identification
risk. As noted by commenters,
modification and deletion techniques
have effectively reduced reidentification risk from HMDA data, and
the Bureau anticipates the same result
with this data. The existence of some
data that matches with existing data sets
is not grounds to forego the full privacy
analysis of collected data that will allow
it to make targeted modification and
deletion decisions to protect privacy
interests.
For the reasons given above and as
discussed in part VIII.B.4.ii below, the
Bureau preliminarily views reidentification risk as the most
significant privacy risk associated with
publishing application-level data—and
thus the most important privacy risk to
consider in making modification and
deletion decisions. Re-identification is a
prerequisite to any potential harms or
sensitivities that small business
applicants or related natural persons
may experience from publishing such
data. As the risk of re-identification is
reduced, the risk of harm caused by
disclosing harmful or sensitive
information also will be reduced.
Further, as discussed below, because
almost all the harms and sensitivities to
financial institutions result from
concerns about small business applicant
or related natural person reidentification, preventing such reidentification will also prevent the most
serious harms and sensitivities for
financial institutions.
ii. Risk of Harm or Sensitivity
Proposed Approach
The NPRM considered whether a reidentified application-level record
would disclose information about an
applicant, related natural person, or
financial institution that is not
otherwise public and may be harmful or
sensitive. Specifically, the Bureau
evaluated whether such data could be
used for harmful purposes such as fraud
or identity theft or the targeted
marketing of products and services that
may pose other risks. The NPRM
evaluated whether the data could cause
competitive harm to small business
applicants or to financial institutions. It
also evaluated whether certain data
fields might be viewed as sensitive if
PO 00000
Frm 00320
Fmt 4701
Sfmt 4700
associated with a particular applicant,
related natural person, or financial
institution. In evaluating the potential
sensitivity of a data field, the Bureau
considered whether disclosure of the
data field could cause dignitary or
reputational harm to small business
applicants, related natural persons, and
financial institutions.
The NPRM explained that some
identifiable information about small
business lending is already publicly
available. Such information is both in
public records and in private datasets
with varying barriers to access and
restrictions on use. The Bureau’s
analysis accordingly considered the
degree to which disclosure would
increase this risk relative to the risk that
already exists. In general, where a data
field was already publicly available, the
NPRM saw a reduced risk of harm or
sensitivity from its further disclosure.877
The Bureau considered whether the
data could be used for harmful purposes
such as fraud or identity theft or the
targeted marketing of products and
services that may pose other risks. The
Bureau’s initial view was that
unmodified application-level data
would be of minimal use for
perpetrating identity theft or financial
fraud against applicants or related
natural persons. As proposed,
application-level data would not
include information typically required
to open new accounts in the name of a
small business’s principal owner, such
as Social Security number, date of birth,
place of birth, passport number, or
driver’s license number. Additionally,
the data would not include information
useful to perpetrate existing account
fraud, such as account numbers or
passwords. The Bureau acknowledged,
however, that almost any information
relating to a small business could, in
theory, be used for these purposes. For
example, unmodified data could
potentially be used in a phishing attack
against an applicant, or for knowledgebased authentication. Some such data,
however, may already be available from
public and private sources. The Bureau
also noted, on the basis of its expertise
and analysis, that the publication of
HMDA data—which contain many data
fields that are similar to data fields that
would be disclosed under the
proposal—has not resulted in any
measurable increase in fraud or identity
theft against mortgage applicants.
877 However, where a data field was already
publicly available, disclosing that data field in the
data may have enabled the matching of data to other
datasets that may not have been controlled by the
Bureau, which could have substantially facilitated
re-identification or the disclosure of harmful or
sensitive information.
E:\FR\FM\31MYR2.SGM
31MYR2
lotter on DSK11XQN23PROD with RULES2
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
The Bureau also considered potential
impacts on targeted marketing of
products and services. The Bureau
explained that although the data could
be used to market products and services
that would have been beneficial for
small businesses—perhaps increasing
competition among creditors that could
help small businesses receive better
terms—they could also be used to target
potentially vulnerable small businesses
with marketing for products and
services that may have posed risks that
were not apparent. For example, users
might perceive certain data to reveal
negative information about an
applicant’s financial condition or
vulnerability to scams relating to debt
relief or credit repair. Information about
a loan might also be used for a practice
known as ‘‘stacking,’’ in which creditors
may obtain lead lists based on publicly
available information and offer followon loans or advances that add to the
debt burden carried by small businesses.
Some creditors might also use the data
for deceptive marketing practices.
However, the Bureau noted that the
utility of the data for predatory
marketing practices may be limited by
delay between action taken on a loan
and data publication.
The Bureau considered whether
unmodified data would result in
competitive harm to small business
applicants or related natural persons by
disclosing general information about a
small business’s use of credit that was
not currently available to the general
public. The Bureau acknowledged that
certain data points in unmodified form
could reflect negatively on the financial
condition of a business or its owners.
The Bureau also considered the
potential for competitive harm to
financial institutions. As discussed
below with respect to the financial
institution identifying information that
would be reported pursuant to proposed
§ 1002.109(b), the Bureau proposed to
identify the financial institution in the
public application-level data. Therefore,
the data could reveal general
information about a financial
institution’s lending practices that is not
widely available to the general public.
As the Bureau explained, data fields
such as census tract, NAICS code, credit
type, and pricing could disclose
information about where a financial
institution is doing business, what
industries it is doing business with,
what kinds of products it is offering,
and what kinds of prices it is charging,
respectively. Additionally, if a small
business applicant were re-identified, a
financial institution’s competitors could
identify the small businesses to which
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
the financial institution is offering or
providing credit. A financial institution
could then potentially offer credit to a
particular small business at a lower
price than they currently received.
However, the Bureau did not assess that
unmodified application-level data
would include key inputs for, or be
detailed enough, to substantially
facilitate reverse-engineering of
proprietary lending models. For
example, it would not have included
information about an applicant’s credit
history. The NPRM also noted
stakeholder concern that data could
harm financial institutions by increasing
the amount of litigation against them.
The Bureau sought comment on this
risk.
With respect to feedback that
disclosing information about applicants
in rural areas could lead them to seek
financing elsewhere, the Bureau noted
that would not necessarily reduce the
risk that someone in the small
business’s community may ultimately
re-identify them because the data would
be reported with respect to the location
of the business, as discussed in the
section-by-section analysis of
§ 1002.107(a)(13).
In addition to considering whether
the disclosure of a data field could lead
to financial or other more tangible
harms, the Bureau also considered
whether the data might be viewed as
sensitive. In assessing whether a data
field creates a risk of sensitivity, the
Bureau evaluated whether its disclosure
could lead to dignitary or reputational
harm to small business applicants or
related natural persons. For example, if
re-identified, the data could reveal
information that casts a negative light
on a small business’s financial
condition, such as the fact that a loan
was denied due to a business’s credit
characteristics or cashflow.
The Bureau also evaluated whether
the disclosure of a data field could
cause reputational harm to financial
institutions. The Bureau discussed
stakeholder concerns that the data could
lead users to draw unfounded
inferences about discrimination. The
Bureau noted that several of the data
fields, if disclosed in unmodified form,
would help address this concern by
serving as control variables. For
example, many financial institutions
consider a small business’s revenue
when assessing the risk of extending
credit. As a result, disclosing gross
annual revenue data would help ensure
that data users who are evaluating
potential disparities in underwriting or
pricing can compare small businesses
with similar revenues, thereby
controlling for a factor that might
PO 00000
Frm 00321
Fmt 4701
Sfmt 4700
35469
provide a reason for some disparities.
The Bureau also noted that it does not
expect that data alone could generally
be used to determine whether a lender
is complying with fair lending laws. The
Bureau expected that, when regulators
conduct fair lending examinations, they
would analyze additional information
before reaching compliance
determinations.
The Bureau also considered general
expectations with respect to what
information is available to the general
public. For example, the Bureau
explained that disclosing gross annual
revenue in unmodified form could
disclose sensitive information because it
could reflect the financial condition of
a small business or, where a small
business is a sole proprietorship, a
particular individual. This type of
information is typically not available to
the general public. The Bureau also
acknowledged concerns that some small
businesses and their owners would
consider seeking credit sensitive, or
would consider the disclosure of a
banking relationship sensitive because
others may draw adverse inferences
about the small business’s financial
condition. These are concerns about
sensitivity that would result from the reidentification of the applicant, rather
than from the disclosure of particular
data fields. The Bureau sought to
address these concerns by mitigating the
risk of re-identification.
Comments Received
The Bureau received comments in
this area from a range of commenters
including lenders, trade associations,
business advocacy groups, and
community groups.
Risk of identity theft or fraud. Some
industry and academic commenters
stated that the data points may subject
small business applicants and related
natural persons to an increased risk of
fraud or identity theft. Commenters also
stated that publication may expose
financial institution employees, such as
the financial institution contact reported
under § 1002.109(b)(3), to fraud or
identity theft actions, such as phishing
attacks. Another commenter stated that
rural applicants will be easily
identifiable in data and, as a result, at
greater risk of fraud.
Risk of targeted marketing harms. A
group of bank trade associations and a
business advocacy group asserted that
public data could be collected and sold
to interested third parties, potentially
for targeted marketing purposes. No
commenters asserted financial
institutions would experience such
harms.
E:\FR\FM\31MYR2.SGM
31MYR2
lotter on DSK11XQN23PROD with RULES2
35470
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
Risk of competitive harms. Several
industry commenters and a business
advocacy group expressed concern that
the disclosure of application-level data
would pose risks of competitive harm to
small business applicants or related
natural persons. Some commenters
stated that if an applicant is reidentified, competitors will gain nonpublic insights into financial
information directly bearing on that
small business’s long term financial
health and competitive goals. Some
commenters noted that larger
competitors may be more likely to gain
information about the financial health
and long-term business goals of small
businesses. For example, a lender
asserted that larger companies may use
the data to outbid smaller competitors.
Other commenters stated that data may
reveal non-public information about a
small business’s use of credit, such as
financing terms, that competitors may
use to their competitive advantage.
Some industry commenters and a
business advocacy group stated that
small business applicants may
experience reduced availability or
increased cost if other financial
institutions learn of their small business
loans or loan terms, which would
reduce their ability to obtain liquidity or
increase their operating costs as
compared to their competitors. These
commenters asserted that publication
may impose increased compliance costs
and litigation risks on financial
institutions that are passed on to small
business applicants or that cause
financial institutions to limit credit to
borrowers with higher risk profiles to
prevent losses.
Many industry commenters stated
that publication will present significant
risk of competitive harms to financial
institutions. Commenters asserted that
application-level data may be used to
identify or reverse-engineer proprietary
lending information, such as
underwriting requirements or pricing
models. One commenter asserted that if
the pricing information and action taken
data points could be used to determine
a lender’s limits for other credit terms
that are not collected under the rule,
such as the APR limit, the lender’s
competitors would be able to undercut
or otherwise compete with those terms,
for example by offering lower rates. This
commenter stated that while lower
APRs are generally beneficial for
consumers, this may come at the cost of
lower quality service. A lender
suggested that data points such as gross
annual revenue and the time in business
may be used to reverse-engineer a
financial institution’s proprietary
lending strategy. Another commenter
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
asserted that data points for private
label credit, such as the pricing
information or census tracts, are
particularly commercially sensitive to
financial institutions and there is risk
that disclosure of this information will
cause competitive harm.
Other industry commenters indicated
that competitive harm experienced by
financial institutions may have broader
impacts on the small business lending
market. Some commenters suggested
that if public data reveals proprietary
commercial lender information,
financial institutions may be compelled
to engage in anti-competitive behavior,
such as price-fixing, that restricts credit
or offers less favorable terms, because it
will effectively homogenize the market
and limit their ability to compete with
one another. One asserted that
compliance concerns due to publication
could result in reduced product
availability by financial institutions, as
they asserted was seen after publication
of HMDA and CRA data.
Some industry and academic
commenters stated that competitive
harm may particularly impact smaller or
rural financial institutions. They
asserted that because these lenders have
fewer small business customers than
larger financial institutions, their
customers are at a higher risk of reidentification. As such, it may be easier
for the larger competitors of smaller or
rural financial institutions to approach
their small business applicants to
underprice the loans and offer better
terms. These commenters stated that
smaller and rural financial institutions
may have less flexibility to respond to
resulting competitive harms because of
their size and lower applicant volume.
Risk of reputational harms. An
industry commenter and a business
advocacy group stated that small
business applicants and related natural
persons will be subject to reputational
risks as a result of publication. For
example, one noted that if applicants
are re-identified, small business owners
may experience harm, discrimination,
or stigmatization from disclosure of
certain data points, such as race, sex,
and ethnicity. Other industry
commenters stated that financial
institutions may also experience
reputational harms. Many commenters
stated that risks of reputational harm
and frivolous litigation will result from
incorrect conclusions about the data
drawn by the public or regulators. These
commenters asserted that incorrect data
conclusions could result from the
unique characteristics of small business
lending generally, particular credit
scenarios common within small
business lending, and the fact that the
PO 00000
Frm 00322
Fmt 4701
Sfmt 4700
data will not reflect all factors that went
into underwriting decisions. For
example, some commenters asserted
that there is particular risk of
misunderstanding with Farm Credit
System credit based on how dividends
are provided and the legal limitations
for such loans. These commenters
explained that because statutory
provisions for Farm Credit System
credit have specific coverage criteria,
data may disclose a justified, but
disproportionately high, rate of
application denial. Additionally,
commenters explained that Farm Credit
System institutions may appear to
charge a higher interest rate to certain
borrowers but that the interest rates are
offset by dividends based on the
borrower’s patronage.
A few industry commenters cited
potential discrepancies between data
points and those that appear in other
sources, which could increase the risk
of reputational harm and litigation for
financial institutions. These
commenters said that because data
requirements for these other sources are
not the same as proposed requirements,
but are labeled with the same identifier,
the resulting variations could unfairly
increase scrutiny or lead to inaccurate
conclusions. These commenters were
especially concerned about this risk for
loans subject to HMDA or CRA.
Additionally, some industry
commenters stated that financial
institutions’ reputations for protecting
applicants’ privacy may be impacted by
data publication. Commenters noted
that applicants may have concerns
about providing information and may
feel that conversations with a financial
institution are less confidential because
certain information is being disclosed to
the government. One commenter
mentioned that if a financial institution
or the Bureau experiences a data breach,
the financial institution may not be
viewed as trustworthy by applicants.
In contrast, other commenters stated
that published data will decrease
reputational and litigation risks for
financial institutions. According to one
commenter, the data will provide
evidence of responsible lenders’ fair
lending practices, which will give them
a competitive advantage over less
scrupulous financial institutions.
Additionally, a few commenters stated
that reputational and litigation harm
risks from publication can be mitigated
by disclaimers, as well as by data
modifications and deletions. For
example, these commenters stated that
any data publication should include a
statement for agricultural lending credit
types that Farm Credit System entities
E:\FR\FM\31MYR2.SGM
31MYR2
lotter on DSK11XQN23PROD with RULES2
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
can only lend to applicants that are
eligible under the Farm Credit Act.
Other harms or sensitivities.
Commenters identified three additional
harms that were not discussed in the
NPRM: physical harms, data security,
and harm to applicants’ relationship
with, or trust in, financial institutions.
A software vendor and several
individual commenters stated the
Bureau should consider physical harm
or personal security threats that could
result from publication. For example, a
few commenters stated that if an
applicant’s LGBTQI+ status was
revealed, the applicant may face threats
to their personal security due to
discrimination.
One industry commenter stated small
business applicants or related natural
persons may be exposed to data
breaches because financial institutions
will store and transmit data online.
Some industry and business advocacy
group commenters asserted that a data
breach could cause privacy risks for
financial institutions, including
reputational harm related to litigation.
The commenters said this would be true
even if the Bureau were the breached
entity, and that the Bureau must take
action to protect reported data from
potential breaches. Some also requested
that the Bureau detail the steps it will
take to protect data from breach or to
indemnify financial institutions
impacted by data breaches arising from
a breach to the Bureau. One commenter
stated that the Bureau should seek
comment on its data security safeguards.
Some commenters, mainly from
industry, identified potential impacts
that privacy risks may have on the
relationships between small business
applicants and financial institutions.
Some commenters stated that the
publication may create friction in the
lending process due to negative public
sentiment. These commenters asserted
that, because small business applicants
may view the data collection methods as
invasive or because financial
institutions may feel obligated to reduce
tailored credit underwriting to prevent
misconceptions about lending practices,
financial institutions may not be able to
provide customer service at the level
currently obtained. Other commenters
noted that applicants who are
concerned about the privacy or security
of this data may be hesitant to seek
credit or they might seek credit from
more expensive unregulated sources.
Current Approach
As discussed below, the Bureau’s
preliminary view is that the risk of harm
or sensitivity to small businesses and
related natural persons is significant
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
and should be considered in its privacy
assessment. The Bureau’s current intent
is to address these risks primarily by
controlling for re-identification risk. The
Bureau is particularly focused on risks
to personal privacy interests. Such
interests may involve protected
demographic information or information
about personal finances that could have
reputational impact if disclosed; for
example, this might include the
reputational impact of a credit denial
arising from a personal credit score.878
The Bureau also intends to consider
certain commercial risks of harms and
sensitivities to small businesses when
modifying or deleting data. The Bureau
does not currently intend to consider
financial institution privacy interests in
its analysis unless there is a compelling
privacy risk.
Risk of identity theft or fraud. Based
on comments received, the Bureau
views any risk of identity theft or fraud
for small business applicants or related
natural persons resulting from the
publication of data to be predicated on
the small business applicant or related
natural person being re-identified. As to
comments that publication of financial
institution contact information will
subject financial institution employees
to identity theft or fraud, such as
phishing attempts, consistent with the
NPRM, the Bureau plans to exclude
from publication the name and business
contact information of a person who
may be contacted with questions about
the financial institution’s submission
from the public application-level data.
Risk of targeted marketing harms.
Targeted marketing harms likewise
presuppose that a small business
applicant or related natural person is reidentified.
Risk of competitive harms. Potential
competitive harms, including
information about a small business’s
long term financial health and
competitive goals, are also predicated
on re-identification. For example,
commenters stating that an applicant’s
competitors may gain insights into its
financial health, competitive strategy,
878 For example, § 1002.107(a)(11) requires a
covered financial institution to report the principal
reason or reasons the financial institution denied a
covered application. Comment 107(a)(11)–1.ii states
that a covered financial institution reports the
denial reason as ‘‘credit characteristics of the
principal owner(s) or guarantor(s)’’ if it denies the
application based on an assessment of the principal
owner(s) or guarantor(s)’s ability to meet its current
or future credit obligations. Examples include
principal owner(s) or guarantor(s)’s credit score,
history of charge offs, bankruptcy or delinquency,
low net worth, limited or insufficient credit history,
or history of excessive overdraft. Thus, data about
a denial reason may provide personal information
about a principal owner’s personal financial health
that may not otherwise be known to the public.
PO 00000
Frm 00323
Fmt 4701
Sfmt 4700
35471
and goals all assumed that the small
business applicant is first re-identified.
The Bureau does not view data
publication as increasing a financial
institution’s compliance costs and
litigation risks, such that increased costs
and risks would result in increased fees,
reduction in credit program availability,
or reduce credit availability for
applicants with weak credit profiles.
Historical evidence from HMDA
suggests that such impacts will be
minimal. Notwithstanding similar
contentions prior to the 2015 HMDA
Final Rule, the Bureau recently reported
that, based on 2021 HMDA data, trends
in mortgage origination continued to
increase since the HMDA rule became
effective in 2018.879 Based on this
experience with HMDA, the Bureau
does not anticipate that this final rule
will significantly increase the cost of
credit products, reduce credit product
availability, or result in otherwise
unnecessary tightening of underwriting
criteria.880
The Bureau also disagrees that
publication will reveal proprietary
lending information, thereby resulting
in competitive harm to financial
institutions. Unmodified applicationlevel data will not include key inputs
for, or be detailed enough, to
substantially facilitate the reverseengineering of proprietary lending
models. For example, it will not include
applicants’ credit score data. Other
comments expressing concern that the
data collected would provide only an
incomplete picture of the financial
institution’s lending practices
confirmed that other key information
about underwriting will not be
collected. These omissions should
prevent competitors from reverseengineering proprietary lending models
and make it unlikely that financial
institutions could use the data to engage
in anti-competitive behavior like pricefixing.
By the same token, there is no basis
for small or rural financial institutions
879 The 2015 HMDA Final Rule noted that
SBREFA SERs and NPRM commenters stated that
compliance costs meant that financial institutions
would increase price, reduce availability, or exit
markets. See 80 FR 66127, 66296 (Oct. 28, 2015).
But the Bureau’s 2021 HMDA Data Point notes that
mortgage origination trends have continued to
increase since that rule became effective in 2018.
Mortgage origination volume has increased from
4.14 million in 2018 to 5.13 million in 2021.
Similar increases were seen in application volume.
See CFPB, Data Point: 2021 Mortgage Market
Activity and Trends (Sept. 19, 2022), https://
files.consumerfinance.gov/f/documents/cfpb_datapoint-mortgage-market-activity-trends_report_202209.pdf.
880 See part IX.F.4’s analysis of small business
costs for more information about the magnitude of
these effects.
E:\FR\FM\31MYR2.SGM
31MYR2
35472
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
lotter on DSK11XQN23PROD with RULES2
to be at more significant risk of this type
of harm. The Bureau acknowledges that
the risk of re-identification of small
business applicants and related natural
persons may be greater in smaller or
rural areas, but that does not increase
the risk of proprietary lending models
being disclosed.
Risk of reputational harms.
Reputational harm to small business
applicants and related natural persons is
also predicated on re-identification.
The Bureau does not agree that
publication will increase a responsible
financial institution’s reputational risk.
While the Bureau recognizes that
financial institutions may need to
defend against some increased litigation
about their small business lending
practices, it agrees with commenters
that publication will help responsible
financial institutions defend against
such litigation, accordingly making it
less likely to occur in the first place.
The Bureau similarly agrees with
commenters that responsible financial
institutions will be able to use the data
as evidence of their fair lending
compliance, as well as to prevent or
counter erroneous claims that the
institution is engaging in discriminatory
practices. The Bureau has not seen any
significant detrimental impact on
mortgage applicants’ trust in financial
institutions, and HMDA-covered
mortgage originations have increased
since the Bureau’s amendments to
Regulation C went into effect in 2018.881
As in the mortgage market, requesting
and publishing data from applicants
does not have enough reputational
impact on financial institutions to
impair origination activity.
With respect to reputational risk
arising from overlapping databases, the
Bureau is finalizing a coverage
exception for transactions covered by
the Bureau’s HMDA rule.882 In addition,
many datasets contain data types that
already overlap with HMDA and CRA
data. There is accordingly no
compelling reason to expect that
publishing application-level data will
significantly increase whatever risk
already exists from HMDA coverage.
As to comments that assert that Farm
Credit System products may be
incomparable to other credit product
types, thereby creating the risk of
881 Mortgage origination trends since the HMDA
rule became effective in 2018 suggest that any
distrust resulting from financial institutions seeking
HMDA data has not deterred applicants from
continuing to seek credit. See CFPB, Data Point:
2021 Mortgage Market Activity and Trends (Sept.
19, 2022), https://files.consumerfinance.gov/f/
documents/cfpb_data-point-mortgage-marketactivity-trends_report_2022-09.pdf.
882 See § 1002.104(b)(2).
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
reputational harm or frivolous litigation,
the data will provide sufficient
opportunity for Farm Credit System
entities to prevent and refute any
erroneous conclusions. The Bureau
agrees with commenters that this harm
can be averted by distinguishing Farm
Credit System loans in the dataset. The
Farm Credit System is one of the
identified types of financial institutions
for the data required under
§ 1002.109(b)(9).883 As a result, users
can filter the data accordingly. Farm
Credit System financial institutions can
also filter to defend against any
conclusions they believe are inaccurate
because of comparisons outside the
Farm Credit System.
Other harms or sensitivities. The
Bureau agrees that the privacy
assessment should take account of risks
of physical harm and personal security
threats to applicants or related natural
persons, as well as the potential for
data, once available, to be used by third
parties to single out or target certain
applicants or related natural persons for
discriminatory treatment. Reidentification in some circumstances
could result in significant risks,
including threats of physical or personal
harm and discrimination. The risks
raised by commenters are supported, for
example, by Hate Crime Statistics
reported by the Federal Bureau of
Investigation (FBI) through its Uniform
Crime Reporting Program,884 and by
Equal Employment Opportunity
Commission data.885 The Bureau
believes that the risk to personal privacy
interests arising from physical harm,
personal security threats, and
discrimination resulting from
information about protected
characteristics warrant significant
consideration when the Bureau
883 See
comment 109(b)(9)–1.vii.
2019, the FBI’s Uniform Crime Reporting
Program reported that in single-bias incidents,
1,492 victims were targeted because of their sexual
orientation and 227 victims because of their gender
identity. See Fed. Bureau of Investigation, 2019
Hate Crimes Statistics, https://ucr.fbi.gov/hatecrime/2019/topic-pages/tables/table-1.xls (last
visited Mar. 20, 2023).
885 The Equal Employment Opportunity
Commission reports that from FY 2014 through FY
2021, approximately $43.5 million dollars of
monetary benefits were paid on LGBTQ+-based sex
discrimination charges. The amount has increased
from $2.2 million to $9.2 million over this period.
It also reports that it received 13,546 LGBTQ+based sex discrimination charges in the same time
period, with annual charges increasing from 1,100
in FY 2014 to 1,968 in FY 2021. https://
www.eeoc.gov/data/lgbtq-based-sex-discriminationcharges (last visited Mar. 20, 2023). See also Off.
of Mgmt. & Budget, Off. of the Chief Statistician of
the U.S., Recommendations on the Best Practices
for the Collection of Sexual Orientation and Gender
Identity Data on Federal Statistical Surveys 8–9.
884 For
PO 00000
Frm 00324
Fmt 4701
Sfmt 4700
considers modifications or deletions to
data.
However, historical evidence
indicates that data publication will have
little long-term impact to relationships
between applicants and financial
institutions. The Bureau reported in
2021 that mortgage originations subject
to HMDA continued to increase despite
the HMDA rule becoming effective in
2018.886 Based on this and earlier
experience with HMDA, the Bureau
does not agree that publication will
drive small business applicants to seek
alternative financing options to avoid
disclosure. The HMDA evidence also
suggests that any potential increase in
costs after this rule becomes effective
will not be prohibitive for applicants
seeking financing from a regulated
financial institution and that market
volume will not be substantially
impacted.
Finally, the Bureau takes strong
measures to mitigate and address any
risks to the security of sensitive data it
receives, consistent with the guidance
and standards set for Federal
information security programs. The
agency is accordingly committed to
protecting the privacy and information
security of the data it receives from
financial institutions under this rule. In
addition, the Bureau does not agree that
a financial institution could be held
legally liable for the exposure of data
due to a breach at a government agency
or for reporting data to the Bureau if the
institution was legally required to
provide the data and did so in
accordance with other applicable law.
Based on the record to date, the
Bureau intends to consider the risk of
harms to small business applicants and
related natural persons discussed above
in its privacy risk assessment. However,
the risks of harms or sensitivities to
small businesses and related natural
persons discussed by commenters
logically assume re-identification
already occurred. The harms and
sensitivities recognized above clarify the
consequences of re-identification and
underscore the importance of managing
re-identification risk. Additionally, the
Bureau’s preliminary view is that
privacy risks to financial institutions are
less significant compared to both
personal privacy interests and nonpersonal commercial privacy risks to
small business applicants and related
natural persons. Many of the harms
attributable to financial institutions
886 Compare 80 FR 66127, 66296 (Oct. 28, 2015),
with CFPB, Data Point: 2021 Mortgage Market
Activity and Trends (Sept. 19, 2022), https://
www.consumerfinance.gov/data-research/researchreports/data-point-2021-mortgage-market-activitytrends/.
E:\FR\FM\31MYR2.SGM
31MYR2
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
noted by commenters are only likely if
small business applicants are reidentified, are not likely to occur based
on the history of HMDA data
publication, or exist independent of the
data and therefore do not result from
publication. As a result, measures that
the Bureau takes to reduce reidentification risk will also reduce the
risk of harms to financial institutions.
Thus, the Bureau intends to consider
modifying or deleting data to protect a
financial institution privacy interest
where data publication creates a
compelling privacy risk.
5. Privacy-Informed Modification and
Deletion
lotter on DSK11XQN23PROD with RULES2
Proposed Approach
Generally. The NPRM stated that
where disclosure of an individual data
field, alone or in combination with
other fields, would pose risks to privacy
that were not justified by the benefits of
disclosure to 1071’s purposes, the
Bureau would consider whether it could
appropriately balance the privacy risks
and disclosure benefits through
modification techniques or whether the
field should be deleted from the public
dataset. The Bureau stated that it also
would evaluate the risks and benefits of
disclosing a data field in light of
modifications or deletions considered
for other data fields. Where the Bureau
determines that modification of a data
field is appropriate, the Bureau stated
that its consideration of the available
forms of modification for the 1071 data
would also be informed by the
operational challenges associated with
various forms of modification and the
need to make application-level data
available to the public in a timely
manner.
In general, the Bureau stated that
deleting or modifying data because the
data would disclose general information
about a financial institution’s lending
practices—compared with information
that could substantially facilitate, for
example, the reverse-engineering of a
financial institution’s proprietary
lending models—would be inconsistent
with section 1071, which directly
contemplates disclosure of financial
institution identity in connection with
the public application-level dataset.887
Each of the data fields prescribed by the
statute—with the exception of the
application number—could provide
some insight into a financial
institution’s lending practices. If the
Bureau were to exclude data on this
basis, therefore, it would exclude
virtually all of the statutorily required
887 See
ECOA section 704B(f)(2)(B).
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
1071 data points from the public data,
frustrating both of the statutory
purposes of section 1071.888 While the
Bureau acknowledged financial
institutions’ concern about the litigation
and reputational risks involving 1071
data, the Bureau did not believe that
this concern would justify the exclusion
of data from public disclosure. One of
the statutory purposes of section 1071 is
to facilitate enforcement of fair lending
laws, which authorize enforcement by
parties other than the Bureau.889
Additionally, section 1071 contemplates
that financial institutions would make
their own application-level data
available to the public, which
necessarily entails their
identification.890
In light of the statutory purposes, the
Bureau intended to modify or delete
data only as needed under the balancing
test prior to public disclosure. The
NPRM discussed associated
modification techniques with respect to
specific data points. Where no specific
modification technique was described
with respect to a particular data point,
the Bureau stated that it had not
identified an obvious modification
technique other than swapping,
suppression, or deletion.
While certain information that
directly identifies applicants or related
natural persons generally would not be
collected under the proposed rule, the
Bureau did not accept that this would
eliminate privacy risks that would arise
from publishing the data in unmodified
form. The Bureau also rejected the idea
that privacy risks could be adequately
resolved through rule coverage. While
some re-identification risk could be
reduced by increasing the number of
applications reported to the Bureau, the
Bureau did not believe the effects of
doing so are necessarily predictable
because re-identification risk depends
on the characteristics of the data.
Further, the Bureau did not believe that
increasing the number of applications
would have addressed risks of harm or
sensitivity to re-identified applicants or
natural persons.
Aggregate data. In the NPRM, the
Bureau stated that it did not intend to
address privacy risks arising from
application-level data by disclosing
aggregated data in its place. As required
by section 1071, the Bureau proposed in
§ 1002.110(a) to make available to the
public the information submitted to it
by financial institutions pursuant to
proposed § 1002.109, subject to
888 See
ECOA section 704B(a).
e.g., ECOA section 706 (providing for
civil liability).
890 See ECOA section 704B(f)(2).
889 See,
PO 00000
Frm 00325
Fmt 4701
Sfmt 4700
35473
deletions or modifications made by the
Bureau. The Bureau stated that, as
authorized by the statute, proposed
§ 1002.110(b) would have stated that the
Bureau may, at its discretion, compile
and aggregate information submitted by
financial institutions pursuant to
proposed § 1002.109, and make any
compilations or aggregations of such
data publicly available as the Bureau
deems appropriate. The Bureau initially
anticipated making the data collected
under section 1071 available at the
application level—with appropriate
potential modifications and deletions—
rather than providing aggregate data
with counts and averages for each data
field. The Bureau stated that it may
consider releasing aggregated data in the
future, after it determined whether
narrower modifications or deletions
could address privacy risks. The Bureau
had received some suggestions to
consider ‘‘differential privacy’’
techniques,891 which are typically used
in connection with aggregate statistics to
reduce the identifiability of more
granular data. The Bureau sought
comment on whether differential
privacy techniques might be appropriate
for application-level data.
Recoding. The NPRM identified the
Bureau’s intention to consider various
methods to ‘‘recode’’ the proposed data
fields as necessary. The Bureau
explained that recoding techniques
decrease the number of distinct
categories for a data field. In this
context, recoding would involve
providing the value of a data field in a
higher-level category that increases the
number of records within a given
combination. Some data fields like
census tract and NAICS code have
structures that permit recoding without
developing new 1071-specific recoding
categories. For instance, if the Bureau
were to determine that the reidentification risk presented by the
census tract data field does not justify
the benefits of unmodified disclosure,
the Bureau could instead provide
geography at the county level because
census tracts are designed to be nonoverlapping subdivisions of a county.
The Bureau also stated that it
intended to consider recoding via bins
or intervals of values for data fields that,
in unmodified form, would have
continuous values. The Bureau stated
that unmodified continuous data fields
can be highly identifying, but binning
can significantly reduce this risk. It also
891 Differential privacy is a statistical method
designed to protect individuals from
reidentification risk. A dataset is said to be
differentially private if, by looking at the dataset,
one cannot tell whether any individual’s data was
included in the dataset.
E:\FR\FM\31MYR2.SGM
31MYR2
lotter on DSK11XQN23PROD with RULES2
35474
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
noted the possibility of top- or bottomcoding a data field to prevent extreme—
and potentially very re-identifiable—
values from being released.
Other techniques. The Bureau stated
that it might also consider ‘‘targeted
suppression,’’ which makes certain
values of data points unavailable when
a certain combination of values is held
by too few records. The Bureau stated
that it might consider treating certain
values of data points as ‘‘not available’’
if the application is the only small
business application from a particular
census tract. The Bureau explained that
targeted suppression can be applied in
several ways. One way would be to
remove the value of a field that makes
the record identifiable. For example, if
census tract and NAICS code identify a
record, the microdata could delete the
value of the NAICS code for any
applications that are in cells deemed
sensitive. A second approach could
leave the census tract and NAICS code
but suppress the values of other data
points. This method would reduce the
potential harm if the record were reidentified. A third approach could be to
remove the record from the dataset
entirely. The Bureau stated that, in
general, suppression is a more common
approach for aggregate data than for
application-level data.
The Bureau noted that one drawback
to targeted suppression is that it
complicates data analysis for end users.
A data user would be presented with
millions of rows, but in certain rows
and for certain data points, values
would be missing.892 Another identified
drawback is that suppression would
need to be done so that the remaining
unmodified data do not provide a user
with the ability to back out the modified
field, sometimes involving
complementary suppression or deleting
values of other applications to ensure
that the missing value cannot be
reengineered. The Bureau sought
comment on whether targeted
suppression techniques could preserve
the benefits of publishing applicationlevel data, and, if so, what the Bureau
should consider as the minimum cell
size to implement targeted suppression.
The Bureau sought comment on other
modification techniques, such as ‘‘data
swapping’’ (sometimes called
‘‘switching’’). Data swapping involves
finding two records that are similar on
several dimensions and swapping the
values for other data fields between the
two records. In effect, data swapping
892 Data users would need to understand the
method behind the modifications and plan analyses
to account for the fact that the suppressed data
would necessarily not reflect all small business
loans in a given year.
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
would require that the Bureau preserve
certain data fields while swapping
others. The Bureau stated that another
set of techniques for addressing privacy
risks for continuous data would involve
adding ‘‘random noise’’ to the reported
values. For example, under ‘‘additive
noise techniques,’’ a random value is
added to the existing value of the data
field. Under ‘‘multiplicative noise
techniques,’’ the true value is multiplied
by a random value. The Bureau sought
comment on whether such techniques
would preserve the benefits of
publication. The Bureau explained that
a drawback to these approaches is that
data would be released with values that
do not match the true values of the
underlying data.893 Data users would
need to take such modifications into
account when performing any analyses.
Comments Received
Generally. With regard to how the
Bureau stated its intention to assess
privacy risks that would inform
modification and deletion decisions,
several community group commenters, a
minority business advocacy group, and
several members of Congress urged the
Bureau to apply the NPRM’s balancing
test in favor of public disclosure and to
make available a robust dataset.
According to some commenters, the fair
lending and business and community
development purposes of section 1071
militate in favor of data transparency. A
number of community and business
advocacy group commenters stated that
if published application level data are
not robust, or if specific data points are
not disclosed, the dataset will not
adequately reveal whether these
statutory purposes of section 1071 are
being met. Several commenters asserted
that society’s interest in tackling
discrimination and closing the racial
wealth gap supported robust disclosure.
A business advocacy group stated that
robust 1071 data would promote
financial stability in the economy, and
cited insufficiently granular HMDA data
as contributing to the 2008 subprime
financial crisis.
Some community group commenters
and a software vendor urged the Bureau
not to delete or modify public
application-level data because it would
893 For example, with respect to the amount
applied for data field, a recoding technique would
release the values of the data field in broad
categories, for instance ‘‘$100,000–$150,000.’’ In
such case, the broader category provides less
information but reflects the true value of the
underlying data. Noise addition, by contrast, would
involve the Bureau manipulating (in a standardized
and documented way) the actual values of loan
amount. An application’s loan amount may be
released as $85,000 in the public dataset when the
true value was $78,000.
PO 00000
Frm 00326
Fmt 4701
Sfmt 4700
undermine the statutory purposes of
section 1071. The software vendor
stated that modifications or deletions
may reduce the utility of the data for no
privacy benefit. Several commenters
asserted that the Bureau should only
modify public 1071 data to protect the
privacy interests of small business
applicants. A joint letter from
community and business advocacy
groups agreed with the Bureau’s
statement that litigation and
reputational risks faced by financial
institutions do not justify excluding
data from public disclosure.
On the other hand, several industry
commenters urged the Bureau to make
modification and deletion decisions to
protect the privacy of financial
institutions, applicants, and related
natural persons. They stated that
protecting these privacy interests was
consistent with the statutory purposes
of section 1071 because limiting
disclosure would increase credit access
and lower credit costs to minorityowned and women-owned small
businesses.
Several industry, community group,
and academic commenters supported
modification and deletion of
application-level data, stating that it
could adequately address privacy risks
posed by publication. A trade
association asserted that publishing
certain data points in an unedited,
application-level format would increase
the risk of applicant re-identification.
Another trade association supported the
liberal use of modification and deletion
techniques to protect privacy interests
of lenders, small business applicants,
and related natural persons. Some
commenters stated that the lack of
reported incidents in which an
individual has been re-identified in
HMDA data suggests that modifications
or deletions can reduce re-identification
risks here also.
Some commenters offered views
about what data points would be
modified or deleted. Several suggested
that data modifications or deletions
should be consistent with HMDA.
According to these commenters, the
Bureau should ensure that any data
deleted in the HMDA dataset is also
deleted in the 1071 dataset, including
the unique identifier, the application
date, and the action taken date. A
software vendor stated that the Bureau
should modify data points that reflect
gender identity or sexual orientation
information, which could result in
persons being subject to physical harm.
Several individual commenters likewise
suggested that LGBTQI+ persons face
particular privacy risks. A joint letter
from community and business advocacy
E:\FR\FM\31MYR2.SGM
31MYR2
lotter on DSK11XQN23PROD with RULES2
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
groups stated that if the Bureau modifies
1071 data, it should do so on a loan-byloan basis because the modification of a
particular data field may not be
necessary for all records in the dataset.
Aggregate data. The Bureau received
no comments about how differential
privacy techniques may be applied to
application-level data. However, the
Bureau did receive comments about
aggregating 1071 data. Several industry
commenters suggested that the Bureau
publish aggregate data, instead of an
application-level dataset, to mitigate
privacy risks. One stated that aggregate
data are sufficient to analyze the
business needs and credit access of
applicants, including minority-owned
and women-owned small businesses.
Another said that disclosing aggregate
data, as opposed to application-level
data, would be consistent with the
practices of other agencies. Other
industry commenters stated that, while
some 1071 data could be disclosed at
the application level, the Bureau should
aggregate any data points that present
re-identification risk.
Recoding. Several community group
commenters stated that if the disclosure
of 1071 data fields present significant
privacy risks, the Bureau should
consider binning data or disclosing
intervals of values. For example, these
commenters stated that when disclosing
gross annual revenue data, the Bureau
could consider publishing data in
$10,000 increments. One stated that
binning would be appropriate as long as
the modified public 1071 dataset could
satisfy the fair lending and business and
community development statutory
purposes of section 1071.
Other commenters stated that the use
of binning should be limited. A
community group and a software vendor
stated that if the Bureau bins data, it
should ensure that the public 1071
dataset remains sufficiently detailed to
allow meaningful analysis. To
demonstrate this point, the community
group asserted that the current CRA
system of combining all loans for
businesses with revenue under $1
million does not allow for analysis of
small businesses within that range. The
software vendor cautioned that binning
may not always be effective.
Other techniques. With respect to
other modification techniques discussed
in the NPRM, a community group stated
that data swapping and targeted
suppression would be appropriate as
long as the modified public 1071 dataset
could satisfy the fair lending and
business and community development
statutory purposes of section 1071. The
Bureau received no comments about
other potential modification techniques.
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
Current Approach
The Bureau intends to consider
modification and deletion techniques as
necessary to reduce cognizable privacy
risks. The Bureau agrees with comments
that a robust public dataset will serve
the statutory objectives of section
1071.894 By extension, a public
application-level dataset with less
detailed data or that omits certain data
points entirely would confer relatively
less public benefit. These benefits
notwithstanding, in some cases
modification and deletion decisions
may be appropriate to protect privacy
interests. The statute empowers the
Bureau to modify or delete data, and the
Bureau believes that modifications or
deletions may be appropriate in some
circumstances to reduce the cognizable
privacy risks set forth above.
Modifications or deletions will not
necessarily undermine the utility of the
published data or will not be futile
because they will not mitigate risks.
With respect to the effectiveness of
modifications and deletion techniques,
the Bureau points to the lack of reported
incidents in which an individual has
been re-identified in public HMDA data,
which the Bureau modifies to reduce reidentification risk. The Bureau
concludes that targeted modification
and deletion decisions can adequately
reduce privacy risks while preserving
the utility of 1071 data, as is the case
with HMDA data. Modifications and
deletions may be necessary, for
example, in cases where unmodified
application-level data will likely lead to
re-identification of small business
applicants or related natural persons.
The Bureau will also consider
modifications and deletions to the
public 1071 dataset when data fields,
individually or in combination with
other data, pose cognizable privacy
risks, as discussed above.
After obtaining a full year of reported
data and conducting a full privacy
analysis, the Bureau intends to make
modification and deletion decisions
tailored for individual data points
where appropriate. The Bureau will not
delete or modify data solely to align
with HMDA practice. Small business
lending and mortgage lending are
distinct markets which face their own
unique privacy risks, and re894 The Bureau lacks evidence to assess the
comment that published data would promote
financial stability. If true, this result would align
with the Bureau’s authorizing statute whose
purpose, in part, is to ‘‘promote the financial
stability of the United States by improving
accountability and transparency in the financial
system.’’ Dodd-Frank Wall Street Reform and
Consumer Protection Act, Public Law 111–203, 124
Stat. 1376 (2010).
PO 00000
Frm 00327
Fmt 4701
Sfmt 4700
35475
identification risk depends on the
characteristics of particular data. With
respect to comments about modifying or
deleting data that may convey the
gender identity or sexual orientation of
applicants’ principal owners or other
individuals that own or control
applicants, the Bureau views this as
sensitive information that implicates
important personal privacy interests.
While the Bureau is not making
modification and deletion decisions
about this information prior to
conducting the full privacy analysis, it
does intend to give significant
consideration to personal privacy
interests. However, it would not be
feasible to make modification and
deletion decisions on a loan-by-loan
basis, as one comment suggested.
Regarding feedback on specific
modification techniques, the Bureau
does not intend to publish aggregate
data instead of application-level data.
Aggregate datasets do not permit the
detailed, application-level analyses that
best facilitate the fair lending
enforcement and business and
community development purposes of
section 1071. In addition, the Bureau
can adequately mitigate privacy risks
through targeted modification and
deletions of individual data fields—it is
not necessary to avoid publication of all
application-level data. While the Bureau
does not intend to publish aggregate
data in place of an application-level
dataset, it anticipates releasing select
aggregated data before it publishes
application-level data.
The Bureau sees recoding, including
binning data or disclosing intervals, as
an appropriate modification technique
to address privacy risks that may be
posed by public release of unmodified
data. While the Bureau is not making
specific modification decisions at this
time, it intends to consider recoding
data in a targeted manner that preserves
the utility of the public dataset. The
Bureau also views other modification
techniques, including data swapping
and targeted suppression, as appropriate
tools to address privacy risks. Finalizing
the exact tool set, however, will depend
on securing a full year of data and will
be informed by continued engagement
with stakeholders.
When exercising its discretion to
modify or delete 1071 data, the Bureau
anticipates publishing data in a manner
that reduces privacy risks, in particular
re-identification risk. If the Bureau
determines that it is necessary to modify
an individual data point to address a
privacy risk, the Bureau intends to
consider a range of modification
techniques, including, but not limited
to, recoding, data swapping, and
E:\FR\FM\31MYR2.SGM
31MYR2
35476
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
lotter on DSK11XQN23PROD with RULES2
targeted suppression. The Bureau
intends to engage with stakeholders in
the future about these issues, including
providing opportunities for additional
input as the Bureau considers its
privacy analysis further.
6. Preliminary Privacy Assessment of
Particular Data Fields
In the NPRM, the Bureau identified
certain data fields that it believed would
need modification or deletion to
appropriately protect privacy interests,
while taking account of disclosure
benefits: individual contact information
at reporting financial institutions; freeform text data, which occurs in a
number of data fields; and the unique
identifier for each application. Beyond
these specific fields, the NPRM
explained that the Bureau lacked data
under section 1071 or comparable
proxies that it could use for its privacy
risk assessment. Accordingly, it did not
suggest specific modifications and
deletions with respect to any other data.
In order to benefit from stakeholder
engagement, however, the Bureau did
set forth some initial analysis on how it
would apply the NPRM’s balancing test
to the proposed data fields. With respect
to each such data field, whether
individually or in combination with
others, the Bureau sought comments on:
(1) whether there are additional benefits
of unmodified public disclosure in light
of the purposes of the statute; (2)
whether disclosure in unmodified form
would reveal additional information
that might be considered harmful or
sensitive by an applicant, related
natural person, or financial institution;
and (3) whether disclosure in
unmodified form would significantly
contribute to the risk that an applicant
or related natural person might be reidentified. The Bureau also sought
comment on modification techniques it
could use, and whether deletion would
be appropriate. Where no specific
technique was described with respect to
particular data points, the Bureau did
not identify any obvious technique
besides potentially swapping,
suppression, or deletion.
The Bureau received feedback on this
initial analysis from a range of
commenters, including industry and
community group commenters. The
Bureau has taken this feedback into
consideration to refine its analysis of the
qualitative risks associated with
disclosing particular data fields in
unmodified form, although, consistent
with the above analysis, the Bureau’s
assessment remains preliminary.895
895 The Bureau sought and received feedback
about several data points that it did not propose. As
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
Overall, with the exceptions noted
with respect to unique identifier, freeform text, and individual contact
information, for all other finalized data
points, the Bureau intends to further
consider whether modification
techniques may be appropriate when it
analyzes reported data and conducts its
full privacy analysis. In doing so, the
Bureau intends to take into account
existing feedback, as well as conducting
ongoing engagement, about potential
modifications as it examines what
modifications or deletions may be
appropriate for these fields. In addition,
the Bureau is mindful of the statutory
purposes of section 1071 and will only
modify or delete data to advance a
privacy interest.
i. Unique Identifier
Proposed § 1002.107(a)(1) would have
required financial institutions to collect
and report an alphanumeric identifier,
starting with the legal entity identifier of
the financial institution, unique within
the financial institution to the specific
covered application, and which can be
used to identify and retrieve the specific
file or files corresponding to the
application for or extension of credit. As
discussed in the section-by-section
analysis of § 1002.107(a)(1), the Bureau
is finalizing this data point substantially
as proposed.
In the NPRM, the Bureau stated that
disclosing the unique identifier in the
1071 data in unmodified form by itself
would likely disclose minimal, if any,
information about an applicant or
related natural person that may be
harmful or sensitive if such person were
re-identified, or that may be harmful or
sensitive to an identified financial
institution. Section 1071 prohibits
financial institutions from including in
1071 records certain personally
identifiable information that directly
identifies a natural person applicant or
someone connected with the
applicant.896 In addition, the Bureau
proposed to prohibit financial
institutions from reporting information
that would directly identify a small
business. For these reasons, the Bureau
did not expect that the unique identifier
would be considered harmful or
sensitive.
With respect to re-identification risk,
the NPRM noted that although publicly
available datasets do not presently
include the unique identifier data field,
financial institution legal entity
identifiers are publicly available, and
it is not adopting those data points, it does not
address privacy risks or modification techniques
associated with reporting them.
896 ECOA section 704B(e)(3).
PO 00000
Frm 00328
Fmt 4701
Sfmt 4700
the Bureau was aware of rare instances
in which a loan number was included
in UCC filings. In addition, the Bureau
noted that many jurisdictions publicly
disclose real estate transaction records
in an identified form, and the Bureau
stated that many financial institutions
may include loan numbers on these
publicly recorded documents.897
The Bureau stated that inclusion of
the proposed unique identifier, rather
than application or loan numbers,
would limit the possibility of using an
application or loan number to match
1071 data to those publicly recorded
documents, thus reducing risk of reidentification. However, the Bureau
acknowledged that there is a risk that,
after financial institutions begin to
report data under section 1071, they
may replace the loan numbers currently
assigned to small business loans with
the unique identifier and, if they do, the
unique identifier could be included on
publicly recorded documents.
Considering the uniqueness of the
identifiers, the Bureau reasoned that
this data field on a publicly recorded
document could be used to match a
1071 record to an identified public
record directly and reliably.
In light of these potential reidentification risks, the Bureau stated
that it did not intend to publish the
unique identifier data field in
unmodified form. The Bureau sought
comment on whether there are
modifications to the unique identifier
data field that would appropriately
balance identified privacy risks and
disclosure benefits. The Bureau stated
that it was considering the feasibility of
disclosing a separate unique identifier
that the Bureau could create. The
Bureau also considered deleting the data
field from the public application-level
data, but sought comment on whether
such deletion would create challenges
for users of the data and, if so, how the
Bureau could address those challenges
other than by creating a separate unique
identifier. The Bureau sought comment
on this analysis as well as its intent not
to publish the unique identifier in
unmodified form.
An academic research and policy
organization agreed with the Bureau’s
initial analysis, noting that public
HMDA data do not include a unique
identifier. Several industry commenters
stated that, because lenders are allowed
to use their own internal account
numbers and therefore the unique
identifier may include a loan number or
account number, the data point in
combination with the financial
897 See 82 FR 44586, 44599 (Sept. 25, 2017); see
also 84 FR 649, 660 (Jan. 31, 2019).
E:\FR\FM\31MYR2.SGM
31MYR2
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
lotter on DSK11XQN23PROD with RULES2
institution’s name provides substantial
opportunity for fraud. Because of the
privacy risks discussed above, most of
these commenters supported the
Bureau’s suggestion not to publish the
unmodified unique identifier field. A
CDFI lender stated that the Bureau
should consider publishing a modified
identifier or a separate one created by
the Bureau.
After considering these comments, the
Bureau intends not to publish the
unique identifier data field in an
unmodified form. Although it has not
yet conducted a full re-identification
analysis for the 1071 data, the Bureau
agrees with the re-identification risks
raised by commenters. The universal
loan identifier for HMDA data, which is
similar to the unique identifier, is not
published because of the reidentification risk that it poses.898 While
HMDA publication practices are not
dispositive here, the Bureau draws upon
its experience implementing HMDA and
Regulation C where appropriate, and it
does so here.
At this time, the Bureau has not
decided whether to publish public
application-level data without any
unique identifier information, disclose
instead a separate unique identifier
created by the Bureau for this purpose,
or employ some other modification. The
Bureau will consider what modification
or deletion techniques may be
appropriate when it analyzes
application-level data and conducts its
full privacy analysis.
ii. Application Date
Proposed § 1002.107(a)(2) would have
required financial institutions to collect
and report the date the covered
application was received by the
financial institution or the date shown
on a paper or electronic application
form. As discussed in the section-bysection analysis of § 1002.107(a)(2), the
Bureau is finalizing this data point with
modifications such that financial
institutions must collect and report the
date the covered application was
received or shown on a paper or
electronic application form.
The NPRM stated that, by itself,
disclosing application date in
unmodified form would likely disclose
minimal, if any, information about an
applicant or related natural person that
may be harmful or sensitive if such
person were re-identified, or that may
be harmful or sensitive to an identified
financial institution. The Bureau noted
that an adversary such as a competitor
may conceivably find it helpful to
understand when a business is seeking
898 See
84 FR 649, 660 (Jan. 31, 2019).
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
credit. In addition, marketers and
creditors could use this information to
target products to entities recently in the
market for credit, either to deploy new
funds or to refinance out of a current
loan. However, the Bureau did not
believe that disclosing the application
date would otherwise disclose sensitive
information about a small business or its
owner. The Bureau also reasoned that
any utility of this data field for such
purposes would be curtailed by the time
to publication.
The Bureau was not able to identify
publicly available datasets that include
data fields an adversary could directly
match to the application date field.
However, the Bureau acknowledged that
an adversary may be able to infer a
likely origination date based on typical
time lags between application, credit
decision, and origination, potentially
enabling matching to other datasets that
record these later dates. The Bureau
stated that, if it determined that
application date should be modified, it
may consider disclosing the application
date at a higher level; for example,
disclosing the month and year but not
the specific date. In light of the potential
re-identification risk arising from this
data field, the Bureau sought comment
on whether there are other specific
modifications it should consider, and
whether it should consider deletion
outright.
Several commenters provided
feedback on the Bureau’s analysis. In
supporting disclosure of the application
date field, a community group stated
that it would promote understanding of
small business lending. However, an
academic research and policy
organization asserted that disclosure of
application date would pose reidentification risk to applicants and
noted that HMDA does not disclose
application date. This commenter, along
with a group of trade associations, urged
the Bureau not to publish the
application date field to ensure
consistency between 1071 and HMDA.
As discussed in part VIII.B.3 above,
the Bureau views the disclosure of
application date as having significant
benefits. This preliminary assessment is
consistent with feedback that
publication of application date would
promote understanding about small
business lending. The Bureau’s
preliminary assessment is that the
application date field does not pose reidentification risks such that the Bureau
should modify or delete it before
publication. Commenters supporting
such modification or deletion did not
provide additional evidence of reidentification risk that would alter the
partial privacy analysis described above.
PO 00000
Frm 00329
Fmt 4701
Sfmt 4700
35477
The Bureau also preliminarily assesses
that this unmodified data field would
present limited privacy risk if reidentification occurred.
iii. Application Method and Application
Recipient
Proposed § 1002.107(a)(3) would have
required financial institutions to collect
and report the means by which the
applicant submitted the covered
application directly or indirectly to the
financial institution. A financial
institution would have reported
whether the applicant submitted the
application in person, by telephone, by
mail, or online. Proposed
§ 1002.107(a)(4) would have required
financial institutions to collect and
report whether the applicant submitted
the covered application directly to the
financial institution or its affiliate, or
whether the applicant submitted the
covered application directly or
indirectly to the financial institution. As
discussed in the section-by-section
analyses of § 1002.107(a)(3) and (4), the
Bureau is finalizing these data points as
proposed, with certain modifications to
related commentary.
In the NPRM, the Bureau stated that
disclosing application method and
whether the application was submitted
directly or indirectly, in unmodified
form, would likely disclose minimal, if
any, information about an applicant or
related natural person that may be
harmful or sensitive if such person were
re-identified. The Bureau reasoned that
the application method is likely to be of
relatively limited utility to an adversary
because it conveys little information
about a natural person or a business’s
financial condition. While adversaries
interested in targeted marketing could
direct future marketing efforts to a
business using the same application
channel, the Bureau noted that
marketing firms already possess
strategic information about methods for
establishing contact. Unmodified
disclosure of application method and
whether the application was submitted
indirectly may reveal information that
financial institutions regard as harmful
or sensitive, but the Bureau did not
believe that disclosure would permit the
reverse-engineering of a financial
institution’s proprietary lending models.
The Bureau was not able to identify
publicly available datasets that include
data fields an adversary could directly
match to the application method or
application recipient data fields. While
the Bureau’s HMDA data and the
Government-Sponsored Enterprises
loan-level datasets include acquisition
channel information in loan-level data,
the Bureau stated that these datasets do
E:\FR\FM\31MYR2.SGM
31MYR2
35478
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
lotter on DSK11XQN23PROD with RULES2
not identify applicants or related natural
persons. However, the Bureau sought
comment on whether there are other
identifiable application/loan-level
datasets that include this information or
whether HMDA data or the
Government-Sponsored Enterprises
loan-level datasets could be matched to
other identifiable datasets.
The Bureau received two comments
from trade associations on this analysis.
These questioned whether publishing
the application method and application
recipient fields would provide
disclosure benefits related to section
1071’s statutory purposes. One stated
that lenders’ methods for receiving
applications are strategic business
decisions and disclosing this
information will cause financial
institutions to suffer commercial harm.
As discussed above in part VIII.B.3,
the Bureau views these data fields as
having significant disclosure benefits.
The Bureau does not see disclosure
causing significant commercial harm to
financial institutions. Disclosure of
application method and application
recipient data would not permit the
reverse-engineering of proprietary
lending models. Accordingly, the
Bureau preliminarily assesses that
disclosing these data fields in
unmodified form would present limited
privacy risk if re-identification
occurred.
iv. Credit Type
Proposed § 1002.107(a)(5) would have
required financial institutions to collect
and report to the Bureau certain
information about the type of credit
applied for or originated. The proposal
would have required financial
institutions to report three categories of
information that together constitute the
type of credit. First, the proposal would
have required financial institutions to
report the type of credit product.
Second, the proposal would have
required financial institutions to report
the type or types of guarantees that were
obtained for an extension of credit, or
that would have been obtained if the
covered credit transaction had been
originated. Third, the proposal would
have required financial institutions to
report the length of the loan term, in
months, if applicable. As discussed in
the section-by-section analysis of
§ 1002.107(a)(5), the Bureau is finalizing
this data point as proposed, with
revisions to the related commentary.
The NPRM stated that data on type of
credit product, type of guarantee, and
loan term could disclose information
that may be harmful or sensitive to
applicants or related natural persons. It
also stated that a business’s competitors
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
could use these data fields—in
conjunction with the loan amount and
pricing data fields—to draw inferences
about the business’s financial condition
based on whether the business obtained
credit on favorable or unfavorable terms.
Type of guarantee data could indicate
heightened credit risk for the
applicant.899 Credit type data also could
be used for targeted marketing of
products and services that may pose
risks.
The Bureau further stated that
disclosure of these data fields in
unmodified form may reveal
information that financial institutions
regard as harmful or sensitive, such as
the types of products they offer or the
government programs in which they
participate. However, the Bureau did
not expect disclosure of these data fields
to permit the reverse-engineering of
proprietary lending models.
Furthermore, the Bureau stated that
general information about the types of
credit a financial institution is offering
is already widely available.
The Bureau was aware that certain
identified datasets include applicationlevel information on the type of credit
product, type of guarantee, or loan term.
Government lending programs, such as
the SBA’s 7(a) and 504 programs,
publish loan-level data that indicate the
term of the loan and whether the loan
is a term loan or a line of credit. In some
States, UCC filings may include some
information related to the type of
collateral. In the NPRM, the Bureau
stated that the existing public
availability of this information
decreased the potential harm or
sensitivity of disclosing information
about the type of credit product, type of
guarantee, and loan term in the 1071
data. By the same token, however, the
Bureau recognized that an adversary
could use these other datasets,
combined with other fields, to match a
section 1071 record to an identified
publicly available record.
If it determined that modifications
were ultimately needed, the Bureau
identified a number of possible
approaches. The Bureau could disclose
‘‘Federal guarantee’’ instead of
disclosing the specific program.
Similarly, the Bureau could recode loan
term data into bins—for example, using
intervals of two or five years.
The Bureau received feedback from
two community group commenters. One
stated that publication of credit type
data would promote understanding of
899 For example, the ‘‘SBA guarantee—7(a)
program’’ data field is intended for businesses that
have been unsuccessfully applying for credit or
have had some other difficulty in accessing credit.
PO 00000
Frm 00330
Fmt 4701
Sfmt 4700
small business lending. The other stated
that combining loans from different
Federal government guarantee programs
into a single category for publication
would not reduce the utility of 1071
data. The commenter also stated that if
the Bureau recodes length of the loan
term data into bins, the Bureau should
test those bins to ensure that the
recoded data are useful to users.
Based on its earlier analysis and from
the comments received, the Bureau
assesses that disclosing credit type data
in unmodified form may present
significant privacy risks if reidentification occurred. For example,
the Bureau believes that these data
could result in non-personal
commercial privacy risks to small
businesses, including revealing
sensitive financial information or
facilitating problematic targeted
marketing. However, the Bureau does
not identify any compelling privacy
risks to financial institutions.
v. Credit Purpose
Proposed § 1002.107(a)(6) would have
required financial institutions to collect
and report the purpose or purposes of
the credit applied for or originated. As
discussed in the section-by-section
analysis of § 1002.107(a)(6), the Bureau
is finalizing this data point with
modifications.
The NPRM stated that disclosing
credit purpose in unmodified form by
itself would likely disclose minimal, if
any, information about an applicant or
related natural person that may be
harmful or sensitive if such person were
re-identified, or that may be harmful or
sensitive to an identified financial
institution. It noted that information
about credit purpose could be useful to
adversaries such as a small business’s
competitors, potential acquirers, or new
market entrants, since it contains
information about a business’s strategy
and performance, such as whether a
business is expanding. Even so, this
information would generally not be
detailed enough to cause competitive
harm, and its competitive value would
likely be mitigated by time to
publication.
The Bureau did not identify publicly
available datasets that include data
fields an adversary could directly match
to the credit purpose data fields in
unmodified form in the public
application-level data with respect to an
applicant or related natural person. The
Bureau stated that identified public
datasets pertaining to small business
loans generally do not contain
information about the purpose of the
credit. Therefore, the Bureau reasoned
that an adversary would have difficulty
E:\FR\FM\31MYR2.SGM
31MYR2
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
lotter on DSK11XQN23PROD with RULES2
using the credit purpose data fields to
match a section 1071 record to an
identified publicly available record
accurately.
The Bureau stated that disclosure of
credit purpose in unmodified form may
also reveal information that financial
institutions regard as harmful or
sensitive, such as information that a
financial institution offers credit that is
used for certain purposes. However, the
Bureau did not identify reasons that
disclosure would permit reverseengineering of proprietary lending
models.
Several lenders and one trade
association provided feedback. These
commenters generally stated that credit
purpose data created privacy risks for
small business applicants. For example,
one commenter stated that if reidentification occurred, credit purpose
data could reveal confidential
commercial information, such as plans
for business acquisitions or expansions.
As discussed in the NPRM, the Bureau
acknowledges that credit purpose data
contains information about a business’s
strategy and performance. However, the
Bureau does not view this information
as posing a significant risk of harm
because of its relative lack of detail and
the delay between the date of action
taken on a loan and the publication of
1071 data. Commenters did not offer
evidence to the contrary. Commenters
also did not offer evidence that
indicates that this data point presents
significant re-identification risks.
Accordingly, the Bureau preliminarily
assesses that disclosing credit purpose
data in unmodified form would present
limited privacy risk.
vi. Amount Applied For
Proposed § 1002.107(a)(7) would have
required financial institutions to collect
and report to the Bureau the initial
amount of credit or the initial credit
limit requested by the applicant. As
discussed in the section-by-section
analysis of § 1002.107(a)(7), the Bureau
is finalizing the amount applied for data
point as proposed.
The NPRM stated that disclosing this
data field in unmodified form would
likely disclose information about an
applicant or related natural person that
may be harmful or sensitive if such
person were re-identified. Business
owners might view details about the
amount applied for as sensitive,
particularly where they are concerned
about the risk of being re-identified as
an applicant for credit. The Bureau also
noted that were re-identification to
occur, the amount applied for could
lead to targeted marketing of products or
services that pose risks because it could
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
help lenders target small businesses that
received less credit than they requested
with offers for loans at higher rates or
fees. The Bureau stated that the amount
applied for is generally not included in
other publicly available data, so it
would likely not be useful to adversaries
seeking to match 1071 data with other
publicly available data. However, the
Bureau believed that amount applied for
would be useful to an adversary in other
ways. For example, a significant
shortfall between the amount applied
for and the amount approved could be
used either by an applicant’s competitor
or by a consumer to infer that the
business has a relatively weak financial
position. With information on whether
or not a business is granted a loan, an
adversary might gain insight into the
scale of a business’s objectives based on
the amount applied for or approved.
The Bureau also noted that the relative
scarcity of this information at present
would also increase its value to
adversaries. As an additional
consideration, the Bureau saw no reason
that disclosure would permit the
reverse-engineering of proprietary
lending models.
The Bureau received comments from
several industry commenters and a
community group. A group of trade
associations stated that if a small
business applicant is re-identified,
disclosing the amount applied for could
reveal information about the financial
status of that small business that could
harm its prospects for credit. Several
industry commenters expressed concern
that data about the amount applied for
would create privacy risks for small
business applicants by revealing
confidential information, such as plans
for business acquisitions or expansions.
Another commenter stated that
disclosing the amount applied for can
create privacy risks for financial
institutions. This commenter noted that
the amounts applicants apply for can be
arbitrary and, therefore, comparing
these amounts to any amounts approved
could be misleading and not a reliable
metric for whether credit demand is
met.
The Bureau stated that if it
determined that the amount applied for
should be modified, it may consider
recoding the data into bins. For
example, the Bureau could recode the
amount applied for into bins of $25,000.
In response, a community group stated
that the Bureau could recode the
amount applied for into bins that use
the mid-point of $10,000 intervals. As
noted by the commenter, HMDA utilizes
this technique, and, according to the
commenter, it would be sufficient for
PO 00000
Frm 00331
Fmt 4701
Sfmt 4700
35479
privacy purposes while producing more
accurate data.
After reviewing these comments, the
Bureau assesses that disclosing this data
field may create some privacy risk
where small business applicants and
related natural persons face reidentification risk that could reveal nonpublic commercial information, such as
an application for credit or business
acquisition or expansion plans. Further,
to the extent that this data point,
combined with the amount approved or
originated data point, indicates business
difficulties, this could impact the
reputational interests of small
businesses and their owners. The
Bureau also assesses that in some
circumstances disclosing amount
applied for could disclose personal
information about an applicant or
related natural person that would be
harmful or sensitive if such person were
re-identified. Comments asserting
privacy risks for financial institutions,
however, provided no compelling
evidence of privacy risk to alter the
NPRM analysis on point.
vii. Amount Approved or Originated
Proposed § 1002.107(a)(8) would have
required financial institutions to collect
and report to the Bureau: (i) for an
application for a closed-end credit
transaction that is approved but not
accepted, the amount approved by the
financial institution; or (ii) for a closedend credit transaction that is originated,
the amount of credit originated; or (iii)
for an application for an open-end credit
transaction that is originated or
approved but not accepted, the amount
of the credit limit approved. As
discussed in the section-by-section
analysis of § 1002.107(8), the Bureau is
finalizing the amount approved or
originated data point as proposed.
The NPRM stated that disclosing this
data in unmodified form would likely
disclose information about an applicant
or related natural person that might be
harmful or sensitive if such person were
re-identified, or that might be harmful
or sensitive to an identified financial
institution. The Bureau stated that
information about the amount approved
or originated could be useful to
potential adversaries. For example,
these data fields would provide
creditors some insight into competitors’
lending practices, particularly when
combined with other data points such as
gross annual revenue, number of
workers, time in business, and pricing.
Likewise, these data might allow
creditors to make general inferences
about the relative risk appetites of their
competitors. However, the Bureau did
not see any reason that disclosure
E:\FR\FM\31MYR2.SGM
31MYR2
lotter on DSK11XQN23PROD with RULES2
35480
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
would permit the reverse-engineering of
proprietary lending models.
The Bureau stated that it had
identified publicly available datasets
that include data fields an adversary
could directly match to the amount
approved or originated data fields in
unmodified form. Credit amount
approved or originated is often widely
available in public datasets, such as
loan-level data for the SBA 7(a) and 504
programs, as well as property records
and UCC filings. The Bureau
accordingly stated that adversaries
would be able to match the amount of
credit approved or originated to an
existing public record. The Bureau
further stated that if it determined that
the amount approved or originated
should be modified, it may consider
recoding.
The Bureau received comments from
several industry and community group
commenters. The community groups
generally supported publishing these
data fields. Several industry
commenters disagreed. Two such
commenters stated that if reidentification occurred, the amount
approved or originated could harm
small business applicants by disclosing
information about business expansions
or acquisitions. A community group
stated that the Bureau could recode the
amount applied for into bins that use
the mid-point of $10,000 intervals. As
the commenter noted, HMDA utilizes
this technique and, according to the
commenter, it would be sufficient for
privacy purposes while producing more
accurate data.
After reviewing these comments, the
Bureau preliminarily assesses that
disclosing amount approved or
originated data in unmodified form may
present significant privacy risk if reidentification occurred. In some
circumstances disclosing amount
approved or originated could disclose
personal information about an applicant
or related natural person that would be
harmful or sensitive if such person were
re-identified. For example, because
amount approved or originated was
found in publicly available datasets, in
combination with information about the
amount applied for, this data could
facilitate targeted marketing of higher
interest or predatory credit products.
This combination of data could also
have reputational impacts on small
business applicants and related natural
persons. The Bureau does not see any
reason, however, that this data field will
create compelling privacy risks for
financial institutions.
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
viii. Type of Action Taken and Denial
Reasons
Proposed § 1002.107(a)(9) and (11)
would have required financial
institutions to collect and report to the
Bureau the action taken by the financial
institution on the covered application,
and for denied applications, the
principal reason or reasons the financial
institution denied the covered
application. As discussed in the sectionby-section analysis of § 1002.107(a)(9)
and (11), the Bureau is finalizing these
data points as proposed.
The NPRM stated that reasons for
denial data could be harmful or
sensitive for applicants or related
natural persons. However, the Bureau
did not believe disclosing the fact that
credit was sought, in and of itself, likely
would be harmful or sensitive to small
businesses because credit is so widely
used by small businesses. Further, the
harm or sensitivity of disclosing
information that credit was originated is
mitigated by the publication of
originated loan details in other
databases such as UCC filings.
Additionally, the Bureau did not assess
that disclosure of action taken would
permit the reverse-engineering of
proprietary lending models.
The Bureau had not identified
publicly available datasets that include
data fields an adversary could directly
match to these data fields in unmodified
form. At a category level, however, the
Bureau noted that these data fields
could tell adversaries which records it
may be possible to match against
databases that include originated loans.
The Bureau stated that most of these
data fields included in this data point
are not found in publicly available
records that contain the identity of an
applicant; the only data field that would
be consistently available would be for
originated loans. Without such an
identified publicly available record to
match with, attempting to re-identify an
applicant by matching a 1071 record
using these data fields likely would be
difficult. However, the Bureau stated
that adversaries may be able to use other
data fields, such as census tract, NAICS
code, and identified public information,
such as business directories, to
determine the identity of an applicant or
related natural person. Thus, if
applicants and related natural persons
could be re-identified, an adversary
could learn information about
application denials for these businesses
and use this information for a variety of
purposes.
The Bureau sought comment on this
analysis, specifically in light of
potential harm and sensitivity arising
PO 00000
Frm 00332
Fmt 4701
Sfmt 4700
from the disclosure of application
denials and the reasons for denial,
whether there are specific modification
techniques that should be considered,
and whether modifying these data fields
by grouping or deleting these data fields
would appropriately balance the privacy
risks and benefits of disclosure, in light
of the purposes of section 1071.
Community group commenters stated
that the Bureau should publish data
about action taken, including whether
the loan was approved or denied or
whether it was withdrawn or left
incomplete. One stated their opposition
to deleting action taken categories such
as ‘‘denied,’’ ‘‘incomplete,’’ or
‘‘approved but not accepted,’’ stating
that such data are fundamental to the
fair lending purpose of the statute.
Several stated that publishing data on
denial reasons would promote fair
lending and business and community
development objectives by helping
lenders and policymakers assess
whether creditors are denied credit for
legitimate reasons. An industry
commenter said that action taken data
may also be misleading in the context of
agricultural loans because not all
creditworthy applicants are eligible for
loans through the Farm Credit System.
Other trade associations and a lender
commented that disclosure of action
taken could cause commercial or
competitive harms to applicants and
related natural persons. These
commenters specifically noted that data
about the action taken could reveal
information about a business’s financial
status, or acquisition or expansion
plans. Other commenters stated that
including denial reasons in 1071 data,
without including contextual
information surrounding individual
credit decisions, would result in
unjustified reputational or litigation
harm to smaller financial institutions,
which originate a lower loan volume—
possibly resulting in more pronounced
statistical aberrations that could be
erroneously interpreted as
discrimination.
In response to the Bureau’s request for
comment about whether these data
should be modified or deleted from the
public dataset, a community group
stated that the Bureau should not
modify or delete these fields because
they are fundamental to the fair lending
purposes of the statute. The commenter
further noted that for decades, and
without adverse consequences, HMDA
has included information on whether an
application for credit was originated,
approved but not accepted, denied,
withdrawn by the applicant, or
incomplete. This commenter stated that
if the Bureau found it necessary to
E:\FR\FM\31MYR2.SGM
31MYR2
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
modify this data field, a higher level of
disclosure that included reasons of
denial by category of business and for
groupings of census tracts could achieve
important fair lending and community
development objectives.
As discussed above in part VIII.B.3,
the Bureau views these data fields as
having significant disclosure benefits.
Commenters did not offer compelling
evidence that disclosure of action taken,
in and of itself, would reveal
information about a small business
applicant’s financial status or strategic
plans also lacked evidentiary
support.900 If re-identification were to
occur, however, information about an
application for credit being denied
could have detrimental impacts to
applicants or related natural persons
when personal credit qualifications are
used in making credit decisions,
including personal embarrassment.
Likewise, re-identification could cause
non-personal commercial harm to small
businesses. Accordingly, the Bureau
preliminarily assesses that disclosing
these data fields in unmodified form
may present significant privacy risk if
re-identification occurred.
lotter on DSK11XQN23PROD with RULES2
ix. Action Taken Date
Proposed § 1002.107(a)(10) would
have required financial institutions to
collect and report the date of the action
taken by the financial institution. As
discussed in the section-by-section
analysis of § 1002.107(10), the Bureau is
finalizing this data point as proposed.
The Bureau stated that disclosing
action taken date in the 1071 data in
unmodified form would likely disclose
minimal, if any, information about an
applicant or related natural person that
may be harmful or sensitive if such
person were re-identified, or that may
be harmful or sensitive to an identified
financial institution. The NPRM noted
that publicly available datasets include
data fields an adversary could directly
match to the action taken date data field
in unmodified form in the public
application-level data with respect to an
applicant or related natural person.
Public availability of this data depends
on the type of action taken. The
approval date of originated loans is
widely available in SBA 7(a), 504, and
other program loan-level records that
identify borrowers, and the date of
executed agreements, which could be
closely related to the action taken date,
900 When the Bureau previously assessed whether
to include action taken and denial reasons in
HMDA loan-level public data, it concluded that
modification was unnecessary 84 FR 649, 658 (Jan.
31, 2019). The Bureau articulated its decision that
‘‘action taken and reasons for denial’’ would be
disclosed without modification.
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
is often available for property records
and UCC filings. For originated loans,
therefore, the action taken date would
substantially facilitate matching with
publicly available datasets that identify
borrowers. The Bureau also stated that
action taken date may be less useful in
re-identifying applicants of loans that
were not originated because the action
taken date for such loans is rarely
publicly available.
The Bureau stated that if it ultimately
determined that the action taken date
should be modified for publication, it
may consider disclosing at a higher
level, such as month instead of a
specific date. The Bureau sought
comment on this analysis, including
about whether there are specific
modifications it should consider, and
whether deletion would better balance
the risks and benefits of disclosure.
In response, a group of trade
associations stated that the Bureau
should not disclose the action taken
date, noting that this information is not
published in HMDA data. This
commenter expressed a concern that
publishing the action taken date when
the same data point is deleted or
modified in HMDA public data would
constitute inconsistent treatment
without adequate explanation. The
Bureau disagrees that it should omit
action taken date from the public 1071
data simply to ensure consistency
between this final rule and HMDA.
Commenters did not provide additional
evidence related to re-identification
risk.
Commenters did not provide
additional evidence related to reidentification risk that would alter the
initial assessment provided in the
NPRM. In addition, the Bureau
preliminarily assesses that the action
taken date would present limited
privacy risk if re-identification
occurred. This data field presents
minimal, if any, personal information
about an applicant or related natural
person that would be harmful or
sensitive if such person were reidentified. The Bureau also does not
believe publication of these data would
result in non-personal commercial
privacy risks to small businesses being
disclosed. The Bureau also identifies no
compelling privacy risks to financial
institutions.
x. Pricing Information
Proposed § 1002.107(a)(12) would
have required financial institutions to
collect and report to the Bureau the
following information, where
applicable, regarding the pricing of a
covered credit transaction that is
originated, or approved but not
PO 00000
Frm 00333
Fmt 4701
Sfmt 4700
35481
accepted: (i) the interest rate; (ii) total
origination charges; (iii) broker fees; (iv)
initial annual charges; (v) additional
costs for merchant cash advances or
other sales-based financing; and (vi)
prepayment penalties. As discussed in
the section-by-section analysis of
§ 1002.107(a)(12), the Bureau is
finalizing the pricing information data
point largely as proposed.
The NPRM stated that information
about the interest rates and fees charged
in connection with credit represents
basic information about the features of
a product generally and would present
low risk of harm or sensitivity. It further
noted that disclosure of pricing data in
unmodified form may reveal
information that some applicants or
related natural persons may regard as
harmful or sensitive, such as a reflection
of their perceived credit risk. However,
the Bureau also reported that it had
received feedback during the SBREFA
process that multiple factors contribute
to pricing for small business credit.
While the Bureau further stated that
disclosure of pricing data in unmodified
form may also reveal information that
financial institutions regard as harmful
or sensitive, the NPRM did not identify
evidence that disclosure of pricing
information would permit the reverseengineering of proprietary lending
models.
The NPRM also noted that publicly
available datasets include data fields an
adversary could directly match to the
pricing data fields in unmodified form.
Identified data about the interest rate
and fees charged for a given loan are
available from a limited number of
publicly available datasets, such as data
for the SBA 7(a) and 504 programs. The
Bureau further stated that, if it were to
determine that pricing data should be
modified, it may consider recoding the
pricing information data fields into bins,
such as interest rates bins of 0.25
percentage points or origination fee bins
of $500; and it also noted that it could
consider top-coding pricing data.
The Bureau received feedback from a
range of commenters. Community
groups and some others generally agreed
that publishing pricing information
would serve the objectives of section
1071. These commenters saw pricing
information as necessary to monitor
loan affordability and assess lending in
underserved communities. A software
vendor stated that publishing pricing
information will improve competition
and pricing efficiency by allowing
applicants to compare credit costs
offered by financial institutions.
However, industry commenters stated
that pricing information would have
limited benefits. Two lenders stated that
E:\FR\FM\31MYR2.SGM
31MYR2
lotter on DSK11XQN23PROD with RULES2
35482
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
pricing information is not meaningful
because it is based on a complex set of
factors that is unique to each
transaction. A trade association stated
that pricing information in small
business lending would have little
benefit compared to loan pricing data in
HMDA because, unlike consumer
mortgage data reported in HMDA,
commercial data that would be reported
in the 1071 dataset is not standardized
or uniform. Others said that pricing
information has a high risk of being
misinterpreted.
Several lenders also stated that small
businesses would have privacy concerns
if pricing information on their loans was
made public. Two industry commenters
stated that pricing information would
create re-identification risk, particularly
in smaller and rural areas. Another
stated that farm loans present risks
because such credit may be extended in
small markets with few customers
which could increase the possibility of
re-identification of small business
applicants or related natural persons.
Several other industry commenters said
that if re-identification were to occur,
the publication of pricing data
information would create competitive
risks for small businesses. One said that
this risk is particularly high in smaller
communities where it is possible to use
published information to reveal pricing
information about individuals. Others
stated that privacy risks are especially
potent for sole proprietorships because
those entities’ pricing may be largely
based on owners’ individual credit
performance and personal information.
A group of trade associations
commented that pricing information
was the most sensitive data point and it
could reveal sensitive competitive
information that would place businesses
at a substantial competitive
disadvantage. Regarding non-personal
commercial harms to small business
applicants, some industry commenters
aid that disclosing pricing information
in 1071 data would cause some
financial institutions to limit their
lending to reduce reputational or
litigation risk.
Other commenters addressed the risk
of harm or sensitivity to financial
institutions. Some industry commenters
stated that publishing pricing data will
create competitive risks for financial
institutions by revealing pricing models
for small business loans, potentially
allowing competitors to undercut
pricing. Two agricultural lenders
commented that rural financial
institutions in markets with few
customers face unique risks and that
they may lose customers to larger
financial institutions or online lenders
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
that have larger customer bases and thus
lower re-identification risk. Several
other industry commenters stated that
publishing pricing information would
carry reputational and competitive risks
for financial institutions. Some
commenters were concerned that
pricing information would not capture
the full context of credit decisions,
risking misconceptions about the
underlying rationale for pricing and
creating illusory disparities in credit
terms. A bank trade association stated
that comparing pricing information
between different types of financial
institutions can be misleading and may
result in reputational harm because
certain lenders like credit unions and
farm credit system lenders receive tax or
funding advantages to offer lower
interest rates. Other commenters noted
the risk of reputational harm from
patronage dividends in agricultural
lending not being accounted for in
disclosed pricing. Other commenters
asserted that disclosure of pricing
information in 1071 data could create
litigation risk for financial institutions.
Several commenters said that if
regulators utilize pricing information to
analyze for fair lending without taking
into account all variables that went into
underwriting, incorrect analyses could
result in unwarranted allegations of
discrimination. A bank said that
litigation risk based on these
misconceptions may be particularly
high for smaller banks that originate
fewer loans because the lower volume
could result in greater variation in
pricing information.
The Bureau also sought comment on
whether pricing information, if
published, should be modified, and if
so, what modification or deletion
techniques would preserve the benefits
of the public application-level data. A
number of lenders and trade
associations stated that pricing
information should not be published at
all because of privacy risks. Other
commenters suggested modifications. A
trade association stated that published
pricing information should be limited to
interest rates and origination fees. This
commenter also supported disclosing
pricing information in bins to protect
privacy without harming data utility. In
contrast, a community group opposed
recoding interest rates or origination
fees because that might mask lending
disparities, thereby hindering fair
lending enforcement.
As discussed in part VIII.B.3, the
Bureau views pricing information as
having significant disclosure benefits. In
light of the re-identification risks
discussed above, the Bureau appreciates
commenters’ concerns that if re-
PO 00000
Frm 00334
Fmt 4701
Sfmt 4700
identification were to occur, the
disclosure of pricing information in the
public application-level data could pose
significant risk to sole proprietors for
whom underwriting could be based on
personal credit performance. The
Bureau also recognizes that reidentification, if it occurred, could
exacerbate privacy risks, including
personal privacy risks, presented by
other data fields in the dataset.
Additionally, re-identification could
create a risk of non-personal commercial
harms for applicants, particularly in
small or rural communities when
combined with other data fields like
census tract or NAICS code. The Bureau
acknowledges commenters’ concerns
about potential risk of harm or
sensitivity to financial institutions,
including reputation and litigation risks
resulting from possible
misinterpretations of published pricing
information. However, the Bureau does
not view privacy risks to financial
institutions as compelling enough to
justify exclusion of the data field. As
discussed in part VIII.B.4, by mitigating
re-identification risk, other potential
risks and harms, including those faced
by financial institutions, will also be
mitigated.
The Bureau preliminarily assesses
that some modification techniques may
be appropriate when publishing pricing
information. Potential modifications
that the Bureau could consider include
binning data or top-coding pricing data
fields. However, the Bureau is mindful
that modifying pricing information too
much could mask discriminatory
pricing practices, thus hindering fair
lending analyses. Similarly, such
modifications could hinder
identification of community
development needs and opportunities.
xi. Census Tract
Proposed § 1002.107(a)(13) would
have required financial institutions to
collect and report the census tract
containing the address or location
where the proceeds of the credit applied
for or originated will be or would have
been principally applied; or if this
information is unknown, the tract
containing the address or location of the
main office or headquarters of the
applicant; or if this information is also
unknown, the tract containing another
address or location associated with the
applicant. In addition to reporting the
census tract, the financial institution
would have been required to indicate
which one of these three types of
addresses or locations the census tract is
based on. As discussed above in the
section-by-section analysis of
E:\FR\FM\31MYR2.SGM
31MYR2
lotter on DSK11XQN23PROD with RULES2
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
§ 1002.107(a)(13), the Bureau is
finalizing this data point as proposed.
The NPRM observed that the census
tract itself would likely disclose
minimal, if any, information about an
applicant or related natural person that
may be harmful or sensitive if such
person were re-identified, or that may
be harmful or sensitive to an identified
financial institution. The Bureau
acknowledged that for sole proprietors,
the main office is often a home address,
but it noted that the applicant’s actual
street address would not be reported to
the Bureau. The Bureau also noted that
small businesses commonly make their
locations available in the normal course
of business—for example, to reach
prospective customers.
The Bureau stated that if the address
reflects where the proceeds of the credit
will be or would have been principally
applied, disclosing the census tract may
reveal some information about an
applicant’s business strategy,
particularly if paired with the loan
purpose data field. For example, the
Bureau stated that the data could
indicate that a small business is
pursuing or was pursuing an expansion
to a particular location. However, the
Bureau believed the value of this
information to a small business’s
competitors is likely mitigated by the
time to publication. The Bureau stated
that disclosure of the census tract in
unmodified form may also reveal
information that financial institutions
regard as harmful or sensitive, such as
a financial institution’s trade area.
However, the Bureau did not conclude
that disclosure would permit the
reverse-engineering of a financial
institution’s proprietary lending models.
The Bureau identified publicly
available datasets that include data
fields an adversary could directly match
to the census tract data field in
unmodified form in the public
application-level data with respect to an
applicant or related natural person. The
Bureau expected that, in most cases, the
census tract that financial institutions
would report to the Bureau would be
based on the address or location of the
main office or headquarters of the
applicant, either because that is where
the proceeds of the credit will be
applied, or because the financial
institution does not know the location
or address where the proceeds of the
credit will be applied but does know the
applicant’s main office or headquarters
address. The Bureau also observed that,
for many small businesses, this address
or location is likely to be publicly
available from sources such as the
business’s website and review websites.
Information about a business’s location
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
is also likely available from loan-level
data for public loan programs as well as
from private datasets, such as from data
brokers. Therefore, in many cases, the
Bureau expected that an adversary
could use the census tract data fields,
combined with other fields, to match a
section 1071 record to an identified
publicly available record. The Bureau
also sought comment on whether
disclosing county, State, or some other
geographic identifier—rather than the
census tract—would affect the benefits
of disclosure, the potential for harm or
sensitivity, and the potential for reidentification of applicants or related
natural persons.
A range of commenters provided
feedback on the Bureau’s analysis.
Community group commenters saw the
publication of this data as important to
both the fair lending and business and
community development purposes of
section 1071. Some said that because
there are currently no comprehensive
data on the capital access problems
faced by marginalized communities,
census tract data would provide insight
into small business credit challenges at
the intersection of race, sex, ethnicity,
and geography. Other community
groups and a business advocacy group
expressed support for publishing census
tract data, stating that including
demographic and geographic data could
positively impact the reduction of
economic inequality and generally
would encourage lending to
underserved markets via specific policy
making.
A number of lenders, along with a
trade association and a community
group, expressed concern that
publication of census tract data would
pose significant re-identification risk for
applicants, especially in smaller or rural
communities with low levels of lending.
Other industry commenters said that the
unmodified publication of census tract
data combined with other data points,
in particular NAICS code data, would
pose significant re-identification risk.
While some community groups
expressly supported the unmodified
disclosure of census tract data, others
suggested specific modification
techniques. One commenter suggested
that the Bureau consider switching
records for similarly situated applicants
between nearby census tracts to protect
the privacy of applicants in smaller
geographic areas while preserving data
utility. With respect to the Bureau’s
suggestion to consider disclosing a
broader location category, at least one
trade association expressed support for
disclosing data at the State level.
Meanwhile, a community group
generally opposed disclosure limited to
PO 00000
Frm 00335
Fmt 4701
Sfmt 4700
35483
the county- or State-level, arguing that
it would frustrate the purposes of
section 1071. But this commenter did
suggest that the Bureau consider
combining and aggregating adjacent
census tracts in rural areas with low
levels of lending.
As discussed above in part VIII.B.3,
the Bureau views the disclosure of
census tract as having significant
benefits. Further, disclosing census tract
data on its own would present limited
privacy risk. Application-level census
tract by itself would likely disclose
minimal, if any, information about an
applicant or related natural person that
would be harmful or sensitive if such
person were re-identified. In addition,
the Bureau does not discern evidence of
compelling privacy risks for financial
institutions. However, the Bureau
appreciates the potential reidentification risks to applicants or
related natural persons posed by the
combination of census tract data and
other data fields, such as NAICS code.
With respect to privacy risks raised by
commenters, as discussed above, the
Bureau has identified publicly available
datasets that include data fields an
adversary could directly match to
certain census tract data. Accordingly,
the Bureau assesses that census tract
data, combined with other data fields
such as NAICS code, could be used to
match to an identified publicly available
record, particularly in rural areas,
thereby potentially re-identifying a
small business applicant or its
ownership. Re-identification could in
turn exacerbate privacy risks, including
harm or sensitivity risks, presented by
other data fields in the dataset.
Considering this privacy risk, the
Bureau’s preliminary assessment is that
some modification techniques may be
appropriate. Application-level census
tract would likely disclose minimal, if
any, information about an applicant or
related natural person that would be
harmful or sensitive if such person were
re-identified. In addition, the Bureau
does not discern evidence of a
compelling privacy risks for financial
institutions. However, the Bureau
appreciates the potential reidentification risks to applicants or
related natural persons posed by the
combination of census tract data and
other data fields such as NAICS code,
and recognizes that there may be
significant geographic variation in the
likelihood of re-identification risk from
census tract alone. The Bureau is
mindful that modifying census tract
data, like disclosing a broader location
category such as county or State, while
reducing re-identification risk to
applicants and related natural persons,
E:\FR\FM\31MYR2.SGM
31MYR2
35484
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
lotter on DSK11XQN23PROD with RULES2
could also reduce the utility of the 1071
dataset.
xii. Gross Annual Revenue
Proposed § 1002.107(a)(14) would
have required financial institutions to
collect and report to the Bureau the
gross annual revenue of the applicant
for the preceding full fiscal year prior to
when the information is collected. As
discussed in the section-by-section
analysis of § 1002.107(a)(14), the Bureau
is finalizing this data point
substantively as proposed.
The NPRM stated that disclosing gross
annual revenue in unmodified form
would likely disclose information about
an applicant or related natural person
that may be harmful or sensitive if such
person were re-identified. The data field
could reflect the financial condition of
a small business or its ownership. The
Bureau stated that competitors of the
small business, other commercial
entities, creditors, researchers, or
persons with criminal intent all may
have an interest in using these data to
monitor the size or performance of an
applicant that may be a rival, partner, or
target of inquiry, investigation, or illegal
activity. With respect to the risk of harm
or sensitivity to financial institutions,
the NPRM acknowledged that other
creditors might use gross annual
revenue data to learn more about the
types of small businesses with which
their competitors do business. However,
the Bureau did not identify evidence
that disclosure would permit reverseengineering of proprietary lending
models.
The Bureau also noted that publicly
available datasets include data fields an
adversary could directly match to this
data field in unmodified form. This
availability is not widespread. Gross
annual revenue data are available from
private databases. They are also
available for New York State’s womenand minority-owned business
certification program, but those data are
recoded into bins. The Bureau stated
that if it determined that gross annual
revenue data should be modified, it may
consider recoding this data into bins, for
example in ranges of $25,000, or topcoding the data to mask particularly
high values, thereby reducing the
identifiability of application data from
small businesses with especially high
gross annual revenue.
Commenters did not provide
additional evidence related to reidentification risk. However,
community groups and trade
associations commented on modifying
this field prior to publication. Several
community groups and a CDFI lender
generally favored the Bureau publishing
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
unmodified gross annual revenue data
to maintain its utility. One such
commenter opposed modification here,
stating that aggregation of data by
revenue size would limit the usefulness
of the data to all stakeholders, including
technical assistance providers who can
help small businesses apply for loans, as
well as parties seeking to identify and
respond to discriminatory lending
patterns. Other community groups and
a trade association expressed support
for publishing gross annual revenue
data in bins to mitigate privacy risks for
applicants. These community groups
stated that modified data must still be
detailed enough to permit meaningful
analysis, and they criticized the current
CRA system of identifying all loans to
businesses with revenue under $1
million as not allowing for such
analysis. One commenter suggested that
if the Bureau decided to modify the
gross annual revenue data field it
should select the mid-point and recode
the data in bins of $10,000 increments.
They also expressed support for topcoding provided that it did not mask
any significant differences in data for
larger small businesses, and suggested
that the Bureau conduct testing within
the first year of data to assess whether
the modification was appropriate.
As discussed above in part VIII.B.3,
the Bureau views disclosure of gross
annual revenue data as having
significant disclosure benefits. After
reviewing comments, the Bureau
preliminarily assesses that if reidentification were to occur, disclosing
gross annual revenue data in
unmodified form may present
significant privacy risk to small
business applicants and related natural
persons. The Bureau also preliminarily
assesses that modifications to this field
can be made while preserving the utility
of the data for statutory purposes. The
Bureau will continue to consider
feedback about potential modification
techniques, such as binning at smaller
intervals and conducting testing before
top-coding.
xiii. NAICS Code
Proposed § 1002.107(a)(15) would
have required financial institutions to
collect and report to the Bureau a 6-digit
NAICS code. As discussed above in the
section-by-section analysis of
§ 1002.107(a)(15), the Bureau is
modifying how NAICS code is reported.
Under the final rule, financial
institutions must collect and report a 3digit NAICS subsector code. Using only
3-digit NAICS subsector codes will
decrease the risk of re-identification to
applicants and owners while adhering
to the purposes of section 1071.
PO 00000
Frm 00336
Fmt 4701
Sfmt 4700
The NPRM stated that publishing 6digit NAICS codes in unmodified form
by itself would likely disclose minimal,
if any, information about an applicant or
related natural person that may be
harmful or sensitive if such person were
re-identified, or that may be harmful or
sensitive to an identified financial
institution. Information about a small
business’s industry is likely apparent to
anyone interacting with it. The Bureau
noted that disclosure of 6-digit codes in
unmodified form may reveal
information that financial institutions
regard as harmful or sensitive, such as
the industries with which the financial
institution does business, but it did not
discern that such disclosure would
permit reverse-engineering of
proprietary lending models.
The Bureau acknowledged that 6-digit
codes were likely to produce unique
instances in the data, especially if
combined with unmodified census tract
data. It noted the existence of 73,057
census tracts and 1,057 6-digit NAICS
codes.901 With over 77 million resulting
combinations, there would likely be
many instances of this data forming
unique combinations. The NPRM stated
that if the Bureau modified 6-digit codes
for publication, it would consider
disclosing 2-, 3-, or 4-digit codes to
reduce re-identification risk while
maintaining data utility.
Community group commenters
supported disclosing 6-digit NAICS
codes to support the fair lending
purpose of the statute. Many industry
commenters expressed concern that
such codes, particularly in small or
rural communities where only a limited
number of businesses share certain
NAICS codes, would create significant
re-identification risks.
Several commenters expressed
support for modifying the 6-digit NAICS
code in the public application-level
data. One commenter stated that the
NAICS code should be truncated to
general categories. Several industry
commenters expressed specific support
for disclosing a 2-digit NAICS code, and
another supported a 4-digit
modification, stating it would provide
sufficient information while mitigating
re-identification risk.
As discussed above in part VIII.B.3,
the Bureau views disclosure of a NAICS
code as having significant disclosure
benefits. In addition, the Bureau’s shift
to requiring collection and reporting of
a 3-digit code will significantly reduce
re-identification risk while preserving
901 See 2010 Census Tallies; Off. of Mgmt. &
Budget, North American Industry Classification
System (NAICS) Updates for 2022, 86 FR 35350,
35352 (July 2, 2021).
E:\FR\FM\31MYR2.SGM
31MYR2
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
lotter on DSK11XQN23PROD with RULES2
the utility of the dataset. This shift
acknowledges privacy concerns raised
by some commenters, reducing the risk
of cognizable privacy harms.
Overall, the Bureau preliminarily
assesses that published 3-digit codes by
themselves present limited privacy risk.
It is unlikely that publication of these
data would disclose personal
information about an applicant or
related natural person that would be
harmful or sensitive if such person were
re-identified. The Bureau also does not
see evidence of non-personal
commercial privacy risks to small
businesses, or of any compelling privacy
risk to financial institutions. However,
the Bureau appreciates that there is a
heightened risk of re-identification
when a NAICS code is combined with
other data fields, such as census tract.
xiv. Number of Workers
Proposed § 1002.107(a)(16) would
have required financial institutions to
collect and report to the Bureau the
number of non-owners working for the
applicant. In the final rule, however, a
financial institution complies with
§ 1002.107(a)(16) by reporting in ranges.
The Bureau is adopting this change in
response to concerns expressed by
commenters about the complexity of
providing an exact number.
The NPRM stated that disclosing
number of workers in unmodified form
would likely disclose minimal, if any,
information about an applicant or
related natural person that would be
harmful or sensitive if such person were
re-identified. Additionally, the Bureau
did not see disclosure being harmful or
sensitive to financial institutions.
Financial institutions may use such data
to learn more about the types of small
businesses with which their competitors
do business, but the Bureau did not see
evidence that disclosure would permit
reverse-engineering of proprietary
lending models.
The Bureau noted that information
about the number of workers is likely to
be publicly available for many
businesses. For example, State registries
of businesses may include information
about a business’s number of workers,
and private databases also commonly
include this information. This decreases
any potential sensitivity or harm of
disclosing this data point in the
application-level data, and also the
direct utility of the data to potential
adversaries. However, these data
sources also mean that in some cases an
adversary could use number of workers,
combined with other fields, to match an
identified publicly available record.
Data on a business’s number of workers
could easily produce unique
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
combinations when combined with
other data fields, particularly for
businesses with higher numbers of
workers. The NPRM further stated that
the Bureau would consider modification
options, including recoding and topcoding.
Several community group
commenters and a group of State
banking regulators supported
unmodified disclosure of this data as
important to the fair lending purposes of
section 1071. However, an industry
commenter stated that the data point
was not useful for achieving any of the
statutory purposes, particularly given
the difficulties in counting seasonal and
part-time employees. Several industry
commenters stated that publishing the
number of workers without
modification could create privacy risks.
These commenters generally asserted
that the data point should not be
published because the exact number of
workers could be used to re-identify
applicants and would reveal sensitive
commercial information about the
applicant’s competitive strategy or
business plan. Some of these
commenters also expressed concern that
these data are susceptible to
misinterpretation and inaccuracy,
particularly for seasonal or cyclical
businesses that experience routine
variations in employee volume over the
course of a calendar year. Several
commenters expressed support for
modifying the public number of workers
data field by recoding the data into bins.
One commenter stated that the bins
would need to be developed such that
they do not obscure differences in
smaller businesses.
As discussed above in part VIII.B.3,
the Bureau views disclosure of the
number of workers to have significant
disclosure benefits. In addition, the
Bureau’s decision to have financial
institutions report this data in ranges
will reduce the risk of re-identification
for applicants or related natural persons.
In turn, that lowers the risk that
applicants or related natural persons are
subject to competitive harms, such as
the disclosure of their proprietary
business information. Further, although
the Bureau has identified publicly
available datasets that include number
of workers, these data vary over time
and are difficult to align across multiple
datasets. Reporting in ranges will also
help address concerns about data
inaccuracy and variance.
The Bureau preliminarily assesses
that disclosing unmodified applicationlevel number of workers data in ranges
would present limited privacy risk if reidentification occurred. It is unlikely
that publication of this data would
PO 00000
Frm 00337
Fmt 4701
Sfmt 4700
35485
disclose personal information about an
applicant or related natural person that
would be harmful or sensitive if such
person were re-identified; it is also
unlikely that publication would result
in non-personal commercial privacy
risks to small businesses or compelling
privacy risks to financial institutions.
xv. Time in Business
Proposed § 1002.107(a)(17) would
have required financial institutions to
collect and report to the Bureau the time
the applicant has been in business,
described in whole years, as relied on or
collected by the financial institution. As
discussed in the section-by-section
analysis of § 1002.107(a)(17), however,
the final rule requires a financial
institution to report this data in whole
years only if it collects or otherwise
obtains that information as part of its
procedures for evaluating credit
applications. Otherwise, the financial
institution reports whether the
applicant has been in existence for less
or more than two years. This change
responds to commenter concerns about
complexity in collecting this data.
The NPRM explained that disclosing
time in business in unmodified form
would likely disclose minimal, if any,
information about an applicant or
related natural person that may be
harmful or sensitive if such person were
re-identified, or that may be harmful or
sensitive to an identified financial
institution. The Bureau did not see
evidence that disclosure would permit
the reverse-engineering of proprietary
lending models. In addition,
information about time in business was
likely to be publicly available for many
businesses in public registration filings
and other sources, decreasing any
potential harm or sensitivity from
publishing this data. The Bureau noted
that these same data sources could
enable an adversary to directly match
the time in business data field in
unmodified form, particularly when
combined with other fields.
The Bureau stated that if it were to
modify the time in business data field,
it may consider recoding time in
business into bins—for example, using
two- or five-year intervals. It would also
consider top-coding time in business at
a value such as 25 years, given that
larger values are more likely to be
unique. The Bureau specifically sought
comment on what intervals the Bureau
should use if it were to recode time in
business into bins and what value the
Bureau should use if it were to top-code
this data field.
Several community group
commenters and a group of State
banking regulators supported
E:\FR\FM\31MYR2.SGM
31MYR2
35486
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
lotter on DSK11XQN23PROD with RULES2
unmodified disclosure of time in
business in the dataset to facilitate the
fair lending purpose of the statute. A
few industry commenters expressed
concern that publication of time in
business data could create reidentification risks for small business
applicants and reputational harm for
financial institutions. In particular, one
commenter agreed that time in business
data could be combined with other data
points to re-identify small business
applicants. With respect to potential
modification options, a trade association
and a community group expressed
support for either binning or top-coding.
The community group noted, however,
that a bin that ranged from two to five
years may be too long. The commenter
also stated that a top-code of 25 years
may be reasonable but urged the Bureau
to conduct further analysis after it
received the first year’s data.
As discussed in part VIII.B.3, the
Bureau views disclosure of time in
business as having significant benefits.
The Bureau also preliminary assesses
that the availability of this data in
existing datasets decreases potential
harm or sensitivity of disclosure if reidentification occurs, but also increases
the risk of re-identification risk. The
Bureau will consider whether binning,
top-coding, or other modification
techniques may be appropriate when it
analyzes application-level data and
conducts its full privacy analysis.
Commenters did not explain how the
disclosure of the applicant’s time in
business could lead to reputational
harms to financial institutions.
xvi. Business Ownership Status
Proposed § 1002.107(a)(18) and (19)
would have required financial
institutions to collect and report to the
Bureau whether the applicant is a
minority-owned business or a womenowned business and whether minorityowned business status or women-owned
business status is being reported based
on previously collected data pursuant to
proposed § 1002.107(c)(2). As discussed
in the section-by-section analysis of
§ 1002.107(a)(18), the Bureau is
finalizing these data points with
modifications. Specifically, it is
finalizing proposed § 1002.107(a)(18)
and (19) as final § 1002.107(a)(18). In
addition to the minority-owned and
women-owned business statuses, the
final rule requires financial institutions
to collect and report LGBTQI+-owned
business status.
The NPRM stated that publishing
demographic ownership status in
unmodified form would have likely
disclosed minimal, if any, information
about an applicant or related natural
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
person that may be harmful or sensitive
if such person were re-identified, or that
may be harmful or sensitive to an
identified financial institution. While
some applicants or related natural
persons may regard this information as
harmful or sensitive, the Bureau
believed this information generally
would present low risk of harm or
sensitivity. The Bureau also believed
that this information already may be
available to the general public and
would have relatively limited utility for
adversaries if an applicant or related
natural person were re-identified.
However, the Bureau noted that in
many cases an adversary could have
used women-owned or minority-owned
business status, in combination with
other data, to match a section 1071
record to an identified publicly
available record. The Bureau identified
several sources that could have been
used for such matching. Women- and
minority-ownership is likely to be
publicly available for many businesses
that publicly register or certify with the
SBA or State or local authorities as
women- or minority-owned. Businesses’
websites may also provide this
information, and private commercial
databases also include or estimate this
information.
The Bureau did not receive any
comments on this aspect of its privacy
analysis. This lack of engagement
suggests that the NPRM generally
correctly assessed the privacy impacts
that disclosing women-owned and
minority-owned business statuses in the
data in unmodified form would have for
an applicant or related natural person if
such person were re-identified. It also
suggests the Bureau generally correctly
surmised there would be minimal, if
any, harms or sensitivities to financial
institutions.
However, the Bureau received
comments from several industry and
individual commenters on the Bureau’s
request for comment in proposed
§ 1002.107(a)(20) about whether the
Bureau should require financial
institutions to ask separate questions
regarding the sex, sexual orientation,
and gender identity, of principal
owners. As discussed below in part
VIII.B.6.xvii, a few commenters urged
the Bureau to not collect or publish data
on sexual orientation and gender
identity of principal owners. The
commenters noted the significant risk of
harm to small business applicants and
related natural persons, due to the
particularly sensitive nature of this
information if re-identification
occurred.
The Bureau acknowledges that an
individual’s LGBTQI+ status likely is
PO 00000
Frm 00338
Fmt 4701
Sfmt 4700
sensitive personal information that
could pose personal privacy risks as
well as non-personal commercial
privacy risks. If re-identification
occurred, its disclosure could pose risks
to privacy interests of small business
owners. Accordingly, while the Bureau
views disclosure of business ownership
status as having significant disclosure
benefits, the Bureau preliminarily
assesses that disclosing this data may
present significant privacy risks if reidentification occurred. That is
particularly so as to LGBTQI+-owned
business status; in contrast, womenowned and minority-owned business
status information would present
relatively limited privacy risk. The
Bureau does not see evidence that
LGBTQI+-owned status poses
compelling privacy risks to financial
institutions.
xvii. Number and Demographic Status
of Principal Owners
Proposed § 1002.107(a)(20) would
have required a financial institution to
collect and report to the Bureau the
ethnicity, race, and sex of the
applicant’s principal owners; whether
ethnicity and race were being collected
by the financial institution on the basis
of visual observation and/or surname
analysis; and whether ethnicity, race, or
sex were being reported based on
previously collected data pursuant to
proposed § 1002.107(c)(2). Proposed
§ 1002.107(a)(21) would have required
that financial institutions collect and
report to the Bureau the number of an
applicant’s principal owners. As
discussed in the section-by-section
analyses of § 1002.107(a)(19) and (20),
the Bureau is finalizing the ethnicity,
race, and sex of principal owners and
number of principal owners data points
with several modifications, including
renumbering the sections, changing how
financial institutions are required to
inquire about the principal owners sex,
and removing the requirement that a
financial institution report whether the
ethnicity and race of an applicant’s
principal owners was collected on the
basis of visual observation and/or
surname analysis.
The NPRM stated that, in general,
disclosing the ethnicity, race, and sex of
an applicant’s principal owners in
unmodified form would likely have
disclosed minimal, if any, information
about an applicant or related individual
that may be harmful or sensitive if such
person were re-identified, or that may
be harmful or sensitive to an identified
financial institution. As noted similarly
above for the data fields on womenowned and minority-owned business
statuses, while some applicants or
E:\FR\FM\31MYR2.SGM
31MYR2
lotter on DSK11XQN23PROD with RULES2
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
related natural persons may regard this
information as harmful or sensitive, this
information generally would present
low risk of harm or sensitivity. The
Bureau also noted that this information
may be already available to the general
public, and that this information would
have relatively limited utility for
adversaries if an applicant or related
natural person were re-identified.
The Bureau identified publicly
available datasets that include data
fields an adversary could directly match
to the ethnicity, race, and sex of the
applicant’s principal owner(s) data
fields in unmodified form. For example,
certain State business registries,
including those required to access
women-owned and minority-owned
business programs, provide this
information. Other public record
databases, such as the SBA’s 8(a)
program and the Paycheck Protection
Program, also include ethnicity, race,
and sex data alongside the borrower’s
name. In many cases, therefore, the
Bureau stated that an adversary could
use the ethnicity, race, and sex of the
applicant’s principal owners, combined
with other fields, to directly or
indirectly match a section 1071 record
to an identified publicly available
record.
As discussed in the section-by-section
analysis of § 1002.107(a)(19), the Bureau
proposed that financial institutions
would report sex as described in
proposed comment 107(a)(20)–8, which
would have permitted an applicant to
self-describe a principal owner’s sex by
selecting the ‘‘I prefer to self-describe’’
response option on a paper or electronic
form or by providing additional
information for an oral application, with
the financial institution reporting the
response using free-form text. In the
NPRM, the Bureau stated intention to
exclude free-form text from public
application-level data. However, the
Bureau sought comment on whether
there were additional specific
modifications it should consider with
regard to applicants who choose to selfdescribe their principal owners’ sex.
The Bureau also sought comment on
whether, if finalized, disclosure of sex,
sexual orientation, or gender identity
could cause heightened sensitivity or
risk of harm and any specific
modifications the Bureau should
consider if such data points were
included in the final rule.
Many community group and minority
business advocacy group commenters
supported disaggregated disclosure of
ethnicity, race, and sex of principal
owners, and underscored its
significance in achieving the fair
lending purpose of section 1071. Some
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
of these commenters stated that
publication of disaggregated data would
facilitate development of policy
solutions for issues of financial
inequality as it relates to ethnicity, race,
and sex. A few trade associations
expressed concerns about publishing
information collected on the basis of
visual observation or surname.
Some industry commenters expressed
concerns that ethnicity, race, and sex
data would create significant privacy
risks for small business applicants,
particularly in smaller or rural
communities. Other industry and
individual commenters cautioned the
Bureau against collecting and
publishing the sexual orientation and
gender identity of principal owners.
Specifically, these commenters noted
the significant risk of harm to small
business applicants, due to the
particularly sensitive personal nature of
this information if re-identification
occurred.
Some trade associations noted
concerns that publishing ethnicity, race,
and sex information, particularly where
collected based on visual observation or
surname, will present the risk of harm
to financial institutions. Two such
commenters asserted that financial
institutions faced the potential for
reputational or litigation risks if the
ethnicity, race, or sex data are published
because of potential conflicts with State
or Federal privacy laws. One commenter
stated that asking for this information
without proper privacy precautions may
expose the financial institution to legal
risk under certain State privacy laws,
such as the California Consumer
Protection Act, that protect against
disclosure of ethnicity and race
information. Two others noted that State
privacy laws may conflict with the
requirement to obtain ethnicity and race
data based on visual observation. These
commenters also stated that the
perceived intrusiveness from the
acquisition of these data and the
knowledge that it would become public
could cause competitive and
reputational harm to financial
institutions as institutions that do not
protect their customers’ privacy. For
example, one commenter asserted that
visual observation collection may
reduce trust in the financial institution
and increase the applicant’s
apprehension regarding their privacy.
As to whether the Bureau should
publish the unmodified, applicant-level
data on the number of principal owners,
several industry commenters opposed
the publication of these data, should it
be finalized. The commenters stated that
publication of the number of principal
PO 00000
Frm 00339
Fmt 4701
Sfmt 4700
35487
owners could facilitate re-identification,
particularly in small or rural areas.
As discussed above in part VIII.B.3,
the Bureau views disclosure of these
data to have significant benefits.
Commenters did not provide additional
evidence related to re-identification risk
that would alter the NPRM’s partial
privacy analysis. The current
availability of these data in existing
databases likely limits the risk of harm
or sensitivity, although it may amplify
re-identification risk. Comments that the
disclosure of ethnicity, race, and sex
data present a risk of reputational or
litigation harm to financial institutions
because it may be based on visual
observation or surname are moot
because no visual observation
requirement is in the final rule.
Commenters did not explain with
sufficient detail how the final rule will
increase a financial institution’s
litigation risks due to conflicts with
State or Federal privacy laws. To the
extent that asking for an applicant’s
principal owners’ ethnicity, race, or sex
must be done with proper privacy
protocols in place, it seems likely that
a financial institution could comply
with both this final rule and other
privacy requirements.
Accordingly, the Bureau preliminarily
assesses that disclosure in unmodified
form may increase re-identification risk
and presents significant risk of harm or
sensitivity if re-identification occurred.
The possibility of significant privacy
risk primarily results from the fact that
sex data will be reported as free-form
text, which as discussed in part
VIII.B.6.xix below, the Bureau
preliminarily assesses it will include, in
some form, in the public data. The
disclosure of information about the
ethnicity and race of principal owners
generally will present lesser risk. The
Bureau does not discern evidence of
compelling privacy risks to financial
institutions.
xviii. Financial Institution Identifying
Information
Proposed § 1002.109(b) would have
required a financial institution to
provide the Bureau with certain
information with its submission of its
small business lending application
register: (1) its name; (2) its
headquarters address; (3) the name and
business contact information of a person
who may be contacted with questions
about the financial institution’s
submission; (4) its Federal prudential
regulator, if applicable; (5) its Federal
Taxpayer Identification Number; (6) its
LEI; (7) its RSSD ID, if applicable; (8)
parent and top-parent entity
information, if applicable; (9) the type of
E:\FR\FM\31MYR2.SGM
31MYR2
lotter on DSK11XQN23PROD with RULES2
35488
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
financial institution that it is, indicated
by selecting the appropriate type or
types of institution from the list
provided or entering free-form text; 902
and (10) whether the financial
institution is voluntarily reporting
covered applications for covered credit
transactions. As discussed above in the
section-by-section analysis of
§ 1002.109(b), the Bureau is generally
finalizing this data point as proposed,
with certain modifications.
Regulation C requires financial
institutions to report similar
information when submitting their loanlevel HMDA data. Regulation C also
requires financial institutions to report
the calendar year of submission and the
total number of entries in their loanlevel HMDA data. Regulation C does not
require financial institutions to submit
their headquarters address, RSSD ID, or
financial institution type or indicate
whether they are reporting data
voluntarily. With the exception of
contact information for a person who
can be reached about the financial
institution’s submission, the
information financial institutions are
required to submit with their HMDA
submissions under § 1003.5(a)(3) is
publicly available through the FFIEC
website.
Financial institution identifying
information other than individual
contact information. In the NPRM, the
Bureau stated its intention to disclose
the financial institution identifying
information data fields in unmodified
form, other than the name and business
contact information of a person who
may be contacted with questions about
the submission. The Bureau stated that
disclosing financial institution
identifying information in the 1071 data
in unmodified form would likely
disclose minimal, if any, information
about an applicant or related natural
person that may be harmful or sensitive
if such person were re-identified. While
some businesses might view their
identification as an applicant as harmful
or sensitive, revealing the name of the
financial institution would not
significantly increase such risks. In
addition, the Bureau reasoned that this
information is already largely available
from other identified public records,
such as UCC filings. For the same
reason, revealing the name of the
financial institution would not
significantly increase risk of fraud or
identity theft. The Bureau stated that
disclosing financial institution
identifying information in the data in
unmodified form would not, by itself,
902 Part VIII.B.6.xix further discusses the
disclosure of free-form text field information.
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
reveal information that is harmful or
sensitive, given financial institutions’
commercial interests. Additionally,
other public records, such as public
HMDA data, tax records, and
commercial databases disclose Federal
Taxpayer Identification number, RSSD
ID, and LEI.903 Disclosing financial
institution identifying information in
unmodified form may reveal
information that financial institutions
regard as harmful or sensitive, but the
Bureau did not discern evidence that it
would permit reverse-engineering of
proprietary lending models. The Bureau
acknowledged, however, that this
information could, in some
circumstances, lead to reputational risks
and increased costs for financial
institutions, which might be passed on
to their customers in the form of
increased costs or decreased access to
credit.
The NPRM noted that the Bureau had
received feedback that publishing
financial institution identifying
information could increase reidentification risk of applicants and
related natural persons. This included
feedback that customers of captive
wholesale finance companies with
applicant bases limited to franchises or
licensees of a particular distributor or
manufacturer would face unique reidentification risks because, in many
instances, these applicants may be the
financial institution’s only customer in
a particular State, or one of only a very
small number of customers in the State,
heightening the privacy concerns for
publication of data tied to these
financial institutions. The NPRM also
noted that the Bureau had identified
publicly available datasets that include
data fields an adversary could directly
match to financial institution
identifying information data fields in
unmodified form. Therefore, in many
cases, the Bureau reasoned that an
adversary could use identifying
financial institution data fields,
combined with other section 1071 data
fields, to match a section 1071 record to
an identified public record.
With respect to concerns about
wholesale finance companies, the
Bureau acknowledged that financial
institution identifying information in
unmodified form in the public
application-level data could, in
combination with other data fields like
census tract, NAICS codes, and credit
903 The FFIEC publishes transmittal sheet
information, including LEI and Federal Taxpayer
Identification number, on its website. Fed. Fin.
Insts. Examination Council, Public Transmittal
Sheet—Schema, https://ffiec.cfpb.gov/
documentation/2020/public-ts-schema/ (last visited
Mar. 20, 2023).
PO 00000
Frm 00340
Fmt 4701
Sfmt 4700
type or purpose, facilitate reidentification of applicants that have a
common name, without requiring that
adversaries match 1071 records to other
identified datasets. Under proposed
§ 1002.104(b), which the Bureau has
finalized, trade credit and other
transactions would be excluded from
the scope of covered credit transactions.
The Bureau indicated that this might
eliminate some transactions involving
such lenders. The Bureau sought
comment on the circumstances under
which a transaction involving a captive
wholesale finance company would be
covered by the proposal
notwithstanding the exemption. To the
extent there are such transactions, the
Bureau also sought comment on the
instances in which captive wholesale
finance companies lend exclusively to
businesses that are publicly branded in
a way that can be easily matched to the
identity of the financial institution. The
Bureau sought comment on whether a
final rule could include certain
categories of financial institution types
that would allow the Bureau to easily
identify such financial institutions in
the unmodified 1071 dataset without an
application-level analysis. Finally, the
Bureau sought comment on whether
there are particular modification
techniques that would reduce reidentification risks and risks of harm or
sensitivity for applicants and related
natural persons who might be reidentified in the public applicationlevel data.
In the NPRM, the Bureau stated its
intention to publish financial institution
identifying information, other than
individual contact information, as
reported and without modification. The
Bureau stated that risks to privacy
interests from the disclosure of this data
in unmodified form would be justified
by the benefits of disclosure for section
1071’s purposes. While the Bureau did
not conduct a uniqueness analysis, it
stated that disclosure of financial
institution identifying information
would very likely substantially facilitate
the re-identification of applicants or
related natural persons. If such persons
were re-identified, the Bureau stated
that disclosure of other data fields
would likely create a risk of harm or
sensitivity. In addition, the Bureau
stated that the disclosure of other
proposed data fields in combination
with a financial institution name likely
would reveal information that may be
harmful or sensitive to financial
institutions. The Bureau nonetheless
stated that these risks to privacy would
be justified by the benefits of disclosure
in light of section 1071’s purposes.
E:\FR\FM\31MYR2.SGM
31MYR2
lotter on DSK11XQN23PROD with RULES2
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
The Bureau sought comment on this
analysis and its stated intention to
disclose these fields without
modification in the public applicationlevel data. The Bureau received
feedback on this proposed analysis from
trade association and community group
commenters. Two community group
commenters generally supported the
Bureau’s proposal to disclose
unmodified financial institution
identifying information, other than
individual contact information. A trade
association opposed the proposal. This
commenter urged the Bureau to
withhold all financial institution
identifying information data fields
because, whether or not it is available
elsewhere, this information would
create privacy risks for financial
institutions, including risks involving
identity theft and data security. With
respect to the Bureau’s request for
comment about whether these proposed
data fields would pose risks to captive
wholesale companies and their
customers, this commenter urged the
Bureau to provide additional
protections for this market segment to
mitigate re-identification risk.
The Bureau acknowledges that
publication of financial institution
identifying information may reveal
information that may be harmful or
sensitive to financial institutions,
leading to reputational risks and
increased costs. However, feedback
received by the Bureau does not explain
how these data would pose previously
unconsidered identity theft or data
security risks. Separately, the Bureau
acknowledges feedback that the
proposed data fields may pose special
risks to captive wholesale companies
and their customers. It intends to
consider what additional modifications
or deletions may be appropriate to
protect the privacy interests of these
entities.
As explained in the NPRM, this data
point could potentially increase reidentification risk and commenters did
not provide additional evidence related
to re-identification risk that would alter
the partial privacy analysis described
above. However, the Bureau
preliminarily assesses that disclosing
the financial institution identifying
information data fields in unmodified
form, other than data fields containing
the information for the financial
institution’s point of contact, would
present limited risk of harm or
sensitivity if re-identification occurred.
The Bureau believes that it is unlikely
that publication of this data would
disclose personal information about an
applicant or related natural person that
would be harmful or sensitive if such
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
person were re-identified. The Bureau
does not believe this data will result in
significant non-personal commercial
risks to small businesses. The disclosure
of this data field does not pose
compelling privacy risks to financial
institutions. The Bureau will continue
to give consideration to the scenario
involving captive wholesale companies
and their customers as it conducts its
full privacy analysis.
Individual contact information.
Proposed § 1002.109(b)(1)(iii) would
have required financial institutions to
report the name and business contact
information of a person who may be
contacted with questions about the
financial institution’s submission. As
discussed above in the section-bysection analysis of § 1002.109(b)(1)(iii),
the Bureau is finalizing this data point
largely as proposed, but with certain
modifications. In contrast to the other
financial institution identifying
information described above, in the
NPRM the Bureau stated its intention to
delete this data field from the publicly
available data.
The Bureau stated that disclosing
individual contact information in the
data in unmodified form would likely
not disclose any information about an
applicant or related natural person if
such person were re-identified.
However, the Bureau stated that
disclosing the name and contact
information of natural persons
designated by the financial institution
would disclose information that may be
harmful or sensitive to the identified
financial institutions and their
employees. Financial institutions have a
legitimate interest in protecting the
identities of their employees from the
public, consistent with their job
functions, and persons identified for
purposes of questions about the
financial institution’s submission to the
Bureau might not necessarily be
responsible for engaging with the
general public.
The Bureau considered whether
modification other than by excluding
individual contact information would
appropriately balance identified privacy
risks and disclosure benefits. Because
disclosure of this data field in
unmodified form would not promote the
purposes of section 1071 and would
likely reveal information that would be
harmful or sensitive to a financial
institution and its employees, the
Bureau did not identify any such
alternative. Accordingly, the Bureau
stated that deleting individual contact
information would appropriately
balance the privacy risks and disclosure
benefits of this data field.
PO 00000
Frm 00341
Fmt 4701
Sfmt 4700
35489
The Bureau received feedback from
one trade association commenter, which
supported the Bureau’s analysis. The
Bureau accordingly determines that the
publication of the name and business
contact information of a person who
may be contacted by the Bureau or other
regulators with questions about the
financial institution’s submission has
minimal, if any, disclosure benefits.
Moreover, the Bureau concludes that the
publication of this information presents
significant privacy risks because it may
be harmful or sensitive to identified
financial institutions and their
employees. Accordingly, the Bureau is
announcing its intention not to publish
the name and business contact
information of a person who may be
contacted by the Bureau or other
regulators with questions about the
financial institution’s submission.
xix. Free-Form Text
The Bureau proposed to require
financial institutions to use free-form
text to report certain data where they are
reporting information that is not
included in a list provided for the data
fields. Under proposed § 1002.107(a)(5),
(6), (11), (12), and (20), free-form text
could be used in reporting credit type
(product and guarantee information);
credit purpose; denial reasons; pricing
(the interest rate index used); and
principal owners’ ethnicity, race, and
sex.904 Financial institutions also would
have had flexibility in describing certain
identifying information provided under
proposed § 1002.109(b). Free-form text
used to report principal owners’
ethnicity, race, and sex would have
been completed based on information
provided by applicants; all other freeform text would have been completed
by the financial institution. As
discussed above in the section-bysection analyses for particular data
points within § 1002.107(a), the Bureau
is finalizing these data points with
certain modifications. The free-form text
aspect of § 1002.109(b) is being finalized
as proposed.
The Bureau explained that use of freeform text would allow the reporting of
any information, including information
that may be harmful or sensitive to
applicants, related natural persons, and
possibly the interests of financial
institutions. The Bureau stated that such
information might also create a
significant risk of re-identification for
applicants or related natural persons.
Given the amount of data expected to be
reported each year, the Bureau stated
that it would not be feasible for it to
904 Proposed § 1002.107(a)(20) is being finalized
as § 1002.107(a)(19).
E:\FR\FM\31MYR2.SGM
31MYR2
lotter on DSK11XQN23PROD with RULES2
35490
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
review free-form text before publishing
the application-level data. Under the
balancing test described in the NPRM,
therefore, the Bureau initially assessed
that deleting free-form text from the
public application-level data (other than
with respect to the financial institution
identifying information described in
part VIII.B.6.xviii above) would
appropriately balance the benefits of
disclosure with the risks to the privacy
interests of applicants, related natural
persons, and financial institutions.
Several industry commenters
generally supported deleting free-form
text from the public application-level
data. A bank noted that public the
HMDA data do not include free-form
text fields. A group of trade associations
stated that deleting this information
would appropriately balance privacy
risks and disclosure benefits. In
contrast, a CDFI lender urged the
Bureau to publish free-form text fields
arguing that such fields would include
important information. This commenter
suggested that the Bureau could
adequately mitigate the risk that the
free-form text would contain sensitive
or harmful information by including a
disclaimer on the data collection form
that free-form text may be published.
The Bureau reiterates that HMDA
publication practices do not dictate
decisions in this rule and that
consistency between public section
1071 data and public HMDA data may
not be appropriate in every instance. As
an additional matter, the Bureau
believes that a general disclaimer that
free-form text may be published would
not adequately mitigate those privacy
risks. Among other considerations,
because financial institutions will
supply the content of most free-form
text fields, applicants and related
natural persons have no direct control
over what information appears in those
fields. Therefore, a disclaimer would
provide applicants or related natural
persons limited ability to mitigate their
privacy risks.
The Bureau agrees that certain freeform text fields may contain information
that has some disclosure benefits. In
particular, free-form text for the
ethnicity, race, and sex data may
contain information that is important to
the statutory purposes of section 1071.
As discussed in the section-by-section
analysis of § 1002.107(a)(19), the Bureau
is finalizing a requirement whereby
applicants will indicate principal
owners’ sex via a write-in option. While
the Bureau cannot feasibly review for
privacy risks all free-form text fields
supplied by all financial institutions
reporting data, the Bureau expects to
review the free-form text provided by
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
applicants regarding principal owners’
sex. The Bureau anticipates that this
free-form text will permit identification
of certain response categories
appropriate for publication, based on
the Bureau’s assessment of privacy
risks. Similarly, the Bureau may be able
to review ethnicity and race free-form
text, where it is provided, to discern
response categories that may be
appropriate for publication.
The Bureau recognizes, however, that
free-form text fields may present
significant privacy risks if reidentification occurred. Such privacy
risks would not be mitigated in the
absence of pre-publication review.
Accordingly, the Bureau is announcing
its intention to delete free-form text
from the public application-level data,
other than with respect to ethnicity,
race, and sex of principal owners
described in part VIII.B.6.xvii and the
financial institution identifying
information described in part
VIII.B.6.xviii. The Bureau will continue
to consider whether modification
techniques may be appropriate for the
data fields for ethnicity, race, and sex of
principal owners and certain financial
institution identifying information.
IX. Dodd-Frank Act Section 1022(b)(2)
Analysis
The Bureau has considered the
potential benefits, costs, and impacts of
the final rule. The Bureau requested
comment on the preliminary discussion
presented below, as well as submissions
of additional data that could inform the
Bureau’s consideration of the benefits,
costs, and impacts of the proposed rule.
In developing the rule, the Bureau has
consulted or offered to consult with the
prudential regulators (the Board of
Governors of the Federal Reserve
System, the Federal Deposit Insurance
Corporation, the National Credit Union
Administration, and the Office of the
Comptroller of the Currency), the
Department of Agriculture, the
Department of Housing and Urban
Development, the Department of Justice,
the Department of the Treasury, the
Economic Development Administration,
the Farm Credit Administration, the
Federal Trade Commission, the
Financial Crimes Enforcement Network,
and the Small Business Administration
regarding, among other things,
consistency with any prudential,
market, or systemic objectives
administered by such agencies.
In the Dodd-Frank Act, which was
enacted ‘‘[t]o promote the financial
stability of the United States by
improving accountability and
transparency in the financial system,’’
Congress directed the Bureau to adopt
PO 00000
Frm 00342
Fmt 4701
Sfmt 4700
regulations governing the collection of
small business lending data. Under
section 1071 of that Act, covered
financial institutions must compile,
maintain, and submit certain specified
data points regarding applications for
credit for women-owned, minorityowned, and small businesses, along
with ‘‘any additional data that the
Bureau determines would aid in
fulfilling the purposes of [section
1071].’’ Under the final rule, covered
financial institutions are required to
collect and report the following data
points: (1) a unique identifier, (2)
application date, (3) application
method, (4) application recipient, (5)
credit type, (6) credit purpose, (7)
amount applied for, (8) amount
approved or originated, (9) action taken,
(10) action taken date, (11) denial
reasons, (12) pricing information, (13)
census tract, (14) gross annual revenue,
(15) NAICS code, (16) number of
workers, (17) time in business, (18)
minority-owned business status,
women-owned business status, and
LGBTQI+-owned business status, (19)
ethnicity, race, and sex of principal
owners, and (20) the number of
principal owners.
Under the final rule, financial
institutions will be required to report
data on small business credit
applications under section 1071 if they
originated at least 100 covered credit
transactions in each of the two
preceding calendar years. The Bureau is
defining an application as an oral or
written request for a covered credit
transaction that is made in accordance
with the procedures used by a financial
institution for the type of credit
requested, with some exceptions. Loans,
lines of credit, credit cards, and
merchant cash advances (including such
credit transactions for agricultural
purposes) all fall within the
transactional scope of this final rule.
The Bureau is excluding trade credit,
transactions that are reportable under
the Home Mortgage Disclosure Act of
1975 (HMDA),905 insurance premium
financing, public utilities credit,
securities credit, and incidental credit.
Factoring, leases, and consumerdesignated credit that is used for
business or agricultural purposes are
also not covered credit transactions. In
addition, the Bureau has made clear that
purchases of originated covered credit
transactions are not reportable. For
purposes of the final rule, a business is
a small business if its gross annual
revenue for its preceding fiscal year is
$5 million or less.
905 12
E:\FR\FM\31MYR2.SGM
U.S.C. 2801 et seq.
31MYR2
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
A. Statement of Need
Congress directed the Bureau to adopt
regulations governing the collection of
small business lending data.
Specifically, section 1071 of the DoddFrank Act amended ECOA to require
financial institutions to compile,
maintain, and submit to the Bureau
certain data on applications for credit
for women-owned, minority-owned, and
small businesses. Congress enacted
section 1071 for the purpose of
facilitating enforcement of fair lending
laws and enabling communities,
governmental entities, and creditors to
identify business and community
development needs and opportunities of
women-owned, minority-owned, and
small businesses. The Bureau is issuing
this final rule to implement the section
1071 mandate.
Small businesses play a key role in
fostering community development and
fueling economic growth both
nationally and in their local
communities.906 However,
comprehensive data on loans to small
businesses currently are limited. The
largest sources of information on
lending by depository institutions (i.e.,
banks, savings associations, and credit
unions) are the FFIEC and NCUA Call
Reports and reporting under the CRA.
Under the FFIEC Call Report and CRA
reporting requirements, small loans to
businesses of any size are used in whole
or in part as a proxy for loans to small
businesses. The FFIEC Call Report
captures banks’ and savings
associations’ total outstanding number
and amount of small loans to businesses
(that is, loans originated under $1
million to businesses of any size; small
loans to farms are those originated
under $500,000) by institution.907 The
CRA currently requires banks and
savings associations with assets over a
specified threshold ($1.384 billion as of
2022) 908 to report data on loans to
businesses with origination amounts of
$1 million or less; reporters are asked to
indicate whether the borrower’s gross
annual revenue is $1 million or less, if
they have that information.909 Under the
906 See
907 See
generally White Paper.
FFIEC Call Report at Schedule RC–C Part
lotter on DSK11XQN23PROD with RULES2
II.
908 See Fed. Fin. Insts. Examination Council,
Explanation of the Community Reinvestment Act
Asset-Size Threshold Change (2022), https://
www.ffiec.gov/cra/pdf/2022_Asset_Size_
Threshold.pdf.
909 See 2015 FFIEC CRA Guide at 11, 13. Small
business loans are defined for CRA purposes as
loans whose original amounts are $1 million or less
and that were reported on the institution’s Call
Report or Thrift Financial Report (TFR) as either
‘‘Loans secured by nonfarm or nonresidential real
estate’’ or ‘‘Commercial and industrial loans.’’
Small farm loans are defined for CRA purposes as
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
CRA, banks and savings associations
currently report aggregate numbers and
values of originations at an institution
level and at various geographic levels.
The NCUA Call Report captures credit
unions’ total originations, but not
applications, on all loans over $50,000
to members for commercial purposes,
regardless of any indicator about the
business’s size.910 Some federallyfunded loan programs, such as the
SBA’s 7(a) or 504 programs and the
CDFI Fund require reporting of loanlevel data, but only for loans that
received support under those programs.
Nondepository institutions do not report
small business lending applications
under any of these reporting regimes.
There are no similar sources of
information about lending to small
businesses by nondepository
institutions.
There are also a variety of nongovernmental data sources, issued by
both private and nonprofit entities, that
cover small businesses and/or the small
business financing market. These
include datasets and surveys published
by commercial data and analytics firms,
credit reporting agencies, trade
associations, community groups, and
academic institutions. See part II.B for
additional information on these sources.
While these non-public sources of data
on small businesses may provide a
useful supplement to existing Federal
sources of small business lending data,
these private and nonprofit sources
often do not have lending information,
may rely on unverified research based
on public internet sources, and/or
narrowly limit use cases for parties
accessing data. Further, commercial
datasets are generally not free to public
users and can be costly, raising equity
issues for stakeholders who cannot
afford access.
Under the final rule, covered financial
institutions are required to compile,
maintain, and submit data regarding the
ethnicity, race, and sex of the principal
owners of the business and whether the
business is women-owned, minorityowned, or LGBTQI+-owned. No other
source of data comprehensively collects
this type of protected demographic
information on small business loan
applications.
Section 1071 requires financial
institutions to report detailed
application-level data to the Bureau,
and for the Bureau to generally make it
loans whose origination amounts are $500,000 or
less and were reported as either ‘‘Loans to finance
agricultural production and other loans to farmers’’
or ‘‘Loans secured by farmland.’’
910 See Nat’l Credit Union Admin., Call Report
Form 5300 (June 2020), https://www.ncua.gov/files/
publications/regulations/form-5300-june-2020.pdf.
PO 00000
Frm 00343
Fmt 4701
Sfmt 4700
35491
available to the public on an annual
basis (subject to any deletions or
modifications that the Bureau
determines would advance a privacy
interest). Such information will
constitute a public good that illuminates
the lending activities of financial
institutions and the small business
lending market in general. In particular,
the public provision of application-level
data, subject to any deletions or
modifications that the Bureau
determines would appropriately protect
privacy interests, will: (1) provide
communities, governmental entities,
and financial institutions additional
information to help identify business
and community development needs and
opportunities of small businesses and
(2) allow members of the public, public
officials, and other stakeholders to
better assess compliance with
antidiscrimination statutes.
First, the data made public pursuant
to the final rule and the Bureau’s
subsequent privacy analysis will
provide information that could help to
improve credit outcomes in the small
business lending market, furthering the
community development purpose of the
rule. As discussed above, market-wide
data on small business credit
transactions are currently limited.
Neither the public nor private sectors
provide extensive data on credit
products or terms. Small business
owners have access to very little
information on typical rates or products
offered by different lenders. As a result
of the data that will be made public
pursuant to the final rule and subject to
modification and deletion decisions by
the Bureau, community development
groups and commercial services will be
able to provide better information to
small businesses. For example, a
commercial provider could provide
small businesses with information on
what products lenders typically offer
and at what rates. These data will allow
small business owners to more easily
compare credit terms and evaluate
credit alternatives; without these data,
small business owners are limited in
their ability to shop for the credit
product that best suits their needs at the
best price. By engaging in more
informed shopping, small business
owners may achieve better credit
outcomes.
Furthermore, communities will use
data to identify gaps in access to credit
and capital for small businesses.
Financial institutions can analyze data
to understand small business lending
market conditions and determine how
best to provide credit to borrowers.
Currently, financial institutions are not
able to conduct very granular or
E:\FR\FM\31MYR2.SGM
31MYR2
35492
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
lotter on DSK11XQN23PROD with RULES2
comprehensive analyses because the
data on small business lending are
limited. The data made public pursuant
to the final rule and subsequent privacy
analysis will allow financial institutions
to better understand the demand for
small business credit products and the
conditions under which they are being
supplied by other covered financial
institutions. The data will help enable
institutions to identify potentially
profitable opportunities to extend
credit. They will additionally allow
governmental entities to better develop
targeted lending programs, loan funds,
small business incubators, and other
community-driven initiatives. Small
business owners, as a result, could
benefit from increased credit
availability.
Second, while data made public
pursuant to the final rule and
subsequent privacy analysis may not
constitute conclusive evidence of credit
discrimination on its own, the data will
enable members of the public,
regulators, and other stakeholders to
better identify lending patterns
consistent with noncompliance with
antidiscrimination statutes. As
described above, there are currently no
application-level data comprehensive
enough or that contain the demographic
information required by the final rule to
enable the public to conduct these kinds
of analyses. The data made public
pursuant to the final rule and
subsequent privacy analysis will be
comprehensive and contain the
necessary data fields for such analysis.
Users will be able to examine whether,
for example, a lender denies
applications from women-owned,
minority-owned, or LGBTQI+-owned
businesses at higher rates than those
that are not or whether these businesses
are charged higher prices. This kind of
transparency can place appropriate
pressure on covered financial
institutions to ensure that their credit
lending practices comply with relevant
laws. Additionally, data collected under
the final rule will contain the data fields
that allow users to conduct more
accurate fair lending analyses by
comparing applications for credit
products with similar characteristics.
B. Baseline for the Consideration of
Costs and Benefits
In evaluating the benefits, costs, and
impacts of the final rule, the Bureau
takes as a baseline the current legal
framework governing financial markets,
i.e., the current state of the world before
the Bureau’s rule implementing section
1071. Under this baseline, the Bureau
assumes that institutions are complying
with regulations that they are currently
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
subject to, including reporting data
under HMDA, CRA, and any State
commercial financing disclosure
laws.911 The Bureau believes that such
a baseline will also provide the public
with better information about the
benefits and costs of this rule.
The Bureau received no comments
regarding its choice of baseline for its
section 1022(b)(2) analysis.
C. Basic Approach of the Bureau’s
Consideration of Benefits and Costs and
Data Limitations
Pursuant to section 1022(b)(2)(A) of
the Dodd-Frank Act,912 in prescribing a
rule under the Federal consumer
financial laws (which include ECOA
and title X of the Dodd-Frank Act), the
Bureau is required to consider the
potential benefits and costs to
‘‘consumers’’ and ‘‘covered persons,’’
including the potential reduction of
access by consumers to consumer
financial products or services resulting
from such rule, and the impact of final
rules on covered persons as described
under section 1026 of the Dodd-Frank
Act 913 (i.e., depository institutions and
credit unions with $10 billion or less in
total assets), and the impact on
consumers in rural areas.
The Dodd-Frank Act defines the term
‘‘consumer’’ as an individual or
someone acting on behalf of an
individual, while a ‘‘covered person’’ is
one who engages in offering or
providing a ‘‘consumer financial
product or service,’’ which means a
financial product or service that is
provided to consumers primarily for
‘‘personal, family, or household
purposes.’’ 914 In the rulemaking
implementing section 1071, however,
the only parties directly affected by the
rule are small businesses (rather than
individual consumers) and the financial
institutions from whom they seek credit
(rather than covered persons).
Accordingly, a section 1022(b)(2)(A)
analysis that considers only the costs
and benefits to individual consumers
and to covered persons would not
meaningfully capture the costs and
benefits of the rule.
911 See, e.g., N.Y. S.898 (signed Jan. 6, 2021)
(amending S.5470–B), https://
legislation.nysenate.gov/pdf/bills/2021/s898; Cal.
S.B. 1235 (Sept. 30, 2018), https://
leginfo.legislature.ca.gov/faces/
billTextClient.xhtml?bill_id=201720180SB1235;
Virginia H. 1027 (enacted Apr. 11, 2022), https://
lis.virginia.gov/cgi-bin/
legp604.exe?221+ful+CHAP0516; Utah S.B. 183
(enacted Mar. 24, 2022), https://le.utah.gov/∼2022/
bills/static/SB0183.html.
912 12 U.S.C. 5512(b)(2)(A).
913 12 U.S.C. 5516.
914 12 U.S.C. 5481(4) through (6).
PO 00000
Frm 00344
Fmt 4701
Sfmt 4700
Below, the Bureau conducts the
statutorily required analysis with
respect to the rule’s effects on
consumers and covered persons.
Additionally, the Bureau is electing to
conduct this same analysis with respect
to small businesses and the financial
institutions required to compile,
maintain, and submit data under the
final rule. This discussion relies on data
that the Bureau has obtained from
industry, other regulatory agencies, and
publicly available sources. However, as
discussed further below, the data limit
the Bureau’s ability to quantify the
potential costs, benefits, and impacts of
the final rule.
1. Analysis With Respect to Consumers
and Covered Persons
The final rule implements a data
collection regime in which certain
covered financial institutions must
compile, maintain, and submit data
with respect to applications for credit
for small businesses. The rule will not
directly impact consumers or consumers
in rural areas, as those terms are defined
by the Dodd-Frank Act. However, some
consumers will be directly impacted in
their separate capacity as sole owners of
small businesses covered by the rule.
Some covered persons, including some
that are depository institutions or credit
unions with $10 billion or less in total
assets, will be directly affected by the
rule not in their capacity as covered
persons (i.e., as offerors or providers of
consumer financial products or services)
but in their separate capacity as
financial institutions that offer small
business credit covered by the rule. The
costs, benefits, and impact of the rule on
those entities are discussed below.
2. Costs to Covered Financial
Institutions
The final rule establishes which
financial institutions, applicants,
transactions, and data points are
covered by its requirements. In order to
precisely quantify the costs to covered
financial institutions, the Bureau would
need representative data on the
operational costs that financial
institutions would incur to gather and
report 1071 data, one-time costs for
financial institutions to update or create
reporting infrastructure to implement
the final rule, and information on the
level of complexity of financial
institutions’ business models and
compliance systems. Currently, the
Bureau does not believe that data on
section 1071 reporting costs with this
level of granularity are systematically
available from any source. The Bureau
has made reasonable efforts to gather
data on section 1071 reporting costs.
E:\FR\FM\31MYR2.SGM
31MYR2
lotter on DSK11XQN23PROD with RULES2
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
Through outreach efforts with industry,
community groups, and other regulatory
agencies, the Bureau has obtained some
information about potential ongoing
operational and one-time compliance
costs, and the discussion below uses
this information to quantify certain
costs of the final rule. Throughout the
section 1022 discussion in the NPRM,
the Bureau also solicited feedback about
data or methodologies that would
enable it to more precisely estimate the
benefits, costs, and impacts of the
proposed rule. The Bureau has reviewed
these comments and considered the
information provided by the
commenters. The Bureau believes that
the discussion herein constitutes the
most comprehensive assessment to date
of the costs of section 1071 reporting by
financial institutions, as well as the
most accurate estimates of costs given
available information. However, the
Bureau recognizes that these estimations
may not fully quantify the costs to each
covered financial institution, especially
given the wide variation of section 1071
reporting costs among financial
institutions.
The Bureau categorizes costs required
to comply with the final rule into ‘‘onetime’’ and ‘‘ongoing’’ costs. ‘‘One-time’’
costs refer to expenses that the financial
institution will incur initially and only
once to implement changes required in
order to comply with the requirements
of this rule. ‘‘Ongoing’’ costs are
expenses incurred as a result of the
ongoing reporting requirements of the
rule, accrued on an annual basis. In
considering the costs and impacts of the
rule, the Bureau has engaged in a series
of efforts to estimate the cost of
compliance by covered entities. The
Bureau conducted a One-Time Cost
Survey, discussed in more detail in part
IX.E.1 below, to learn about the onetime implementation costs associated
with implementing section 1071 and
adapted ongoing cost calculations from
previous rulemaking efforts. The Bureau
evaluated the one-time costs of
implementing the procedures necessary
and the ongoing costs of annually
reporting under the rule in part IX.F.3
below. The discussion below provides
details on the Bureau’s approach in
performing these institution-level
analyses. The Bureau realizes that costs
vary by institution due to many factors,
such as size, operational structure, and
product complexity, and that this
variance exists on a continuum that is
impossible to fully represent. In order to
conduct a cost consideration that is both
practical and meaningful in light of
these challenges, the Bureau has chosen
an approach that focuses on three
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
representative types of financial
institutions. For each type, the Bureau
has produced reasonable estimates of
the costs of compliance given the
limitations of the available data. Part
IX.F.3 below provides additional details
on this approach.
3. Costs to Small Businesses
The Bureau has elected to estimate
the costs to small businesses in addition
to those for covered financial
institutions. The Bureau expects the
direct costs of the final rule to small
businesses will be negligible. Therefore,
the Bureau focuses its analysis on
whether and how the Bureau expects
financial institutions to pass on the
costs of compliance with the final rule
to small businesses and any possible
effects on the availability or terms of
small business credit. The Bureau relies
on economic theory to understand the
potential for costs to financial
institutions to be passed on to small
businesses. Further, the Bureau
describes feedback received through the
One-Time Cost Survey process, the
SBREFA process, and comments from
the NPRM process on how creditors
might react to increased compliance
costs due to the final rule.
4. Benefits to Small Businesses and
Covered Financial Institutions
Quantifying benefits to small
businesses presents substantial
challenges. As discussed above,
Congress enacted section 1071 for the
purpose of facilitating enforcement of
fair lending laws and enabling
communities, governmental entities,
and creditors to identify business and
community development needs and
opportunities of women-owned,
minority-owned, and small businesses.
The Bureau is unable to readily quantify
any of these benefits with precision,
both because the Bureau does not have
the data to quantify all benefits and
because the Bureau is not able to assess
completely how effective the
implementation of section 1071 will be
in achieving those benefits. The Bureau
believes that its final rule appropriately
implements the statutory mandate of
section 1071 to effectuate the section’s
stated purposes. As discussed further
below, as a data reporting rule, most
provisions of the final rule will benefit
small businesses in indirect ways, rather
than directly. Nevertheless, the Bureau
believes that the impact of enhanced
transparency will substantially benefit
small businesses. For example, the final
rule will facilitate the detection (and
thus remediation) of discrimination;
promote public and private investment
in certain underserved markets; and
PO 00000
Frm 00345
Fmt 4701
Sfmt 4700
35493
promote competitive markets.
Quantifying and monetizing these
benefits would require identifying all
possible uses of data collected under
this rule, establishing causal links to the
resulting public benefits, and then
quantifying the magnitude of these
benefits.
Similar issues arise in attempting to
quantify the benefits to covered
financial institutions. Certain benefits to
covered financial institutions are
difficult to quantify. For example, the
Bureau believes that the data collected
under this rule will reduce the
compliance burden of fair lending
reviews for lower risk financial
institutions by reducing the ‘‘false
positive’’ rates during fair lending
prioritization by regulators. That is, by
providing more comprehensive
application-level data about a covered
institution’s lending to small
businesses, regulators will be able to
better identify fair lending risks and, as
such, more efficiently prioritize their
fair lending examinations and
enforcement activities. The Bureau also
believes that data made public pursuant
to the final rule will allow financial
institutions to better understand the
demand for small business credit
products and the conditions under
which they are being supplied by other
covered financial institutions and to
identify potentially profitable
opportunities to extend credit. The
Bureau believes that such benefits to
financial institutions could be
substantial. However, quantifying them
would require data that are currently
unavailable.
In light of these data limitations, the
discussion below generally provides a
qualitative consideration of the benefits
and impacts of the final rule. General
economic principles, together with the
limited data available, provide insight
into these benefits and impacts. Where
possible, the Bureau makes quantitative
estimates based on these principles and
the data that are available. Quantifying
these benefits is difficult because the
size of each effect cannot be known in
advance. Given the number of small
business credit transactions and the size
of the small business credit market,
however, small changes in behavior can
have substantial aggregate effects.
5. General Comments on the Impact
Analyses in the Proposed Rulemaking
Throughout the Dodd-Frank Act
section 1022 discussion in the
NPRM,915 the Bureau solicited feedback
that would enable it to estimate the
benefits, costs, and impacts of the
915 See
E:\FR\FM\31MYR2.SGM
86 FR 56356, 56540–64 (Oct. 8, 2021).
31MYR2
35494
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
proposed regulation more precisely. The
Bureau, for example, solicited
comments on its methodology for
estimating one-time and ongoing costs,
the estimates of the specific costs
themselves, and any information that
would help it better quantify the
benefits and potential impacts on small
businesses and covered financial
institutions. Many commenters made
general statements, while several
provided comments specific to certain
methodologies or estimates. In this
section, the Bureau describes the
comments more generally, while in
subsequent sections, it discusses
comments specific to those sections.
Commenters offered general remarks
on the quality of the Bureau’s one-time
and ongoing cost estimates. Several
community groups described the
Bureau’s estimates as ‘‘well-considered’’
or described the costs of the proposed
rule as being outweighed by the
benefits. In contrast, some industry
commenters and an office of a Federal
agency generally asserted that the
Bureau’s cost estimates were too low.
The Bureau has reviewed its estimates
and considered the information
provided by the commenters. In the
sections below, the Bureau describes
specific comments related to each
section of benefits, costs, and the
potential impact on small entities. The
methodology described in the sections
below for the final rule is the same
methodology that the Bureau used in
the NPRM unless otherwise noted.
lotter on DSK11XQN23PROD with RULES2
D. Coverage of the Final Rule
1. Coverage in General
The final rule provides that financial
institutions (both depository and
nondepository) that meet all the other
criteria for a ‘‘financial institution’’ in
§ 1002.105(a) would only be required to
collect and report section 1071 data if
they originated at least 100 covered
credit transactions in each of the two
preceding calendar years. See final
§ 1002.105(b).
As discussed above, market-wide data
on small business lending are currently
limited. The Bureau is unaware of any
comprehensive data available on small
business originations for all financial
institutions, which are needed in order
to precisely identify all institutions
covered by the rule. To estimate
coverage of the final rule, the Bureau
uses publicly available data for financial
institutions divided into two groups:
depository (i.e., banks, savings
associations, and credit unions) and
nondepository institutions.
To estimate coverage of depository
institutions, the Bureau relies on NCUA
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
Call Reports to estimate coverage for
credit unions, including for those that
are not federally insured, and FFIEC
Call Reports and the CRA data to
estimate coverage for banks and savings
associations. For the purposes of the
analysis in this section of part IX, the
Bureau estimates the number of
depository institutions that would have
been required to report small business
lending data in 2019, based on the
estimated number of originations of
covered products for each institution in
2017 and 2018.916 The Bureau accounts
for mergers and acquisitions between
2017 and 2019 by assuming that any
depository institutions that merged in
those years report as one institution.
As discussed above, the NCUA Call
Report captures the number and dollar
value of originations on all loans over
$50,000 to members for commercial
purposes, regardless of any indicator
about the business’s size. For the
purposes of estimating the impacts of
the final rule, the Bureau uses the
annual number of originated
commercial loans to members reported
by credit unions as a proxy for the
annual number of originated covered
credit transactions under the rule.917
These are the best data available for
estimating the number of credit unions
that may be covered by the final rule.
However, the Bureau acknowledges that
the true number of covered credit
unions may be different than what is
presented here. For example, this proxy
would overestimate the number of
credit unions that will be covered if
some commercial loans to members are
not covered because the member is
taking out a loan for a business
considered large under the definition of
a small business in the final rule.
Alternatively, this proxy would
underestimate the number of credit
unions covered by the final rule if credit
unions originate a substantial number of
covered credit transactions with
origination values under $50,000.
The FFIEC Call Report captures
banks’ and savings associations’
outstanding number and amount of
small loans to businesses (i.e., loans
916 The Bureau uses 2019 instead of 2020 or 2021
in order to estimate coverage during, or based on,
a year unaffected by COVID–19 pandemic
conditions.
917 For this analysis, the Bureau includes all types
of commercial loans to members except
construction and development loans and loans
secured by multifamily residential property. This
includes loans secured by farmland; loans secured
by owner-occupied, non-farm, non-residential
property; loans secured by non-owner occupied,
non-farm, non-residential property; loans to finance
agricultural production and other loans to farmers;
commercial and industrial loans; unsecured
commercial loans; and unsecured revolving lines of
credit for commercial purposes.
PO 00000
Frm 00346
Fmt 4701
Sfmt 4700
originated under $1 million to
businesses of any size; small loans to
farms are those originated under
$500,000). The CRA requires banks and
savings associations with assets over a
specified threshold ($1.384 billion as of
2022) 918 to report loans to businesses in
original amounts of $1 million or less.
For the purposes of estimating the
impacts of the final rule, the Bureau
follows the convention of using small
loans to businesses as a proxy for loans
to small businesses and small loans to
farms as a proxy for loans to small
farms. These are the best data available
for estimating the number of banks and
savings associations that may be
covered by the final rule. However, the
Bureau acknowledges that the true
number of covered banks and savings
associations may be different than what
is presented here. For example, this
proxy would overestimate the number
of banks and savings associations
covered by the rule if a significant
number of small loans to businesses and
farms are to businesses or farms that are
considered large under the definition of
a small business in the final rule.
Alternatively, this proxy would
underestimate the number of banks and
savings associations covered by the rule
if a significant number of businesses
and farms that are small under the final
rule take out loans that are larger than
$1 million for businesses or $500,000
for farms.
Although banks and savings
associations reporting under the CRA
are required to report the number of
originations of small loans to businesses
and farms, the Bureau is not aware of
any comprehensive dataset that contains
originations made by banks and savings
associations below the CRA reporting
threshold. To fill this gap, the Bureau
simulated plausible values for the
annual number and dollar value of
originations for each bank and savings
association that falls below the CRA
reporting threshold for 2017, 2018, and
2019.919 The Bureau generated
simulated originations in order to
account for the uncertainty around the
exact number and value of originations
918 See Fed. Fin. Insts. Examination Council,
Explanation of the Community Reinvestment Act
Asset-Size Threshold Change (2022), https://
www.ffiec.gov/cra/pdf/2022_Asset_Size_
Threshold.pdf.
919 Based on FFIEC Call Report data as of
December 2019, of the 5,177 banks and savings
associations that existed in 2019, only about 11
percent were required to report under CRA. That is,
only about 11 percent of banks and savings
associations had assets below $1.284 billion, the
CRA reporting threshold in 2019. See Fed. Fin.
Insts. Examination Council, 2019 Reporting Criteria,
https://www.ffiec.gov/cra/reporter19.htm (last
visited Mar. 20, 2023).
E:\FR\FM\31MYR2.SGM
31MYR2
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
for these banks and savings associations.
To simulate these values, the Bureau
assumes that these banks have the same
relationship between outstanding and
originated small loans to businesses and
farms as banks and savings associations
above the CRA reporting threshold.
First, the Bureau estimated the
relationship between originated and
outstanding numbers and balances of
small loans to businesses and farms for
CRA reporters. Then the Bureau used
this estimate, together with the
outstanding numbers and balances of
small loans to businesses and farms of
non-CRA reporters, to simulate these
plausible values of originations. The
Bureau has documented this
methodology in more detail in its
Supplemental estimation methodology
for institutional coverage and marketlevel cost estimates in the small
business lending rule released
concurrently with this final rule.920
Based on 2019 data from FFIEC and
NCUA Call Reports and the CRA data,
using the methodology described above,
the Bureau estimates that the number of
depository institutions that will be
required to report under the final rule is
between approximately 1,800 and 2,000,
as shown in Table 3 below. The Bureau
35495
estimates that between 1,700 and 1,900
banks and savings associations and
about 100 credit unions will be required
to report under the final rule. These
ranges represent 95 percent confidence
intervals over the number of credit
unions, banks and savings associations
that will be covered under the final rule.
The Bureau presents this range to reflect
the uncertainty associated with the
estimates and notes that the uncertainty
is driven by the lack of data on
originations by banks and savings
associations below the CRA reporting
threshold.
TABLE 3—ESTIMATED DEPOSITORY INSTITUTION COVERAGE
[As of 2019]
Coverage category
Estimated coverage
Institutions Subject to 1071 Reporting .............................................................................
1,800–2,000 depository institutions (17%–19% of all depository institutions).
1,700–1,900 banks and SAs (33%–36% of all banks and
SAs).
100 credit unions (2% of all credit unions).
94.2%–95.1%.
Banks and Savings Associations (SAs) Subject to Reporting ........................................
lotter on DSK11XQN23PROD with RULES2
Credit Unions Subject to Reporting .................................................................................
Share of Total Small Business Credit by Depository Institutions (Number of Loans
Originated) Captured.
Share of Total Small Business Credit by Depository Institutions (Dollar Value of Loans
Originated) Captured.
81.0%–83.0%.
estimation methodology, as discussed
above, but did not receive any
information upon which to base better
coverage estimates for credit unions for
purposes of the final rule.
For nondepositories, the Bureau
estimates that about 620 nondepository
institutions will be covered by the final
rule: about 140 nondepository CDFIs;
about 70 merchant cash advance
providers; about 30 online lenders;
about 240 commercial finance
companies; about 70 governmental
lending entities; and 71 Farm Credit
System members.921 See part II.D above
for more detail on how the Bureau
arrived at these estimates.
Comments on the estimates of
coverage of the proposed rule. In the
NPRM, the Bureau sought comment on
whether there are additional data
sources that could provide better
estimates of coverage and on the
methods used to estimate coverage. Two
trade associations commented that the
Bureau substantially underestimates the
coverage of credit unions because it
does not account for small business
loans under $50,000. The Bureau
acknowledges this limitation of the
The final rule provides that the initial
compliance date for covered financial
institutions will occur in three tiers; a
covered financial institution will
determine its compliance date tier based
on the number of covered credit
transactions that it originated in each of
the calendar years 2022 and 2023.922 In
this section, the Bureau presents
estimates of the share of covered
financial institutions that will report in
each tier.
The Bureau uses the estimates of
originations of covered products by
depository institutions in 2017 and
2018, discussed above, to estimate how
many covered depository institutions
will report in each tier. A covered
depository institution is expected to
report in Tier 1 if it originated at least
2,500 covered credit transactions in
each of 2017 and 2018. A covered
depository institution is expected to
report in Tier 2 if it originated at least
500 covered credit transactions in each
of 2017 and 2018 and was not required
to report in Tier 1. A covered depository
institution is expected to report in Tier
3 if it originated at least 100 covered
credit transactions in each of 2017 and
2018 and was not required to report in
Tier 1 or Tier 2. The Bureau also
estimates the percent of covered
applications from 2019 that are received
by depository institutions in each tier.
Table 4, below, presents estimates of
percentages of covered banks and credit
unions that will report in each tier. The
Bureau estimates that most covered
banks, savings associations, and credit
unions will not be required to report
until Tier 3, as seen in the first two rows
920 This document is available at https://
www.consumerfinance.gov/data-research/researchreports/supplemental-estimation-methodologyinstitutional-coverage-market-level-cost-estimatessmall-business-lending-rulemaking/.
921 The Bureau provides estimates for the majority
of nondepository institutions but knows an exact
number of members of the Farm Credit System. To
estimate the number of Farm Credit System
members, the Bureau considers the Young,
Beginning, and Small Farmers Reports for all Farm
Credit System members as of December 31, 2019.
The reports can be found at https://reports.fca.gov/
CRS/ (last visited Mar. 20, 2023). A Farm Credit
System is covered if it reported more than 100 total
number of loans on its Young, Beginning, and Small
Farmers Report in 2019.
922 A covered financial institution is in Tier 1, as
specified by final § 1002.114(b)(1), if it has at least
2,500 originations of covered credit transactions in
each of 2022 and 2023, with a compliance date of
October 1, 2024. A covered financial institution is
in Tier 2, as specified by final § 1002.114(b)(2), if
it has at least 500 originations in each of 2022 and
2023 (but isn’t in Tier 1) with a compliance date
of April 1, 2025. A covered financial institution is
in Tier 3, as specified by final § 1002.114(b)(3) and
(4), if it has at least 100 originations in each of 2022
and 2023 (but isn’t in Tiers 1 or 2), with a
compliance date of January 1, 2026. Financial
institutions that do not fall into any of the
compliance tiers based on 2022 and 2023
originations, but that originate 100 more covered
credit transactions in subsequent years, would
comply beginning January 1, 2026 at the earliest.
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
2. Coverage Based on Tiered
Compliance Dates
PO 00000
Frm 00347
Fmt 4701
Sfmt 4700
E:\FR\FM\31MYR2.SGM
31MYR2
35496
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
of the table. However, the next two rows
show that most applications to banks
and savings associations (and overall)
for covered products in the first
reporting year will be received by the 5
percent to 6 percent of covered banks
and savings associations that are
expected to report in Tier 1.
TABLE 4—ESTIMATED DEPOSITORY INSTITUTION COVERAGE BY COMPLIANCE TIER 923
Coverage category
Tier 1
Tier 2
Tier 3
Percent Covered Banks and SAs Reporting in
Tier.
Percent Covered Credit Unions Reporting in
Tier.
Percent of Covered Small Business Credit Applications by Banks and SAs Captured in
Tier.
Percent of Covered Small Business Credit Applications by Credit Unions Captured in Tier.
5%–6% of covered banks and
SAs.
0% of covered credit unions ..
17%–19% of covered banks
and SAs.
13% of covered credit unions
75%–77% of covered banks
and SAs.
87% of covered credit unions.
90%–92% of covered bank
and SA applications.
4%–5% of covered bank and
SA applications.
4%–5% of covered bank and
SA applications.
0% of covered credit union
applications.
55% of covered credit union
applications.
46% of covered credit union
applications.
As discussed above, the Bureau is
unaware of any institution-level data of
originations for nondepository
institutions that would allow for precise
estimates of when these institutions are
expected to report. Consistent with
assumptions made below to generate
market-level estimates, the Bureau
assumes that online lenders and
merchant cash advance providers each
originate 2,000 covered credit
transactions per year and all other
nondepository institutions originate 200
loans per year. These assumptions
imply that all online lenders and
merchant cash advance providers would
be required to report in Tier 2 and all
other nondepository institutions would
be required to report in Tier 3.
estimate costs of the final rule is the
same as the methodology used in the
NPRM unless otherwise noted.
The Bureau expects that the tasks
required for data collection, checking
for accuracy, and reporting under the
final rule will be similar to those under
the 2015 HMDA final rule. The
similarities in data collection and
reporting tasks allowed the Bureau to
leverage its previous rulemaking
experience in its analysis of the impacts
of this final rule. Outreach to industry,
as well as feedback during the SBREFA
process and in NPRM comments,
validated this approach in general. The
Bureau received no comments objecting
to its use of the 2015 HMDA final rule
impacts estimates as the basis for its
methodology for the final rule
implementing section 1071.
However, there are significant
differences between the home mortgage
and small business lending markets. For
example, small business lending is
generally less automated, and has a
wider variety of products, smaller
volumes, and smaller credit amounts.
The Bureau used the SBREFA process,
NPRM comments, research using
publicly available information, and the
Bureau’s general expertise regarding the
small business lending market to
determine how these differences would
change the tasks required for data
collection, checking for accuracy, and
reporting under the final rule.
During the 2015 HMDA rulemaking
process, the Bureau identified seven key
aspects or dimensions of compliance
costs with a data collection and
reporting rule: (1) the reporting system
used; (2) the degree of system
integration; (3) the degree of system
automation; (4) the tools for geocoding;
(5) the tools for performing
completeness checks; (6) the tools for
performing edits; and (7) the
compliance program. The Bureau
assumes that financial institutions will
set up their section 1071 reporting in a
manner similar to how HMDA reporting
was implemented.925 As discussed in
more detail below, this approach was
generally supported by the SBREFA
process and NPRM commenters.
The Bureau found during the HMDA
rulemaking process that, generally, the
complexity of a financial institution’s
approach across key aspects or
dimensions was consistent—that is, a
financial institution generally would not
use less complex approaches on some
dimensions and more complex
approaches on others.926 This allowed
the Bureau to classify financial
institutions, including depository
institutions and nondepository
institutions, into three broad types
according to the overall level of
complexity of their compliance
operations. Using very similar
assumptions to those used in the 2015
HMDA rulemaking, the Bureau’s
estimation of the costs of this final rule
also assumes that complexity across key
aspects or dimensions of a financial
institution’s small business lending data
collection and reporting system is
consistent.
Table 5, below, summarizes the
typical approach to those seven key
aspects or dimensions of compliance
costs across three representative types of
financial institutions based on level of
complexity in compliance operations.
Financial institutions that are Type A
have the lowest level of complexity in
1,000 covered credit transactions per year receive
2 applications per origination.
924 Home Mortgage Disclosure (Regulation C), 80
FR 66128, 66269 (Oct. 28, 2015).
925 For example, the Bureau assumes that
financial institutions will integrate their small
business data management system with their other
data systems the same way that similar institutions
integrated their HMDA management system.
926 80 FR 66128, 66269 (Oct. 28, 2015).
lotter on DSK11XQN23PROD with RULES2
E. Methodology for Generating Cost
Estimates
The Bureau used its 2015 HMDA final
rule estimates as the basis for its review
of 1071 data collection and reporting
tasks that would impose one-time and
ongoing costs. In developing its ongoing
cost methodology to estimate the
impacts of its 2015 HMDA final rule, the
Bureau used interviews with financial
institutions to understand the processes
of complying with a regulation that
requires collecting and reporting credit
application data and to generate
estimates of how changes to the
reporting requirements would impact
the ongoing costs of collecting and
reporting mortgage application data.924
To analyze the potential impacts of this
final rule, the Bureau adapted its
methodology from its 2015 HMDA
rulemaking activities to the small
business lending market. The
methodology described below to
923 To estimate applications, the Bureau assumes
that depository institutions with that originate
1,000 or more covered credit transactions per year
receive 3 applications per origination and
depository institutions that originate fewer than
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
PO 00000
Frm 00348
Fmt 4701
Sfmt 4700
E:\FR\FM\31MYR2.SGM
31MYR2
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
compliance operations, while Type B
35497
and Type C have the middle and highest
levels of complexity, respectively.
TABLE 5—TYPICAL APPROACH TO CERTAIN ASPECTS/DIMENSIONS OF COMPLIANCE COSTS BASED ON LEVEL OF
COMPLEXITY FOR TYPES OF FINANCIAL INSTITUTIONS
Aspect/dimension of
compliance costs
Typical approach by low
complexity financial institutions
(Type A FIs)
Typical approach by medium
complexity financial institutions
(Type B FIs)
Typical approach by high
complexity financial institutions
(Type C FIs)
Data storage system used .............
Store data in Excel .......................
Use LOS and SBL DMS ...............
Degree of system integration .........
(None) ...........................................
Degree of system automation ........
Highly manual process for entering and checking data.
Use FFIEC tool (manual) .............
Have forward integration (LOS to
SBL DMS).
Use manual edit checks ...............
Use multiple LOS, FI’s central
SoR, SBL DMS.
Have backward and forward integration.
Have high automation (only
verifying edits manually).
Use batch processing with multiple sources.
Use multiple stages of checks.
Tools for geocoding .......................
Tools for completeness checks .....
Tools for edits ................................
Compliance program .....................
Use batch processing ...................
Conduct manual checks and rely
on CFPB quality/validity checks.
Use CFPB edits only ....................
Use LOS, which includes completeness checks.
Use CFPB and customized edits
Have a joint compliance and audit
office.
Have basic internal and external
accuracy audit.
Use CFPB and customized edits
run multiple times.
Have in-depth accuracy and fair
lending audit.
lotter on DSK11XQN23PROD with RULES2
Note: LOS is ‘‘Loan Origination System’’; SoR is ‘‘System of Record’’; SBL DMS is ‘‘Small Business Lending Data Management System.’’ 927
During the rulemaking process for the
2015 HMDA final rule, the Bureau
found that the number of loan
applications received was largely
correlated with overall complexity of
financial institutions’ compliance
operations.928 The Bureau used this
observation of financial institution
practices under the previous HMDA
rulemaking work, in addition to early
outreach to financial institutions and
data from Call Reports and publicly
available data from the CDFI Fund, to
generate assumptions about the annual
number of small business lending
applications for covered credit
transactions processed by each type of
financial institution. These assumptions
adapt the volume assumptions from the
mortgage lending context to address the
fact that financial institutions typically
process fewer small business credit
applications than mortgage applications.
The Bureau assumes that Type A FIs
receive fewer than 300 applications per
year, Type B FIs receive between 300
and 2,000 applications per year, and
Type C FIs receive more than 2,000
applications per year. The Bureau
assumes that, for Type A and B FIs, one
out of two small business applications
will result in an origination. Thus, the
Bureau assumes that Type A FIs
originate fewer than 150 covered credit
transactions per year and Type B FIs
originate between 150 and 999 covered
credit transactions per year. The Bureau
927 The Bureau expects the development of a
market for small business data management
systems, similar to HMDA management systems,
that financial institutions will license or purchase
from third parties.
928 80 FR 66128, 66270 (Oct. 28, 2015).
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
assumes that Type C FIs originate one
out of three small business applications
and at least 1,000 covered credit
transactions per year.929 As described in
the comment review below, these
methodology assumptions were
generally supported by the SBREFA
process and comments on the NPRM.
The Bureau understands that costs
vary by financial institution due to
many factors, such as size, operational
structure, and product complexity, and
that this variance exists on a continuum
that is impossible to fully represent. Due
to data limitations, the Bureau is unable
to capture many of the ways in which
costs vary by institution, and therefore
uses these representative financial
institutions with the above assumptions
for its analysis. In order to aggregate
costs to a market level, the Bureau must
map financial institutions onto its types
using discrete volume categories.
For the hiring costs discussion in part
IX.F.3.i and ongoing costs discussion in
part IX.F.3.ii below, the Bureau
discusses costs in the context of
representative institutions for ease of
exposition. The Bureau assumes that a
representative Type A FI receives 100
929 The Bureau chose the 1:2 and 1:3 application
to origination ratios based on two sources of
information. First see Biz2Credit, Small Business
Loan Approval Rates Rebounded in May 2020:
Biz2Credit Small Business Lending Index (May
2020), https://cdn.biz2credit.com/appfiles/
biz2credit/pdf/report-may-2020.pdf, which shows
that, in December of 2019, large banks approved
small business loans at a rate of 27.5 percent, while
small banks and credit unions had approval rates
of 49.9 percent and 40.1 percent. Additionally, the
Bureau’s supervisory data supports a 33 percent
approval rate as a conservative measure among
these estimates for complex financial institutions
(Type C FIs).
PO 00000
Frm 00349
Fmt 4701
Sfmt 4700
small business credit applications per
year, a representative Type B FI receives
400 small business credit applications
per year, and a representative Type C FI
receives 6,000 small business credit
applications per year. The Bureau
further assumes that a representative
Type A FI originates 50 covered credit
transactions per year,930 a representative
Type B FI originates 200 covered credit
transactions per year, and a
representative Type C FI originates
2,000 covered credit transactions per
year.
1. Methodology for Estimating OneTime Costs of Implementation of the
Final Rule
The one-time cost estimation
methodology for the final rule described
in this section is the same methodology
that the Bureau used in the NPRM
unless otherwise noted. The primary
differences are the addition of hiring
costs, in response to comments, and
changes in the wages to reflect the most
recent data.
The Bureau has identified the
following nine categories of one-time
costs that will likely be incurred by
financial institutions to develop the
infrastructure to collect and report data
under the final rule:
1. Preparation/planning
2. Updating computer systems
3. Testing/validating systems
4. Developing forms/applications
930 The Bureau discusses a representative Type A
FI that will not be covered by the final rule to make
the final estimates easier to compare with those in
the NPRM and to highlight what the costs of the
rule would have been for a financial institution that
is not covered by the final rule.
E:\FR\FM\31MYR2.SGM
31MYR2
35498
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
5. Training staff and third parties (such
as brokers)
6. Developing policies/procedures
7. Legal/compliance review
8. Post-implementation review of
compliance policies and procedures
9. Hiring costs 931
Pre-NPRM outreach with financial
institutions has informed the Bureau’s
understanding of one-time costs.
Financial institutions will likely have to
spend time and resources understanding
the final rule, developing the required
policies and procedures for their
employees to follow, and engaging a
legal team to review their draft policies
and procedures. Additionally, financial
institutions may require new
equipment, such as new computer
systems that can store and check the
required data points; new or revised
application forms or related materials to
collect any data required under the final
rule that they do not currently collect,
including minority-owned, womenowned, and LGBTQI+-owned business
statuses and the ethnicity, race, and sex
of applicants’ principal owners, and to
provide any related disclosures required
by the rule. Some financial institutions
mentioned that they may store, check,
and report data using third-party
providers such as Fiserv, Jack Henry,
LaserPro, or Fidelity Information
Systems, while others may use more
manual methods of data storage,
checking, and reporting using software
applications such as Microsoft Excel.
Financial institutions will also engage
in a one-time training of all small
business lending staff to ensure that
employees understand the new policies
and procedures. After all new policies
and procedures have been implemented
and systems/equipment deployed,
financial institutions will likely
undertake a final internal review to
ensure that all the requirements of the
final rule have been satisfied.
The Bureau presented one-time cost
categories 1 through 8 in the SBREFA
Outline and during the SBREFA process
in 2020.932 The small entity
representatives generally confirmed that
these eight categories listed above
accurately capture the components of
one-time costs. Small entity
representatives did not mention hiring
costs during the SBREFA process. The
Bureau added the hiring costs category
after receiving comments in response to
the NPRM.
The Bureau also conducted a survey
in 2020 regarding one-time
implementation costs for section 1071
compliance targeted at financial
institutions who extend small business
credit.933 The Bureau developed the
survey instrument based on guidance
from industry on the potential types of
one-time costs institutions might incur
if required to report under a rule
implementing section 1071 and tested
the survey instrument on a small set of
financial institutions, incorporating
their feedback prior to implementation.
The Bureau worked with several major
industry trade associations to recruit
their members to respond to the survey.
A total of 105 financial institutions
responded to the survey.
Estimates from survey respondents
form the basis of the Bureau’s estimates
for one-time costs in assessing the
impact of this final rule. The survey was
broadly designed to ask about the onetime costs of reporting data under a
regime that only included mandatory
data points, used a reporting structure
similar to HMDA, used the Regulation B
definition of an ‘‘application,’’ and used
the respondent’s own internal small
business definition. The survey was
divided into three sections: Respondent
Information, One-Time Costs, and the
Cost of Credit to Small Entities.
In the Respondent Information
section, the Bureau obtained basic
information about the respondent,
including information on the type of
institution, its size, and its volume of
small business lending. (The Bureau did
not, however, obtain the actual name or
other directly identifying information
about respondents.) The One-Time
Costs section of the survey measured the
total hours, staff costs, and non-salary
expenses associated with the different
tasks comprising one-time costs. Using
the reported costs of each task, the
Bureau estimated the total one-time cost
for each respondent. The Cost of Credit
to Small Entities section dealt with the
respondent’s anticipated response to the
increased compliance costs of being
covered by a rule implementing section
1071 in order to understand the
potential impacts of the rule on its small
business lending activity, including any
anticipated potential changes to
underwriting standards, volume, prices,
product mix, or market participation.
To estimate one-time costs, the
Bureau needs information on a financial
institution’s one-time costs by category
and number of originations. Of the 105
total respondents, 49 answered these
questions. The Bureau refers to these
respondents as the ‘‘cost estimation
sample.’’ Of these respondents, 42 (86
percent) self-reported that they were a
depository institution (bank, saving
association, or credit union). The
remaining seven (14 percent) were
nondepository institutions. Table 6
presents the self-reported asset size of
the 42 depository institution
respondents in the cost estimation
sample.934
TABLE 6—ASSET SIZES OF DEPOSITORY INSTITUTIONS IN ONE-TIME COST ESTIMATION SAMPLE
Asset category
Count
lotter on DSK11XQN23PROD with RULES2
Less than $250 million .....................................................................................................................................
$250 million to $500 million .............................................................................................................................
$500 million to $1 billion ..................................................................................................................................
$1 billion to $10 billion .....................................................................................................................................
$10 billion to $500 billion .................................................................................................................................
Percent of sample
9
9
7
8
9
21.43
21.43
16.67
19.05
21.43
For the purposes of estimating onetime costs, the Bureau distinguishes
between depository institutions and
nondepository institutions. The majority
of nondepository institutions are not
currently subject to any similar data
reporting requirements, with the notable
exception of nondepository CDFIs. The
Bureau anticipates that covered
financial institutions that are not
currently subject to data reporting
requirements will need to make more
changes to their existing business
operations in order to comply with the
requirements of the final rule. This
931 The Bureau added this category after the
NPRM and did not ask about it in the survey.
932 SBREFA Outline at 49–52.
933 The One-Time Cost Survey was released on
July 22, 2020; the response period closed on
October 16, 2020. The OMB control number for this
collection is 3170–0032.
934 Nondepository institutions also reported
assets. The Bureau separately reports asset category
for depository institutions because asset sizes are
not as comparable between depositories and
nondepositories. The Bureau does not report asset
sizes for nondepository respondents because there
were too few respondents to report separately
without risking re-identification of respondents.
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
PO 00000
Frm 00350
Fmt 4701
Sfmt 4700
E:\FR\FM\31MYR2.SGM
31MYR2
lotter on DSK11XQN23PROD with RULES2
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
expectation is confirmed by the higher
estimated one-time costs for
nondepository institutions relative to
depository institutions from the survey
and discussed in part IX.F.3.i.
The Bureau categorizes depository
institution respondents in the cost
estimation sample into four groups
according to the respondents’ selfreported total originations. The first
group contains the two depository
institutions that reported fewer than 25
originations; the Bureau assumes these
institutions would not report under the
final rule. The second group contains
ten depository institutions that reported
between 25 and 149 originations.935 The
Bureau categorizes these as Type A DIs
(that is, a DI that is a Type A FI as
defined above.) The third group
contains the 19 depository institutions
that reported between 150 and 999
originations. The Bureau categorizes
these as Type B DIs. The final group
contains the 11 depository institutions
that reported 1,000 or more originations.
The Bureau categorizes these as Type C
DIs.
There are not enough nondepository
institutions in the cost estimation
sample to separate nondepository
institutions into Types A, B, and C and
obtain meaningful estimates. Instead,
the Bureau is relying on the assumption
that nondepository institutions (referred
to as Non-DIs for purposes of this
analysis) will incur the same one-time
costs regardless of the complexity of
existing business operations, CDFI
status, or coverage by State commercial
financing laws.
The Bureau estimated the one-time
costs for each of the four categories of
financial institutions (Type A DI, Type
B DI, Type C DI, and Non-DI) using the
following methodology.
For each of the first eight categories of
one-time costs, the Bureau asked
financial institutions to estimate and
report the total number of hours that
junior, mid-level, and senior staff would
spend on each task, along with any
additional non-salary expenses. If a
respondent did not provide estimates
for any component (i.e., staff hours or
non-salary expenses) of any category, it
is not counted as part of the cost
estimation sample. If a respondent
provided estimates for some
components but did not provide an
estimate for a particular component
(e.g., non-salary expenses for
preparation/planning) then the Bureau
935 The Bureau acknowledges that it uses
information collected from institutions that will not
be covered by the final rule to estimate the costs
of implementing the rule. The Bureau uses these
observations to maintain a large enough sample
size.
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
assumed that the respondent estimated
zero for that component.
The Bureau asked survey respondents
to report the average hourly wage for
junior, mid-level, and senior/executive
staff involved in the one-time cost
categories. However, for the purposes of
estimating one-time costs, the Bureau
assumes a constant wage across
financial institutions for each level of
staff. The Bureau has updated the wages
for the final rule from the wages used in
the NPRM. For junior staff, the Bureau
uses $15.64, the 10th percentile hourly
wage estimate for ‘‘loan officers’’
according to the 2021 Occupational
Employment Statistics compiled by the
Bureau of Labor Statistics.936 For midlevel staff, the Bureau uses $38.74, the
estimated mean hourly wage estimate
for ‘‘loan officers.’’ For senior staff, the
Bureau used $66.50, the 90th percentile
hourly wage estimate for ‘‘loan officers.’’
To account for non-monetary
compensation, the Bureau also scaled
these hourly wages up by 43 percent.937
The Bureau assumes a total hourly
compensation of $22.37 for junior staff,
as compared to $28.76, the mean of the
junior wages reported by respondents to
the survey. The Bureau assumes a total
hourly compensation of $55.40 for midlevel staff, as compared to $48.94, the
mean of the mid-level wages reported by
respondents. The Bureau assumes a
total hourly compensation of $95.10, as
compared to $90.19, the mean of the
senior/executive wages reported by
respondents.
For each respondent in the cost
estimation sample, the Bureau
calculates the cost of each one-time cost
category as the sum of the junior wage
multiplied by the reported junior hours,
the mid-level wage multiplied by the
reported mid-level hours, and the senior
wage multiplied by the reported seniorlevel hours and the reported non-salary
expenses. The total cost of the first eight
categories that the Bureau calculates for
each respondent is the sum of the costs
across all eight categories.
After calculating the total costs of the
first eight categories for each
respondent, the Bureau identifies
936 See U.S. Bureau of Labor Stat., U.S. Dep’t of
Labor, Occupational Employment and Wage
Statistics (May 2021), https://www.bls.gov/oes/
current/oes132072.htm.
937 The June 2022 Employer Costs for Employee
Compensation from the Bureau of Labor Statistics
documents that wages and salaries are, on average,
about 70 percent of employee compensation for
private industry workers. The Bureau inflates the
hourly wage to account for 100 percent of employee
compensation ((100/70)¥1) * 100 = 43 percent).
See U.S. Bureau of Labor Stat., U.S. Dep’t of Labor,
Employer Costs for Employee Compensation (June
2022), https://www.bls.gov/news.release/archives/
eci_07292022.pdf.
PO 00000
Frm 00351
Fmt 4701
Sfmt 4700
35499
outliers within the four groups of
financial institutions (Type A DI, Type
B DI, Type C DI, and Non-DI) using the
interquartile range method, a standard
outlier identification method. For each
group of financial institutions, an
observation is considered an outlier if
the estimated total cost is greater than
1.5 *(P75 ¥ P25) + P75 or less than
P25¥1.5 *(P75 ¥ P25) where P75 and P25
are the 75th and 25th percentiles,
respectively, of total costs within that
group. Using this method, the Bureau
identified one outlier in each Type A DI,
Type B DI, and Type C DI group and no
outliers in the Non-DI group.
In addition to the total estimated onetime costs, the Bureau is interested in
the hours, non-salary expenses, and
total costs associated with each of the
different one-time cost categories. For
each group, the Bureau estimates each
component of one-time costs by taking
the mean of the estimated component
within the group, after excluding
outliers. For example, the estimated
number of junior hours required by
Type A DIs to update computer systems
is the mean number of junior hours
reported by the nine Type A DIs that
were in the cost estimation sample,
excluding one outlier. The Bureau
estimated the cost associated with each
category as the sum of the junior wage
multiplied by the estimated junior
hours, the mid-level wage multiplied by
the estimated mid-level hours, and the
senior-level wage multiplied by the
estimated senior hours, and the
estimated non-salary expenses.
The Bureau did not include one-time
hiring costs in the estimates for the
NPRM. In response to comments, the
Bureau estimates hiring costs for the
final rule estimates. To estimate hiring
costs, the Bureau assumes that, prior to
implementing the final rule, current
staff at a covered financial institution
will not have extra capacity to take on
new tasks. This assumption implies that
each institution will need to hire at least
one new employee. The Bureau
anticipates that institutions will
rearrange tasks across new and existing
employees so that the new employees
alone will not conduct all work
associated with the final rule.
The Bureau assumes that a covered
financial institution will need to hire
enough full-time equivalent workers
(FTEs) to cover the estimated number of
staff hours necessary to comply with the
final rule on an annual, ongoing basis.
In part IX.E.2 below, the Bureau
describes how it estimates the ongoing
costs to comply with the rule, including
the number of hours of staff time an
institution needs per application. The
Bureau assumes that an FTE will work
E:\FR\FM\31MYR2.SGM
31MYR2
35500
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
about 2,080 hours each year (40 hours
per week × 52 weeks = 2,080). The
Bureau calculates that the total number
of FTEs that a covered financial
institution will need to hire as the
number of hours per application
multiplied by the estimated number of
applications received per year divided
by 2,080, rounded up to the next full
FTE. For example, if an institution
receives 500 applications per year and
spends one hour on each application, it
will need to hire one FTE ((1 * 500)/
2080 = 0.24, which is round up to the
next full FTE, i.e., 1). In part IX.F.3.i, the
Bureau also confirms that the estimated
additional staff can cover the estimated
staff hours required for implementing
other one-time changes.
The Bureau calculates the hiring costs
using the estimated cost-per-hire of
$4,425, estimated by the Society for
Human Resource Management.938 This
estimated cost includes advertising fees,
recruiter pay and benefits, and
employee referrals, among other
categories. For each covered financial
institution, the estimated hiring cost is
$4,425 multiplied by the estimated new
FTEs. The estimated total one-time costs
are the sum of the estimated hiring costs
and the other one-time costs for that
institution discussed above.
Comments on the one-time cost
methodology of the proposed
rulemaking. In the NPRM, the Bureau
sought comment on the methods used
for estimating one-time costs of
implementation. Many industry
commenters provided information on
the categories of costs that they expect
to incur to develop the infrastructure to
collect and report data under the
proposed rule. In general, the costs
these commenters discussed fall in the
original eight one-time cost categories
listed. Many of these commenters
responded to the NPRM that they would
incur costs associated with hiring new
staff. The Bureau’s one-time and
ongoing cost methodologies account for
the costs associated with paying staff to
implement the final rule. The Bureau
agrees, however, that the one-time cost
methodology outlined in the NPRM
could have more fulsomely accounted
for the initial cost of hiring new staff to
perform these tasks. As described above,
the Bureau added hiring costs to onetime cost estimates in response to these
comments. Except for hiring costs,
commenters did not provide any
additional one-time cost categories.
Two trade associations asserted that
the Bureau’s estimates of one-time costs
are too low because the estimates are
based on insufficient data for
nondepository lenders and, in
particular, merchant cash advance
providers. The Bureau acknowledges
that the scarcity of data for
nondepositories pose a challenge when
estimating the costs, benefits, and
impacts of the final rule. This is
particularly true for nondepositories
that are not currently subject to a data
reporting regime. Through outreach
efforts with nondepository institutions
and trade associations, the SBREFA
process, and the one-time cost survey,
the Bureau obtained information about
the costs for nondepositories of
complying with the final rule.
Throughout the section 1022 discussion
in the proposed rule, the Bureau also
solicited feedback about data and
methodologies that would enable it to
more precisely estimate the costs of the
proposed. The Bureau has reviewed
these comments, considered the
information provided by the
commenters, and adjusted the
methodology as described above.
2. Methodology for Estimating Ongoing
Costs of Implementation of the Final
Rule
The Bureau identified 15 specific data
collection and reporting activities that
would impose ongoing costs. Table 7
presents the full list of 15 activities.
Activities 1 through 3 can broadly be
described as data collection activities:
these tasks are required to intake data
and transfer it to the financial
institution’s small business data entry
system. Activities 4 through 10 are
related to reporting and resubmission:
these tasks are required to collect
required data, conduct internal checks,
and report data consistent with the final
rule. Activities 11 through 13 are related
to compliance and internal audits:
employee training, and internal and
external auditing procedures required to
ensure data consistency and reporting in
compliance with the rule. Finally,
activities 14 and 15 are related to small
business lending examinations by
regulators: these tasks will be
undertaken to prepare for and assist
during regulatory compliance
examinations. For the sake of this
analysis, the Bureau assumes that all
covered financial institutions will be
subject to regulatory compliance
examinations and thus incur costs
related to activities 14 and 15.
TABLE 7—1071 DATA COLLECTION AND REPORTING ACTIVITIES IMPOSING ONGOING COSTS
Number
Activity
lotter on DSK11XQN23PROD with RULES2
1 .............................
2 .............................
3 .............................
4 .............................
5 .............................
6 .............................
7 .............................
8 .............................
9 .............................
10 ...........................
11 ...........................
12 ...........................
13 ...........................
14 ...........................
15 ...........................
Transcribing data.
Resolving reportability questions.
Transferring to Data Entry System, Loan Origination System, or other data storage system.
Geocoding data.
Standard annual edit and internal checks.
Researching questions.
Resolving question responses.
Checking post-submission edits.
Filing post-submission documents.
Small business data reporting/geocoding software.
Training.
Internal audit.
External audit.
Exam preparation.
Exam assistance.
Table 8 provides an example of how
the Bureau calculates ongoing
compliance costs associated with each
compliance task. The table shows the
calculation for each activity and notes
whether the task would be a ‘‘variable
938 See Soc’y for Hum. Res. Mgmt., SHRM
Customized Talent Acquisition Benchmarking
Report, at 11 (2017), https://www.shrm.org/
ResourcesAndTools/business-solutions/Documents/
Talent-Acquisition-Report-All-Industries-AllFTEs.pdf.
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
PO 00000
Frm 00352
Fmt 4701
Sfmt 4700
E:\FR\FM\31MYR2.SGM
31MYR2
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
cost,’’ which would depend on the
number of applications the institution
receives, or a ‘‘fixed cost’’ that does not
depend on the number of applications.
Table 8 shows these calculations for a
Type A FI, or the institution with the
least amount of complexity. Table 9
below summarizes the activities whose
35501
calculation differs by institution
complexity and shows the calculations
for Type B FIs and Type C FIs (where
they differ from those for a Type A FI).
TABLE 8—ONGOING COMPLIANCE COST CALCULATIONS FOR A TYPE A FI
Activity
Calculation
1 ............
2 ............
3 ............
4 ............
5 ............
6 ............
7 ............
8 ............
9 ............
10 ..........
Transcribing data ...........................................
Resolving reportability questions ...................
Transfer to Data Entry System ......................
Complete geocoding data ..............................
Standard annual edit and internal checks .....
Researching questions ..................................
Resolving question responses .......................
Checking post-submission edits ....................
Filing post-submission documents ................
Small business data reporting/geocoding
software.
Training ..........................................................
Internal audit ..................................................
External audit .................................................
Exam preparation ..........................................
Exam assistance ............................................
Hourly compensation × hours per app. × applications ..........................................................
Hourly compensation × hours per app. with question × applications with questions ............
Hourly compensation × hours per app. × applications ..........................................................
Hourly compensation × hours per app. × applications ..........................................................
Hourly compensation × hours spent on edits and checks .....................................................
Hourly compensation × hours per app. with question × applications with questions ............
Hourly compensation × hours per app. with question × applications with questions ............
Hourly compensation × hours checking post-submission edits per application ....................
Hourly compensation × hours filing post-submission docs ....................................................
Uses free geocoding software ...............................................................................................
Variable.
Variable.
Variable.
Variable.
Fixed.
Variable.
Variable.
Variable.
Fixed.
Fixed.
Hourly compensation × hours of training per year × number of loan officers .......................
No internal audit conducted by financial institution staff .......................................................
One external audit per year ...................................................................................................
Hourly compensation × hours spent on examination preparation .........................................
Hourly compensation × hours spent on examination assistance ..........................................
Fixed.
Fixed.
Fixed.
Fixed.
Fixed.
11
12
13
14
15
..........
..........
..........
..........
..........
Many of the activities in Table 8
require time spent by loan officers and
other financial institution employees.
To account for time costs, the
calculation uses the hourly
compensation of a loan officer
multiplied by the amount of time
required for the activity. The Bureau
uses a mean hourly wage of $38.74 for
loan officers, based on data from the
Bureau of Labor Statistics.940 To
account for non-monetary
compensation, the Bureau scales this
hourly wage by 43 percent to arrive at
a total hourly compensation of $55.40
for use in these calculations.941 The
Bureau uses assumptions from its 2015
HMDA final rule analysis, updated to
reflect differences between mortgage
lending and small business lending, to
estimate time spent on ‘‘ongoing
tasks.’’ 942 As an example of a time
lotter on DSK11XQN23PROD with RULES2
Type 939
Number
939 In this table, the term ‘‘variable’’ means the
compliance cost depends on the number of
applications. The term ‘‘fixed’’ means the
compliance cost does not depend on the number of
applications (even if there are other factors upon
which it may vary).
940 These data reflect the mean hourly wage for
‘‘loan officers’’ according to the 2021 Occupational
Employment Statistics compiled by the Bureau of
Labor Statistics. See U.S. Bureau of Labor Stat., U.S.
Dep’t of Labor, Occupational Employment and
Wages (May 2021), https://www.bls.gov/oes/
current/oes132072.htm.
941 The June 2022 Employer Costs for Employee
Compensation from the Bureau of Labor Statistics
documents that wages and salaries are, on average,
about 70 percent of employee compensation for
private industry workers. The Bureau inflates the
hourly wage to account for 100 percent of employee
compensation ((100/70)¥1) * 100 = 43 percent).
U.S. Bureau of Labor Stat., U.S. Dep’t of Labor,
Employer Costs for Employee Compensation (June
2022), https://www.bls.gov/news.release/archives/
eci_07292022.pdf.
942 Home Mortgage Disclosure (Regulation C), 80
FR 66128 (Oct. 28, 2015). Some differences, for
example, are reflected in the number of
applications, the number of data points per
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
calculation, the Bureau estimates that
transcribing the required data points
would require approximately 11
minutes per application for a Type A FI.
The calculation multiplied the number
of minutes by the number of
applications and the hourly
compensation to arrive at the total cost,
on an annual basis, of transcribing data.
As another example, the Bureau
estimates that ongoing training for loan
officers to comply with a financial
institution’s 1071 policies and
procedures would take about two hours
per loan officer per year. The cost
calculation multiplies the number of
hours by the number of loan officers and
by the hourly compensation.
To arrive at the amount of time
required per application for each of the
15 tasks covered financial institutions
would conduct to collect, check, and
report 1071 data, the Bureau begins with
the assumptions made for each task for
the 35 data points under the 2015
HMDA final rule and then adjusts these
required times relative to the number of
data points required under the final
rule. The final rule requires covered
financial institutions to collect 20 data
points for each covered application.
Several of these data points have
multiple components. For example, the
credit type data point has three
subcomponents: the product type, the
type of guarantee, and the term. The
data points for pricing information and
the ethnicity, race, and sex of principal
owners also have multiple
subcomponents.
Some activity costs in Table 8 depend
on the number of applications. It is
important to differentiate between these
application, and the number of loan officers for the
representative institutions.
PO 00000
Frm 00353
Fmt 4701
Sfmt 4700
variable costs and fixed costs because
the type of cost impacts whether and to
what extent covered institutions might
be expected to pass on their costs to
small business loan applicants in the
form of higher interest rates or fees
(discussed in more detail in part IX.F.4
below). Data collection, reporting, and
submission activities such as geocoding
data, standard annual edits and internal
checks, researching questions, and
resolving question responses are
variable costs. All other activities are
fixed cost because they do not depend
on the overall number of applications
being processed. An example of a fixed
cost calculation is exam preparation,
where the hourly compensation is
multiplied by the number of total hours
required by loan officers to prepare for
1071-related compliance examinations.
Table 9 shows where and how the
Bureau assumes Type B FIs and Type C
FIs differ from Type A FIs in its ongoing
cost methodology. Type B FIs and Type
C FIs use more automated procedures,
which result in different cost
calculations. For example, for Type B
FIs and Type C FIs, transferring data to
the data entry system and geocoding
applications are done automatically by
business application data management
software licensed annually by the
financial institution. The relevant
address is submitted for geocoding via
batch processing, rather than done
manually for each application. The
additional ongoing geocoding costs
reflect the time spent by loan officers on
‘‘problem’’ applications—that is, a
percentage of overall applications that
the geocoding software misses—rather
than time spent on all applications.
However, Type B FIs and Type C FIs
have the additional ongoing cost of a
E:\FR\FM\31MYR2.SGM
31MYR2
35502
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
subscription to a geocoding software or
service as well as a data management
software that represents an annual fixed
cost of reporting 1071 data. This is an
additional ongoing cost that less
complex Type A FIs (that are covered
financial institutions) will not incur.
The Bureau expects that Type A FIs will
use free geocoding software available
from the FFIEC or the Bureau, which
may include a new batch function that
could be developed by either the FFIEC
or the Bureau.
Additionally, audit procedures differ
between the three representative
institution types. The Bureau expects a
Type A FI would not conduct an
internal audit but would pay for an
annual external audit. A Type B FI
would be expected to conduct a simple
internal audit for data checks and also
pay for an external audit on an annual
basis. Type C FIs would have a
sophisticated internal audit process in
lieu of an external audit.
TABLE 9—DIFFERENCES IN ONGOING COST CALCULATIONS FOR TYPE B FIS AND TYPE C FIS VERSUS TYPE A FIS
Number
Activity
Difference for a Type B FI
3 ............
Transfer to Data Entry System ..........
4 ............
Complete geocoding data .................
10 ..........
Small business data reporting/
geocoding software.
Internal Audit .....................................
External Audit ....................................
No employee time cost. Automatically transferred by
data management software purchased/licensed.
Cost of time per application unable to be geocoded by
software.
Uses geocoding software and/or data management
software that requires annual subscription.
Hourly compensation × hours spent on internal audit ....
Yearly fixed expense on external audit ...........................
12 ..........
13 ..........
Table 10 below shows major
assumptions that the Bureau makes for
each activity for each type of financial
institution. Table 10 provides the total
number of hours the Bureau assumes are
required for each task that requires
Difference for a Type C FI
labor.943 For example, the Bureau
assumes that transcribing data for 100
applications will require 19 hours of
labor. The table also shows the assumed
fixed cost of software and audits, as well
as areas where the Bureau assumes there
No employee time cost. Automatically transferred by
data management software purchased/licensed.
Few applications that require manual attention. Completed by third-party software vendor.
Uses geocoding software and/or data management
software that requires annual subscription.
Hourly compensation × hours spent on internal audit.
Only an extensive internal audit and no expenses on
external audits.
will be cost savings due to technology.
In several cases, the activity does not
apply to financial institutions of a
certain type, and are therefore not
displayed.
TABLE 10—MAJOR ASSUMPTIONS FOR THE REPRESENTATIVE TYPE A FIS, TYPE B FIS, AND TYPE C FIS 944
Number
Activity
Type A FI
Type B FI
1 ............
2 ............
3 ............
Transcribing data ..............................
Resolving reportability questions .....
Transfer to 1071 data management
software.
Complete geocoding data ................
19 hours total ...................................
11 hours total ...................................
19 hours total ...................................
38 hours total ...................................
23 hours total ...................................
N/A ....................................................
571 hours total.
34 hours total.
N/A.
7 hours total; reduction in time cost
relative to HMDA for software with
batch processing.
18 hours total; reduction for online
submission platform.
6 hours total .....................................
1 hour total .......................................
1 hour total .......................................
<1 hour total .....................................
N/A ....................................................
10 hours total (0.5 hours per ‘‘problem’’ loan × 5% of loans that are
‘‘problem’’).
357 hours total; reduction for online
submission platform.
11 hours total ...................................
1 hour total .......................................
5 hours total .....................................
<1 hour total .....................................
$8,000 ...............................................
N/A.
741 hours total; reduction for online
submission platform.
17 hours total.
1 hour total.
18 hours total.
<1 hour total.
$13,271.
24 hours total ...................................
N/A ....................................................
$3,500 ...............................................
<1 hour total .....................................
2 hours total .....................................
120 hours total .................................
8 hours total .....................................
$5,000 ...............................................
80 hours total ...................................
12 hours total ...................................
800 hours total.
2,304 hours total.
N/A.
480 hours total.
80 hours total.
4 ............
5 ............
6 ............
7 ............
8 ............
9 ............
10 ..........
lotter on DSK11XQN23PROD with RULES2
11
12
13
14
15
..........
..........
..........
..........
..........
Standard annual edit and internal
checks.
Researching questions .....................
Resolving question responses .........
Checking post-submission edits .......
Filing post-submission documents ...
1071 data management system/
geocoding software.
Training .............................................
Internal audit .....................................
External audit ...................................
Exam preparation .............................
Exam assistance ..............................
Type C FI
Comments on the ongoing cost
methodology of the proposed
rulemaking. In the NPRM, the Bureau
sought comment on the Bureau’s
proposed methods to estimate the
ongoing costs of the small business
lending rule. Many industry
commenters described categories of
ongoing costs that fell within the
categories of ongoing cost activities set
forth in the NPRM. Commenters, for
example, described needing to
transcribe data from the application,
train employees, conduct external
audits, or prepare for exams. Given the
volume of comments affirming these
existing categories, the Bureau has
retained those existing categories of
ongoing cost activities.
Some commenters suggested other
categories of ongoing costs not
considered by the Bureau in the NPRM.
A credit union and a trade association
suggested that more time was needed
per application to explain to customers
the new collection requirements; a bank
said more time was needed to explain
the requirements to collect ethnicity,
race, and sex information. The Bureau
believes that its one-time costs
categories of ‘‘developing forms and
applications’’ and ‘‘developing policies
and procedures’’ already account for
these types of costs and any remaining
ongoing cost of explaining collection
requirements will be minimal. The
commenters also did not provide
specific estimates for these categories of
ongoing costs.
A joint trade association letter
described how the rule has the potential
to create a new ongoing cost of retaining
943 Compared to the assumptions in the Bureau’s
proposal, this table includes additional time
assumptions due to the collection of the business’s
LGBTQI+-owned status.
944 The representative Type A, Type B, and Type
C FIs are assumed to receive, respectively, 100, 400
and 6,000 applications.
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
PO 00000
Frm 00354
Fmt 4701
Sfmt 4700
E:\FR\FM\31MYR2.SGM
31MYR2
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
lotter on DSK11XQN23PROD with RULES2
the records. These comments focused on
the information technology
infrastructure associated with the
retention of records. The Bureau
believes that these costs are best
described as one-time costs and are
captured in the ‘‘updating computer
systems’’ category of its one-time costs
estimation. The Bureau thus has not
included these as additional categories
of ongoing costs.
Comments on one-time and ongoing
cost estimates based on levels of
financial institution complexity. The
Bureau received several comments
related to its approach to defining
complexity and using complexity
categories in its one-time and ongoing
cost estimation. Several smaller banks
and credit unions explained that many
of their processes related to collecting,
checking, and reporting data to the
Bureau under the proposed rule would
largely be manual. The Bureau believes
that its Type A institution category
already takes into account the various
manual processes described by these
commenters and decided against adding
additional categories of complexity.
3. Methodology for Generating MarketLevel Estimates of One-Time and
Ongoing Costs
To generate market-level cost
estimates, the Bureau relies on the
estimates of the volume of small
business lending originations described
in part IX.D above. As with institutional
coverage, the Bureau separates marketlevel cost estimates into estimates for
depository institutions and for
nondepository institutions. The
methodology described below for the
final rule is the same methodology that
the Bureau used in the NPRM.
For depository institutions, the
Bureau estimates which institutions of
those that existed at the end of 2019
would likely be covered or not covered
by the final rule. For this analysis, the
Bureau uses 2019 to represent the first
year of coverage. An institution would
be required to report data on
applications received in 2019 if it
originated at least 100 covered
originations in each of the preceding
two years (i.e., 2017 and 2018). If two
depository institutions merged between
the end of 2017 and the end of 2019, the
Bureau assumes that those institutions
would report as one entity. The Bureau
then categorizes each institution as a
Type A DI, Type B DI, or Type C DI
based on its originations in 2019.
Depository institutions with 0 to 149
covered originations in 2019 are
categorized as Type A. Depository
institutions with 150 to 999 covered
originations are categorized as Type B.
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
Depository institutions with 1,000 or
more covered originations are
categorized as Type C. For each
depository institution, the Bureau
assigns the appropriate estimated onetime cost (including hiring cost as a
function of estimated applications),
ongoing fixed cost, ongoing variable cost
per application, and applications per
origination estimates associated with its
institution type. The estimated number
of annual applications for each
institution is the estimated number of
originations multiplied by the assumed
number of applications per origination
for that institution type. The annual
ongoing cost for each institution is the
ongoing fixed cost plus the ongoing
variable cost per application multiplied
by the estimated number of
applications. The one-time hiring cost
for each institution is the estimated
number of applications multiplied by
the annual staff hours per application
divided by 2,080, rounded up to the
next full FTE, multiplied by the costper-hire.
To generate market-level estimates,
the Bureau first calculates the estimated
one-time costs, including hiring costs,
and annual ongoing costs for each
depository institution covered by the
rule based on the estimated number of
originations for that institution in 2019.
The Bureau then sums these costs over
the covered depository institutions to
find market-level statistics of total costs.
As with coverage estimates, the Bureau
presents a range for market-level
estimates. The range reflects the
uncertainty associated with the estimate
of costs for banks and savings
associations below the CRA reporting
threshold. The Bureau has documented
how it calculates these ranges in its
Supplemental estimation methodology
for institutional coverage and marketlevel cost estimates in the small
business lending rulemaking.945
The Bureau is unaware of institutionlevel data on originations by
nondepository institutions that are
comprehensive enough to estimate costs
using the same method as that for
depository institutions. Therefore, to
generate market-level estimates for
nondepository institutions, the Bureau
relies on the estimates discussed above
and several key assumptions. The
Bureau assumes that online lenders and
merchant cash advance providers are
Type C FIs because they generally have
more automated systems and originate
more loans. The Bureau assumes that
945 See https://www.consumerfinance.gov/dataresearch/research-reports/supplemental-estimationmethodology-institutional-coverage-market-levelcost-estimates-small-business-lending-rulemaking/.
PO 00000
Frm 00355
Fmt 4701
Sfmt 4700
35503
the remaining nondepository
institutions are Type B FIs. The Bureau
assumes that each nondepository
receives the same number of
applications as the representative
institution for each type, as described
above. Hence, the Bureau assumes that
online lenders and merchant cash
advance providers each receive 6,000
applications per year and all other
nondepository institutions receive 400
applications per year. As explained
above, the Bureau also assumes that all
nondepository institutions have the
same one-time costs.
F. Potential Benefits and Costs to
Covered Financial Institutions and
Small Businesses
The benefits of the final rule to
covered financial institutions and small
businesses described in this section are
largely the same as the benefits
discussed in the NPRM. The discussions
have been updated to reflect policy
differences between the NPRM and final
rule.
1. Benefits to Small Businesses
The final rule will benefit small
businesses by collecting data that
further the two statutory purposes of
section 1071. Those purposes are to
facilitate the enforcement of fair lending
laws and enable communities,
governmental entities, and creditors to
identify business and community
development needs and opportunities of
women-owned, minority-owned, and
small businesses. Some of the benefits
to small businesses discussed below
stem from the public release of the data
collected under the rule. As discussed
in more detail in part VIII.B.1, the
Bureau intends to exercise its discretion
under ECOA section 704B(e)(4) to delete
or modify data collected under section
1071 which are or will be available to
the public where it determines that such
deletion or modification appropriately
protects privacy interests. The
discussion below considers the benefits
of releasing unmodified data, but the
Bureau acknowledges that the benefits
derived from public disclosure may be
lower if modifications or deletions are
made.
Data collected and reported under the
final rule will be the largest and most
comprehensive dataset in the United
States on credit availability for small
businesses. These data will provide
important insight into lending patterns
in the small business lending market.
Visibility into those patterns should
provide important benefits for
facilitating fair lending enforcement and
enabling identification of community
development needs and opportunities.
E:\FR\FM\31MYR2.SGM
31MYR2
lotter on DSK11XQN23PROD with RULES2
35504
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
The data could lead to a more
efficient use of government resources in
enforcing fair lending laws through
more efficient prioritization of fair
lending examinations and
investigations. The public nature of the
dataset will allow for members of the
public to review the dataset (subject to
modification and deletion decisions by
the Bureau) for possible violations of
antidiscrimination statutes. The
increased transparency will benefit
women-owned, minority-owned, and
LGBTQI+-owned small businesses
directly, in the form of remediation in
the event that lenders ultimately are
found to have violated fair lending laws,
and indirectly, with increased access to
credit resulting from the increased
transparency as to the lending practices
of financial institutions.
Important to the fair lending benefit of
the small business lending dataset is the
action taken data point. Existing
datasets that collect transaction-level
data only contain data on originated
small business loans. Application-level
data, including the action taken data
point, will allow users to construct
approval or denial rates, for example,
for particular financial institutions.
Such analyses could indicate whether,
for example, women-owned, minorityowned, or LGBTQI+-owned small
businesses are being discouraged or
denied credit at higher rates than other
small businesses, which would warrant
further exploration.
Also important are several data fields
on the pricing of covered credit
transactions that are originated or
approved but not accepted. Data users
will be able to examine, for example,
whether women-owned, minorityowned, or LGBTQI+-owned small
businesses are charged higher interest
rates, or face higher origination charges
or initial annual charges than similarly
situated businesses that are not womenowned, minority-owned, or LGBTQI+owned. The final rule also requires
information on prepayment penalties,
which can be an important aspect of the
total costs of credit for small business
owners.946 Users will be able to examine
whether women-owned, minorityowned, or LGBTQI+-owned small
businesses are more likely to face
prepayment penalties on extended
credit.
Several data points included in the
final rule will contribute to more
accurate fair lending analyses by
946 California, for example, to include prepayment
policies as a required component of pricing
disclosures in commercial financing (see Cal. S.B.
1235 (Sept. 30, 2018), https://
leginfo.legislature.ca.gov/faces/
billTextClient.xhtml?bill_id=201720180SB1235).
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
allowing users to compare credit
products with similar characteristics.
For example, differences in the risk of
extending credit likely lead to
differences in approval rates and prices
for covered credit transactions based on
credit amount applied for and approved,
all three aspects of credit type (type of
credit product, types of guarantees, and
loan term), and credit purpose. Many
creditors also consider characteristics
about the small business, such as
industry, gross annual revenue, or time
in business, during their underwriting
or pricing processes. Supply and
demand for small business credit also
varies over time and by location, so the
inclusion of census tract, application
date, and action taken date could lead
to more accurate analyses. More
accurate screening for fair lending risk
will, for example, reduce the false
positive rate observed during fair
lending prioritization and increase the
efficiency of fair lending reviews.
Communities may use these data to
identify gaps in access to credit for
small businesses. Identifying those gaps
can fuel community development, in
partnership with creditors and
governmental entities through the
development of targeted lending
programs, loan funds, small business
incubators, and other community-driven
initiatives to support small businesses.
Creditors will likely use the data to
understand small business lending
market conditions more effectively and
at a more granular level than is possible
with existing data sources, such as Call
Reports, data from public lending
programs, or privately purchased data.
Data collected under the final rule,
combined with the institution’s existing
information on the small business
lending market, can help creditors
identify potentially profitable
opportunities to extend credit. For
example, creditors will be able to use
census tract information to find areas of
high credit demand into which they
could consider expanding and other
business opportunities for the creditor.
Governmental entities will likely use
the data to develop solutions that
achieve policy objectives. For example,
loan guarantees provided by the SBA’s
7(a) and 504 programs are designed to
increase the availability of business
credit for businesses that otherwise have
difficulty accessing credit.
Governmental entities will be able to
use the comprehensive data on
applications for covered credit
transactions collected under the final
rule to identify additional opportunities
to create new—or tailor existing—
programs to advance their small
business lending policy objectives.
PO 00000
Frm 00356
Fmt 4701
Sfmt 4700
Additionally, the data could help
facilitate emergency governmental
interventions such as disaster relief.
The data collected under the final rule
will be the most extensive data on credit
access for women-owned, minorityowned, and LGBTQI+-owned small
businesses, and such information will
help various data users in
understanding the needs and
opportunities of such businesses. For
example, governmental entities often
create programs, such as those that
reserve government contracts or those
that provide grants, that specifically
target women-owned and minorityowned businesses. Governmental
entities could use data collected under
the final rule to alter existing programs
or create new ones to meet the needs of
these business owners. Private lenders
could also use the data to find untapped
markets of credit demand from womenowned, minority-owned, and LGBTQI+owned small businesses.
As one of the premier data sources on
the small business credit market, data
collected under the final rule will also
facilitate rigorous research by academics
and advocates. HMDA data, which are
similar in many ways to the data that
will be collected under the final rule,
have been analyzed in many scholarly
publications. The data collected under
section 1071 will provide public- and
private-sector academics and other
researchers a clearer window into
potential discrimination in the small
business credit market, as well as a
better understanding of small business
credit market trends and dynamics. As
in the case of HMDA, data collected
under the final rule will be more
broadly used to understand how
business owners make borrowing
decisions, respond to higher prices, and
respond to risk.947
947 For examples of how HMDA data has
facilitated research on the mortgage market, see,
e.g., CFPB, Data Point: Asian American and Pacific
Islanders in the Mortgage Market (July 2021),
https://files.consumerfinance.gov/f/documents/
cfpb_aapi-mortgage-market_report_2021-07.pdf;
CFPB, Manufactured Housing Finance: New
Insights from the Home Mortgage Disclosure Act
Data (May 2021), https://files.consumerfinance.gov/
f/documents/cfpb_manufactured-housing-financenew-insights-hmda_report_2021-05.pdf; Neil Bhutta
& Benjamin J. Keys, Moral Hazard during the
Housing Boom: Evidence from Private Mortgage
Insurance, 35(2) Review of Fin. Studies (2021),
https://academic.oup.com/rfs/advance-article/doi/
10.1093/rfs/hhab060/6279755; Sumit Agarwal et
al., The Effectiveness of Mandatory Mortgage
Counseling: Can One Dissuade Borrowers from
Choosing Risky Mortgages? (Nat’l Bureau of Econ.
Research, Working Paper No. 19920, 2014), https://
www.nber.org/system/files/working_papers/
w19920/w19920.pdf; Alexei Alexandrov & Sergei
Koulayev, No Shopping in the U.S. Mortgage
Market: Direct and Strategic Effects of Providing
Information (CFPB, Off. of Research Working Paper
E:\FR\FM\31MYR2.SGM
31MYR2
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
lotter on DSK11XQN23PROD with RULES2
The final rule’s data points will
provide the above benefits in several
ways. For example, the action taken and
pricing information data points will
allow various entities to monitor the
tightness of the small business credit
market and identify areas where there
are high denial rates for small business
credit or where it is provided only at
high cost, especially to women-owned,
minority-owned, or LGBTQI+-owned
small businesses. Conversely, the data
may also be used to identify areas of
business opportunity for creditors or
help assess the characteristics of
successful business lending. Data on
census tract, NAICS code, gross annual
revenue, and number of workers will
provide insight into the availability of
small business credit by geography,
industry, and business size. Credit type
and credit purpose will provide more
information on how women-owned,
minority-owned, and LGBTQI+-owned
small businesses use credit and whether
their use differs from that of other small
businesses. Time in business
information will allow data users to
understand the credit needs of young
small businesses, and specifically young
women-owned, minority-owned, and
LGBTQI+-owned small businesses.
Recent research has shown that womenowned and minority-owned businesses
face different financing challenges early
in the business lifecycle than other
firms, primarily driven by less access to
external financing.948
As creditors, communities, and
governmental entities use these data to
identify business opportunities, gaps in
existing supports and capital access for
small businesses, and more targeted
policy interventions to support small
businesses, small businesses will benefit
from increased access to credit. Small
businesses will also benefit from credit
offerings more closely tailored to their
needs as the data are used by creditors
and others to develop more targeted
credit products.
As described above, the Bureau
believes that setting a threshold for
coverage at 100 originated loans in each
of the preceding two calendar years
provides substantial coverage of the
small business credit market. While the
Bureau could theoretically have
collected even more data pursuant to
the final rule if it retained the 25-loan
threshold proposed in the NPRM, the
Bureau is not adopting this threshold in
No. 2017–01, 2018), https://papers.ssrn.com/sol3/
papers.cfm?abstract_id=2948491.
948 See, e.g., JPMorgan Chase & Co. Inst., Small
business ownership and liquid wealth (Mar. 2021),
https://www.jpmorganchase.com/institute/
research/small-business/small-business-ownershipand-liquid-wealth-report.
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
order to ensure that financial
institutions with the lowest volume of
small business lending experience no
pressure to reduce their small business
lending activity in order to avoid the
fixed costs of coming into compliance
with this final rule. While some
commenters expressed concern that
institutions with a low volume of small
business lending might reduce their
lending in order to stay under the
threshold, the Bureau cannot quantify
this risk, particularly given the paucity
of data on small business lending.
Comments on the Bureau’s estimation
of the benefits to small businesses. The
Bureau sought comment on its analysis
of potential benefits to small businesses
as set forth in the NPRM. Many
community groups and several business
owners agreed that the rule would
support fair lending. A small business,
a CDFI lender, and some community
groups said collecting data will improve
visibility and understanding of small
businesses, particularly those that are
minority- and women-owned. The CDFI
lender and a joint letter from
community groups, community oriented
lenders, and business advocacy groups
stated that the data from this rule could
be used to identify which products and
business models best meet the needs of
underserved entrepreneurs. One
commenter pointed to agricultural
products as a particular sector that
would benefit from increased
transparency afforded by the rule,
particularly regarding the status of
minority- and women-owned small
businesses. Two community groups and
a business advocacy group pointed to
how data collected on ethnicity and race
under HMDA preceded an increase in
lending to minority borrowers,
suggesting that a similar pattern may
emerge in the small business lending
market after the rule goes into effect.
Similarly, a few commenters pointed to
how data from the Paycheck Protection
Program and studies and surveys
surrounding the program allowed
researchers, regulators, financial
institutions, and others to identify
disparate lending patterns on the basis
of ethnicity and race.
An individual commenter said
collecting the data will help improve
the collective understanding of small
business lending and its interaction
with regulations, and noted that other
countries, such as Norway, already
collect small business lending data on a
Federal level. An individual commenter
and two community groups suggested
that the data could reveal patterns of
disparities that are already well-known
through lived experiences within their
respective communities, particularly
PO 00000
Frm 00357
Fmt 4701
Sfmt 4700
35505
Black communities and farming and
agricultural communities. A joint letter
from community and business advocacy
groups pointed to how disaggregation of
those identified as Asian has revealed
wide variances in income and lending
patterns within these diverse
communities in the mortgage lending
market, suggesting similar
disaggregation of race data in the final
rule would improve the understanding
of these diverse communities in the
small business lending market.
A few commenters noted potential
positive spillover effects of the rule. One
community group noted positive
interaction effects between fair lending
to small businesses and fair housing, as
more people might purchase housing
close to where local businesses flourish.
An individual and a joint letter from
community and business advocacy
groups noted that investing in small
businesses, particularly in historically
underfunded neighborhoods, could
provide pathways to economic
opportunities for members of
marginalized groups and even alleviate
wealth gaps based on ethnicity and race.
Another commenter similarly noted that
the growth of small businesses could
reduce unemployment, housing
insecurity, and poverty in the
surrounding community.
Finally, a few minority small business
owners predicted that they would
benefit if the rule improved fair lending.
These commenters identified the
disadvantages minority-owned small
businesses face when fair lending is not
enforced, including business closure.
One of these commenters, along with
some community groups, pointed to
studies that suggested fair access to
credit, such as loan modifications,
during the pandemic could have
prevented the closure of minorityowned firms, added millions in revenue
to the U.S. economy, and created
millions of jobs.
A number of commenters described
ways in which the final rule would
provide benefits consistent with the
statutory purposes of section 1071,
including the establishment of a
comprehensive dataset of small business
lending, and the collection of detailed
data points that will allow for more
accurate analyses of underwriting and
pricing patterns. These data, in turn,
will permit for better understanding of
the supply and demand of credit, and
financial institutions’ treatment of small
business applicants and borrowers,
including those that are owned by
women and minorities. Commenters
corroborated other benefits identified by
the Bureau, such as positive spillover
effects to fair housing and the local
E:\FR\FM\31MYR2.SGM
31MYR2
lotter on DSK11XQN23PROD with RULES2
35506
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
economy surrounding small businesses.
Data from the final rule will help
researchers (including, but not limited
to, those in the government, private
sector, and academia) observe and
quantify these benefits, just as
researchers have used data from HMDA
and the Paycheck Protection Program to
identify areas of potential fair lending
risk.
On the other hand, many financial
institutions and trade associations
disagreed with the Bureau’s assessment
of potential benefits to small businesses.
First, several commenters asserted there
would be minimal or even no benefit.
One bank said there would be no benefit
at all. Two banks said there will be
‘‘minimal’’ benefit to their clients, to
their communities, and to themselves.
Second, other commenters asserted
the Bureau overestimated benefits. One
bank said the usefulness of standardized
data is undercut by the fact that small
business lending by small lenders is
highly specialized. Two trade
associations specified this could be
problematic because standardized data
‘‘could result in small business
borrowers appearing to be similarly
situated, when, in fact, the unique
attributes of each borrower would result
in different loan pricing by the bank.’’
Third, several commenters asserted
any benefits would be outweighed by
costs, i.e., that there would be little
benefit relative to costs. Other
comments asserted the Bureau failed to
adequately consider the potential
benefits and costs to ‘‘consumers’’ and
‘‘covered persons’’ as required by
section 1022(b)(2)(A) of the Dodd-Frank
Act. While some of these arguments are
discussed in detail in following sections
regarding costs, we present some of the
arguments here as well. Two
community banks and a trade
association said costs would outweigh
benefits for community banks and small
lenders in particular. Another trade
association stated data points adopted
pursuant to ECOA section 704B(e)(2)(H)
in particular will only provide
‘‘minimal’’ benefits compared to the
cost of collecting the data. Along a
similar line of reasoning, three trade
associations said the rule would harm
the institutions that the rule is designed
to benefit. Of these, two asserted that
the small, women-owned, and minorityowned businesses the rule is designed
to benefit in particular would be
harmed.
As detailed above, the Bureau
believes that the final rule will have
benefits consistent with its two statutory
purposes. The data collected under the
final rule will be the most extensive
data on credit access for women-owned,
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
minority-owned, and LGBTQI+-owned
small businesses, and such information
will facilitate the enforcement of fair
lending laws and help identify business
and community development needs.
With respect to comments that
asserted the Bureau overestimated the
benefits of the rule, the Bureau
acknowledges in part IX.C the difficulty
of precisely estimating the benefits of
the data collection but also details how
it estimates the benefits to small
businesses using the best information
available. With respect to commenters
who described how data collected under
the final rule would not have all
relevant information about a credit
application, the Bureau acknowledges
this limitation in part IX.C above, but
also describes, in part IX.F, how the
data will provide significant benefits
consistent with the statutory purposes
of the rule despite these limitations.
With respect to comments that the
costs would outweigh any benefits or
that the Bureau did not adequately
fulfill the requirements of section
1022(b)(2)(A) of the Dodd-Frank Act, in
part IX.E, the Bureau details its
methodology for estimating benefits and
costs and, in part IX.F, details its
estimates of benefits and costs,
incorporating feedback from comments
on the proposed rule. In doing so the
Bureau fulfills its requirement to
consider the potential benefits and costs
to ‘‘consumers’’ and ‘‘covered persons’’
as required by section 1022(b)(2)(A) of
the Dodd-Frank Act.
2. Benefits to Covered Financial
Institutions
The final rule will provide some
benefits to some covered financial
institutions—i.e., the financial
institutions that will be required to
collect and report 1071 data on small
business applications for credit. The
first is some reduction of the
compliance burden of fair lending
reviews for lower risk financial
institutions, by reducing the ‘‘false
positive’’ rates during fair lending
review prioritization by regulators.
Currently, financial institutions are
subject to fair lending reviews by
regulators to ensure that they are
complying with ECOA in their small
business lending. Data reported under
the rule will allow regulators to
prioritize fair lending reviews of
financial institutions with higher risk of
fair lending violations, which reduces
the burden on institutions with lower
fair lending risk. Covered financial
institutions will also be able to use the
data to monitor, identify, and address
their own fair lending risks and thereby
reduce the potential liability from
PO 00000
Frm 00358
Fmt 4701
Sfmt 4700
enforcement actions and adverse exam
findings requiring remedial action.
The rule’s data collection will also
provide an unprecedented window into
the small business lending market, and
such transparency may benefit financial
institutions. Comprehensive
information on small business credit
applications and originations are
currently unavailable. The data made
public pursuant to this rule will allow
financial institutions to better
understand the demand for small
business credit products and the
conditions under which they are being
supplied by other covered financial
institutions.
Comments on the Bureau’s estimation
of the benefits to covered financial
institutions. The Bureau sought
comment on its analysis of potential
benefits to covered financial institutions
as set forth in the NPRM. A broad range
of commenters, including lenders,
community groups, small business
owners, business advocacy groups, and
others, asserted that the final rule will
provide an unprecedented window into
the small business lending market and
thereby facilitate fair lending
enforcement.
However, several industry
commenters suggested that the Bureau
overstated the benefits of the data
collection to financial institutions. To
reiterate some of the comments in the
previous section, a trade association
stated that they do not believe the
Bureau’s rule to implement section 1071
would provide ‘‘any significant benefit’’
to financial institutions. Two banks said
there will be ‘‘minimal’’ benefit to their
clients, to their communities, and to
themselves. Another trade association
noted that lenders are likely already
highly aware of the market in which
they lend, especially considering that
small business loans often require a
relatively high degree of customization.
Several industry commenters said the
usefulness of standardized data is
undercut by the fact that small business
lending by small lenders is highly
specialized to accommodate the highly
individualized nature of each business.
The Bureau describes in detail above
the potential benefits to financial
institutions. The Bureau acknowledges
that many lenders may have a high
awareness of the local markets in which
they lend but believes that the data will
still shed light on additional
information about areas where lenders
do not currently operate and may also
shed light on currently underserved
markets within the areas lenders
currently operate. Comprehensive,
application-level data on small business
lending will provide financial
E:\FR\FM\31MYR2.SGM
31MYR2
35507
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
institutions better understand their local
markets as well as information about
markets which they do not currently
serve.
3. Costs to Covered Financial
Institutions
i. One-Time Costs to Covered Financial
Institutions
Using the methodology described in
part IX.E.1 above, Table 11 shows the
estimated total expected one-time costs
of the final rule for the first eight cost
categories for financial institutions
covered by the final rule as well as a
breakdown by the eight component
categories that comprise the one-time
costs for Type A DIs, Type B DIs, Type
C DIs, and Non-DIs.949 The final cost
category, hiring costs, is discussed later
in this section. The Bureau notes that
the estimated costs presented in Table
11 differ slightly from the estimated
costs presented in the NPRM. This
difference comes only from the update
in wages between the two calculations
due to a release of new data.
Table 12 shows the estimated number
of junior, mid-level, and senior staff
hours and non-salary expenses for each
component activity for Type A DIs.
Tables 13 through 15 show the same
estimates for Type B DIs, Type C DIs
and Non-DIs respectively. As discussed
above, the Bureau estimates all one-time
costs to covered financial institutions
using the One-Time Cost Survey results.
TABLE 11—ESTIMATED ONE-TIME COSTS BY COST CATEGORY AND FI TYPE
Category
Type A DI
Type B DI
Type C DI
Non-DI
Preparation/planning ........................................................................................
Updating computer systems ............................................................................
Testing/validating systems ...............................................................................
Developing forms/applications .........................................................................
Training staff and third parties .........................................................................
Developing policies/procedures .......................................................................
Legal/compliance review .................................................................................
Post-implementation review .............................................................................
$6,500
17,000
11,100
4,300
3,500
4,200
7,700
5,000
$7,400
17,400
3,200
3,200
3,900
2,500
3,000
4,300
$20,500
6,900
11,400
4,600
5,300
3,600
7,300
18,000
$13,900
57,300
7,600
4,400
3,100
4,300
3,900
1,700
Total ..........................................................................................................
59,400
44,800
77,800
96,400
TABLE 12—ESTIMATED STAFF HOURS AND NON-SALARY EXPENSES BY COST CATEGORY FOR TYPE A DIS
Senior
hours
Category
Mid-level
hours
Junior
hours
Non-salary
expenses
Preparation/planning ........................................................................................
Updating computer systems ............................................................................
Testing/validating systems ...............................................................................
Developing forms/applications .........................................................................
Training staff and third parties .........................................................................
Developing policies/procedures .......................................................................
Legal/compliance review .................................................................................
Post-implementation review .............................................................................
38
34
18
14
18
24
28
26
43
52
52
34
26
30
26
38
21
41
41
51
16
11
15
19
0
$10,000
5,600
0
0
0
3,300
0
Total ..........................................................................................................
200
301
215
18,900
TABLE 13—ESTIMATED STAFF HOURS AND NON-SALARY EXPENSES BY COST CATEGORY FOR TYPE B DIS
Senior
hours
Category
Mid-level
hours
Junior
hours
Non-salary
expenses
Preparation/planning ........................................................................................
Updating computer systems ............................................................................
Testing/validating systems ...............................................................................
Developing forms/applications .........................................................................
Training staff and third parties .........................................................................
Developing policies/procedures .......................................................................
Legal/compliance review .................................................................................
Post-implementation review .............................................................................
50
25
18
21
23
16
14
15
35
20
19
14
29
13
16
22
21
12
12
7
20
7
5
27
$200
13,600
100
200
400
100
700
1,100
Total ..........................................................................................................
182
168
111
16,400
TABLE 14—ESTIMATED STAFF HOURS AND NON-SALARY EXPENSES BY COST CATEGORY FOR TYPE C DIS
Senior
hours
lotter on DSK11XQN23PROD with RULES2
Category
Preparation/planning ........................................................................................
Updating computer systems ............................................................................
949 The estimated one-time costs by cost category
for each FI type is the sum of the wages multiplied
by the estimated staff hours plus the non-salary
expenses. For example, the Bureau expects that for
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
Mid-level
hours
92
6
preparation and planning for the final rule, on
average, a Type A DI will pay senior staff $95.10
× 38 hours (= $3,613.80), mid-level staff $55.40 ×
43 hours (= $2,382.20), and junior staff $22.37 × 21
PO 00000
Frm 00359
Fmt 4701
Sfmt 4700
190
46
Junior
hours
Non-salary
expenses
37
35
$500
3,000
hours (= $469.77). The total estimated cost is
$6,465.77, rounded to $6,500, because Type A DI
is not expected to pay non-salary expenses for
preparation and planning.
E:\FR\FM\31MYR2.SGM
31MYR2
35508
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
TABLE 14—ESTIMATED STAFF HOURS AND NON-SALARY EXPENSES BY COST CATEGORY FOR TYPE C DIS—Continued
Senior
hours
Category
Mid-level
hours
Junior
hours
Non-salary
expenses
Testing/validating systems ...............................................................................
Developing forms/applications .........................................................................
Training staff and third parties .........................................................................
Developing policies/procedures .......................................................................
Legal/compliance review .................................................................................
Post-implementation review .............................................................................
34
13
11
14
9
3
110
46
61
30
56
246
50
34
36
14
44
103
1,000
100
100
300
2,300
1,800
Total ..........................................................................................................
182
785
353
9,100
TABLE 15—ESTIMATED STAFF HOURS AND NON-SALARY EXPENSES BY COST CATEGORY FOR NON-DIS
Senior
hours
lotter on DSK11XQN23PROD with RULES2
Category
Mid-level
hours
Junior
hours
Non-salary
expenses
Preparation/planning ........................................................................................
Updating computer systems ............................................................................
Testing/validating systems ...............................................................................
Developing forms/applications .........................................................................
Training staff and third parties .........................................................................
Developing policies/procedures .......................................................................
Legal/compliance review .................................................................................
Post-implementation review .............................................................................
38
27
26
30
14
32
26
16
47
147
24
15
18
15
18
2
29
39
39
19
17
14
11
1
$7,100
45,700
2,900
300
400
200
200
100
Total ..........................................................................................................
209
286
169
56,900
The Bureau estimates that updating
computer systems will be the biggest
driver of one-time costs for Type A DIs,
Type B DIs, and Non-DIs. Type A DIs
and Type B DIs are expected to spend
similar amounts on updating computer
systems, but Type A DIs would rely
somewhat more on staff.
The Bureau expects that Non-DIs will
have the highest one-time costs and the
highest costs to update computer
systems. To update computer systems,
Non-DIs will rely on mid-level staff and
third-party vendors. Non-DIs will also
spend relatively more on preparation
and planning than Type A DIs or Type
B DIs. These estimates are consistent
with the expectation that Non-DIs will
incur higher costs because they are less
likely to already report data to
regulators.
The Bureau estimates that the biggest
drivers of one-time costs for Type C DIs
will be preparation and planning and
post-implementation review. These
depository institutions will generally
rely on mid-level staff to implement the
required one-time changes and, in
particular, will rely on mid-level staff
for these two key activities. The Bureau
estimates that Type C DIs will spend the
most of all financial institution types on
staff hours to implement one-time
changes and the least on non-salary
expenses.
The Bureau estimates that one-time
costs will be higher for Type A DIs than
for Type B DIs. These two types of
depository institutions have similar
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
estimated costs for most activities, but
Type A DIs are expected to spend more
on testing/validating systems and legal/
compliance review.
In addition to these one-time costs,
the Bureau estimates the one-time hiring
costs for the additional FTEs a financial
institution expects to hire based on the
number of applications the institution
expects to receive each year. In the
ongoing cost discussion in part IX.F.3.ii
below, the Bureau explains how it
estimates the number of staff hours per
application required to comply with the
final rule on an ongoing basis. The
Bureau estimates that a Type A FI
requires 1.1 hours per application, a
Type B FI requires 1.6 hours per
application, and a Type C FI requires
0.83 hours per application.
For the purposes of exposition, the
Bureau presents the estimated number
of FTEs for representative financial
institutions. For the market-level
estimates, the Bureau estimates the
number of staff hours required based on
the estimated number of applications
each depository institution receives.
The representative Type A FI receives
100 applications annually, requiring 110
hours to comply with the final rule.950
Under the assumptions described in
part IX.E.1 above, the representative
950 The Bureau discusses a representative Type A
FI that will not be covered by the final rule to make
the final estimates easier to compare with those in
the NPRM and to highlight what the costs of the
rule would have been for a financial institution that
is not covered by the final rule.
PO 00000
Frm 00360
Fmt 4701
Sfmt 4700
Type A FI will need to hire one
additional FTE at a one-time cost of
$4,425 to cover the expected annual
staff hours required to comply with the
rule on an ongoing basis. This
additional staff will also be able to cover
the staff hours required to implement
one-time changes because, on average, a
Type A DI will require 716 staff hours
for one-time changes (see Table 12). The
Bureau estimates that the representative
Type A DI will incur total one-time
costs of $63,825 to implement the final
rule.
The representative Type B FI receives
400 applications annually, requiring 654
hours to comply with the final rule.
This FI will need to hire one additional
FTE at a one-time cost of $4,425. This
additional staff will also be able to cover
the 461 staff hours, on average, required
to implement one-time changes for a
Type B DI. The Bureau estimates that
the representative Type B DI will incur
total one-time costs of $49,225 to
implement the final rule.
The representative Type C FI receives
6,000 applications annually, requiring
5,009 hours to comply with the final
rule. This FI will need to hire 3
additional FTE at a one-time cost of
$13,275. This additional staff will also
be able to cover the 1,320 staff hours, on
average, required to implement one-time
changes for a Type C DI. The Bureau
estimates that the representative Type C
DI will incur total one-time costs of
$91,075 to implement the final rule.
E:\FR\FM\31MYR2.SGM
31MYR2
lotter on DSK11XQN23PROD with RULES2
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
The Bureau assumes that most
nondepository institutions are primarily
Type B and Type C FIs, so the estimated
staff hours to cover ongoing tasks
discussed above apply here. For onetime tasks, the Bureau estimates that a
nondepository institution will require
about 664 staff hours, on average, to
implement one-time changes. One
additional FTE would be sufficient to
cover these hours if the institution
reallocates some tasks across staff. The
Bureau estimates that the representative
Non-DI will incur total one-time costs of
$100,825 to implement the final rule.
As mentioned above, the Bureau
realizes that one-time costs vary by
institution due to many factors, and that
this variance exists on a continuum that
is impossible to fully represent. The
Bureau focuses on representative types
of financial institutions in order to
generate practical and meaningful
estimates of costs. As a result, the
Bureau expects that individual financial
institutions will have slightly different
one-time costs than the average
estimates presented here.
The One-Time Cost Survey instructed
respondents to assume that covered
institutions would be required to report
data at the application level on small
business financing that constitutes
‘‘credit’’ for purposes of ECOA for the
13 statutorily mandated data points one
time per year, and be responsible for
validating the accuracy of all data.
Respondents were further instructed to
use their own institution’s internal
definition of small business, assume the
Regulation B definition of an
application, and assume a reporting
structure similar to that under HMDA.
Finally, respondents were instructed to
not include any costs associated with
creating a firewall (that is, shielding
applicants’ protected demographic
information from certain employees). As
such, respondents estimated one-time
costs assuming that the final rule would
be different in some ways from what the
Bureau described as the requirements in
the survey. One small entity
representative provided feedback during
the SBREFA Panel that it was hard to
estimate one-time costs in the survey
without knowing all the details of the
rule. The Bureau sought comment on
the one-time costs associated with the
additional data points it proposed but
did not receive any information on
which to base estimates. The Bureau
expects that accounting for the
additional data points would only
increase the one-time cost estimates by
a small amount because most of the onetime costs come from a financial
institution moving from not reporting
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
1071 data to being required to report
such data.
The Bureau estimates that the overall
market impact of one-time costs for
depository institutions will be between
$147,000,000 and $159,000,000.951
These estimates include between
$47,700,000 and $49,700,000 that
depository institutions are estimated to
spend on hiring additional staff.952
Using a 7 percent discount rate and a
five-year amortization window, the
annualized one-time costs for
depository institutions will be
$35,700,000 to $38,600,000. The Bureau
estimates that the overall market impact
of one-time costs for nondepository
institutions will be $59,800,000. This
estimate includes the $3,630,000 that
nondepository institutions are estimated
to spend on hiring additional staff.
Using a 7 percent discount rate and a
five-year amortization window, the
annualized one-time costs for
nondepository institutions will be
$15,500,000. As a frame of reference for
these market-level one-time cost
estimates, the estimated total noninterest expenses from the FFIEC and
NCUA Call Reports for depository
institutions that the Bureau estimates
would be covered under the proposed
rule was between $407 billion and $410
billion in 2019.953 The upper bound
estimate of total one-time costs is
approximately 0.04 percent of the total
annual non-interest expenses.
The Bureau estimated that the overall
market impact of one-time costs from
the NPRM would have been between
$218,000,000 and $229,000,000 for
depository institutions and $94,400,000
for nondepository institutions. The
estimated market impacts for the final
rule are lower than the estimated
impacts from the NPRM because, based
on changes made to the thresholds for
the coverage of financial institutions in
the final rule, the Bureau estimates that
fewer financial institutions will be
covered by the final rule. The estimates
951 The Bureau notes that the variation in this
range comes primarily from the uncertainty in the
number of originations made by small banks and
savings associations. The range does not fully
account for the uncertainty associated with
estimates of the one-time costs for each type of
institution.
952 The Bureau notes that the estimated hiring
costs for the largest depository institutions may be
an upper bound on the eventual realized costs and
may be inflating the total hiring costs for depository
institutions. The Bureau’s methodology for
estimating hiring costs implies that financial
institutions with the most applications will need to
hire several hundred employees to comply with the
final rule. However, the Bureau anticipates that the
largest institutions will likely save on these costs by
automating some processes instead of hiring staff.
953 The Bureau estimates this number by
summing non-interest expenses over DIs that it
estimates will be covered by the final rule.
PO 00000
Frm 00361
Fmt 4701
Sfmt 4700
35509
are also different because in the
estimates for the final rule, the Bureau
updated wages and included hiring
costs.
Comments on the one-time cost
estimates of the proposed rulemaking.
In the NPRM, the Bureau sought
comment on its analysis of one-time
costs. A few industry commenters
expressed the difficulty in estimating
these costs. Several other industry
comments provided an overall estimate
of what they believed the overall onetime costs would be for their institution.
These estimates ranged from slightly
less than to considerably higher than the
Bureau’s estimates from the NPRM. For
example, a bank with about 300 small
business originations per year (a Type B
DI in the Bureau’s framework) estimated
that the one-time implementation costs
would be about $36,000. Another bank
commenter estimated that it would cost
well over $100,000 to implement
changes.
A few industry commenters provided
estimates of the costs associated with
the individual cost categories used by
the Bureau to estimate one-time costs. A
few commenters provided estimates of
the costs associated with updating
computer systems in terms of staff hours
or software (non-salary) expenses. For
example, a State bankers association
conveyed an estimate by a member of
$5,000 for 1071 data submission
software. A credit union commented
that it anticipates initial costs of up to
$100,000 to reconfigure or replace
current reporting systems. A few other
commenters provided estimates for
other categories. For example, one credit
union that originates about 150 small
business loans per year estimated that
staff would require 200 hours of training
to prepare for the rule. A bank
commented that it would require 30 to
80 hours to develop policies and
procedures.
The Bureau has reviewed these
estimates and considered the
information reported by the
commenters, together with the existing
evidence provided in the one-time cost
survey. The Bureau reiterates that the
costs of implementing the rule are all
institution-specific. As discussed above,
the one-time cost estimates should be
considered the average expected costs
for an institution based on the
complexity of the institution’s
operations. In addition, the Bureau
expects that financial institutions will
use a variety of methods to prepare for
the rule. Some institutions will update
systems using staff, while other
institutions will purchase updates from
third-party vendors. For example, one
institution might use 50 staff hours to
E:\FR\FM\31MYR2.SGM
31MYR2
35510
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
update computer systems and another
institution might pay $10,000 for an
updated system. In this case, the Bureau
would estimate that, on average, an
institution would use 25 staff hours and
$5,000 to update computer systems. For
another example, a group of trade
associations estimated, based on a
survey of their members, that it would
cost about $40,000 on average for small
institutions to update commercial loan
software. However, they also estimate
that only a third of small institutions
would need to update the software. This
implies that the average cost associated
with updating computer systems,
including financial institutions that
spend $0, is about $13,000, much closer
to the Bureau’s non-salary costs of
updating computer systems for Type A
DIs of $10,000. Overall, the trade
association presented estimates only
moderately higher than the Bureau’s,
after accounting for DIs that do not need
to update computer systems. The
Bureau considers most estimates
provided by commenters as broadly
consistent with the Bureau’s one-time
cost estimates.
A few industry commenters asserted
that the firewall would be very costly to
implement. However, the Bureau
believes that, based on comments made
on the firewall provision, it would not
be feasible for many financial
institutions to implement the firewall.
In that case, the financial institution
would be permitted to determine that
one or more employees or officers
should have access to protected
demographic information and provide a
notice to applicants informing them that
employees and officers involved in
making determinations regarding their
applications may have access to
protected demographic information. As
a result, the Bureau has not changed its
one-time cost estimates based on the
cost of implementing the firewall.
Many industry commenters
specifically stated that the Bureau
underestimated one-time costs. Most of
these commenters considered the
training costs as too low and a few
others thought that the technology costs
were too low. Some commenters stated
that staff would require multiple follow
up training sessions to prepare for
implementing the rule. However, none
of the commenters provided specific
information on how much training or
technology would cost. The Bureau has
not changed the training or technology
cost estimates, preferring to rely on the
evidence provided through the OneTime Cost Survey.
Many industry commenters expressed
concern about being unable to
implement the necessary one-time
changes in the proposed 18-month
implementation time. Several
commenters noted the trial and error
nature of implementing a new
regulation and that this process could
take a long time. Several other industry
commenters said that third-party
software providers would require
significant time to develop new
technology to comply with the proposed
rule and financial institutions would
still need to test the technology, conduct
due diligence, and develop policies and
procedures. A few others commented
that small financial institutions, and
particularly those unfamiliar with
Federal reporting regimes like HMDA,
would find it more difficult to
implement one-time changes in time to
comply with the proposed 18-month
timeline. On the one-time costs survey,
the Bureau did not ask about the time
to make changes to prepare to comply
with the eventual rule, nor did it specify
an assumed time-frame. The Bureau
interprets the survey responses as
realistic estimates conditional on having
enough time to implement changes. The
comments received suggest that most
financial institutions, particularly those
that receive relatively fewer small
business credit applications, would not
have had enough time to implement
changes in the proposed 18 months. The
Bureau expects that the adoption of
tiered compliance dates in the final rule,
giving most lenders 24 or 33 months to
comply with the rule, will give most
financial institutions enough time to
implement one-time changes in a
manner consistent with the Bureau’s
estimates.
Several industry commenters asserted
that the cost of complying with the
proposed rule for small entities would
be relatively higher than for larger
entities. For example, a trade
association commented that smaller
banks will not be able to exploit the
economies of scale necessary to mitigate
costs. The Bureau has tried to account
for some of these differences by
estimating the costs for the different
representative types of institutions. The
Bureau in its final rule increased the
reporting activity threshold from the
proposed 25 covered originations in
each of the two preceding calendar
years to 100 covered originations in
each of the two preceding calendar
years. The Bureau estimates that many
small financial institutions will no
longer be required to report 1071 data
because of this change in the coverage
of financial institutions in the final rule.
ii. Ongoing Costs to Covered Financial
Institutions
Using the methodology described in
part IX.E.2 above, Table 16 shows the
total expected annual ongoing costs of
the final rule as well as a breakdown by
the component 15 activities that
comprise the ongoing costs for Type A
FIs, Type B FIs, and Type C FIs. The
bottom of the table shows the total
estimated annual section 1071 ongoing
compliance cost for each type of
institution, along with the total cost per
application the financial institution
processes. To produce the estimates in
Table 16, the Bureau used the
calculations described in Tables 8 and
9 above and the assumptions for each
activity in Table 10. In the following
analysis, the Bureau provides examples
of these cost calculations for the largest
drivers of ongoing costs.
Compared to the NPRM, these
estimated ongoing costs account for
several changes. The first is a change in
the assumed compensation for an hour
of employee time, which was discussed
in IX.E.2. The second is the inclusion of
an additional data point, the LGBTQI+owned indicator. Lastly, the new
estimates account for an increased
estimate of ongoing training costs in
response to comments received, which
is discussed in more detail in the
comment review below. Besides these
changes, the methodology for estimating
ongoing costs remains the same as with
respect to the proposed rule, unless
explicitly stated otherwise.
TABLE 16—ESTIMATED ONGOING COSTS PER COMPLIANCE TASK AND FI TYPE
lotter on DSK11XQN23PROD with RULES2
Number
1
2
3
4
5
6
Activity
........................
........................
........................
........................
........................
........................
VerDate Sep<11>2014
Type A FI
Transcribing data ..........................................................................................
Resolving reportability questions .................................................................
Transfer to 1071 data management software ..............................................
Complete geocoding data ............................................................................
Standard annual edit and internal checks ...................................................
Researching questions .................................................................................
18:47 May 30, 2023
Jkt 259001
PO 00000
Frm 00362
Fmt 4701
Sfmt 4700
E:\FR\FM\31MYR2.SGM
1,108
222
1,108
139
510
275
31MYR2
Type B FI
2,110
443
0
554
11,126
551
Type C FI
31,657
665
0
300
27,972
826
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
35511
lotter on DSK11XQN23PROD with RULES2
TABLE 16—ESTIMATED ONGOING COSTS PER COMPLIANCE TASK AND FI TYPE—Continued
Number
Activity
7 ........................
8 ........................
9 ........................
10 ......................
11 ......................
12 ......................
13 ......................
14 ......................
15 ......................
Resolving question responses .....................................................................
Checking post-submission edits ...................................................................
Filing post-submission documents ...............................................................
1071 data management software/geocoding software ................................
Training .........................................................................................................
Internal audit .................................................................................................
External audit ...............................................................................................
Exam preparation .........................................................................................
Exam assistance ..........................................................................................
0
7
14
0
1,336
0
3,500
14
116
0
26
14
8,000
6,681
443
5,000
4,432
698
0
105
14
13,650
44,542
127,642
0
26,592
4,654
Total ......................................................................................................
Per application ......................................................................................
$8,349
$83
$40,079
$100
$278,618
$46
The Bureau estimates that a
representative low complexity
institution (i.e., a Type A FI) would
incur around $8,349 in total annual
ongoing costs, or about $83 in total cost
per application processed (assuming a
representative 100 applications per
year). For financial institutions of this
type, the largest driver of ongoing costs
is the fixed cost of the external audit,
$3,500. Besides the audit cost, the
largest drivers of the ongoing costs are
activities that require employee time to
complete. Activities like transcribing
data, transferring data to the data
management software, standard edits
and internal checks, and training all
require loan officer time. The Bureau
expects training (activity number 11) to
cost approximately $1,336 annually for
six representative loan officers and an
equivalent number of other staff to
engage in two hours of training. The
Bureau expects other time-dependent
activities to cost around $1,000 each.
For example, the Bureau assumes that
Type A FIs will spend around 19 hours
transferring data to 1071 data
management software (activity number
3) based on estimates of the required
time to transfer data to HMDA data
management software. At the assumed
hourly compensation, our estimate is
around $1,108 for the Type A FI
institutions to transfer data. An
assumption of around 18 total hours to
conduct standard annual editing checks
(activity number 5) with some savings
assumed due to an online submission
platform that automatically checks for
errors, results in an estimated annual
ongoing cost of $510.
The Bureau estimates that a
representative middle complexity
institution (i.e., a Type B FI), which is
somewhat automated, would incur
approximately $40,079 in additional
ongoing costs per year, or around $100
per application (assuming a
representative 400 applications per
year). The largest components of this
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
Type A FI
ongoing cost are the expenses of the
small business application management
software and geocoding software
(activity number 10) in the form of an
annual software subscription fee, and
the external audit of the data (activity
number 13). Using interviews of
financial institutions conducted to
determine compliance costs with
HMDA, the Bureau found mid-range
HMDA data management systems to be
approximately $8,000 in annual costs;
the Bureau believes that cost would be
comparable in the small business
lending context and thus applies that
estimate here. This analysis assumes
that the subscription purchase would be
separate from HMDA management
systems, but the development of a
software to jointly manage HMDA and
small business lending-related data
would likely result in cost savings for
both products. The Bureau also
estimates that a Type B FI would spend
around $5,000 on external audits of
their small business loan application
data. The Type B FI incurs employee
time-related fixed costs conducting
internal checks ($11,126), training
($6,681), and prepping for examinations
($4,432) but saves time and expense on
data entry and geocoding by using data
management software. As an example,
the Bureau expects Type B FIs to have
two full-time employees spend 40 hours
each to prepare for an examination
(activity number 14) resulting in a cost
of $4,432, and have employees spend
around 12 hours assisting with an
examination (activity number 15)
costing $698 annually.
The Bureau estimates a representative
high complexity institution (i.e., a Type
C FI), would incur $278,618 of annual
ongoing costs, or $46 per application
(assuming a representative 6,000
applications per year). The largest driver
of costs for a Type C FI is the employee
time required to conduct an internal
audit. The assumed 2,304 hours of
employee time results in nearly
PO 00000
Frm 00363
Fmt 4701
Sfmt 4700
Type B FI
Type C FI
$127,642 of ongoing costs annually.
Exam preparation, training, and
standard annual and internal checks
would be expected to cost $26,592,
$44,542, and $26,592 each year,
respectively. The Bureau also assumes
that a Type C institution would need a
subscription to a small business data
management software near the upper
bound of the range found in interviews
with financial institutions during the
2015 HMDA rulemaking, of $13,650.
The Bureau estimates that the total
annual ongoing costs for depository
institutions will be between about
$297,000,000 and $313,000,000 per
year, about $190,000,000 to
$199,000,000 of which will be annual
variable costs. The Bureau estimates
that the total annual ongoing costs for
nondepository institutions would be
about $48,700,000, about $9,900,000 of
which would be annual variable costs.
The Bureau estimated that the total
annual ongoing costs from the NPRM
would have been between $310,000,000
and $330,000,000 for depository
institutions and $62,300,000 for
nondepository institutions. The
estimated total ongoing costs decreased
between the proposal and the final rule
because the Bureau raised the financial
institution coverage threshold from 25
to 100 covered originations in each of
the two preceding calendar years.
However, the cost estimates per
institution increased because the
Bureau, taking into account comments
received on the proposed rule, raised
the ongoing costs per application by
changing training costs. These changes
almost offset each other because, while
the final rule covers about 2,200 fewer
institutions relative to the proposal due
to the change in the financial institution
coverage threshold, these institutions
that are no longer covered had the
fewest number of applications, and
ongoing costs are commensurate with
the number of applications.
To understand the impacts of these
cost estimates on the profits of
E:\FR\FM\31MYR2.SGM
31MYR2
35512
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
depository institutions, the Bureau
estimates the average total net income
across all products per small business
origination for all DIs by type.954 There
is no comprehensive published source
of data on profits earned on small
business credit transactions. The Bureau
presents estimates of total net income
per origination as an indication of a
financial institution’s ability to cover
the additional expenses associated with
the final rule. The Bureau relies on its
estimates of originations for each
depository institution, described in part
IX.D. and its Supplemental estimation
methodology for institutional coverage
and market-level cost estimates in the
small business lending rulemaking. The
Bureau estimates that banks and savings
associations of Type A that will be
covered by the final rule have an
average net income per origination
between $134,000 and $167,000. Credit
unions of Type A that will be covered
by the final rule have an average net
income per origination of $144,000.
Assuming two applications per
origination, a covered bank or savings
association of Type A has a net income
per application of approximately
$67,000 to $83,000 and a covered credit
union of the same type has a net income
per application of about $72,000. The
Bureau estimates that covered banks
and savings associations of Type B have
an average net income per origination
between $65,000 and $75,000 or a net
income per application between $33,000
and $38,000. The Bureau estimates that
covered credit unions of Type B have an
average net income per origination of
$229,000 or an average net income per
application of $115,000. The Bureau
estimates that covered banks and
savings associations of Type C have a
net income per origination between
$252,000 and $278,000, or, assuming
three applications per origination, a net
income per application between $84,000
and $93,000. The Bureau estimates that
covered credit unions of Type C have an
average net income per origination of
$8,000, and average net income per
application of about $4,000. The Bureau
notes that these estimates are slightly
higher than reported in the proposal due
to the higher financial institution
coverage threshold in the final rule.
With the publicly disclosed data,
users would be able to assess fair
lending risks at the institution and
market level, furthering section 1071’s
fair lending purpose. Several
commenters to the Bureau’s 2017
request for information expressed
concerns, however, about costs related
to these analyses.955 During the SBREFA
process, some small entity
representatives were concerned that
published 1071 data could be used
against financial institutions in class
action litigation or to harm their public
reputations.956 Depending on the extent
of publicly disclosed data, the Bureau
expects that some financial institutions
could incur ongoing costs responding to
reports of disparities in their small
business lending practices. Some
financial institutions could also
experience reputational risks associated
with high profile reports of existing
disparities where more complete
analysis of its business practices would
conclude that the disparities do not
support a finding of discrimination on
a prohibited basis. In anticipation of
needing to respond to outside analysis
and potential reputational risks, it is
possible that some financial institutions
may choose to change their product
offerings available to small businesses,
underwriting or pricing practices, or
overall participation in the small
business lending market. Several
commenters expressed similar concerns
that fair lending analyses on incomplete
data could lead to false positives (i.e.,
determinations of fair lending violations
where none have occurred), that false
positives could lead to reputational risk,
and that lenders could change their
lending behavior to avoid the potential
for false positives. These costs
associated with reputational risks are
difficult to quantify, and commenters on
the proposed rule did not provide any
specific estimates of these costs.
The Bureau also received feedback
that financial institutions could face
potential costs with the publication of a
public dataset under the final rule either
because potential clients would be
concerned about their data being
955 82
lotter on DSK11XQN23PROD with RULES2
954 There
are no broadly available data on profit
per application for nondepository institutions. The
Bureau uses the FFIEC Bank and NCUA Credit
Union Call Report data from December 31, 2019,
accessed on June 25, 2021. The Bureau uses the
same internal estimates of small business loan
originations as discussed in part VI.B above and
total net income across all products. For estimates
of net income per origination and per application,
the Bureau uses only net income per origination for
depository institutions with over 25 originations in
2019.
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
FR 22318 (May 15, 2017).
example, one small entity representative
was concerned that published 1071 data could lead
to increased litigation and thus a higher cost of
credit for small businesses. Another expressed
concern that pricing information could be
misinterpreted by users of 1071 data (for example,
according to the small entity representative, higher
pricing for one race might be used to infer
discrimination when the pricing was in fact
unrelated to the race of the applicant). Such a
misinterpretation may cause reputational damage
and consequently decrease applications.
956 For
PO 00000
Frm 00364
Fmt 4701
Sfmt 4700
collected or because of the additional
competitive pressure brought by a
publicly available dataset. The costs
associated with customer privacy,
reputational risk to financial
institutions, and additional competitive
pressure for financial institutions are
difficult to quantify, and commenters on
the proposed rule did not provide any
specific estimates of these costs.
Comments on the ongoing cost
estimates of the proposed rulemaking.
Several industry commenters provided
estimates of what they believed the
overall ongoing costs would be for their
institution. These estimates ranged from
estimates that were quite similar to the
Bureau’s estimate for institutions of
similar small business credit volume to
estimates that were considerably higher
than the Bureau’s estimates. For
example, a group of trade associations
estimated that institutions under $500
million in assets, that on average
originate 276 small business loans
annually, would incur $145 per
origination in ongoing cost. The
Bureau’s estimate in the proposal, for
institutions of a similar size was $178
per origination ($89 per application). At
the high end, a lender suggested over
$1,000 per origination. The Bureau has
reviewed these estimates and
considered the information provided by
the commenters.
The most voluminous category of
comments was with respect to future
staffing needs in response to the
proposed rule. While not specific to any
individual category of ongoing cost
activity, a number of banks, credit
unions, and Farm Credit System
lenders, and several trade associations,
described the need to hire additional
staff to perform several of the ongoing
cost activities that require staff time.
Many provided estimates of the
additional FTEs that the institution
would have to hire to comply with the
proposed rule. These estimates ranged
from one additional FTE to up to 10
additional FTEs. A survey of
community banks by a national trade
association found that 88 percent of
respondents would need to hire an
additional FTE and, on average,
institutions would have to hire 2–3
FTEs. Several commenters asserted that
the hiring of additional staff alone
showed that the Bureau’s ongoing cost
estimates in the proposal were
inadequate.
In the ongoing cost estimates of the
Bureau’s proposal, the Bureau
calculated the number of hours required
to be spent on section 1071-related
tasks, without distinguishing between
existing or newly-hired staff. The
Bureau assumes that the time spent on
E:\FR\FM\31MYR2.SGM
31MYR2
lotter on DSK11XQN23PROD with RULES2
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
section 1071-related tasks necessarily
takes time away from otherwise
profitable activity to which the hours
would be put in the rule’s absence.
Since the Bureau is accounting for time
spent in this way, the Bureau believes
that its estimates account for the
additional staff activity required to be
spent to collect, check, and report data
under the final rule. For this reason, the
Bureau did not change any staffing time
estimates, with the below exceptions.
However, hiring additional FTEs
would lead some institutions to incur
one-time costs of hiring, including
search and administrative burden, that
they would not have incurred in the
absence of the final rule. The Bureau
categorizes this type of cost as a onetime cost, where the institution staffs up
to be able to comply with the final rule.
The Bureau is therefore incorporating
the fixed cost of hiring new staff in the
manner described in part IX.E.1.
Several commenters also suggested
that the specific ongoing costs for
training staff were too low in the
proposal. As described in the proposal,
the Bureau received similar comments
during the SBREFA process, but wished
to learn additional information through
comments on the proposed rule to better
estimate the cost of training. Several
institutions provided specific annual
costs of training employees or estimates
of the overall employee time. Others
more generally described the need to
train more staff than just loan officers,
but also administrative and other staff.
The Bureau’s ongoing costs estimates
only reflected the assumed training time
required to train loan officers that
directly handle the underwriting
process. Based on the comments, the
estimates in this final rule reflect a
doubling of the number of assumed
training hours required on an annual
basis in order to account for the
additional staff that would have to be
trained on an annual basis besides
simply the loan officers.
Lastly, the Bureau received several
comments specifically about the
ongoing cost of 1071 data management
software. In addition to confirming this
as an appropriate category of ongoing
cost activity, several commenters
provided specific estimates of the
ongoing costs. One commenter’s
estimate was similar to the estimates the
Bureau provided in its proposal, while
others provided significantly larger
estimates. A survey by a national trade
organization found ongoing software
cost estimates that were quite similar to
the estimates the Bureau provided in its
proposal for institutions of Types B and
C. As an example, the survey average for
institutions similar to Type B
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
institutions in the Bureau’s proposal
was around $7,000 per year, while the
Bureau’s estimate in the proposal was
$8,000. Taking this information into
account, the Bureau has not adjusted its
ongoing cost estimates of the annual
cost of 1071 data management or
geocoding software.
4. Costs to Small Businesses
The Bureau expects that any direct
costs of the final rule on small
businesses will stem from additional
fields that the applicant may have to
complete on credit applications due to
the final rule compared to a financial
institution’s existing application
process. This could include information
such as the race, ethnicity, and sex of
the principal owners or number of
workers were not previously required
on business credit applications.
However, the Bureau expects the cost of
completing the new section 1071 fields
on applications to be negligible.
Therefore, the Bureau focuses the rest of
the discussion on the costs of small
businesses to whether and how the
Bureau expects financial institutions to
pass on the costs of compliance with the
final rule to small businesses and any
possible effects on the availability of
small business credit.
Three types of costs (one-time, fixed
ongoing, and variable ongoing) have the
potential to influence the price and
availability of credit to small businesses.
In a competitive marketplace, standard
microeconomics suggests that lenders
will extend loans up to the point at
which the revenue from granting an
additional loan is equal to the
additional cost associated with the
financial institution providing the loan.
One-time costs and fixed ongoing costs
affect the overall profitability of a
lender’s loan portfolio but do not affect
the added profit from extending an
additional loan. Variable ongoing costs,
however, affect the profitability of each
additional loan and will influence the
number of loans a lender provides.
Based on the Bureau’s available
evidence, it expects that the variable
ongoing costs will be passed on in full
to small business credit applicants in
the form of higher prices or fees and
does not expect there to be a significant
reduction in small businesses’ ability to
access credit.
One-time and fixed ongoing costs
affect the overall profitability of the loan
portfolio and will be considered in the
lender’s decision to continue supplying
small business credit at their current
levels. The Bureau believes that a
financial institution would find it
worthwhile to incur the one-time costs
associated with complying with the
PO 00000
Frm 00365
Fmt 4701
Sfmt 4700
35513
final rule if it expects to generate
enough profit over multiple years to
cover those costs. Each year, a financial
institution would find it worthwhile to
continue extending credit if the total
expected revenue from its chosen
quantity of loans is greater than the sum
of its ongoing fixed and variable costs.
As such, the Bureau believes a financial
institution would find it worthwhile to
reduce their supply of small business
credit, even if it had already incurred
the one-time costs, if the total expected
revenue from that year were less than
the total expected ongoing costs.957 As
discussed in detail below, the Bureau
believes that a significant disruption in
small business credit supply is unlikely.
In the One-Time Cost Survey, the
Bureau asked respondents to rank a list
of potential actions they may take in
response to the compliance costs of
implementing section 1071.
Respondents ranked the following list:
‘‘Raise rates or fees on small business
products’’; ‘‘Raise rates/fees on other
credit products’’; ‘‘Accept lower
profits’’; ‘‘Exit some geographic
markets’’; ‘‘Tighten underwriting
standards’’; ‘‘Offer fewer or less
complex products’’; ‘‘No longer offer
small business credit products’’; or
‘‘Other’’ with two write-in options.
Respondents ranked these options from
‘‘1’’ to ‘‘9’’ indicating their most to least
likely responses, where ‘‘1’’ was the
most likely.
In order to analyze these responses,
the Bureau pooled data only from
respondents that answered both the
ranking question and the number of
originations question. The Bureau
implemented these restrictions to the
pool to eliminate responses from
institutions that would not be required
to report under the final rule. Of the 105
total respondents to the One-Time Cost
Survey, 44 ranked every option and
reported more than 25 originations in
the last year.958 The Bureau will
henceforth refer to these respondents as
the ‘‘impacts of implementation’’
sample.
Table 17 presents the potential
responses to implementing section 1071
and the average ranking assigned by
respondents in the impacts of
implementation sample. The responses
957 SBREFA Outline at 50–52. The small entity
representative feedback discussed herein can be
found in the SBREFA Panel Report at 40.
958 The Bureau discusses a representative Type A
FI that will not be covered by the final rule to make
the final estimates easier to compare with those in
the NPRM and to highlight what the costs of the
rule would have been for a financial institution that
is not covered by the final rule. The Bureau
includes survey respondents with originations
below the origination threshold to ensure a large
enough sample size for analysis.
E:\FR\FM\31MYR2.SGM
31MYR2
35514
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
are listed in order of most to least likely
on average, where a lower average
ranking number means that respondents
ranked that response most likely. These
ranked responses shed light on potential
disruptions to small business credit
supply as a result of the final rule’s
implementation. Notably, respondents
were least likely to report that they
would reduce their small business
lending activity, with respondents on
average indicating that they would be
more likely to accept lower profits than
to reduce their small business lending
activity.
TABLE 17—ONE-TIME COST SURVEY RESPONSES TO IMPACTS OF IMPLEMENTATION
Response
Average ranking
lotter on DSK11XQN23PROD with RULES2
Raise rates or fees on small business products ...........................................................................................................................
Raise rates/fees on other credit products .....................................................................................................................................
Tighten underwriting standards .....................................................................................................................................................
Accept lower profits .......................................................................................................................................................................
Offer fewer or less complex products ...........................................................................................................................................
Exit some geographic markets ......................................................................................................................................................
No longer offer small business credit products .............................................................................................................................
Consistent with economic theory,
respondents reported that they would be
most likely to raise rates or fees on small
business products and other credit
products. The Bureau expects that the
variable ongoing costs would be passed
on in full to small business credit
applicants in the form of higher prices
or fees. Per application, the variable
costs are approximately $32, $26, and
$7.5 for Type A FIs, Type B FIs, and
Type C FIs, respectively. Even if the
variable costs were passed on in full to
small business applicants in the form of
higher interest rates or fees associated
with a loan or line of credit, the Bureau
expects that this would comprise a
small portion of the total cost of the
average loan to the small business
applicant. Therefore, the Bureau expects
this increase in cost to have limited
impact on the availability or
affordability of small business credit.
The Bureau estimates that the total
market impact of these costs for small
businesses will be between
$200,000,000 and $208,000,000.
The relative ranking of other survey
response options provides additional
insight into the potential for small
business credit supply disruptions. In
Table 17, financial institutions ranked
‘‘tighten[ing] credit standards,’’ on
average, in the middle of their potential
responses. The lowest three responses
were ‘‘offer fewer or less complex
products,’’ ‘‘exit some geographic
markets,’’ and ‘‘no longer offer small
business credit products.’’ For these
reasons, the Bureau believes the survey
responses indicate limited likelihood of
significant small business credit supply
disruptions.
The Bureau’s total estimated one-time
and ongoing costs are non-negligible
and could potentially affect the supply
of small business credit by financial
institutions that do not regularly
originate many covered credit
transactions. The Bureau’s final
institutional coverage threshold of 100
VerDate Sep<11>2014
20:41 May 30, 2023
Jkt 259001
covered credit transactions in two
consecutive years could prevent some
low-volume financial institutions from
reducing small business lending activity
in response to the compliance costs of
the final rule. For example, the Bureau
estimates that a Type A DI would incur
one-time costs of $63,825 and fixed
ongoing costs of $5,195. A depository
institution that originates very few
covered transactions every year may
reduce its small business lending
activity if it does not expect that profits,
even over several years, would cover
that one-time cost or if it does not
expect annual revenues to exceed the
annual ongoing costs. However, based
on the net income per application
estimates discussed above, and the
responses to the One-Time Cost Survey,
the Bureau believes that institutions that
are covered under the final rule are
unlikely to find either the one-time
costs of implementation or the ongoing
costs of compliance a meaningful
influence in their business decision
regarding small business lending
activity. It is possible that some lenders
just above the coverage threshold might
reduce their small business lending to
below the threshold to avoid reporting
but, even if this does occur, the Bureau
does not anticipate that this will
significantly decrease aggregate credit
supply. Furthermore, the Bureau’s
findings from the respondents to the
One-Time Cost Survey (discussed
above) additionally support the
Bureau’s conclusion that the increase in
compliance costs will likely be passed
through to customers in the form of
higher prices or fees, rather than a
significant reduction in financial
institutions’ willingness to supply small
business credit.959
959 As stated in the SBREFA Panel Report at 40,
‘‘[g]enerally, [small entity representatives] did not
suggest that they would leave the small business
lending market in response to increased costs under
the eventual 1071 rule.’’
PO 00000
Frm 00366
Fmt 4701
Sfmt 4700
1.77
2.93
3.73
3.82
4.59
5.75
6.57
If the Bureau were to release the data
in unmodified form, the Bureau
acknowledges there would be an
ongoing risk of re-identification, which
may bring with it reputational risk for
covered financial institutions and more
significant privacy risks for small
business applicants and related natural
persons. Examples of such scenarios
and their potential risks are detailed in
part VIII.B.4.ii. See part VIII generally
for more about how the Bureau’s
modification and deletion decisions will
mitigate these risks.
Comments on the Bureau’s estimation
of the costs to small businesses. The
Bureau sought comment on other
potential costs to small businesses not
discussed above, and on its analysis of
costs to small businesses as described
herein. Several trade associations
conducted their own surveys, which
largely provided support for the
Bureau’s estimations, specifically that
price increases would be the most likely
response, and showed limited support
for significant market exit.
A number of commenters, mainly
lenders and trade associations,
described how they expected costs
would be passed on to borrowers,
namely through higher interest rates or
fees, though one lender said they would
not raise fees or restrict access to credit.
Two trade associations asserted the
price of motor vehicles could increase
because of the rule’s effect on
automobile financing. Several industry
commenters who cited potential price
increases also noted they might have to
reduce their overall volume of small
business lending. Others who cited
potential price increases noted they
might reduce the number of product
offerings, such as small dollar lending
products or insurance premium
financing transactions.
Consistent with results from the
Bureau’s One-Time Cost Survey,
comments also provided little evidence
to indicate that lenders would exit the
E:\FR\FM\31MYR2.SGM
31MYR2
lotter on DSK11XQN23PROD with RULES2
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
small business credit market. While
some lenders and trade associations
cited business exit as a potential
consequence, only one lender stated
they themselves might consider exiting.
A group of trade associations noted that
in the survey it administered to its own
members, there seemed to be little
evidence that any of its own members
would exit. A few lenders and trade
associations asserted that some smaller
lenders could exit the market due to
increased regulatory burdens and costs.
A group of trade associations asserted
lenders could even close altogether or
merge with other institutions.
One bank estimated how much of its
portfolio would be affected by
compliance costs; if it were to stop
offering loans of less than $50,000
because it decided they were no longer
profitable, it would lose up to 59
percent of its agricultural and
commercial customers, or 13 percent of
its total lending volume. If the bank
were to stop offering loans of less than
$10,000, it would lose 20 percent of its
agricultural and commercial loans, or 1
percent of its total lending volume. The
bank observed that because the
percentage of customers affected would
be greater than the percentage of lending
volume affected, these estimates show
that borrowers of small loan amounts
would be negatively impacted by the
rule.
A few lenders noted that, other than
price increases, decreased competition
from market exit could impact small
businesses, namely a lower degree of
customization in loan processing and
underwriting. Several industry
commenters claimed that processing
times will increase because of the
collection of data fields required by the
rule but not otherwise collected in the
normal course of business.
The Bureau believes that the
comments generally supported the
Bureau’s expectation that the most
likely response to the compliance costs
of the final rule will be an increase in
interest rates or fees to pass on financial
institutions’ ongoing variable costs to
small business credit applicants. While
the Bureau acknowledges the potential
for other effects, such as changes in
product offerings, changes in loan sizes,
increased processing time, tightening of
credit standards, or a reduction in
market participation by financial
institutions, the Bureau does not expect
these effects to be large enough to
significantly impact the availability of
small business credit. Additionally, the
Bureau expects that its increased
coverage threshold of one hundred
loans for each of the two preceding
years should reduce the likelihood of
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
reduced small business credit supply by
financial institutions who originate few
loans per year.
5. Alternatives Considered
This section discusses two categories
of alternatives considered: other
methods for defining a covered financial
institution and limiting the data points
to those mandated by section 1071. The
Bureau uses the methodologies
discussed in parts IX.D and IX.E to
estimate the impacts of these
alternatives.
First, the Bureau considered multiple
reporting thresholds for purposes of
defining a covered financial institution.
In particular, the Bureau considered
whether to exempt financial institutions
with fewer than 25, 50, 200, or 500
originations in each of the two
preceding calendar years instead of 100
originations, as finalized in the rule.
The Bureau also considered whether to
exempt depository institutions with
assets under $100 million or $200
million from section 1071’s data
collection and reporting requirements.
Under a 25-origination threshold,
which was proposed in the NPRM, the
Bureau estimates that about 4,000 to
4,200 depository institutions would
report, which is approximately 2,200
more depository institutions relative to
the final threshold of 100 originations.
The Bureau estimates that about 3,600
to 3,800 banks and savings associations
and about 400 credit unions would be
covered under a 25-origination
threshold. The Bureau estimates that
about 98 percent of small business loans
originated by depository institutions
would be covered under a 25origination threshold, an increase of
about 4 percentage points relative to the
final rule. The Bureau does not have
sufficient information to precisely
estimate how many more nondepository
institutions would report under this
alternative threshold. The Bureau
estimates that the total one-time costs
across all financial institutions
associated with a 25-origination
threshold would be about $338,000,000
to $350,000,000, an increase of about
$132,000,000 relative to the 100origination threshold. The Bureau
estimates that the total annual ongoing
costs associated with the 25-origination
threshold would be about $392,000,000
to $413,000,000, an increase of between
$47,000,000 and $52,000,000 per year
relative to the 100-origination threshold.
Under a 50-origination threshold, the
Bureau estimates that about 2,900 to
3,100 depository institutions would
report, which is approximately 1,100
more depository institutions relative to
the final threshold of 100 originations.
PO 00000
Frm 00367
Fmt 4701
Sfmt 4700
35515
The Bureau estimates that about 2,700
to 2,900 banks and savings associations
and about 200 credit unions would be
covered under a 50-origination
threshold. The Bureau estimates that
about 97 percent of small business loans
originated by depository institutions
would be covered under a 50origination threshold, an increase of
about 3 percentage points relative to the
final rule. The Bureau estimates that the
total one-time costs across all financial
institutions associated with a 50origination threshold would be about
$272,000,000 to $285,000,000, an
increase of about $66,000,000 relative to
the 100-origination threshold. The
Bureau estimates that the total annual
ongoing costs associated with this
threshold would be about $373,000,000
to $393,000,000, an increase of about
$28,000,000 to $32,000,000 per year
relative to the 100-origination threshold.
Again, the Bureau does not have
sufficient information to precisely
estimate how many more nondepository
institutions would be required to report
under this alternative.
Under a 200-origination threshold, the
Bureau estimates that about 1,000 to
1,100 depository institutions would
report, which is approximately 800
fewer depository institutions relative to
the final threshold of 100 originations.
The Bureau estimates that about 900 to
1,100 banks and savings associations
and fewer than 100 credit unions would
be covered under a 200-origination
threshold. The Bureau estimates that
about 91 percent of small business loans
originated by depository institutions
would be covered under a 200origination threshold, a decrease of
about 3 to 4 percentage points relative
to the final rule. The Bureau estimates
that the total one-time costs across all
financial institutions associated with a
200-origination threshold would be
about $159,000,000 to $167,000,000, a
decrease of about $47,000,000 to
$51,000,000 relative to the 100origination threshold. The Bureau
estimates that the total annual ongoing
costs associated with this threshold
would be about $314,000,000 to
$328,000,000, a decrease of about
$31,000,000 to $33,000,000 per year
relative to the 100-origination threshold.
The Bureau does not have sufficient
information to precisely estimate how
many more nondepository institutions
would be required to report under this
alternative.
Under a 500-origination threshold, the
Bureau estimates that about 400 to 500
depository institutions would report,
which is approximately 1,500 fewer
depository institutions relative to the
final threshold of 100 originations. The
E:\FR\FM\31MYR2.SGM
31MYR2
lotter on DSK11XQN23PROD with RULES2
35516
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
Bureau estimates that about 400 to 500
banks and savings associations and
fewer than 20 credit unions would be
covered under a 500-origination
threshold. The Bureau estimates that
about 88 percent of small business loans
originated by depository institutions
would be covered under a 500origination threshold, a decrease of
about 3 to 6 percentage points relative
to the final rule. The Bureau estimates
that the total one-time costs across all
financial institutions associated with a
500-origination threshold would be
about $128,000,000 to $131,000,000, a
decrease of about $78,000,000 to
$87,000,000 relative to the 100origination threshold. The Bureau
estimates that the total annual ongoing
costs associated with this threshold
would be about $281,000,000 to
$290,000,000, a decrease of about
$64,000,000 to $71,000,000 per year
relative to the 100-origination threshold.
The Bureau does not have sufficient
information to precisely estimate how
many more nondepository institutions
would be required to report under this
alternative.
The Bureau’s NPRM discussed the
possibility of exempting depository
institutions with assets under $100
million or $200 million assets from the
final rule. For the purposes of
considering these alternatives, the
Bureau estimates how institutional
coverage and costs would be different if
the Bureau required a 25-origination
threshold in addition to an asset-based
threshold for depository institutions.
The Bureau assumes that the alternative
proposal would have been that a
depository institution would be
required to report its small business
lending activity for 2019 if it had more
than 25 originations in 2017 and 2018
and had assets over the asset-based
threshold on December 31, 2018. The
Bureau further assumes that if two
institutions merged in 2019 then the
resulting institution would be required
to report if the sum of the separate
institutions’ assets on December 31,
2018, exceeded the asset-based
threshold.
Under a $100 million asset-based and
25-origination threshold, the Bureau
estimates that between 3,500 and 3,600
depository institutions would report,
approximately 1,600 to 1,700 more
depository institutions relative to a 100origination threshold with no assetbased threshold. The Bureau estimates
that about 3,100 to 3,300 banks and
savings associations and about 300
credit unions would be covered under a
25-origination and $100 million assetbased threshold. The Bureau estimates
that about 98 percent of small business
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
loans originated by depository
institutions would be covered under a
25-origination and $100 million assetbased threshold, an increase of about 4
percentage points relative to the final
rule. The Bureau estimates that the total
one-time costs across all financial
institutions associated with the addition
of a $100 million asset-based threshold
would be about $307,000,000 to
$314,000,000, an increase of between
$101,000,000 and $104,000,000 relative
to the final rule. The Bureau estimates
that the total annual ongoing costs
associated with this threshold would be
about $383,000,000 to $403,000,000, an
increase of about $38,000,000 to
$42,000,000 per year relative to the 100origination threshold with no assetbased threshold.
Under a $200 million asset-based and
25-origination threshold, the Bureau
estimates that about 2,700 depository
institutions would report,
approximately between 700 and 900
fewer depository institutions relative to
a 100-origination threshold with no
asset-based threshold. The Bureau
estimates that about 2,400 banks and
savings associations and about 300
credit unions would be covered under a
25-origination and $200 million assetbased threshold. The Bureau estimates
that about 96 percent of small business
loans originated by depository
institutions would be covered under a
25-origination and $100 million assetbased threshold, an increase of about 2
percentage points relative to the final
rule. The Bureau estimates that the total
one-time costs across all financial
institutions associated with the addition
of a $200 million asset-based threshold
would be about $259,000,000 to
$264,000,000, an increase of between
$46,000,000 and $53,000,000 relative to
the final rule. The Bureau estimates that
the total annual ongoing costs
associated with this threshold would be
about $364,000,000 to $380,000,000, an
increase of about $19,000,000 per year
relative to the 100-origination threshold
with no asset-based threshold.
Second, the Bureau considered the
costs and benefits for limiting its data
collection to the data points specifically
enumerated in ECOA section
704B(e)(2)(A) through (G). In addition to
those data points, the statute also
requires financial institutions to collect
and report any additional data that the
Bureau determines would aid in
fulfilling the purposes of section 1071.
The final rule includes several
additional data points that rely solely on
that latter authority in section
704B(e)(2)(H). Specifically, the final rule
requires that financial institutions
collect and report data on application
PO 00000
Frm 00368
Fmt 4701
Sfmt 4700
method, application recipient, denial
reasons (for denied applications only),
pricing information (for applications
that are originated or approved but not
accepted), NAICS code, number of
workers, time in business, and number
of principal owners, all of which are
adopted based on the Bureau’s authority
pursuant to section 704B(e)(2)(H). The
Bureau has considered the impact of
instead finalizing only the collection of
those data points enumerated in section
704B(e)(2)(A) through (G).
Requiring the collection and reporting
of only the data points enumerated in
ECOA section 704B(e)(2)(A) through (G)
would result in a reduction in the fair
lending benefit of the data compared to
the final rule. For example, not
collecting pricing information would
obscure possible fair lending risk by
covered financial institutions. Potential
discriminatory behavior is not limited to
the action taken on an application, but
rather includes the terms and conditions
under which applicants can access
credit. If the Bureau did not collect
pricing information, it would not be
able to evaluate potential discriminatory
lending practices. As mentioned in part
IX.F.1 above, several of the data points
the Bureau is finalizing under its ECOA
section 704B(e)(2)(H) authority are
critical to conducting more accurate and
complete fair lending analyses. A
reduction in the rule’s ability to
facilitate the enforcement of fair lending
laws would negatively impact small
businesses and small business owners
and thus run counter to that statutory
purpose of section 1071.
Limiting the rule’s data collection to
only the data points required under the
statute would also reduce the ability of
the rule to support the business and
community development needs and
opportunities of small businesses,
which is the other statutory purpose of
section 1071. For example, not
including pricing information would
significantly reduce the ability of
communities, governmental entities,
and creditors to understand credit
conditions available to small businesses.
Not including NAICS code or time in
business would also reduce the ability
of governmental entities to tailor
programs that can specifically benefit
young businesses or businesses in
certain industries.
Only requiring the collection and
reporting of the data points enumerated
in ECOA section 704B(e)(2)(A) through
(G) would have reduced the annual
ongoing cost of complying with the final
rule. Under this alternative, the
estimated total annual ongoing costs for
Type A FIs, Type B FIs, and Type C FIs
would be $7,644; $38,296 and $265,809,
E:\FR\FM\31MYR2.SGM
31MYR2
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
lotter on DSK11XQN23PROD with RULES2
respectively. Per application, the
estimated ongoing cost would be $76,
$96, and $44 for Type A FIs, Type B FIs,
and Type C FIs, respectively. Under this
alternative, the estimated total ongoing
costs for Type A FIs would be $705 less
per year and $7 less per application
than the final rule; the estimated total
ongoing costs for Type B FIs would be
$1,783 less per year and $4 less per
application than the final rule; and the
estimated total ongoing costs for Type C
FIs would be $12,809 per year and $2
per application than the final rule. The
estimated total annual market-level
ongoing cost of reporting would be
between $326,000,000 and
$340,000,000, or between about
$19,000,000 to $21,000,000 per year less
than under the final rule. As discussed
above, respondents to the One-Time
Cost Survey were instructed to assume
that they would only report the
statutorily mandated data fields. Hence,
the Bureau can only estimate how
ongoing costs would be different under
this alternative.
G. Potential Impact on Depository
Institutions and Credit Unions With $10
Billion or Less in Total Assets
As discussed above, the final rule will
exclude financial institutions with
fewer than 100 originated covered credit
transactions in both of the two
preceding calendar years. The Bureau
believes that the benefits of the final
rule to banks, savings associations, and
credit unions with $10 billion or less in
total assets will be similar to the
benefits to covered financial institutions
as a whole, discussed above. Regarding
costs, other than as noted here, the
Bureau also believes that the impact of
the final rule on banks, savings
associations, and credit unions with $10
billion or less in total assets will be
similar to the impact for covered
financial institutions as a whole. The
primary difference in the impact on
these institutions is likely to come from
differences in the level of complexity of
operations, compliance systems, and
software, as well as number of product
offerings and volume of originations of
these institutions, all of which the
Bureau has incorporated into the cost
estimates using the three representative
financial institution types.
Based on FFIEC and NCUA Call
Report data for December 2019, 10,375
of 10,525 banks, savings associations,
and credit unions had $10 billion or less
in total assets. The Bureau estimates
that between 1,700 and 1,900 of such
institutions would be subject to the final
rule. The Bureau estimates that the
market-level impact of the final rule on
annual ongoing costs for banks, savings
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
associations, and credit unions with $10
billion or less in assets would be
between $124,000,000 and
$140,000,000. Regarding one-time costs,
the Bureau estimates that the marketlevel impact of the final rule for banks,
savings associations, and credit unions
with $10 billion or less in assets would
be between $102,000,000 and
$114,000,000. Using a 7 percent
discount rate and a five-year
amortization window, the estimated
annualized one-time costs would be
between $25,000,000 and $28,000,000.
H. Potential Impact on Small Businesses
in Rural Areas
The Bureau expects that small
businesses in rural areas will directly
experience many of the benefits of the
rule described above in IX.F.1. Small
businesses in rural areas will directly
benefit from facilitating the enforcement
of fair lending laws and the enabling of
communities, governmental entities,
and creditors to identify business and
community development needs and
opportunities of women-owned,
minority-owned, and small businesses.
As with all small businesses, small
businesses in rural areas may bear some
indirect costs of the rule. This would
occur if financial institutions serving
rural areas are covered by the final rule
and if those institutions pass on some or
all of their cost of complying with the
final rule to small businesses.
The source data from CRA
submissions that the Bureau uses to
estimate institutional coverage and
market estimates provide information
on the county in which small business
borrowers are located. However,
approximately 89 percent of all banks
did not report CRA data in 2019, and as
a result the Bureau does not believe the
reported data are robust enough to
estimate the locations of the small
business borrowers for the banks that do
not report CRA data. The NCUA Call
Report data do not provide any
information on the location of credit
union borrowers. Nonetheless, the
Bureau is able to provide some
geographical estimates of institutional
coverage based on depository institution
branch locations.
The Bureau used the FDIC’s Summary
of Deposits to identify the location of all
brick and mortar bank and savings
association branches and the NCUA
Credit Union Branch Information to
identify the location of all credit union
branch and corporate offices.960 A bank,
960 See Fed. Deposit Ins. Corp., Summary of
Deposits (SOD)—Annual Survey of Branch Office
Deposits (last updated June 1, 2022), https://
www.fdic.gov/regulations/resources/call/sod.html.
PO 00000
Frm 00369
Fmt 4701
Sfmt 4700
35517
savings association, or credit union
branch was defined as rural if it is in a
rural county, as specified by the USDA’s
Urban Influence Codes.961 A branch is
considered covered by the final rule if
it belongs to a bank, savings association,
or credit union that the Bureau
estimated would be included if they
exceed 100 originations in 2017 and
2018. Using the estimation methodology
discussed in part IX.D above, the Bureau
estimates that about 65 to 70 percent of
rural bank and savings association
branches and about 95 percent of nonrural bank and savings association
branches would be covered under the
final rule. The Bureau estimates that
about 14 percent of rural credit union
branches and about 11 percent of nonrural credit union branches would be
covered under the final rule.962
In a competitive framework in which
financial institutions are profit
maximizers, financial institutions
would pass on variable costs to future
small business applicants, but absorb
one-time costs and increased fixed costs
in the short run.963 Based on previous
HMDA rulemaking efforts, the following
seven operational steps affect variable
costs: transcribing data, resolving
reportability questions, transferring data
to a data entry system, geocoding,
researching questions, resolving
question responses, and checking postsubmission edits. Overall, the Bureau
estimates that the impact of the final
rule on variable costs per application is
$32 for Type A FIs, $26 for Type B FIs,
and $7.50 for Type C FIs. The Bureau
believes that the covered financial
institutions that serve rural areas will
attempt to pass these variable costs on
to future small business applicants.
The NCUA provides data on credit union branches
in the quarterly Call Report Data files. See Nat’l
Credit Union Admin., Call Report Quarterly Data,
https://www.ncua.gov/analysis/credit-unioncorporate-call-report-data/quarterly-data (last
visited Mar. 20, 2023).
961 This is a similar methodology as used in the
Bureau’s rural counties list. See CFPB, Rural and
underserved counties list, https://
www.consumerfinance.gov/compliance/
compliance-resources/mortgage-resources/ruraland-underserved-counties-list/ (last visited Mar. 20,
2023).
962 The Bureau notes that most credit union
branches do not belong to covered credit unions
because most credit unions did not report any small
business loans in the NCUA Call Report data. Of the
5,437 credit unions that existed in December 2019,
4,359 (or 81.5 percent) reported no small business
originations in 2017 or 2018.
963 If markets are not perfectly competitive or
financial institutions are not profit maximizers,
then what financial institutions pass on may differ.
For example, they may attempt to pass on one-time
costs and increases in fixed costs, or they may not
be able to pass on variable costs. Furthermore, some
financial institutions may exit the market in the
long run. However, other financial institutions may
also enter the market in the long run.
E:\FR\FM\31MYR2.SGM
31MYR2
35518
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
Amortized over the life of the loan, this
expense would represent a negligible
increase in the overall cost of a covered
credit transaction.
The One-Time Cost Survey can shed
light on how financial institutions that
serve rural communities will respond to
the final rule. The Bureau asked
respondents to the survey to report
whether their institution primarily
served rural or urban communities or an
even mix. All respondents in the
impacts of implementation sample
answered this question. Of the 44
respondents in the impacts of
implementation sample, 13 primarily
serve rural communities, 15 primarily
serve urban communities, and 16 serve
an even mix. Table 18 presents the
potential responses to implementing
section 1071 and the average ranking
assigned by respondents that serve rural
communities, urban communities, an
even mix, and all of the respondents in
the impacts of implementation sample.
The responses are listed in order of most
to least likely on average across all
respondents, where a lower average
ranking number means that respondents
ranked that response most likely.
Respondents that primarily serve rural
communities or an even mix rank
raising rates or fees on small business or
other credit products as the most likely
response. These institutions also rank
exiting some geographic markets and no
longer offering small business credit
products as the least likely response to
a rule implementing section 1071.
TABLE 18—ONE-TIME COST SURVEY RESPONSES TO IMPACTS OF IMPLEMENTATION BY TYPE OF COMMUNITY SERVED
Rural
(n = 13)
Response
Raise rates or fees on small business products .............................................
Raise rates/fees on other credit products .......................................................
Tighten underwriting standards .......................................................................
Accept lower profits .........................................................................................
Offer fewer or less complex products ..............................................................
Exit some geographic markets ........................................................................
No longer offer small business credit products ...............................................
The Bureau thus does not anticipate
any material adverse effect on credit
access in the long or short term to rural
small businesses.
X. Regulatory Flexibility Act Analysis
The Regulatory Flexibility Act
(RFA) 964 generally requires an agency to
conduct an initial regulatory flexibility
analysis (IRFA) and a final regulatory
flexibility analysis (FRFA) of any rule
subject to notice-and-comment
rulemaking requirements. These
analyses must ‘‘describe the impact of
the proposed rule on small entities.’’ 965
An IRFA or FRFA is not required if the
agency certifies that the rule will not
have a significant economic impact on
a substantial number of small
entities.966 The Bureau also is subject to
certain additional procedures under the
RFA involving the convening of a panel
to consult with small business
representatives prior to proposing a rule
for which an IRFA is required.967
964 5
U.S.C. 601 et seq.
U.S.C. 603(a). For purposes of assessing the
impacts of the proposed rule on small entities,
‘‘small entities’’ is defined in the RFA to include
small businesses, small not-for-profit organizations,
and small government jurisdictions. 5 U.S.C. 601(6).
A ‘‘small business’’ is determined by application of
SBA regulations and reference to the NAICS
classifications and size standards. 5 U.S.C. 601(3).
A ‘‘small organization’’ is any ‘‘not-for-profit
enterprise which is independently owned and
operated and is not dominant in its field.’’ 5 U.S.C.
601(4). A ‘‘small governmental jurisdiction’’ is the
government of a city, county, town, township,
village, school district, or special district with a
population of less than 50,000. 5 U.S.C. 601(5).
966 5 U.S.C. 605(b).
967 5 U.S.C. 609.
lotter on DSK11XQN23PROD with RULES2
965 5
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
1.62
2.54
3.46
3.77
4.62
5.69
6.62
In the proposal, the Bureau did not
certify that the proposed rule would not
have a significant economic impact on
a substantial number of small entities
within the meaning of the RFA.
Accordingly, the Bureau convened and
chaired a Small Business Review Panel
under SBREFA to consider the impact of
the proposals under consideration on
small entities that would be subject to
the rule implementing section 1071 and
to obtain feedback from representatives
of such small entities. The proposal
preamble included detailed information
on the Small Business Review Panel.
The Panel’s advice and
recommendations are found in the
Small Business Review Panel Final
Report 968 and were discussed in the
section-by-section analysis of the
proposed rule.969 The proposal also
contained an IRFA pursuant to section
603 of the RFA. In this IRFA, the Bureau
solicited comment on any costs,
recordkeeping requirements,
compliance requirements, or changes in
operating procedures arising from the
application of the proposed rule to
small businesses; comment regarding
any Federal rules that would duplicate,
overlap or conflict with the proposed
rule; and comment on alternative means
of compliance for small entities.
Comments addressing individual
968 CFPB, Final Report of the Small Business
Review Panel on the CFPB’s Proposals Under
Consideration for the Small Business Lending Data
Collection Rulemaking (Dec. 14, 2020), https://
files.consumerfinance.gov/f/documents/cfpb_1071sbrefa-report.pdf.
969 86 FR 56356, 56378–510 (Oct. 8, 2021).
PO 00000
Frm 00370
Fmt 4701
Sfmt 4700
Urban
(n = 15)
1.6
2.73
4.27
4.2
4.07
5.13
6.13
Even mix
(n = 16)
All
(n = 44)
2.06
3.44
3.44
3.5
5.06
6.38
6.94
1.77
2.93
3.73
3.82
4.59
5.75
6.57
provisions of the proposed rule are
addressed in the section-by-section
analysis above. Comments addressing
the impact on small entities are
discussed below. Many of these
comments implicated individual
provisions of the final rule or the
Bureau’s Dodd-Frank Act section 1022
discussion and are also addressed in
those parts.
Based on the comments received, and
for the reasons stated below, the Bureau
believes the final rule will have a
significant economic impact on a
substantial number of small entities.
Accordingly, the Bureau has prepared
the following final regulatory flexibility
analysis pursuant to section 604 of the
RFA.
Final Regulatory Flexibility Analysis
Under RFA section 604(a), when
promulgating a final rule under 5 U.S.C.
553, after publishing a notice of
proposed rulemaking, the Bureau must
prepare a FRFA. Section 603(a) of the
RFA also sets forth the required
elements of the FRFA. Section 604(a)(1)
requires the FRFA to contain a
statement of the need for, and objectives
of, the rule. Section 604(a)(2) requires
the FRFA to contain a statement of the
significant issues raised by the public
comments in response to the initial
regulatory flexibility analysis, a
statement of the assessment of the
agency of such issues, and a statement
of any changes made in the proposed
rule as a result of such comments.
Section 604(a)(3) requires the Bureau to
respond to any comments filed by the
E:\FR\FM\31MYR2.SGM
31MYR2
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
lotter on DSK11XQN23PROD with RULES2
Chief Counsel for Advocacy of the SBA
in response to the proposed rule and
provide a detailed statement of any
change made to the proposed rule in the
final rule as a result of the comments.
The FRFA further must contain a
description of and an estimate of the
number of small entities to which the
rule will apply or an explanation of why
no such estimate is available.970 Section
603(b)(5) requires a description of the
projected reporting, recordkeeping, and
other compliance requirements of the
rule, including an estimate of the classes
of small entities that will be subject to
the requirement and the type of
professional skills necessary for the
preparation of the report or record. In
addition, the Bureau must describe any
steps it has taken to minimize the
significant economic impact on small
entities consistent with the stated
objectives of applicable statutes,
including a statement of the factual,
policy, and legal reasons for selecting
the alternative adopted in the final rule
and why each one of the other
significant alternatives to the rule
considered by the agency which affect
the impact on small entities was
rejected. Finally, as amended by the
Dodd-Frank Act, RFA section 604(a)(6)
requires that the FRFA include a
description of the steps the agency has
taken to minimize any additional cost of
credit for small entities.
A. Statement of the Need for, and
Objectives of, the Rule
As discussed in part I above, section
1071 of the Dodd-Frank Act amended
ECOA to require that financial
institutions collect and report to the
Bureau certain data regarding
applications for credit for womenowned, minority-owned, and small
businesses.971 Section 1071’s statutory
purposes are (1) to facilitate
enforcement of fair lending laws, and (2)
to enable communities, governmental
entities, and creditors to identify
business and community development
needs and opportunities of womenowned, minority-owned, and small
businesses.
Section 1071 specifies a number of
data points that financial institutions
are required to collect and report, and
also provides authority for the Bureau to
require any additional data that the
Bureau determines would aid in
fulfilling 1071’s statutory purposes.
Section 1071 also contains a number of
other requirements, including those that
address restricting the access of
underwriters and other persons to
970 5
U.S.C. 603(a)(4).
section 704B.
971 ECOA
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
certain data, publication of data, and the
Bureau’s discretion to modify or delete
data prior to publication in order to
advance a privacy interest.
As discussed throughout this
document, Congress amended ECOA by
adding section 1071, which directs the
Bureau to adopt regulations governing
the collection and reporting of small
business lending data. Section 1071
directs the Bureau to prescribe such
rules and issue such guidance as may be
necessary to carry out, enforce, and
compile data pursuant to section 1071,
and permits the Bureau to adopt
exceptions to any requirement or to
exempt financial institutions from the
requirements of section 1071 as the
Bureau deems necessary or appropriate
to carry out the purposes of section
1071.
In addition, as discussed in part II
above, currently available data on small
business lending are fragmented,
incomplete, and not standardized,
making it difficult to make meaningful
comparisons across products, financial
institutions, and over time. This hinders
attempts by policymakers and other
stakeholders to understand the size,
composition, and dynamics of the small
business lending marketplace, including
the interaction of supply and demand,
as well as potentially problematic
lending practices, gaps, or trends in
funding that may be holding back some
communities.972
Data collected under the final rule
will constitute the largest and most
comprehensive data in the United States
on credit availability for small
businesses. The data collection will also
provide an unprecedented window into
the small business lending market, and
such transparency will benefit financial
institutions covered by the rule. The
public data published under the final
rule will allow financial institutions to
better understand the demand for small
business credit products and the
conditions under which they are being
supplied by other lenders. Lenders will
likely use the data to understand small
business lending market conditions
more effectively and at a more granular
level than is possible with existing data
sources, such as Call Reports, data from
public lending programs, or privately
purchased data. Data collected under
the final rule will enable lenders to
identify promising opportunities to
extend credit to small businesses.
972 While Call Report and CRA data provide some
indication of the level of supply of small business
credit, the lack of data on small business credit
applications makes demand for credit by small
businesses more difficult to assess, including with
respect to local markets or protected classes.
PO 00000
Frm 00371
Fmt 4701
Sfmt 4700
35519
The final rule will also provide some
reduction of the compliance burden of
fair lending reviews for lower risk
financial institutions by reducing the
‘‘false positive’’ rates during fair lending
review prioritization by regulators.
Currently, financial institutions are
subject to fair lending reviews by
regulators to ensure that they are
complying with ECOA in their small
business lending. Data reported under
the final rule will allow regulators to
prioritize fair lending reviews of lenders
with higher risk of potential fair lending
violations, which reduces the burden on
institutions with lower fair lending risk.
The final rule effectuates Congress’s
specific mandate to the Bureau to adopt
rules to implement section 1071. For a
further description of the reasons why
agency action is being considered, see
the background discussion for the final
rule in part II above.
This rulemaking has multiple
objectives. The final rule is intended to
advance the two statutory purposes of
section 1071, which are (1) facilitating
enforcement of fair lending laws and (2)
enabling communities, governmental
entities, and creditors to identify
business and community development
needs and opportunities of womenowned, minority-owned, and small
businesses. To achieve these objectives,
the rule will require covered financial
institutions to collect and report certain
data on applications for covered credit
transactions for small businesses,
including minority-owned, womenowned, and LGBTQI+-owned small
businesses. The data to be collected and
reported will include a number of
statutorily required data fields regarding
small business applications, as well as
several additional data fields that the
Bureau determined will help fulfill the
purposes of section 1071. The Bureau
will make available to the public,
annually on the Bureau’s website, the
data submitted to it by financial
institutions, subject to deletions or
modifications made by the Bureau if the
Bureau determines that such deletions
or modifications would advance a
privacy interest.
B. Statement of the Significant Issues
Raised by the Public Comments in
Response to the Initial Regulatory
Flexibility Analysis, a Statement of the
Assessment of the Agency of Such
Issues, and a Statement of Any Changes
Made to the Proposed Rule in the Final
Rule as a Result of Such Comments
In accordance with section 603(a) of
the RFA, the Bureau prepared an IRFA.
In the IRFA, the Bureau estimated the
possible compliance cost for small
entities with respect to a pre-statute
E:\FR\FM\31MYR2.SGM
31MYR2
lotter on DSK11XQN23PROD with RULES2
35520
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
baseline. Additionally, the IRFA
discussed possible impacts on small
entities, such as small businesses to
whom lenders provide credit.
Very few commenters specifically
address the IRFA included in the
proposal. Comments made by the SBA
Office of Advocacy related to the
estimates included in the IRFA are
addressed below in part X.B.3. A
comprehensive discussion of comments
that relate to parts of the regulatory
flexibility analysis can be found
throughout part IX above. This section
addresses specific significant comments
that affects the FRFA analysis.
Commenters provided feedback on
the overall magnitudes of the one-time
and ongoing cost estimates, which form
a core part of the IRFA analysis. Some
industry commenters provided their
own estimates of either their
institution’s specific one-time or
ongoing costs. With respect to one-time
costs, the Bureau has reviewed
estimates and considered the
information provided by the
commenters, together with the existing
evidence provided in the One-Time Cost
Survey. The Bureau considers most
estimates provided by commenters as
broadly consistent with the Bureau’s
one-time cost estimates. With respect to
ongoing costs, industry commenters’
estimates ranged from estimates that
were quite similar to the Bureau’s
estimate for institutions of similar small
business credit volume to estimates that
were considerably higher than the
Bureau’s estimates. The Bureau has
reviewed these estimates and
considered the information provided by
the commenters.
Many industry commenters claimed a
need to hire additional staff, both with
respect to the one-time cost of
implementing the rule and the ongoing
cost of reporting 1071 data annually.
Many provided estimates of the
additional FTEs that the institution
would have to hire to comply with the
proposed rule. These estimates ranged
from one additional FTE to up to 10
additional FTEs. A survey of
community banks by a national trade
association found that 88 percent of
respondents would need to hire an
additional FTE and, on average,
institutions would have to hire 2–3
FTEs. Several commenters asserted that
the hiring of additional staff alone
showed that the Bureau’s one-time and
ongoing cost estimates in the proposal
were inadequate. In the ongoing costs
estimates of the Bureau’s proposal, the
Bureau calculated the number of hours
required to be spent on 1071-related
tasks, without distinguishing between
existing or newly-hired staff. The
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
Bureau assumes that the time spent on
1071-related tasks necessarily takes time
away from otherwise profitable activity
to which the hours would be put in the
rule’s absence. Since the Bureau is
accounting for time spent in this way,
the Bureau believes that its estimates
account for the additional staff activity
required to be spent to collect, check,
and report data under the final rule. For
this reason, the Bureau did not change
any staffing time estimates, with
exceptions mentioned below.
However, hiring additional FTEs
would lead some institutions to incur
fixed one-time costs of hiring, including
search, administrative burden, and
additional training, that they would not
have incurred in the absence of the final
rule. The Bureau categorizes this type of
cost as a one-time cost, where the
institution staffs up to be able to comply
with the rule. So, while the Bureau has
not changed ongoing costs estimates
with respect to staff hours, it is
incorporating the fixed cost of hiring
new staff in its estimation of one-time
costs.
Several commenters also suggested
that the specific ongoing costs for
training staff were too low in the
proposal. As described in the proposal,
the Bureau received similar comments
during the SBREFA process, but wished
to learn additional information through
comments on the proposed rule to better
estimate the cost of training. Several
institutions provided specific annual
costs of training employees or estimates
of the overall employee time expected to
be required to comply with the final
rule. Others more generally described
the need to train more staff than just
loan officers, but also administrative
and other staff.
The Bureau’s ongoing cost estimates
only reflected the assumed training time
required to train loan officers that
directly handle the underwriting
process. The Bureau decided, based on
the comments to the proposed rule, to
double the amount of assumed training
hours required on an annual basis to
account for the additional staff that
would have to be trained on an annual
basis besides simply the loan officers.
The estimates in this final rule reflect
the doubling of annual training hours.
C. Response of the Agency to Any
Comments Filed by the Chief Counsel
for Advocacy of the Small Business
Administration in Response to the
Proposed Rule, and a Detailed
Statement of Any Change Made to the
Proposed Rule in the Final Rule as a
Result of the Comments
SBA Office of Advocacy provided a
formal comment letter to the Bureau in
PO 00000
Frm 00372
Fmt 4701
Sfmt 4700
response to the proposed rule. This
letter expressed concerns that the
Bureau underestimated the costs of the
proposed rule, that the Bureau did not
adequately consider the scope of
coverage, and that the Bureau
additionally underestimated the effect
of the proposed rule on the cost of credit
to small entities. Additionally, SBA
Office of Advocacy provided specific
feedback related to certain provisions of
the proposed rule, which are addressed
below.
Comments related to the Bureau’s cost
estimates. SBA Office of Advocacy
asserted that the Bureau’s estimated
costs of compliance in the proposal
were too low, arguing, specifically, that
training costs were too low and stated
that the Bureau had acknowledged that
small entity representatives, during the
SBREFA process, had noted that the
Bureau’s training costs might be low
because they did not account for enough
staff being trained. Regarding these
training costs, the Bureau notes that, as
SBA Office of Advocacy observed, the
proposal identified the feedback from
small entity representatives that the
training costs might be underestimated.
In part VIII.F.3 of the proposal the
Bureau sought comments on the training
and other estimates to inform the
ongoing cost estimation. As noted in
part IX.F above, the Bureau has
increased its estimates of training costs
in response to SBA Office of Advocacy
and other comments to account for
additional staff that would need to be
trained on an ongoing basis.
SBA Office of Advocacy expressed
concerns that the Bureau has
underestimated the one-time costs,
specifically with regard to training
costs. As noted in the above methods
(part IX.E) and estimations (part IX.F)
discussions, the Bureau estimated onetime costs from the Bureau’s One-Time
Cost Survey, which was conducted of
industry participants potentially subject
to the Bureau’s rule implementing
section 1071. The Bureau’s Tables 14
through 16 provide averages of survey
responses. To obtain final estimates, the
Bureau combined this information with
relevant information from comments on
the proposal. The Bureau reviewed and
considered comments on the cost
estimates included in its proposal.
SBA Office of Advocacy also asserted
that the Bureau underestimated the pass
through of compliance costs to small
businesses in the form of rates and fees.
SBA Office of Advocacy also asserted
that, because institutions could charge
an application fee, the fee may be a
disincentive for small businesses to
shop for a better priced loan, and
E:\FR\FM\31MYR2.SGM
31MYR2
lotter on DSK11XQN23PROD with RULES2
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
therefore the overall cost of credit may
be higher than indicated.
Regarding these comments on the
pass through of costs, the Bureau notes
in part IX.F.4 above that it expects the
variable portion of ongoing costs to be
passed on to small business credit
borrowers in the form of higher interest
rates and fees. It made this
determination from the results to its
One-Time Cost Survey, economic
theory, and comments on the proposed
rule. Additionally, lenders presently
have the ability to charge applicants
application fees, something that the
potential increase in fees from
compliance costs associated with this
final rule does not change.
Comments related to other aspects of
the proposed rule. In the section-bysection analysis of the final rule in part
V above, the Bureau has responded to
the SBA Office of Advocacy’s comments
concerning a number of topics in the
proposed rule, including the definition
of financial institution, the small
business definition, the coverage of
automobile dealers, the data points
generally, the proposed visual
observation and surname requirement
related to applicants’ demographic
information, data points adopted
pursuant to ECOA section 704B(e)(2)(H),
and the compliance date of the rule.
SBA Office of Advocacy’s comments
and the Bureau’s responses on these
topics are summarized below.
Scope of coverage/definition of
financial institution. Initially, SBA
Office of Advocacy expressed concern
about the scope of coverage, particularly
as related to who would be a covered
financial institution required to collect
and report 1071 data. SBA Office of
Advocacy argued that the proposed 25origination threshold may be too low,
and that the Bureau has not analyzed
the data fully to determine whether a
higher threshold would garner an
appropriate amount of information to
fulfill the purposes of section 1071. SBA
Office of Advocacy further urged the
Bureau to consider additional
alternative thresholds, and supplement
its analysis, including 50-, 100-, 200and 500-origination threshold
alternatives. In the final rule, the Bureau
has increased the institutional coverage
threshold from 25 to 100 originations
annually to address industry concerns
regarding the impact on the smallest
financial institutions. Smaller lenders
play an integral role in lending to parts
of the small business sector and the
Bureau does not want to risk disruption
to this sector, which would run contrary
to the business and community
development purpose of section 1071.
The Bureau also considered higher
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
thresholds, but believes that raising the
threshold further would undermine the
purposes of section 1071.
Definition of small business. Next,
SBA Office of Advocacy commended
the Bureau for proposing an alternative
size standard to SBA’s approach to
defining a small business, noting prior
feedback concerning the need for a
simpler definition that is easy for small
business applicants to understand and
financial institutions to implement.
However, SBA Office of Advocacy noted
concern from stakeholders that the $5
million gross annual revenue threshold
may be too high for small financial
institutions to implement and may
cause some of those entities to forgo
making business loans. SBA Office of
Advocacy urged the Bureau to analyze
other possible thresholds at a lower
amount that would garner sufficient
data, without the risk of smaller banks
discontinuing business loans. Although
the Bureau considered different
threshold amounts and different size
standards, it believes that a $5 million
gross annual revenue threshold strikes
the right balance in terms of broadly
covering the small business credit
market to fulfill section 1071’s statutory
purposes while meeting the SBA’s
criteria for an alternative size standard.
The final rule also anticipates updates
to this threshold every five years to
account for inflation.
Data points—collection of ethnicity
and race via visual observation or
surname, and data points adopted
pursuant to ECOA section 704B(e)(2)(H).
SBA Office of Advocacy raised two
concerns related to data points required
to be collected under section 1071. First,
SBA Office of Advocacy argued that the
requirement in the proposed rule to
collect ethnicity and race information
based on visual observation or surname
should be removed. SBA Office of
Advocacy reiterated concerns expressed
during the SBREFA panel about a visual
observation requirement. SBA Office of
Advocacy further argued that data
collected through visual observation or
surname could be corrupted by bias or
other forms of discrimination, and
would therefore be in opposition to the
intent of section 1071. They further
stated that even well trained and wellmotivated financial institutions could
make wrong assumptions and taint the
quality of the data. After considering the
issue further as explained in the sectionby-section analysis of § 1002.107(a)(19)
above, the final rule does not include a
requirement to collect applicant
demographic information based on
visual observation or surname.
Second, SBA Office of Advocacy
urged the Bureau to remove from the
PO 00000
Frm 00373
Fmt 4701
Sfmt 4700
35521
rule all data points proposed pursuant
to its statutory authority set forth in
ECOA section 704B(e)(2)(H), arguing
that such data points are not required by
section 1071, are costly, and potentially
raise privacy concerns. SBA Office of
Advocacy noted that these data points
could be reverse engineered to
determine what businesses were denied
credit, particularly in small
communities. They focused particularly
on pricing data, asserting that these data
would be costly and could damage the
reputation of the institution by creating
unjustified inferences that pricing
disparities are due to fair lending
violations. The Bureau believes that
pricing and the other data points
provide valuable information that
furthers the dual purposes of section
1071. The Bureau believes that any risks
to privacy interests can be addressed
through modifications or deletions to
public, application-level data, as
appropriate.
Next, SBA Office of Advocacy urged
the Bureau to work with small
automobile dealers to make the direct
and indirect impacts of the rulemaking
as least burdensome as possible. SBA
Office of Advocacy stated that dealers
may either directly issue credit or, as
noted by a trade association, in many
cases, act as intermediaries between
buyers and financial institutions, and in
those roles may be asked to support
financial institutions’ compliance with
the rule. The Bureau’s rule does not
apply to motor vehicle dealers.973 The
Bureau has also made revisions to the
rule’s provisions addressing reporting
obligations when multiple financial
institutions are involved in originating a
single covered credit transaction, which
the Bureau believes will provide greater
clarity to motor vehicle dealers and the
covered financial institutions that work
with them, as well as to other covered
financial institutions that originate
covered credit transactions for small
businesses through third parties. In
addition, the Bureau has sought to
reduce burden on small covered
financial institutions through many
provisions in the final rule, including,
for example, by issuing a sample data
collection form that institutions can use
to collect protected demographic data
from applicants. Finally, SBA Office of
Advocacy encouraged the Bureau to
consider an implementation period of
three years or longer for the rule, rather
973 The Bureau’s rules, including this final rule to
implement section 1071, generally do not apply to
motor vehicle dealers, as defined in section
1029(f)(2) of the Dodd-Frank Act, that are
predominantly engaged in the sale and servicing of
motor vehicles, the leasing and servicing of motor
vehicles, or both. 12 U.S.C. 5519.
E:\FR\FM\31MYR2.SGM
31MYR2
35522
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
than 18 months as proposed. SBA Office
of Advocacy reiterated feedback from a
roundtable session it held that an 18month compliance period would not be
sufficient, and it may take up to three
years for small financial institutions to
comply. They noted that unlike HMDA,
financial institutions are not building
off a system already in place, and
instead need to develop new systems.
SBA Office of Advocacy also reiterated
feedback during the SBREFA process
that supported a two- to three-year
implementation period. The Bureau is
adopting a tiered compliance date
schedule because it believes that smaller
and mid-sized lenders would have
particular difficulties complying within
the single 18-month compliance period
proposed in the NPRM. Compliance
with the rule beginning October 1, 2024
is required for financial institutions that
originate the most covered credit
transactions for small businesses.
However, institutions with a moderate
transaction volume have until April 1,
2025 to begin complying with the rule,
and those with the lowest volume have
until January 1, 2026.974 The Bureau
believes that approximately 90 percent
of all covered financial institutions that
are themselves ‘‘small’’ under the SBA’s
size standards will fall under the latest
compliance date, giving them nearly
three years to prepare for compliance
with the Bureau’s final rule.
D. Description of and an Estimate of the
Number of Small Entities to Which the
Rule Will Apply
For the purposes of assessing the
impacts of the final rule on small
entities, ‘‘small entities’’ is defined in
the RFA to include small businesses,
small nonprofit organizations, and small
government jurisdictions.975 A ‘‘small
business’’ is determined by application
of SBA regulations in reference to the
North American Industry Classification
System (NAICS) classification and size
standards.976 Under such standards, the
Bureau identified several categories of
small entities that may be subject to the
proposed provisions: depository
institutions; online lenders and
merchant cash advance providers;
commercial finance companies;
nondepository CDFIs; Farm Credit
System members; and governmental
lending entities. The NAICS codes
covered by these categories are
described below.
The following table provides the
Bureau’s estimate of the number and
types of entities that may be affected by
the proposed rule:
lotter on DSK11XQN23PROD with RULES2
TABLE 19—ESTIMATED NUMBER OF AFFECTED ENTITIES AND SMALL ENTITIES BY CATEGORY
Est. total
covered
financial
institutions
Category
NAICS
Small entity threshold
Depository Institutions ......................
Online Lenders and Merchant Cash
Advance Providers.
Commercial Finance Companies .....
522110, 522180, 522130, 522210 ..
522299, 522291, 522320, 518210 ..
Nondepository CDFIs .......................
522390, 523910, 813410, 522310 ..
Farm Credit System members .........
Governmental Lending Entities ........
522299 .............................................
NA ....................................................
$850 million in assets ...................................................
$40 million (NAICS 518210); $47 million (NAICS
522299, 522291, 522320).
$47 million (NAICS 513210, 522220, 522291); $40
million (NAICS 532490); $45.5 million (NAICS
532411).
$9.5 million (NAICS 813410); $15 million (NAICS
522310); $47 million (NAICS 523910, 522390).
$47 million ....................................................................
Population below 50,000 ..............................................
513210, 532411, 532490, 522220,
522291.
Est. number
of small
financial
institutions
1,900
100
1,000
90
240
216
139
132
71
70
31
0
The following paragraphs describe the
categories of entities that the Bureau
expects would be affected by the final
rule.
Depository institutions (banks and
credit unions): The Bureau estimates
that there are about 1,900 banks, savings
associations, and credit unions engaged
in small business lending that originate
enough covered transactions to be
covered by the final rule.977 These
companies potentially fall into four
different industry categories, including
‘‘Commercial Banking’’ (NAICS
522110), ‘‘Savings Institutions’’ (NAICS
522120), ‘‘Credit Unions’’ (NAICS
522130), and ‘‘Credit Card Issuing’’
(NAICS 522210). All of these industries
have a size standard threshold of $850
million in assets. The Bureau estimates
that about 1,000 of these institutions are
small entities according to this
threshold. See part IX.D above for more
detail on how the Bureau arrived at
these estimates.
Online lenders and merchant cash
advance providers: As discussed in
more detail in part II.D above, the
Bureau estimates that there are about
100 fintech lenders and merchant cash
advance providers engaged in small
business lending that originate enough
covered transactions to be covered by
the final rule. These companies span
multiple industries, including ‘‘All
Other Nondepository Credit
Intermediation’’ (NAICS 522298),
‘‘Consumer Lending’’ (NAICS 522291),
‘‘Financial Transactions, Processing,
Reserve, and Clearinghouse Activities’’
(NAICS 522320), and ‘‘Data Processing,
Housing and Related Services’’ (NAICS
518210). All of these industries have a
size standard threshold of $40 million
in sales (NAICS 518210) or $47 million
in sales (all other NAICS). The Bureau
assumes that about 90 percent, or 90, of
these entities are small according to
these size standards.
Commercial finance companies: As
discussed in more detail in part II.D
above, the Bureau estimates that there
are about 240 commercial finance
companies, including captive and
independent financing, engaged in
small business lending that originate
enough covered credit transactions to be
covered by the final rule. These
companies span multiple industries,
including ‘‘Software Publishers’’
(NAICS 513210), ‘‘Commercial Air, Rail,
and Water Transportation Equipment
Rental and Leasing’’ (NAICS 532411),
‘‘Other Commercial and Industrial
Machinery and Equipment Rental and
Leasing’’ (NAICS 532490), ‘‘Sales
financing’’ (NAICS 522220) and
‘‘Consumer Lending’’ (NAICS 522291).
These industries have size standard
thresholds of $47 million in sales
(NAICS 513210, 522220, 522291), $45.5
974 The Bureau estimates that most small
depository institutions will fall into Tier 3 and will
be required to begin complying with the final rule
in 2026.
975 5 U.S.C. 601(6).
976 The current SBA size standards are found on
the SBA’s website, Small Bus. Admin., Table of size
standards (Mar. 17, 2023), https://www.sba.gov/
document/support-table-size-standards.
977 The Bureau notes that the category of
depository institutions also includes CDFIs that are
also depository institutions.
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
PO 00000
Frm 00374
Fmt 4701
Sfmt 4700
E:\FR\FM\31MYR2.SGM
31MYR2
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
lotter on DSK11XQN23PROD with RULES2
million in sales (NAICS 532411), or $40
million in sales (NAICS 532490). The
Bureau assumes that about 90 percent,
or 216, commercial finance companies
are small according to these size
standards.
Nondepository CDFIs: As discussed in
more detail in part II.D above, the
Bureau estimates that there are 139
nondepository CDFIs engaged in small
business lending that originate enough
covered credit transactions to be
covered by the final rule. CDFIs
generally fall into ‘‘Activities Related to
Credit Intermediation (Including Loan
Brokers)’’ (NAICS 522390),
‘‘Miscellaneous Intermediation’’ (NAICS
523910), ‘‘Civic and Social
Organizations’’ (NAICS 813410), and
‘‘Mortgage and Nonmortgage Loan
Brokers’’ (NAICS 522310). These
industries have size standard thresholds
of $9.5 million in sales (NAICS 813410),
$15 million in sales (NAICS 522310),
and $47 million in sales (NAICS
522390, 523910). The Bureau assumes
that about 95 percent, or 132,
nondepository CDFIs are small entities.
Farm Credit System members: The
Bureau estimates that there are 71
members of the Farm Credit System
(banks and associations) that are
engaged in small business lending and
that originate enough covered credit
transactions to be covered by the final
rule.978 These institutions are in the
‘‘International, Secondary Market, and
All Other Credit Intermediation’’
(NAICS 522299) industry. The size
standard for this industry is $47 million
in sales. The Bureau estimates that 18
members of the Farm Credit System are
small entities.
Governmental lending entities: As
discussed in more detail in part II.D
above, the Bureau estimates that there
are about 70 governmental lending
entities engaged in small business
lending that originate enough covered
credit transactions to be covered by the
final rule. ‘‘Small governmental
jurisdictions’’ are the governments of
978 Fed. Farm Credit Banks Funding Corp., Farm
Credit 2019 Annual Information Statement of the
Farm Credit System, at 7 (Feb. 28, 2020), https://
www.farmcreditfunding.com/ffcb_live/serve/public/
pressre/finin/report.pdf?assetId=395570. The
Bureau notes that Farm Credit System banks do not
report FFIEC Call Reports and are thus not counted
in the number of banks and savings associations
discussed above. To estimate the number of small
Farm Credit System members, the Bureau
considered FCA Call Reports and Young,
Beginning, and Small Farmers Reports for all Farm
Credit System members as of December 31, 2019.
The reports can be found at https://reports.fca.gov/
CRS/. A Farm Credit System is covered if it
reported more than 100 total number of loans on
its Young, Beginning, and Small Farmers Report in
2019. A Farm Credit System member is considered
small if its net interest income plus total noninterest income is less than $41.5 million.
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
cities, counties, towns, townships,
villages, school districts, or special
districts, with a population of less than
fifty thousand. The Bureau assumes that
none of the governmental lending
entities covered by the final rule are
considered small.
E. Projected Reporting, Recordkeeping,
and Other Compliance Requirements of
the Final Rule, Including an Estimate of
the Classes of Small Entities Which Will
Be Subject to the Requirement and the
Type of Professional Skills Necessary
for the Preparation of the Report or
Record
Reporting requirements. ECOA
section 704B(f)(1) provides that ‘‘[t]he
data required to be compiled and
maintained under [section 1071] by any
financial institution shall be submitted
annually to the Bureau.’’ Section 1071
requires financial institutions to collect
and report information regarding any
application for ‘‘credit’’ made by
women-owned, minority-owned, and
small businesses. In its rule to
implement section 1071, the Bureau is
not covering the following transactions:
leases, factoring, consumer-designated
credit used for business purposes,
HMDA-reportable transactions,
insurance premium financing, trade
credit, public utilities credit, securities
credit, and incidental credit.
Under the final rule, financial
institutions would be required to report
data on small business credit
applications if they originated at least
100 covered transactions in each of the
previous two calendar years. The
Bureau is requiring that data collection
occur on a calendar-year basis and
submitted to the Bureau by the
following June 1. Under the final rule,
covered financial institutions are
required to collect and report the
following data points: (1) a unique
identifier, (2) application date, (3)
application method, (4) application
recipient, (5) credit type, (6) credit
purpose, (7) amount applied for, (8)
amount approved or originated, (9)
action taken, (10) action taken date, (11)
denial reasons, (12) pricing information,
(13) census tract, (14) gross annual
revenue, (15) NAICS code, (16) number
of workers, (17) time in business, (18)
minority-owned business status,
women-owned business status, and
LGBTQI+-owned business status, (19)
ethnicity, race, and sex of principal
owners, and (20) the number of
principal owners. The section-bysection analyses in part V above discuss
the required data points and the scope
of the final rule in greater detail.
Recordkeeping requirements. ECOA
section 704B(f)(2)(A) requires that
PO 00000
Frm 00375
Fmt 4701
Sfmt 4700
35523
information compiled and maintained
under section 1071 be ‘‘retained for not
less than 3 years after the date of
preparation.’’ The Bureau is requiring
that financial institutions retain 1071
data for at least three years after it is
submitted to the Bureau. In accordance
with 704B(e)(3), the Bureau is also
instituting a prohibition on including
certain personally identifiable
information about any individuals
associated with small business
applicants in the data that a financial
institution is required to compile,
maintain, and report to the Bureau,
other than information specifically
required to be collected and reported
(such as the ethnicity, race, and sex of
principal owners and whether the
business is women-owned, minorityowned, or LGBTQI+-owned). Financial
institutions must, unless subject to an
exception, limit the access of certain
officers and employees to applicants’
responses to the inquiries regarding
women-owned, minority-owned, and
LGBTQI+-owned business status, as
well as the ethnicity, race, and sex of
principal owners. In addition,
applicants’ responses to the inquiries
regarding women-owned, minorityowned, and LGBTQI+-owned business
status, as well as the ethnicity, race, and
sex of principal owners, must be
maintained separately from the
application and accompanying
information.
Costs to small entities. The Bureau
expects that the proposed rule may
impose one-time and ongoing costs on
small-entity providers of credit to small
businesses. The Bureau has identified
eight categories of one-time costs that
make up the components necessary for
a financial institution to develop the
infrastructure to collect and report data
required by the rule. Those categories
are preparation/planning; updating
computer systems; testing/validating
systems; developing forms/applications;
training staff and third parties (such as
dealers and brokers); developing
policies/procedures; legal/compliance
review; and post-implementation review
of compliance policies and procedures.
The Bureau conducted a survey
regarding potential one-time
implementation costs for section 1071
compliance targeted at financial
institutions who extend small business
credit. The Bureau used the results of
this survey to estimate the one-time
costs for financial institutions covered
by the proposed rule using the
methodology described in part VIII.E.1
above. The Bureau estimates that
depository institutions with the lowest
level of complexity in compliance
E:\FR\FM\31MYR2.SGM
31MYR2
35524
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
lotter on DSK11XQN23PROD with RULES2
operations (i.e., Type A DIs) would
incur one-time costs of $63,825,
including expected hiring costs. The
Bureau estimates that depository
institutions with a middle level of
complexity in compliance operations
(i.e., Type B DIs) would incur one-time
costs of $49,225, including expected
hiring costs. The Bureau estimates that
depository institutions with the highest
level of complexity in compliance
operations (i.e., Type C DIs) would incur
one-time costs of $91,075, including
expected hiring costs. Finally, the
Bureau estimates that Non-DIs would
incur one-time costs of $105,250,
including the costs of hiring two
additional staff.
The Bureau estimates that the overall
market impact of one-time costs for
small depository institutions will be
between $56,000,000 and
$67,000,000.979 The Bureau estimates
that the overall market impact of onetime costs for Non-DIs will be about
$45,000,000.
Adapting ongoing cost methodology
from previous HMDA rulemaking
efforts, the Bureau identified 15 specific
data collection and reporting activities
that would impose ongoing costs to
financial institutions covered by the
rule.980 The Bureau estimates that
representative financial institutions
with the lowest level of complexity in
compliance operations (i.e., Type A FIs)
would incur around $8,349 in total
annual ongoing costs, or about $83 in
total cost per application processed
(assuming a representative 100
applications per year). For financial
institutions of this type, the largest
drivers of the ongoing costs are
activities that require employee time to
complete. Activities like transcribing
data, transferring data to the data
management software, standard edits
and internal checks, and training all
require loan officer time. The Bureau
estimates that financial institutions with
a middle level of complexity in
compliance operations (i.e., Type B FIs),
which are somewhat automated, would
incur approximately $40,079 in
additional ongoing costs per year, or
around $100 per application (assuming
a representative 400 applications per
year). The largest components of this
ongoing cost are the expenses of the
979 The Bureau notes that the variation in this
range comes primarily from the uncertainty in the
number of originations made by small banks and
savings associations. The range does not fully
account for the uncertainty associated with
estimates of the one-time costs for each type of
institution.
980 The Bureau applied the same methodology for
the ongoing costs for small entities as that found in
part IX.E.2 above.
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
small business application management
software and geocoding software (in the
form of an annual software subscription
fee) and the external audit of the data.
The Bureau estimates that financial
institutions with the highest level of
complexity in compliance operations
(i.e., Type C FIs), which are significantly
automated, would incur approximately
$278,618 in additional ongoing costs per
year, or around $46 per application
(assuming a representative 6,000
applications per year). The largest
components of this ongoing cost are the
cost of an internal audit, transcribing
data, and annual edits and internal
checks.
The Bureau estimates that the overall
market impact of ongoing costs for small
entities will be between $83,000,000
and $96,000,000 per year.
Estimate of the classes of small
entities that will be subject to the
requirement and the type of professional
skills necessary for the preparation of
the report or record. Section 603(b)(4) of
the RFA also requires an estimate of the
type of professional skills necessary for
the preparation of the reports or records.
The recordkeeping and compliance
requirements of the final rule that
would affect small entities are
summarized above. Based on outreach
with financial institutions, vendors, and
governmental agency representatives,
the Bureau classified the operational
activities that financial institutions
would likely use for section 1071 data
collection and reporting into 15
operational ‘‘tasks’’ which can be
further grouped into four ‘‘primary
tasks.’’ These are:
1. Data collection: Transcribing data,
resolving reportability questions, and
transferring data to a 1071 data
management system.
2. Reporting and resubmission:
Geocoding, standard annual edit and
internal checks, researching questions,
resolving question responses, checking
post-submission edits, filing postsubmission documents, and using
vendor data management software.
3. Compliance and internal audits:
Training, internal audits, and external
audits.
4. Section 1071-related exams: Exam
preparation and exam assistance.
All these tasks are related to the
preparation of reports or records and
most of them are performed by
compliance personnel in the
compliance department of financial
institutions. For some financial
institutions, however, the data intake
and transcribing stage could involve
loan officers or processors whose
primary function is to evaluate or
process loan applications. For example,
PO 00000
Frm 00376
Fmt 4701
Sfmt 4700
at some financial institutions the loan
officers would take in information from
the applicant to complete the
application and input that information
into the reporting system. However, the
Bureau believes that such roles
generally do not require any additional
professional skills related for the
recordkeeping or other compliance
requirements of this final rule that are
not otherwise required during the
ordinary course of business for small
entities. The Bureau also notes that
small nondepository institutions might
not be subject to fair lending exams and
might, therefore, have reduced costs.
The type of professional skills
required for compliance varies
depending on the particular task
involved. For example, data transcribing
requires data entry skills. Transferring
data to a data entry system and using
vendor data management software
requires knowledge of computer
systems and the ability to use them.
Researching and resolving reportability
questions requires a more complex
understanding of the regulatory
requirements and the details of the
relevant line of business. Geocoding
requires skills in using the geocoding
software, web systems, or, in cases
where geocoding is difficult, knowledge
of the local area in which the property
is located. Standard annual editing,
internal checks, and post-submission
editing require knowledge of the
relevant data systems, data formats, and
section 1071 regulatory requirements in
addition to skills in quality control and
assurance. Filing post-submission
documents requires skills in
information creation, dissemination,
and communication. Training, internal
audits, and external audits require
communications skills, educational
skills, and regulatory knowledge.
Section 1071-related exam preparation
and exam assistance involve knowledge
of regulatory requirements, the relevant
line of business, and the relevant data
systems.
The Standard Occupational
Classification code has compliance
officers listed under code 13–1041. The
Bureau believes that most of the skills
required for preparation of the reports or
records related to this rule are the skills
required for job functions performed in
this occupation. However, the Bureau
recognizes that under this general
occupational code there is a high level
of heterogeneity in the type of skills
required as well as the corresponding
labor costs incurred by the financial
institutions performing these functions.
During the SBREFA process, some small
entity representatives noted that, for
instance, high-level corporate officers
E:\FR\FM\31MYR2.SGM
31MYR2
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
such as CEOs and senior vice presidents
could be directly involved in some
regulatory tasks. The Bureau
acknowledges the possibility that
certain aspects of the final rule may
require some small entities to hire
additional compliance staff. The Bureau
received many comments on its
proposal that asserted that industry
participants would have to hire
additional employees to comply with
the rule. The Bureau made changes to
its estimates of one-time costs to reflect
the additional one-time cost of hiring
new staff. Compliance with the final
rule may emphasize certain skills. For
example, new data points may increase
demand for skills involved in
researching questions, standard annual
editing, and post-submission editing.
Nevertheless, the Bureau believes that
compliance would still involve the
general set of skills identified above.
The recordkeeping and reporting
requirements associated with the final
rule would also involve skills for
information technology system
development, integration, and
maintenance. Financial institutions
required to report data under HMDA
often use data management systems
called HMDA Management Systems for
existing regulatory purposes. A similar
software for reporting the data required
under the final rule could be developed
by the institution internally or
purchased from a third-party vendor. It
is possible that other systems used by
financial institutions, such as loan
origination systems, might also need to
be upgraded to capture new data fields
required to be collected and reported
under the final rule. The professional
skills required for this one-time upgrade
would be related to software
development, testing, system
engineering, information technology
project management, budgeting and
operation.
F. Description of the Steps the Agency
Has Taken To Minimize the Significant
Economic Impact on Small Entities
Consistent With the Stated Objectives of
Applicable Statutes, Including a
Statement of the Factual, Policy, and
Legal Reasons for Selecting the
Alternative Adopted in the Final Rule
and Why Each One of the Other
Significant Alternatives to the Rule
Considered by the Agency Which Affect
the Impact on Small Entities Was
Rejected; and for a Covered Agency, as
Defined in Section 609(d)(2), a
Description of the Steps the Agency Has
Taken To Minimize Any Additional
Cost of Credit for Small Entities
In drafting this final rule, the Bureau
considered multiple financial
institution reporting thresholds. In
particular, the Bureau considered
whether to exempt financial institutions
with fewer than 25, 50, 200, or 500
originations of covered credit
transactions for small businesses in each
35525
of the two preceding calendar years,
instead of 100 originations as finalized.
The Bureau also considered whether to
exempt depository institutions with
assets under $100 million or $200
million from section 1071’s data
collection and reporting requirements.
The Bureau expects that some burden
reduction will result from the higher
threshold of 100 loans.
The following table shows the
estimated impact that different reporting
thresholds the Bureau considered would
have had on financial institution
coverage. For the purposes of
considering the asset-based threshold
alternatives, the Bureau estimates how
institutional coverage and costs would
be different if the Bureau required a 25origination threshold in addition to an
asset-based threshold for depository
institutions. For the asset-based
threshold alternatives, the Bureau
assumes that the alternative proposal
would have been that a depository
institution would be required to report
its small business lending activity for
2019 if it had more than 25 originations
in both 2017 and 2018 and had assets
over the asset-based threshold on
December 31, 2018. The Bureau further
assumes that if two institutions merged
in 2019 then the resulting institution
would be required to report if the sum
of the separate institutions’ assets on
December 31, 2018 exceeded the assetbased threshold.
TABLE 20—ESTIMATED IMPACT OF DIFFERENT REPORTING THRESHOLDS ON THE NUMBER AND PERCENTAGE OF SMALL
DEPOSITORY INSTITUTIONS COVERED
Number of
small depository
institutions covered
Threshold considered
lotter on DSK11XQN23PROD with RULES2
25 originations .........................................................................................................................
50 originations .........................................................................................................................
100 originations .......................................................................................................................
200 originations .......................................................................................................................
500 originations .......................................................................................................................
25 originations AND $100 million in assets ............................................................................
25 originations AND $200 million in assets ............................................................................
Further, the Bureau is finalizing
several data points pursuant to its
authority under ECOA section
704B(e)(2)(H) that is has concluded
would help the data collection fulfill the
purposes of section 1071: application
method, application recipient, pricing,
number of principal owners, NAICS
code, number of workers, and time in
business.
During the SBREFA process, small
entity representatives provided detailed
feedback on the data points that the
Bureau was considering proposing
pursuant to ECOA section
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
704B(e)(2)(H).981 One small entity
representative stated that the cost of
collecting and reporting such data
points under consideration would be
significant, and another stated that the
Bureau should include as few data
points as possible to avoid unnecessary
costs. Another small entity
representative stated that the Bureau
should finalize a rule with just the data
points enumerated in 704B(e)(2)(A)
981 The small entity representative feedback
discussed herein can be found in the SBREFA Panel
Report at 30–32.
PO 00000
Frm 00377
Fmt 4701
Sfmt 4700
2,900–3,000
1,900–2,100
1,000–1,100
400–500
50–100
2,400–2,500
1,600–1,700
% of small depository
institutions covered
32–33
21–23
11–12
4–6
0.6–1
26–28
18–19
through (G) and avoid adding any
additional data points. Other small
entity representatives favored or
opposed the inclusion of some or all of
the individual data points under
consideration during the SBREFA
process. Many industry commenters and
SBA Office of Advocacy opposed the
collection of any data points pursuant to
section 704B(e)(2)(H). These
commenters stated that such data points
would be burdensome to collect and
report, while some, particularly the
E:\FR\FM\31MYR2.SGM
31MYR2
lotter on DSK11XQN23PROD with RULES2
35526
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
pricing data point, could be subject to
misinterpretation by data users.
The Bureau understands that certain
data points may introduce additional
burden to small entities. However, the
Bureau has determined that these data
points would aid in fulfilling the
statutory purposes of section 1071—
facilitating enforcement of fair lending
laws and enabling communities,
governmental entities, and creditors to
identify business and community
development needs and opportunities of
women-owned, minority-owned, and
small businesses.
Three types of costs (one-time, fixed
ongoing, and variable ongoing) have the
potential to influence the price and
availability of credit to small businesses.
In a competitive marketplace, standard
microeconomics suggests that lenders
will extend loans up to the point at
which the value of granting an
additional loan is equal to the
additional cost associated with the
financial institution providing the loan.
One-time costs and fixed ongoing costs
affect the overall profitability of a
lender’s loan portfolio but do not affect
the profitability of extending an
additional loan. Variable ongoing costs,
however, affect the profitability of each
additional loan and will influence the
number of loans a lender provides.
Based on the Bureau’s available
evidence, it expects that the variable
ongoing costs to comply with the
proposed rule will be passed on in full
to small business credit applicants in
the form of higher prices or fees to small
businesses.
In the One-Time Cost Survey, the
Bureau asked respondents to rank a list
of potential actions they may take in
response to the compliance costs of
implementing section 1071.982
Respondents ranked the following list:
‘‘Raise rates or fees on small business
products’’; ‘‘Raise rates/fees on other
credit products’’; ‘‘Accept lower
profits’’; ‘‘Exit some geographic
markets’’; ‘‘Tighten underwriting
standards’’; ‘‘Offer fewer or less
complex products’’; ‘‘No longer offer
small business credit products’’; or
‘‘Other’’ with two write-in options.
Respondents ranked these options from
‘‘1’’ to ‘‘9’’ indicating their most to least
likely responses. Respondents also had
the opportunity to write in their own
responses. Consistent with economic
theory, respondents reported that they
would be most likely to raise rates or
fees on small business products and
other credit products. On average,
respondents reported that they would be
least likely to exit some geographic
982 See
One-Time Cost Survey at 11.
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
markets or cease offering small business
credit products. Accordingly, the
Bureau expects the likely impact of the
rule on the cost of credit to small
entities to be higher rates and fees
because financial institutions pass on
the variable ongoing costs of the
required data collection. The Bureau
estimates that $32, $26, and $7.50 in
variable costs would be passed through
per application to Type A, B, and C FIs,
respectively. To put these values in
context, the Bureau estimates that the
per application net income is in a range
of $66,000–$83,000; $33,000–$38,000;
and $83,000–$92,000 for covered banks
and savings associations of Types A, B,
and C, respectively.
The Bureau also carefully considered
the rule’s potential impact on small
entities in its decision related to
transactional scope. For example, the
Bureau is not covering trade credit in its
1071 final rule because it believes that
trade credit is categorically different
from products like loans, lines of credit,
credit cards, and merchant cash
advances and that there are several
reasons to exclude it from coverage. As
discussed in the section-by-section
analysis of § 1002.104(b)(1), one such
reason is that the Bureau understands
that trade credit can be offered by
entities that are themselves very small
businesses; these entities, in particular,
may incur large costs relative to their
size to collect and report 1071 data in
an accurate and consistent manner.983
The Bureau is also adding new
§ 1002.104(b)(5) to exclude all HMDA
reportable transactions (i.e., covered
loans as defined by Regulation C, 12
CFR 1003.2(e)). The Bureau is finalizing
this exclusion of HMDA-reportable
transactions in order to alleviate
concerns from a broad range of industry
commenters, including small entities,
about the difficulties associated with
dual reporting, particularly in light of
potential inconsistences related to
demographic data collection and
recordkeeping. Moreover, the final rule
makes clear that the term covered credit
transaction does not include consumerdesignated credit used for business or
agricultural purposes, because such
transactions are not business credit. The
Bureau believes that this interpretation
will reduce burden for financial
institutions (including smaller ones)
983 See Leora Klapper et al., Trade Credit
Contracts, 25(3) Review of Fin. Studies 838–67
(2012), https://academic.oup.com/rfs/article/25/3/
838/1616515, and Justin Murfin & Ken Njoroge, The
Implicit Costs of Trade Credit Borrowing by Large
Firms, 28(1) Review of Fin. Studies 112–45 (2015)
https://academic.oup.com/rfs/article/28/1/112/
1681329.
PO 00000
Frm 00378
Fmt 4701
Sfmt 4700
that offer only consumer-designated
credit.
In response to the suggestion to
exempt agricultural lending because of
the impact on small local community
financial institutions, such as credit
unions, the Bureau is not defining a
‘‘covered credit transaction’’ in a way
that would exclude agricultural credit
from the final rule. As detailed in the
section-by-section analysis of
§ 1002.104(a), the Bureau believes that
covering agricultural credit in this
rulemaking is important for both of
section 1071’s statutory purposes. The
Bureau does note, however, that it is
increasing its institutional coverage
threshold, as discussed above, to
minimize compliance costs for smaller
financial institutions with lower lending
volumes.
The Bureau believes that its adoption
of a simplified small business definition
better meets the needs of small entities.
The final rule provides that a business
is a small business if its gross annual
revenue for its preceding fiscal year is
$5 million or less. As discussed in the
section-by-section analysis of
§ 1002.106(b)(1), the Bureau believes
that this approach addresses the
concerns that the Bureau has heard
(during the SBREFA process and in
response to the NPRM) with respect to
determining whether applicants are
small businesses for purposes of
complying with section 1071,
particularly with respect to the concerns
regarding determining the applicant’s
NAICS code.
XI. Paperwork Reduction Act
Under the Paperwork Reduction Act
of 1995 (PRA),984 Federal agencies are
generally required to seek approval from
the Office of Management and Budget
(OMB) for information collection
requirements prior to implementation.
Under the PRA, the Bureau may not
conduct nor sponsor, and,
notwithstanding any other provision of
law, a person is not required to respond
to, an information collection unless the
information collection displays a valid
control number assigned by OMB.
As part of its continuing effort to
reduce paperwork and respondent
burden, the Bureau conducted a
preclearance consultation program to
provide the general public and Federal
agencies with an opportunity to
comment on the information collection
requirements in accordance with the
PRA. This helps ensure that the public
understands the Bureau’s requirements
or instructions, respondents can provide
the requested data in the desired format,
984 44
E:\FR\FM\31MYR2.SGM
U.S.C. 3501 et seq.
31MYR2
lotter on DSK11XQN23PROD with RULES2
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
reporting burden (time and financial
resources) is minimized, information
collection instruments are clearly
understood, and the Bureau can
properly assess the impact of
information collection requirements on
respondents. The Bureau conducted
several rounds of message, form, and
user testing that were approved under
OMB control number 3170–0022 after
appropriate public notice and a 30-day
comment period.
The final rule amends 12 CFR part
1002 (Regulation B), which implements
ECOA. The Bureau’s OMB control
number for Regulation B is 3170–0013.
This final rule will revise the
information collection requirements
contained in Regulation B that OMB has
approved under that OMB control
number.
Under the rule, the Bureau adds four
information collection requirements to
Regulation B:
1. Compilation of reportable data
(§ 1002.107), including a notice
requirement (in § 1002.107(a)(18) and
(19)).
2. Reporting data to the Bureau
(§ 1002.109).
3. Firewall notice requirement
(§ 1002.108(d)).
4. Recordkeeping (§ 1002.111).
The information collection
requirements in this final rule are
mandatory. Certain data fields will be
modified or deleted by the Bureau, in its
discretion, to advance a privacy interest
before the 1071 data are made available
to the public (as permitted by section
1071 and the Bureau’s final rule). The
data that are not modified or deleted
will be made available to the public.
The rest of the data will be considered
confidential if the information:
• Identifies any applicants or natural
persons who might not be applicants
(e.g., owners of a business where a legal
entity is the applicant); or
• Implicates the relevant privacy
interests of applicants, related natural
persons, or financial institutions.
The collections of information
contained in this rule, and identified as
such, have been submitted to OMB for
review under section 3507(d) of the
PRA. A complete description of the
information collection requirements
(including the burden estimate
methods) is provided in the information
collection request that the Bureau has
submitted to OMB under the
requirements of the PRA. The
information collection request
submitted to OMB requesting approval
under the PRA for the information
collection requirements contained
herein is available at
www.regulations.gov as well as on
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
OMB’s public-facing docket at
www.reginfo.gov.
Title of Collection: Regulation B:
Equal Credit Opportunity Act.
OMB Control Number: 3170–0013.
Type of Review: Revision of a
currently approved collection.
Affected Public: Private Sector;
Federal and State Governments.
Estimated Number of Respondents:
2,470 (subpart B only).
Estimated Total Annual Burden
Hours: 8,302,000 (subpart B only).
The Bureau will publish a separate
Federal Register notice once OMB
concludes its review announcing OMB
approval of the information collections
contained in this final rule.
In the NPRM, the Bureau invited
comments on: (a) Whether the collection
of information is necessary for the
proper performance of the functions of
the Bureau, including whether the
information will have practical utility;
(b) the accuracy of the Bureau’s estimate
of the burden of the collection of
information, including the validity of
the methods and the assumptions used;
(c) ways to enhance the quality, utility,
and clarity of the information to be
collected; and (d) ways to minimize the
burden of the collection of information
on respondents, including through the
use of automated collection techniques
or other forms of information
technology.
No comments pertaining specifically
to this section were received. The other
comments on the rule generally are
summarized above.
XII. Congressional Review Act
Pursuant to the Congressional Review
Act,985 the Bureau will submit a report
containing this rule and other required
information to the U.S. Senate, the U.S.
House of Representatives, and the
Comptroller General of the United
States at least 60 days prior to the rule’s
published effective date. The Office of
Information and Regulatory Affairs has
designated this rule as a ‘‘major rule’’ as
defined by 5 U.S.C. 804(2).
List of Subjects in 12 CFR Part 1002
Banks, banking, Civil rights,
Consumer protection, Credit, Credit
unions, Marital status discrimination,
National banks, Penalties.
Authority and Issuance
For the reasons set forth in the
preamble, the Bureau amends
Regulation B, 12 CFR part 1002, as set
forth below:
985 5
PO 00000
U.S.C. 801 et seq.
Frm 00379
Fmt 4701
Sfmt 4700
35527
PART 1002—EQUAL CREDIT
OPPORTUNITY ACT (REGULATION B)
1. The authority citation for part 1002
is revised to read as follows:
■
Authority: 12 U.S.C. 5512, 5581; 15 U.S.C.
1691b. Subpart B is also issued under 15
U.S.C. 1691c–2.
2. Designate §§ 1002.1 through
1002.16 as subpart A under the
following heading:
■
Subpart A—General
§ 1002.1
[Amended
3. In § 1002.1 amend the second
sentence of paragraph (a) by removing
the phrase ‘‘this part applies’’ and
adding in its place ‘‘this subpart
applies’’.
■ 4. Section 1002.2 is amended by
revising the introductory text to read as
follows:
■
§ 1002.2
Definitions.
For the purposes of this part, unless
the context indicates otherwise or as
otherwise defined in subpart B, the
following definitions apply:
*
*
*
*
*
■ 5. Section 1002.5 is amended by
revising the introductory text of
paragraph (a)(4) and adding paragraphs
(a)(4)(vii) through (x) to read as follows:
§ 1002.5 Rules concerning requests for
information.
(a) * * *
(4) Other permissible collection of
information. Notwithstanding paragraph
(b) of this section, a creditor may collect
information under the following
circumstances provided that the creditor
collects the information in compliance
with § 1002.107(a)(18) and (19) and
accompanying commentary, or
appendix B to 12 CFR part 1003, as
applicable:
*
*
*
*
*
(vii) A creditor that was required to
report small business lending data
pursuant to § 1002.109 for any of the
preceding five calendar years but is not
currently a covered financial institution
under § 1002.105(b) may collect
information pursuant to subpart B of
this part for covered applications from
small businesses as defined in
§§ 1002.103 and 1002.106(b) regarding
whether an applicant is a minorityowned business, a women-owned
business, or an LGBTQI+-owned
business, and the ethnicity, race, and
sex of the applicant’s principal owners
if it complies with the requirements for
covered financial institutions pursuant
to §§ 1002.107(a)(18) and (19), 1002.108,
1002.111, and 1002.112 for that
E:\FR\FM\31MYR2.SGM
31MYR2
lotter on DSK11XQN23PROD with RULES2
35528
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
application. Such a creditor is
permitted, but not required, to report
data to the Bureau collected pursuant to
subpart B of this part if it complies with
the requirements of subpart B as
otherwise required for covered financial
institutions pursuant to §§ 1002.109 and
1002.110.
(viii) A creditor that exceeded the
loan-volume threshold in the first year
of the two-year threshold period
provided in § 1002.105(b) may, in the
second year, collect information
pursuant to subpart B of this part for
covered applications from small
businesses as defined in §§ 1002.103
and 1002.106(b) regarding whether an
applicant is a minority-owned business,
a women-owned business, or an
LGBTQI+-owned business, and the
ethnicity, race, and sex of the
applicant’s principal owners if it
complies with the requirements for
covered financial institutions pursuant
to §§ 1002.107(a)(18) and (19), 1002.108,
1002.111, and 1002.112 for that
application. Such a creditor is
permitted, but not required, to report
data to the Bureau collected pursuant to
subpart B of this part if it complies with
the requirements of subpart B as
otherwise required for covered financial
institutions pursuant to §§ 1002.109 and
1002.110.
(ix) A creditor that is not currently a
covered financial institution under
§ 1002.105(b), and is not otherwise a
creditor to which § 1002.5(a)(4)(vii) or
(viii) applies, may collect information
pursuant to subpart B of this part for
covered applications from small
businesses as defined in §§ 1002.103
and 1002.106(b) regarding whether an
applicant for a covered credit
transaction is a minority-owned
business, a women-owned business, or
an LGBTQI+-owned business, and the
ethnicity, race, and sex of the
applicant’s principal owners for a
transaction if it complies with the
requirements for covered financial
institutions pursuant to §§ 1002.107
through 1002.112 for that application.
(x) A creditor that is collecting
information pursuant to subpart B of
this part or as described in paragraphs
(a)(4)(vii) through (ix) of this section for
covered applications from small
businesses as defined in §§ 1002.103
and 1002.106(b) regarding whether an
applicant for a covered credit
transaction is a minority-owned
business, a women-owned business, or
an LGBTQI+-owned business, and the
ethnicity, race, and sex of the
applicant’s principal owners may also
collect that same information for any coapplicants provided that it also
complies with the relevant requirements
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
of subpart B of this part or as described
in paragraphs (a)(4)(vii) through (ix) of
this section with respect to those coapplicants.
*
*
*
*
*
■ 6. Section 1002.12 is amended by
revising paragraphs (b)(1) introductory
text, (b)(2) introductory text, (b)(3), (4),
and (5), and paragraph (b)(7)
introductory text to read as follows:
§ 1002.12
Record retention.
*
*
*
*
*
(b) * * * (1) Applications. For 25
months (12 months for business credit,
except as provided in paragraph (b)(5) of
this section or otherwise provided for in
subpart B of this part) after the date that
a creditor notifies an applicant of action
taken on an application or of
incompleteness, the creditor shall retain
in original form or a copy thereof:
*
*
*
*
*
(2) Existing accounts. For 25 months
(12 months for business credit, except as
provided in paragraph (b)(5) of this
section or otherwise provided for in
subpart B of this part) after the date that
a creditor notifies an applicant of
adverse action regarding an existing
account, the creditor shall retain as to
that account, in original form or a copy
thereof:
*
*
*
*
*
(3) Other applications. For 25 months
(12 months for business credit, except as
provided in paragraph (b)(5) of this
section or otherwise provided for in
subpart B of this part) after the date that
a creditor receives an application for
which the creditor is not required to
comply with the notification
requirements of § 1002.9, the creditor
shall retain all written or recorded
information in its possession concerning
the applicant, including any notation of
action taken.
(4) Enforcement proceedings and
investigations. A creditor shall retain
the information beyond 25 months (12
months for business credit, except as
provided in paragraph (b)(5) of this
section or otherwise provided for in
subpart B) if the creditor has actual
notice that it is under investigation or is
subject to an enforcement proceeding
for an alleged violation of the Act or this
part, by the Attorney General of the
United States or by an enforcement
agency charged with monitoring that
creditor’s compliance with the Act and
this part, or if it has been served with
notice of an action filed pursuant to
section 706 of the Act and § 1002.16 of
this part. The creditor shall retain the
information until final disposition of the
matter, unless an earlier time is allowed
by order of the agency or court.
PO 00000
Frm 00380
Fmt 4701
Sfmt 4700
(5) Special rule for certain business
credit applications. With regard to a
business that had gross revenues in
excess of $1 million in its preceding
fiscal year, or an extension of trade
credit, credit incident to a factoring
agreement, or other similar types of
business credit, the creditor shall retain
records for at least 60 days, except as
otherwise provided for in subpart B,
after notifying the applicant of the
action taken. If within that time period
the applicant requests in writing the
reasons for adverse action or that
records be retained, the creditor shall
retain records for 12 months.
*
*
*
*
*
(7) Prescreened solicitations. For 25
months after the date on which an offer
of credit is made to potential customers
(12 months for business credit, except as
provided in paragraph (b)(5) of this
section or otherwise provided for in
subpart B), the creditor shall retain in
original form or a copy thereof:
*
*
*
*
*
■ 7. Subpart B is added to read as
follows:
Subpart B—Small Business Lending Data
Collection
Sec.
§ 1002.101 Authority, purpose, and scope.
§ 1002.102 Definitions.
§ 1002.103 Covered applications.
§ 1002.104 Covered credit transactions and
excluded transactions.
§ 1002.105 Covered financial institutions
and exempt institutions.
§ 1002.106 Business and small business.
§ 1002.107 Compilation of reportable data.
§ 1002.108 Firewall.
§ 1002.109 Reporting of data to the Bureau.
§ 1002.110 Publication of data and other
disclosures.
§ 1002.111 Recordkeeping.
§ 1002.112 Enforcement.
§ 1002.113 Severability.
§ 1002.114 Effective date, compliance date,
and special transitional rules.
Subpart B—Small Business Lending
Data Collection
§ 1002.101
Authority, purpose, and scope.
(a) Authority and scope. This subpart
to Regulation B is issued by the Bureau
pursuant to section 704B of the Equal
Credit Opportunity Act (15 U.S.C.
1691c–2). Except as otherwise provided
herein, this subpart applies to covered
financial institutions, as defined in
§ 1002.105(b), other than a person
excluded from coverage of this part by
section 1029 of the Consumer Financial
Protection Act of 2010, title X of the
Dodd-Frank Wall Street Reform and
Consumer Protection Act, Public Law
111–203, 124 Stat. 1376, 2004 (2010).
(b) Purpose. This subpart implements
section 704B of the Equal Credit
E:\FR\FM\31MYR2.SGM
31MYR2
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
Opportunity Act, which Congress
intended:
(1) To facilitate enforcement of fair
lending laws; and
(2) To enable communities,
governmental entities, and creditors to
identify business and community
development needs and opportunities of
women-owned, minority-owned, and
small businesses.
lotter on DSK11XQN23PROD with RULES2
§ 1002.102
Definitions.
In this subpart:
(a) Affiliate means, with respect to a
financial institution, any company that
controls, is controlled by, or is under
common control with, another
company, as set forth in the Bank
Holding Company Act of 1956 (12
U.S.C. 1841 et seq.). With respect to a
business or an applicant, affiliate shall
have the same meaning as in 13 CFR
121.103.
(b) Applicant means any person who
requests or who has received an
extension of business credit from a
financial institution.
(c) Business is defined in
§ 1002.106(a).
(d) Business credit shall have the
same meaning as in § 1002.2(g).
(e) Closed-end credit transaction
means an extension of business credit
that is not an open-end credit
transaction under paragraph (n) of this
section.
(f) Covered application is defined in
§ 1002.103.
(g) Covered credit transaction is
defined in § 1002.104.
(h) Covered financial institution is
defined in § 1002.105(b).
(i) Credit shall have the same meaning
as in § 1002.2(j).
(j) Financial institution is defined in
§ 1002.105(a).
(k) LGBTQI+ individual includes an
individual who identifies as lesbian,
gay, bisexual, transgender, queer, or
intersex.
(l) LGBTQI+-owned business means a
business for which one or more
LGBTQI+ individuals hold more than 50
percent of its ownership or control, and
for which more than 50 percent of the
net profits or losses accrue to one or
more such individuals.
(m) Minority-owned business means a
business for which one or more
American Indian or Alaska Native,
Asian, Black or African American,
Native Hawaiian or Other Pacific
Islander, or Hispanic or Latino
individuals hold more than 50 percent
of its ownership or control, and for
which more than 50 percent of the net
profits or losses accrue to one or more
such individuals.
(n) Open-end credit transaction
means an open-end credit plan as
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
35529
defined in Regulation Z, 12 CFR
1026.2(a)(20), but without regard to
whether the credit is consumer credit,
as defined in § 1026.2(a)(12), is
extended by a creditor, as defined in
§ 1026.2(a)(17), or is extended to a
consumer, as defined in § 1026.2(a)(11).
(o) Principal owner means an
individual who directly owns 25
percent or more of the equity interests
of a business.
(p) Small business is defined in
§ 1002.106(b).
(q) Small business lending application
register or register means the data
reported, or required to be reported,
annually pursuant to § 1002.109.
(r) State shall have the same meaning
as in § 1002.2(aa).
(s) Women-owned business means a
business for which more than 50
percent of its ownership or control is
held by one or more women, and more
than 50 percent of its net profits or
losses accrue to one or more women.
principal amount advanced by the
financial institution to an insurer or
insurance producer in payment of
premium on the business’s insurance
contract or contracts, plus charges, and,
as security for repayment, the business
assigns to the financial institution
certain rights, obligations, and/or
considerations (such as the unearned
premiums, accrued dividends, or loss
payments) in its insurance contract or
contracts. Insurance premium financing
does not include the financing of
insurance policy premiums obtained in
connection with the financing of goods
and services.
(4) Public utilities credit. Public
utilities credit as defined in
§ 1002.3(a)(1).
(5) Securities credit. Securities credit
as defined in § 1002.3(b)(1).
(6) Incidental credit. Incidental credit
as defined in § 1002.3(c)(1), but without
regard to whether the credit is consumer
credit, as defined in § 1002.2(h).
§ 1002.103
§ 1002.105 Covered financial institutions
and exempt institutions.
Covered applications.
(a) Covered application. Except as
provided in paragraph (b) of this
section, covered application means an
oral or written request for a covered
credit transaction that is made in
accordance with procedures used by a
financial institution for the type of
credit requested.
(b) Circumstances that are not
covered applications. A covered
application does not include:
(1) Reevaluation, extension, or
renewal requests on an existing business
credit account, unless the request seeks
additional credit amounts.
(2) Inquiries and prequalification
requests.
§ 1002.104 Covered credit transactions
and excluded transactions.
(a) Covered credit transaction means
an extension of business credit that is
not an excluded transaction under
paragraph (b) of this section.
(b) Excluded transactions. The
requirements of this subpart do not
apply to:
(1) Trade credit. A financing
arrangement wherein a business
acquires goods or services from another
business without making immediate
payment in full to the business
providing the goods or services.
(2) Home Mortgage Disclosure Act
(HMDA)-reportable transactions. A
covered loan, or application therefor, as
defined by Regulation C, 12 CFR
1003.2(e).
(3) Insurance premium financing. A
financing arrangement wherein a
business agrees to pay to a financial
institution, in installments, the
PO 00000
Frm 00381
Fmt 4701
Sfmt 4700
(a) Financial institution means any
partnership, company, corporation,
association (incorporated or
unincorporated), trust, estate,
cooperative organization, or other entity
that engages in any financial activity.
(b) Covered financial institution
means a financial institution that
originated at least 100 covered credit
transactions for small businesses in each
of the two preceding calendar years.
§ 1002.106
Business and small business.
(a) Business has the same meaning as
the term ‘‘business concern or concern’’
in 13 CFR 121.105.
(b) Small business definition—(1)
Small business has the same meaning as
the term ‘‘small business concern’’ in 15
U.S.C. 632(a), as implemented in 13
CFR 121.101 through 121.107.
Notwithstanding the size standards set
forth in 13 CFR 121.201, for purposes of
this subpart, a business is a small
business if its gross annual revenue, as
defined in § 1002.107(a)(14), for its
preceding fiscal year is $5 million or
less.
(2) Inflation adjustment. Every 5 years
after January 1, 2025, the gross annual
revenue threshold set forth in paragraph
(b)(1) of this section shall adjust based
on changes to the Consumer Price Index
for All Urban Consumers (U.S. city
average series for all items, not
seasonally adjusted), as published by
the United States Bureau of Labor
Statistics. Any adjustment that takes
effect under this paragraph shall be
rounded to the nearest multiple of
$500,000. If an adjustment is to take
E:\FR\FM\31MYR2.SGM
31MYR2
35530
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
effect, it will do so on January 1 of the
following calendar year.
lotter on DSK11XQN23PROD with RULES2
§ 1002.107
Compilation of reportable data.
(a) Data format and itemization. A
covered financial institution shall
compile and maintain data regarding
covered applications from small
businesses. The data shall be compiled
in the manner prescribed herein and the
Filing Instructions Guide for this
subpart for the appropriate year. The
data compiled shall include the items
described in paragraphs (a)(1) through
(20) of this section.
(1) Unique identifier. An
alphanumeric identifier, starting with
the legal entity identifier of the financial
institution, unique within the financial
institution to the specific covered
application, and which can be used to
identify and retrieve the specific file or
files corresponding to the application
for or extension of credit.
(2) Application date. The date the
covered application was received or the
date shown on a paper or electronic
application form.
(3) Application method. The means
by which the applicant submitted the
covered application directly or
indirectly to the financial institution.
(4) Application recipient. Whether the
applicant submitted the covered
application directly to the financial
institution or its affiliate, or whether the
applicant submitted the covered
application indirectly to the financial
institution via a third party.
(5) Credit type. The following
information regarding the type of credit
applied for or originated:
(i) Credit product. The credit product.
(ii) Guarantees. The type or types of
guarantees that were obtained for an
extension of credit, or that would have
been obtained if the covered credit
transaction were originated.
(iii) Loan term. The length of the loan
term, in months, if applicable.
(6) Credit purpose. The purpose or
purposes of the credit applied for or
originated.
(7) Amount applied for. The initial
amount of credit or the initial credit
limit requested by the applicant.
(8) Amount approved or originated. (i)
For an application for a closed-end
credit transaction that is approved but
not accepted, the amount approved by
the financial institution; or
(ii) For a closed-end credit transaction
that is originated, the amount of credit
originated; or
(iii) For an application for an openend credit transaction that is originated
or approved but not accepted, the
amount of the credit limit approved.
(9) Action taken. The action taken by
the financial institution on the covered
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
application, reported as originated,
approved but not accepted, denied,
withdrawn by the applicant, or
incomplete.
(10) Action taken date. The date of the
action taken by the financial institution.
(11) Denial reasons. For denied
applications, the principal reason or
reasons the financial institution denied
the covered application.
(12) Pricing information. The
following information regarding the
pricing of a covered credit transaction
that is originated or approved but not
accepted, as applicable:
(i) Interest rate. (A) If the interest rate
is fixed, the interest rate that is or would
be applicable to the covered credit
transaction; or
(B) If the interest rate is adjustable,
the margin, index value, initial rate
period expressed in months (if
applicable), and index name that is or
would be applicable to the covered
credit transaction;
(ii) Total origination charges. The
total amount of all charges payable
directly or indirectly by the applicant
and imposed directly or indirectly by
the financial institution at or before
origination as an incident to or a
condition of the extension of credit,
expressed in dollars;
(iii) Broker fees. The total amount of
all charges included in paragraph
(a)(12)(ii) of this section that are fees
paid by the applicant directly to a
broker or to the financial institution for
delivery to a broker, expressed in
dollars;
(iv) Initial annual charges. The total
amount of all non-interest charges that
are scheduled to be imposed over the
first annual period of the covered credit
transaction, expressed in dollars;
(v) Additional cost for merchant cash
advances or other sales-based financing.
For a merchant cash advance or other
sales-based financing transaction, the
difference between the amount
advanced and the amount to be repaid,
expressed in dollars; and
(vi) Prepayment penalties. (A)
Notwithstanding whether such a
provision was in fact included, whether
the financial institution could have
included a charge to be imposed for
paying all or part of the transaction’s
principal before the date on which the
principal is due under the policies and
procedures applicable to the covered
credit transaction; and
(B) Notwithstanding the response to
paragraph (a)(12)(vi)(A) of this section,
whether the terms of the covered credit
transaction do in fact include a charge
imposed for paying all or part of the
transaction’s principal before the date
on which the principal is due.
PO 00000
Frm 00382
Fmt 4701
Sfmt 4700
(13) Census tract. The census tract in
which is located:
(i) The address or location where the
proceeds of the credit applied for or
originated will be or would have been
principally applied; or
(ii) If the information in paragraph
(a)(13)(i) of this section is unknown, the
address or location of the main office or
headquarters of the applicant; or
(iii) If the information in both
paragraphs (a)(13)(i) and (ii) of this
section is unknown, another address or
location associated with the applicant.
(iv) The financial institution shall also
indicate which one of the three types of
addresses or locations listed in
paragraphs (a)(13)(i), (ii), or (iii) of this
section the census tract is based on.
(14) Gross annual revenue. The
applicant’s gross annual revenue for its
preceding fiscal year.
(15) NAICS code. A 3-digit North
American Industry Classification
System (NAICS) code for the applicant.
(16) Number of workers. The number
of non-owners working for the
applicant.
(17) Time in business. The time the
applicant has been in business.
(18) Minority-owned, women-owned,
and LGBTQI+-owned business statuses.
Whether the applicant is a minorityowned, women-owned, and/or
LGBTQI+-owned business. When
requesting minority-owned, womenowned, and LGBTQI+-owned business
statuses from an applicant, the financial
institution shall inform the applicant
that the financial institution cannot
discriminate on the basis of minorityowned, women-owned, or LGBTQI+owned business statuses, or on whether
the applicant provides this information.
(19) Ethnicity, race, and sex of
principal owners. The ethnicity, race,
and sex of the applicant’s principal
owners. When requesting ethnicity,
race, and sex information from an
applicant, the financial institution shall
inform the applicant that the financial
institution cannot discriminate on the
basis of a principal owner’s ethnicity,
race, or sex, or on whether the applicant
provides this information.
(20) Number of principal owners. The
number of the applicant’s principal
owners.
(b) Reliance on and verification of
applicant-provided data. Unless
otherwise provided in this subpart, the
financial institution may rely on
information from the applicant, or
appropriate third-party sources, when
compiling data. If the financial
institution verifies applicant-provided
data, however, it shall report the
verified data.
E:\FR\FM\31MYR2.SGM
31MYR2
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
(c) Time and manner of collection—
(1) In general. A covered financial
institution shall not discourage an
applicant from responding to requests
for applicant-provided data under
paragraph (a) of this section and shall
otherwise maintain procedures to
collect such data at a time and in a
manner that are reasonably designed to
obtain a response.
(2) Applicant-provided data collected
directly from the applicant. For data
collected directly from the applicant,
procedures that are reasonably designed
to obtain a response shall include
provisions for the following:
(i) The initial request for applicantprovided data occurs prior to notifying
an applicant of final action taken on a
covered application;
(ii) The request for applicant-provided
data is prominently displayed or
presented;
(iii) The collection does not have the
effect of discouraging an applicant from
responding to a request for applicantprovided data; and
(iv) Applicants can easily respond to
a request for applicant-provided data.
(3) Procedures to monitor compliance.
A covered financial institution shall
maintain procedures to identify and
respond to indicia of potential
discouragement, including low response
rates for applicant-provided data.
(4) Low response rates. A low
response rate for applicant-provided
data may indicate discouragement or
other failure by a covered financial
institution to maintain procedures to
collect applicant-provided data that are
reasonably designed to obtain a
response.
(d) Previously collected data. A
covered financial institution is
permitted, but not required, to reuse
previously collected data to satisfy
paragraphs (a)(13) through (20) of this
section if:
(1) To satisfy paragraphs (a)(13) and
(a)(15) through (20) of this section, the
data were collected within the 36
months preceding the current covered
application, or to satisfy paragraph
(a)(14) of this section, the data were
collected within the same calendar year
as the current covered application; and
(2) The financial institution has no
reason to believe the data are inaccurate.
lotter on DSK11XQN23PROD with RULES2
§ 1002.108
Firewall.
(a) Definitions. For purposes of this
section, the following terms shall have
the following meanings:
(1) Involved in making any
determination concerning a covered
application from a small business
means participating in a decision
regarding the evaluation of a covered
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
application from a small business or the
creditworthiness of a small business
applicant for a covered credit
transaction.
(2) Should have access means that an
employee or officer may need to collect,
see, consider, refer to, or otherwise use
the information to perform that
employee’s or officer’s assigned job
duties.
(b) Prohibition on access to certain
information. Unless the exception under
paragraph (c) of this section applies, an
employee or officer of a covered
financial institution or a covered
financial institution’s affiliate shall not
have access to an applicant’s responses
to inquiries that the financial institution
makes pursuant to this subpart
regarding whether the applicant is a
minority-owned business, a womenowned business, or an LGBTQI+-owned
business under § 1002.107(a)(18), and
regarding the ethnicity, race, and sex of
the applicant’s principal owners under
§ 1002.107(a)(19), if that employee or
officer is involved in making any
determination concerning that
applicant’s covered application.
(c) Exception to the prohibition on
access to certain information. The
prohibition in paragraph (b) of this
section shall not apply to an employee
or officer if the financial institution
determines that it is not feasible to limit
that employee’s or officer’s access to an
applicant’s responses to the financial
institution’s inquiries under
§ 1002.107(a)(18) or (19) and the
financial institution provides the notice
required under paragraph (d) of this
section to the applicant. It is not feasible
to limit access as required pursuant to
paragraph (b) of this section if the
financial institution determines that an
employee or officer involved in making
any determination concerning a covered
application from a small business
should have access to one or more
applicants’ responses to the financial
institution’s inquiries under
§ 1002.107(a)(18) or (19).
(d) Notice. In order to satisfy the
exception set forth in paragraph (c) of
this section, a financial institution shall
provide a notice to each applicant
whose responses will be accessed,
informing the applicant that one or
more employees or officers involved in
making determinations concerning the
covered application may have access to
the applicant’s responses to the
financial institution’s inquiries
regarding whether the applicant is a
minority-owned business, a womenowned business, or an LGBTQI+-owned
business, and regarding the ethnicity,
race, and sex of the applicant’s principal
owners. The financial institution shall
PO 00000
Frm 00383
Fmt 4701
Sfmt 4700
35531
provide the notice required by this
paragraph (d) when making the
inquiries required under
§ 1002.107(a)(18) and (19) and together
with the notices required pursuant to
§ 1002.107(a)(18) and (19).
§ 1002.109
Bureau.
Reporting of data to the
(a) Reporting to the Bureau—(1)
Annual reporting. (i) On or before June
1 following the calendar year for which
data are compiled and maintained as
required by § 1002.107, a covered
financial institution shall submit its
small business lending application
register in the format prescribed by the
Bureau.
(ii) An authorized representative of
the covered financial institution with
knowledge of the data shall certify to
the accuracy and completeness of the
data reported pursuant to this paragraph
(a).
(iii) When the last day for submission
of data prescribed under paragraph
(a)(1) of this section falls on a Saturday
or Sunday, a submission shall be
considered timely if it is submitted on
the next succeeding Monday.
(2) Reporting by subsidiaries. A
covered financial institution that is a
subsidiary of another covered financial
institution shall complete a separate
small business lending application
register. The subsidiary shall submit its
small business lending application
register, directly or through its parent, to
the Bureau.
(3) Reporting obligations where
multiple financial institutions are
involved in a covered credit transaction.
Where it is necessary for more than one
financial institution to make a credit
decision in order to approve a single
covered credit transaction, only the last
covered financial institution with
authority to set the material terms of the
covered credit transaction is required to
report the application. Financial
institutions report the actions of their
agents.
(b) Financial institution identifying
information. A financial institution
shall provide each of the following with
its submission:
(1) Its name.
(2) Its headquarters address.
(3) The name and business contact
information of a person that the Bureau
or other regulators may contact about
the financial institution’s submission.
(4) Its Federal prudential regulator, if
applicable.
(5) Its Federal Taxpayer Identification
Number (TIN).
(6) Its Legal Entity Identifier (LEI).
(7) Its Research, Statistics,
Supervision, and Discount
E:\FR\FM\31MYR2.SGM
31MYR2
35532
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
identification (RSSD ID) number, if
applicable.
(8) Parent entity information, if
applicable, including:
(i) The name of the immediate parent
entity;
(ii) The LEI of the immediate parent
entity, if available;
(iii) The RSSD ID number of the
immediate parent entity, if available;
(iv) The name of the top-holding
parent entity;
(v) The LEI of the top-holding parent
entity, if available; and
(vi) The RSSD ID number of the topholding parent entity, if available.
(9) The type of financial institution
that it is, indicated by selecting the
appropriate type or types of institution
from the list provided.
(10) Whether the financial institution
is voluntarily reporting covered
applications from small businesses.
(c) Procedures for the submission of
data to the Bureau. The Bureau shall
make available a Filing Instructions
Guide, containing technical instructions
for the submission of data to the Bureau
pursuant to this section, as well as any
related materials, at https://
www.consumerfinance.gov/dataresearch/small-business-lending/filinginstructions-guide/.
lotter on DSK11XQN23PROD with RULES2
§ 1002.110 Publication of data and other
disclosures.
(a) Publication of small business
lending application registers and
associated financial institution
information. The Bureau shall make
available to the public generally the data
reported to it by financial institutions
pursuant to § 1002.109, subject to
deletions or modifications made by the
Bureau if the Bureau determines that the
deletion or modification of the data
would advance a privacy interest. The
Bureau shall make such data available
on an annual basis.
(b) Publication of aggregate data. The
Bureau may compile and aggregate data
submitted by financial institutions
pursuant to § 1002.109, and make any
compilations or aggregations of such
data publicly available as the Bureau
deems appropriate.
(c) Statement of financial institution’s
small business lending data available
on the Bureau’s website. A covered
financial institution shall make
available to the public on its website, or
otherwise upon request, a statement that
the covered financial institution’s small
business lending application register, as
modified by the Bureau pursuant to
§ 1002.110(a), is or will be available
from the Bureau. A financial institution
shall use language provided by the
Bureau, or substantially similar
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
language, to satisfy the requirement to
provide a statement pursuant to this
paragraph (c).
(d) Availability of statements. A
covered financial institution shall make
the notice required by paragraph (c) of
this section available to the public on its
website when it submits a small
business lending application register to
the Bureau pursuant to § 1002.109(a)(1),
and shall maintain the notice for as long
as it has an obligation to retain its small
business lending application registers
pursuant to § 1002.111(a).
(e) Further disclosure prohibited—(1)
Disclosure by a financial institution. A
financial institution shall not disclose or
provide to a third party the information
it collects pursuant to § 1002.107(a)(18)
and (19) except to further compliance
with the Act or this part or as required
by law.
(2) Disclosure by a third party. A third
party that obtains information collected
pursuant to § 1002.107(a)(18) and (19)
for the purpose of furthering compliance
with the Act or this part is prohibited
from any further disclosure of such
information except to further
compliance with the Act or this part or
as required by law.
§ 1002.111
Recordkeeping.
(a) Record retention. A covered
financial institution shall retain
evidence of compliance with this
subpart, which includes a copy of its
small business lending application
register, for at least three years after the
register is required to be submitted to
the Bureau pursuant to § 1002.109.
(b) Certain information kept separate
from the rest of the application. A
financial institution shall maintain,
separately from the rest of the
application and accompanying
information, an applicant’s responses to
the financial institution’s inquiries
pursuant to this subpart regarding
whether an applicant for a covered
credit transaction is a minority-owned
business, a women-owned business,
and/or an LGBTQI+-owned business
under § 1002.107(a)(18), and regarding
the ethnicity, race, and sex of the
applicant’s principal owners under
§ 1002.107(a)(19).
(c) Limitation on personally
identifiable information in certain
records retained under this section. In
reporting a small business lending
application register pursuant to
§ 1002.109, maintaining the register
pursuant to paragraph (a) of this section,
and maintaining a separate record of
information pursuant to paragraph (b) of
this section, a financial institution shall
not include any name, specific address,
telephone number, email address, or
PO 00000
Frm 00384
Fmt 4701
Sfmt 4700
any other personally identifiable
information concerning any individual
who is, or is connected with, an
applicant, other than as required
pursuant to § 1002.107 or paragraph (b)
of this section.
§ 1002.112
Enforcement.
(a) Administrative enforcement and
civil liability. A violation of section
704B of the Act or this subpart is subject
to administrative sanctions and civil
liability as provided in sections 704 (15
U.S.C. 1691c) and 706 (15 U.S.C. 1691e)
of the Act, where applicable.
(b) Bona fide errors. A bona fide error
in compiling, maintaining, or reporting
data with respect to a covered
application is one that was
unintentional and occurred despite the
maintenance of procedures reasonably
adapted to avoid such an error. A bona
fide error is not a violation of the Act
or this subpart. A financial institution is
presumed to maintain procedures
reasonably adapted to avoid such errors
with respect to a given data field if the
number of errors found in a random
sample of the financial institution’s
submission for the data field does not
equal or exceed a threshold specified by
the Bureau for this purpose in appendix
F to this part. However, an error is not
a bona fide error if either there is a
reasonable basis to believe the error was
intentional or there is evidence that the
financial institution does not or has not
maintained procedures reasonably
adapted to avoid such errors.
(c) Safe harbors—(1) Incorrect entry
for application date. A financial
institution does not violate the Act or
this subpart if it reports on its small
business lending application register an
application date that is within three
business days of the actual application
date pursuant to § 1002.107(a)(2).
(2) Incorrect entry for census tract. An
incorrect entry for census tract is not a
violation of the Act or this subpart if the
financial institution obtained the census
tract by correctly using a geocoding tool
provided by the FFIEC or the Bureau.
(3) Incorrect entry for NAICS code. An
incorrect entry for a 3-digit NAICS code
is not a violation of the Act or this
subpart, provided that the financial
institution obtained the 3-digit NAICS
code by:
(i) Relying on an applicant’s
representations or on an appropriate
third-party source, in accordance with
§ 1002.107(b), regarding the NAICS
code; or
(ii) Identifying the NAICS code itself,
provided that the financial institution
maintains procedures reasonably
adapted to correctly identify a 3-digit
NAICS code.
E:\FR\FM\31MYR2.SGM
31MYR2
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
(4) Incorrect determination of small
business status, covered credit
transaction, or covered application. A
financial institution that initially
collects data regarding whether an
applicant for a covered credit
transaction is a minority-owned
business, a women-owned business, or
an LGBTQI+-owned business, and the
ethnicity, race, and sex of the
applicant’s principal owners pursuant
to § 1002.107(a)(18) and (19) but later
concludes that it should not have
collected such data does not violate the
Act or this regulation if the financial
institution, at the time it collected this
data, had a reasonable basis for
believing that the application was a
covered application for a covered credit
transaction from a small business
pursuant to §§ 1002.103, 1002.104, and
1002.106, respectively. A financial
institution seeking to avail itself of this
safe harbor shall comply with the
requirements of this subpart as
otherwise required pursuant to
§§ 1002.107, 1002.108, and 1002.111
with respect to the collected data.
§ 1002.113
Severability.
If any provision of this subpart, or any
application of a provision, is stayed or
determined to be invalid, the remaining
provisions or applications are severable
and shall continue in effect.
§ 1002.114 Effective date, compliance
date, and special transitional rules.
lotter on DSK11XQN23PROD with RULES2
(a) Effective date. The effective date
for this subpart is August 29, 2023.
(b) Compliance date. The dates by
which covered financial institutions are
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
initially required to comply with the
requirements of this subpart are as
follows:
(1) A covered financial institution that
originated at least 2,500 covered credit
transactions for small businesses in each
of calendar years 2022 and 2023 shall
comply with the requirements of this
subpart beginning October 1, 2024.
(2) A covered financial institution that
is not subject to paragraph (b)(1) of this
section and that originated at least 500
covered credit transactions for small
businesses in each of calendar years
2022 and 2023 shall comply with the
requirements of this subpart beginning
April 1, 2025.
(3) A covered financial institution that
is not subject to paragraphs (b)(1) or (2)
of this section and that originated at
least 100 covered credit transactions for
small businesses in each of calendar
years 2022 and 2023 shall comply with
the requirements of this subpart
beginning January 1, 2026.
(4) A financial institution that did not
originate at least 100 covered credit
transactions for small businesses in each
of calendar years 2022 and 2023 but
subsequently originates at least 100
such transactions in two consecutive
calendar years shall comply with the
requirements of this subpart in
accordance with § 1002.105(b), but in
any case no earlier than January 1, 2026.
(c) Special transitional rules—(1)
Collection of certain information prior
to a financial institution’s compliance
date. A financial institution as
described in paragraphs (b)(1), (2), or (3)
of this section is permitted, but not
PO 00000
Frm 00385
Fmt 4701
Sfmt 4700
35533
required, to collect information
regarding whether an applicant for a
covered credit transaction is a minorityowned business, a women-owned
business, and/or an LGBTQI+-owned
business under § 1002.107(a)(18), and
the ethnicity, race, and sex of the
applicant’s principal owners under
§ 1002.107(a)(19) beginning 12 months
prior to its applicable compliance date
as set forth in paragraphs (b)(1), (2), or
(3) of this section. A financial
institution collecting such information
pursuant to this paragraph (c)(1) must
do so in accordance with the
requirements set out in
§§ 1002.107(a)(18) and (19), 1002.108,
and 1002.111(b) and (c).
(2) Determining which compliance
date applies to a financial institution
that does not collect information
sufficient to determine small business
status. A financial institution that is
unable to determine the number of
covered credit transactions it originated
for small businesses in each of calendar
years 2022 and 2023 for purposes of
determining its compliance date
pursuant to paragraph (b) of this section,
because for some or all of this period it
does not have readily accessible the
information needed to determine
whether its covered credit transactions
were originated for small businesses as
defined in § 1002.106(b), is permitted to
use any reasonable method to estimate
its originations to small businesses for
either or both of the calendar years 2022
and 2023.
E:\FR\FM\31MYR2.SGM
31MYR2
35534
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
7. Appendices E and F are added to
read as follows:
■
Appendix E to Part 1002—Sample Form
for Collecting Certain ApplicantProvided Data Under Subpart B
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
PO 00000
Frm 00386
Fmt 4701
Sfmt 4725
E:\FR\FM\31MYR2.SGM
31MYR2
ER31MY23.211</GPH>
lotter on DSK11XQN23PROD with RULES2
BILLING CODE 4810–AM–P
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
Appendix F to Part 1002—Tolerances
for Bona Fide Errors in Data Reported
Under Subpart B
As set out in § 1002.112(b) and in comment
112(b)–1, a financial institution is presumed
to maintain procedures reasonably adapted to
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
PO 00000
Frm 00387
Fmt 4701
Sfmt 4700
avoid errors with respect to a given data field
if the number of errors found in a random
sample of a financial institution’s data
submission for a given data field do not equal
or exceed the threshold in column C of the
following table (Table 1, Tolerance
Thresholds for Bona Fide Errors):
E:\FR\FM\31MYR2.SGM
31MYR2
ER31MY23.212</GPH>
lotter on DSK11XQN23PROD with RULES2
BILLING CODE 4810–AM–C
35535
35536
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
TABLE 1 TO APPENDIX F—TOLERANCE THRESHOLDS FOR BONA FIDE ERRORS
Small business lending application register count
Random
sample
size 986
Threshold
(#)
Threshold
(%)
(A)
(B)
(C)
(D)
100–130 .....................................................................................................................................
131–190 .....................................................................................................................................
191–500 .....................................................................................................................................
501–100,000 ..............................................................................................................................
100,001+ ....................................................................................................................................
lotter on DSK11XQN23PROD with RULES2
The size of the random sample, under
column B, shall depend on the size of the
financial institution’s small business lending
application register, as shown in column A
of the Threshold Table.
The thresholds in column C of the
Threshold Table reflect the number of
unintentional errors a financial institution
may make within a particular data field (e.g.,
the credit product data field within the credit
type data point or the ethnicity data field for
a particular principal owner within the
ethnicity, race, and sex of principal owners
data point) in a small business lending
application register that would be deemed
bona fide errors for purposes of
§ 1002.112(b).
For instance, a financial institution that
submitted a small business lending
application register containing 105
applications would be subject to a threshold
of three errors per data field. If the financial
institution had made two errors in reporting
loan amount and two errors reporting gross
annual income, all of these errors would be
covered by the bona fide error provision of
§ 1002.112(b) and would not constitute a
violation of the Act or this part. If the same
financial institution had made four errors in
reporting loan amount and two errors
reporting gross annual income, the bona fide
error provision of § 1002.112(b) would not
apply to the four loan amount errors but
would still apply to the two gross annual
income errors.
Even when the number of errors in a
particular data field do not equal or exceed
the threshold in column C, if either there is
a reasonable basis to believe that errors in
that field were intentional or there is
evidence that the financial institution did not
maintain procedures reasonably adapted to
avoid such errors, then the errors are not
bona fide errors under § 1002.112(b).
For purposes of determining bona fide
errors under § 1002.112(b), the term ‘‘data
field’’ generally refers to individual fields.
Some data fields may allow for more than
one response. For example, with respect to
information on the ethnicity or race of an
applicant’s principal owners, a data field
may identify more than one race or more
than one ethnicity for a given person. If one
986 For a financial institution with fewer than 30
entries in its small business lending application
register, the full sample size is the financial
institution’s total number of entries. The threshold
number for such financial institutions remains
three. Accordingly, the threshold percentage will be
higher for financial institutions with fewer than 30
entries in their registers
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
or more of the ethnicities or races identified
in a data field are erroneous, they count as
one (and only one) error for that data field.
8. In Supplement I to part 1002:
a. Under Section 1002.5—Rules
Concerning Requests for Information,
revise Paragraph 5(a)(2) and Paragraph
5(a)(4);
■ b. Under Section 1002.12—Record
Retention, revise 12(b)(7) Preapplication
marketing information;
■ c. Under Section 1002.13—
Information for Monitoring Purposes,
revise 13(b) Obtaining of information;
and
■ d. Add: Section 1002.102—
Definitions; Section 1002.103—Covered
Applications; Section 1002.104—
Covered Credit Transactions and
Excluded Transactions; Section
1002.105—Covered Financial
Institutions and Exempt Institutions;
Section 1002.106—Business and Small
Business; Section 1002.107—
Compilation of Reportable Data; Section
1002.108—Firewall; Section 1002.109—
Reporting of Data to the Bureau; Section
1002.110—Publication of Data and
Other Disclosures; Section 1002.111—
Recordkeeping; Section 1002.112—
Enforcement; and Section 1002.114—
Effective Date, Compliance Date, and
Special Transition Rules.
The revisions and additions read as
follows:
■
■
Supplement I to Part 1002—Official
Interpretations
*
*
*
*
*
Section 1002.5—Rules Concerning
Requests for Information
*
*
*
*
*
5(a)(2) Required Collection of
Information
1. Local laws. Information that a
creditor is allowed to collect pursuant to
a ‘‘state’’ statute or regulation includes
information required by a local statute,
regulation, or ordinance.
2. Information required by Regulation
C. Regulation C, 12 CFR part 1003,
generally requires creditors covered by
the Home Mortgage Disclosure Act
PO 00000
Frm 00388
Fmt 4701
Sfmt 4700
47
56
59
79
159
3
3
3
4
4
6.4
5.4
5.1
5.1
2.5
(HMDA) to collect and report
information about the race, ethnicity,
and sex of applicants for certain
dwelling-secured loans, including some
types of loans not covered by § 1002.13.
3. Collecting information on behalf of
creditors. Persons such as loan brokers
and correspondents do not violate the
ECOA or Regulation B if they collect
information that they are otherwise
prohibited from collecting, where the
purpose of collecting the information is
to provide it to a creditor that is subject
to subpart B of this part, the Home
Mortgage Disclosure Act, or another
Federal or State statute or regulation
requiring data collection.
4. Information required by subpart B.
Subpart B of this part generally requires
creditors that are covered financial
institutions as defined in § 1002.105(b)
to collect and report information about
the ethnicity, race, and sex of the
principal owners of applicants for
certain small business credit, as well as
whether the applicant is a minorityowned business, a women-owned
business, or an LGBTQI+-owned
business, as defined in § 1002.102(m),
(s), and (l), respectively.
5(a)(4) Other Permissible Collection of
Information
1. Other permissible collection of
information. Information regarding
ethnicity, race, and sex that is not
required to be collected pursuant to
Regulation C, 12 CFR part 1003, or
subpart B of this part, may nevertheless
be collected under the circumstances set
forth in § 1002.5(a)(4) without violating
§ 1002.5(b). The information collected
pursuant to 12 CFR part 1003 must be
retained pursuant to the requirements of
§ 1002.12. The information collected
pursuant to subpart B of this part must
be retained pursuant to the
requirements set forth in § 1002.111.
*
*
*
*
*
Section 1002.12—Record Retention
*
*
*
*
*
12(b) Preservation of Records
*
E:\FR\FM\31MYR2.SGM
*
*
31MYR2
*
*
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
12(b)(7) Preapplication Marketing
Information
1. Prescreened credit solicitations.
The rule requires creditors to retain
copies of prescreened credit
solicitations. For purposes of this part,
a prescreened solicitation is an ‘‘offer of
credit’’ as described in 15 U.S.C.
1681a(1) of the Fair Credit Reporting
Act. A creditor complies with
§ 1002.12(b)(7) if it retains a copy of
each solicitation mailing that contains
different terms, such as the amount of
credit offered, annual percentage rate, or
annual fee.
2. List of criteria. A creditor must
retain the list of criteria used to select
potential recipients. This includes the
criteria used by the creditor both to
determine the potential recipients of the
particular solicitation and to determine
who will actually be offered credit.
3. Correspondence. A creditor may
retain correspondence relating to
consumers’ complaints about
prescreened solicitations in any manner
that is reasonably accessible and is
understandable to examiners. There is
no requirement to establish a separate
database or set of files for such
correspondence, or to match consumer
complaints with specific solicitation
programs.
*
*
*
*
*
Section 1002.13—Information for
Monitoring Purposes
*
*
*
*
*
lotter on DSK11XQN23PROD with RULES2
13(b) Obtaining of Information
1. Forms for collecting data. A
creditor may collect the information
specified in § 1002.13(a) either on an
application form or on a separate form
referring to the application. Appendix B
to this part provides for two alternative
data collection model forms for use in
complying with the requirements of
§ 1002.13(a)(1)(i) and (ii) to collect
information concerning an applicant’s
ethnicity, race, and sex. When a creditor
collects ethnicity and race information
pursuant to § 1002.13(a)(1)(i)(A), the
applicant must be offered the option to
select more than one racial designation.
When a creditor collects ethnicity and
race information pursuant to
§ 1002.13(a)(1)(i)(B), the applicant must
be offered the option to select more than
one ethnicity designation and more than
one racial designation.
2. Written applications. The
regulation requires written applications
for the types of credit covered by
§ 1002.13. A creditor can satisfy this
requirement by recording on paper or by
means of computer the information that
the applicant provides orally and that
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
the creditor normally considers in a
credit decision.
3. Telephone, mail applications. i. A
creditor that accepts an application by
telephone or mail must request the
monitoring information.
ii. A creditor that accepts an
application by mail need not make a
special request for the monitoring
information if the applicant has failed to
provide it on the application form
returned to the creditor.
iii. If it is not evident on the face of
an application that it was received by
mail, telephone, or via an electronic
medium, the creditor should indicate on
the form or other application record
how the application was received.
4. Video and other electronicapplication processes. i. If a creditor
takes an application through an
electronic medium that allows the
creditor to see the applicant, the
creditor must treat the application as
taken in person. The creditor must note
the monitoring information on the basis
of visual observation or surname, if the
applicant chooses not to provide the
information.
ii. If an applicant applies through an
electronic medium without video
capability, the creditor treats the
application as if it were received by
mail.
5. Applications through loanshopping services. When a creditor
receives an application through an
unaffiliated loan-shopping service, it
does not have to request the monitoring
information for purposes of the ECOA or
subpart A of this Regulation B. Creditors
subject to the Home Mortgage
Disclosure Act should be aware,
however, that data collection may be
called for under Regulation C (12 CFR
part 1003), which generally requires
creditors to report, among other things,
the sex and race of an applicant on
brokered applications or applications
received through a correspondent.
Similarly, creditors that are covered
financial institutions under subpart B of
this Regulation may also be required to
collect, report, and maintain certain
data, as set forth in subpart B of this
Regulation.
6. Inadvertent notation. If a creditor
inadvertently obtains the monitoring
information in a dwelling-related
transaction not covered by § 1002.13,
the creditor may process and retain the
application without violating the
regulation.
*
*
*
*
*
PO 00000
Frm 00389
Fmt 4701
Sfmt 4700
35537
Section 1002.102—Definitions
102(b) Applicant
1. General. In no way are the
limitations to the term applicant in
§ 1002.102(b) of subpart B intended to
repeal, abrogate, annul, impair, change,
or interfere with the scope of the term
applicant in § 1002.2(e) as applicable to
subpart A.
102(l) LGBTQI+-Owned Business
1. General. In order to be an
LGBTQI+-owned business for purposes
of subpart B of this part, a business must
satisfy both prongs of the definition of
LGBTQI+-owned business. First, one or
more LGBTQI+ individuals must own or
control more than 50 percent of the
business. However, it is not necessary
that one or more LGBTQI+ individuals
both own and control more than 50
percent of the business. For example, a
business that is owned entirely by one
or more LGBTQI+ individuals but is not
controlled by any one or more such
individuals satisfies the first prong of
the definition. Similarly, a business that
is controlled by an LGBTQI+ individual
satisfies this first prong of the
definition, even if none of the
individuals with ownership in the
business are LGBTQI+ individuals. If a
business does not satisfy this first prong
of the definition, it is not an LGBTQI+owned business. Second, 50 percent or
more of the net profits or losses must
accrue to one or more LGBTQI+
individuals. If a business does not
satisfy this second prong of the
definition, it is not an LGBTQI+-owned
business, regardless of whether it
satisfies the first prong of the definition.
2. Purpose of definition. The
definition of LGBTQI+-owned business
is used only when an applicant
determines if it is an LGBTQI+-owned
business for purposes of
§ 1002.107(a)(18). A financial institution
shall provide an applicant with the
definition of LGBTQI+-owned business
when asking the applicant to provide its
LGBTQI+-owned business status
pursuant to § 1002.107(a)(18). A
financial institution satisfies this
requirement if it provides the definition
as set forth in the sample data collection
form in appendix E. The financial
institution must provide additional
clarification by referencing the
definition of LGBTQI+ individual as set
forth in § 1002.102(k) if asked by the
applicant. The financial institution is
neither permitted nor required to make
its own determination regarding the
applicant’s LGBTQI+-owned business
status.
3. Further clarifications of terms used
in the definition of LGBTQI+-owned
E:\FR\FM\31MYR2.SGM
31MYR2
lotter on DSK11XQN23PROD with RULES2
35538
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
business. In order to assist an applicant
when determining whether it is an
LGBTQI+-owned business, a financial
institution may provide the applicant
with the definitions of ownership,
control, and accrual of net profits or
losses and related concepts set forth in
comments 102(l)–4 through –6. A
financial institution may assist an
applicant when the applicant is
determining its LGBTQI+-owned
business status but is not required to do
so. For purposes of reporting an
applicant’s status, a financial institution
relies on the applicant’s determinations
of its ownership, control, and accrual of
net profits and losses.
4. Ownership. For purposes of
determining if a business is an
LGBTQI+-owned business, an
individual owns a business if that
individual directly or indirectly,
through any contract, arrangement,
understanding, relationship or
otherwise, has an equity interest in the
business. Examples of ownership
include being the sole proprietor of a
sole proprietorship, directly or
indirectly owning or holding the stock
of a corporation or company, directly or
indirectly having a partnership interest
in a business, or directly or indirectly
having a membership interest in a
limited liability company. Indirect as
well as direct ownership are used when
determining ownership for purposes of
§§ 1002.102(l) and 1002.107(a)(18).
Thus, where applicable, ownership
must be traced through corporate or
other indirect ownership structures. For
example, assume that the applicant is
company A. If company B owns 60
percent of applicant company A and an
individual owns 100 percent of
company B, the individual owns 60
percent of applicant company A.
Similarly, if an individual directly owns
20 percent of applicant company A and
is an equal partner in partnership B that
owns the remaining 80 percent of
applicant company A, the individual
owns 60 percent of applicant company
A (i.e., 20 percent due through direct
ownership and 40 percent indirectly
through partnership B). A trustee is
considered the owner of the trust. Thus,
if a trust owns a business and the trust
has two co-trustees, each co-trustee
owns 50 percent of the business.
5. Control. An individual controls a
business if that individual has
significant responsibility to manage or
direct the business. An individual
controls a business if the individual is
an executive officer or senior manager
(e.g., a chief executive officer, chief
financial officer, chief operating officer,
managing member, general partner,
president, vice president, or treasurer)
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
or regularly performs similar functions.
Additionally, a business may be
controlled by two or more LGBTQI+
individuals if those individuals
collectively control the business, such
as constituting a majority of the board
of directors or a majority of the partners
of a partnership.
6. Accrual of net profits or losses. A
business’s net profits and losses accrue
to an individual if that individual
receives the net profits or losses, is
legally entitled or required to receive
the net profits or losses, or is legally
entitled or required to recognize the net
profits or losses for tax purposes.
102(m) Minority-Owned Business
1. General. In order to be a minorityowned business for purposes of subpart
B of this part, a business must satisfy
both prongs of the definition of
minority-owned business. First, one or
more American Indian or Alaska Native,
Asian, Black or African American,
Native Hawaiian or Other Pacific
Islander, or Hispanic or Latino
individuals must own or control more
than 50 percent of the business.
However, it is not necessary that one or
more American Indian or Alaska Native,
Asian, Black or African American,
Native Hawaiian or Other Pacific
Islander, or Hispanic or Latino
individuals both own and control more
than 50 percent of the business. For
example, a business that is owned
entirely, but is not controlled by,
individuals belonging to one of these
groups satisfies the first prong of the
definition. Similarly, a business that is
controlled by an American Indian or
Alaska Native, Asian, Black or African
American, Native Hawaiian or Other
Pacific Islander, or Hispanic or Latino
individual satisfies this first prong of
the definition, even if none of the
individuals with ownership in the
business are American Indian or Alaska
Native, Asian, Black or African
American, Native Hawaiian or Other
Pacific Islander, or Hispanic or Latino.
If a business does not satisfy this first
prong of the definition, it is not a
minority-owned business. Second, 50
percent or more of the net profits or
losses must accrue to one or more
individuals belonging to these groups. If
a business does not satisfy this second
prong of the definition, it is not a
minority-owned business, regardless of
whether it satisfies the first prong of the
definition.
2. Purpose of definition. The
definition of minority-owned business
is used only when an applicant
determines if it is a minority-owned
business for purposes of
§ 1002.107(a)(18). A financial institution
PO 00000
Frm 00390
Fmt 4701
Sfmt 4700
shall provide an applicant with the
definition of minority-owned business
when asking the applicant to provide its
minority-owned business status
pursuant to § 1002.107(a)(18), but the
financial institution is neither permitted
nor required to make its own
determination regarding the applicant’s
minority-owned business status.
3. Further clarifications of terms used
in the definition of minority-owned
business. In order to assist an applicant
when determining whether it is a
minority-owned business, a financial
institution may provide the applicant
with the definitions of ownership,
control, and accrual of net profits or
losses and related concepts set forth in
comments 102(m)–4 through –6. A
financial institution may assist an
applicant when the applicant is
determining its minority-owned
business status but is not required to do
so. For purposes of reporting an
applicant’s status, a financial institution
relies on the applicant’s determinations
of its ownership, control, and accrual of
net profits and losses.
4. Ownership. For purposes of
determining if a business is a minorityowned business, an individual owns a
business if that individual directly or
indirectly, through any contract,
arrangement, understanding,
relationship or otherwise, has an equity
interest in the business. Examples of
ownership include being the sole
proprietor of a sole proprietorship,
directly or indirectly owning or holding
the stock of a corporation or company,
directly or indirectly having a
partnership interest in a business, or
directly or indirectly having a
membership interest in a limited
liability company. Indirect as well as
direct ownership are used when
determining ownership for purposes of
§§ 1002.102(m) and 1002.107(a)(18).
Thus, where applicable, ownership
must be traced through corporate or
other indirect ownership structures. For
example, assume that the applicant is
company A. If company B owns 60
percent of applicant company A and an
individual owns 100 percent of
company B, the individual owns 60
percent of applicant company A.
Similarly, if an individual directly owns
20 percent of applicant company A and
is an equal partner in partnership B that
owns the remaining 80 percent of
applicant company A, the individual
owns 60 percent of applicant company
A (i.e., 20 percent due through direct
ownership and 40 percent indirectly
through partnership B). A trustee is
considered the owner of the trust. Thus,
if a trust owns a business and the trust
E:\FR\FM\31MYR2.SGM
31MYR2
lotter on DSK11XQN23PROD with RULES2
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
has two co-trustees, each co-trustee
owns 50 percent of the business.
5. Control. An individual controls a
business if that individual has
significant responsibility to manage or
direct the business. An individual
controls a business if the individual is
an executive officer or senior manager
(e.g., a chief executive officer, chief
financial officer, chief operating officer,
managing member, general partner,
president, vice president, or treasurer)
or regularly performs similar functions.
Additionally, a business may be
controlled by two or more American
Indian or Alaska Native, Asian, Black or
African American, Native Hawaiian or
Other Pacific Islander, or Hispanic or
Latino individuals if those individuals
collectively control the business, such
as constituting a majority of the board
of directors or a majority of the partners
of a partnership.
6. Accrual of net profits or losses. A
business’s net profits and losses accrue
to an individual if that individual
receives the net profits or losses, is
legally entitled or required to receive
the net profits or losses, or is legally
entitled or required to recognize the net
profits or losses for tax purposes.
7. Multi-racial and multi-ethnic
individuals. For purposes of subpart B
of this part, an individual who is multiracial or multi-ethnic constitutes an
individual for whom the definition of
minority-owned business may apply,
depending on whether the individual
meets the other requirements of the
definition. For example, an individual
who is both Asian and White is an
individual for whom the definition of
minority-owned business shall apply if
the individual meets the other
requirements of the definition related to
ownership or control and accrual of
profits or losses.
8. Relationship to disaggregated
subcategories used to determine
ethnicity and race of principal owners.
The ethnicity and race categories used
in this section are aggregate ethnicity
(Hispanic or Latino) and race (American
Indian or Alaska Native, Asian, Black or
African American, and Native Hawaiian
or Other Pacific Islander) categories.
Those ethnicity and race categories are
the same aggregate categories used
(along with Not Hispanic or Latino for
ethnicity, and White for race) to collect
an applicant’s principal owners’
ethnicity and race pursuant to
§ 1002.107(a)(19).
102(o) Principal Owner
1. Individual. Only an individual can
be a principal owner of a business for
purposes of subpart B of this part.
Entities, such as trusts, partnerships,
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
limited liability companies, and
corporations, are not principal owners
for this purpose. Additionally, an
individual must directly own an equity
share of 25 percent or more in the
business in order to be a principal
owner. Unlike the determination of
ownership for purposes of collecting
and reporting minority-owned business
status, women-owned business status,
and LGBTQI+-owned business status,
indirect ownership is not considered
when determining if someone is a
principal owner for purposes of
collecting and reporting principal
owners’ ethnicity, race, and sex or the
number of principal owners. Thus,
when determining who is a principal
owner, ownership is not traced through
multiple corporate structures to
determine if an individual owns 25
percent or more of the equity interests.
For example, if individual A directly
owns 20 percent of a business,
individual B directly owns 20 percent,
and partnership C owns 60 percent, the
business does not have any owners who
satisfy the definition of principal owner
set forth in § 1002.102(o), even if
individual A and individual B are the
only partners in the partnership C.
Similarly, if individual A directly owns
30 percent of a business, individual B
directly owns 20 percent, and trust D
owns 50 percent, individual A is the
only principal owner as defined in
§ 1002.102(o), even if individual B is the
sole trustee of trust D.
2. Trustee. Although a trust is not
considered a principal owner of a
business for the purposes of subpart B,
if the applicant for a covered credit
transaction is a trust, a trustee is
considered the owner of the trust. Thus,
if a trust is an applicant for a covered
credit transaction and the trust has two
co-trustees, each co-trustee is
considered to own 50 percent of the
business and would each be a principal
owner as defined in § 1002.102(o). In
contrast, if the trust has five co-trustees,
each co-trustee is considered to own 20
percent of the business and would not
meet the definition of principal owner
under § 1002.102(o).
3. Purpose of definition. A financial
institution shall provide an applicant
with the definition of principal owner
when asking the applicant to provide
the number of its principal owners
pursuant to § 1002.107(a)(20) and the
ethnicity, race, and sex of its principal
owners pursuant to § 1002.107(a)(19).
See comments 107(a)(19)–2 and
107(a)(20)–1.
102(s) Women-Owned Business
1. General. In order to be a womenowned business for purposes of subpart
PO 00000
Frm 00391
Fmt 4701
Sfmt 4700
35539
B of this part, a business must satisfy
both prongs of the definition of womenowned business. First, one or more
women must own or control more than
50 percent of the business. However, it
is not necessary that one or more
women both own and control more than
50 percent of the business. For example,
a business that is owned entirely by
women but is not controlled by any
women satisfies the first prong of the
definition. Similarly, a business that is
controlled by a woman satisfies this first
prong of the definition, even if none of
the individuals with ownership in the
business are women. If a business does
not satisfy this first prong of the
definition, it is not a women-owned
business. Second, 50 percent or more of
the net profits or losses must accrue to
one or more women. If a business does
not satisfy this second prong of the
definition, it is not a women-owned
business, regardless of whether it
satisfies the first prong of the definition.
2. Purpose of definition. The
definition of women-owned business is
used only when an applicant
determines if it is a women-owned
business pursuant to § 1002.107(a)(18).
A financial institution shall provide an
applicant with the definition of womenowned business when asking the
applicant to provide its women-owned
business status pursuant to
§ 1002.107(a)(18), but the financial
institution is neither permitted nor
required to make its own determination
regarding the applicant’s women-owned
business status.
3. Further clarifications of terms used
in the definition of women-owned
business. In order to assist an applicant
when determining whether it is a
women-owned business, a financial
institution may provide the applicant
with the definitions of ownership,
control, and accrual of net profits or
losses and related concepts set forth in
comments 102(s)–4 through –6. A
financial institution may assist an
applicant when the applicant is
determining its women-owned business
status but is not required to do so. For
purposes of reporting an applicant’s
status, a financial institution relies on
the applicant’s determinations of its
ownership, control, and accrual of net
profits and losses.
4. Ownership. For purposes of
determining if a business is a womenowned business, an individual owns a
business if that individual directly or
indirectly, through any contract,
arrangement, understanding,
relationship or otherwise, has an equity
interest in the business. Examples of
ownership include being the sole
proprietor of a sole proprietorship,
E:\FR\FM\31MYR2.SGM
31MYR2
35540
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
directly or indirectly owning or holding
the stock of a corporation or company,
directly or indirectly having a
partnership interest in a business, or
directly or indirectly having a
membership interest in a limited
liability company. Indirect as well as
direct ownership are used when
determining ownership for purposes of
§§ 1002.102(s) and 1002.107(a)(18).
Thus, where applicable, ownership
must be traced through corporate or
other indirect ownership structures. For
example, assume that the applicant is
company A. If company B owns 60
percent of the applicant company A and
an individual owns 100 percent of
company B, the individual owns 60
percent of the applicant company A.
Similarly, if an individual directly owns
20 percent of the applicant company A
and is an equal partner in a partnership
B that owns the remaining 80 percent of
the applicant company A, the
individual owns 60 percent of applicant
company A (i.e., 20 percent due through
direct ownership and 40 percent
indirectly through partnership B). A
trustee is considered the owner of the
trust. Thus, if a trust owns a business
and the trust has two co-trustees, each
co-trustee owns 50 percent of the
business.
5. Control. An individual controls a
business if that individual has
significant responsibility to manage or
direct the business. An individual
controls a business if the individual is
an executive officer or senior manager
(e.g., a chief executive officer, chief
financial officer, chief operating officer,
managing member, general partner,
president, vice president, or treasurer)
or regularly performs similar functions.
Additionally, a business may be
controlled by two or more women if
those women collectively control the
business, such as constituting a majority
of the board of directors or a majority of
the partners of a partnership.
6. Accrual of net profits or losses. A
business’s net profits and losses accrue
to an individual if that individual
receives the net profits or losses, is
legally entitled or required to receive
the net profits or losses, or is legally
entitled or required to recognize the net
profits or losses for tax purposes.
lotter on DSK11XQN23PROD with RULES2
Section 1002.103—Covered
Applications
103(a) Covered Application
1. General. Subject to the
requirements of subpart B of this part,
a financial institution has latitude to
establish its own application
procedures, including designating the
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
type and amount of information it will
require from applicants.
2. Procedures used. The term
‘‘procedures’’ refers to the actual
practices followed by a financial
institution as well as its stated
application procedures. For example, if
a financial institution’s stated policy is
to require all applications to be in
writing on the financial institution’s
application form, but the financial
institution also makes credit decisions
based on oral requests, the financial
institution’s procedures are to accept
both oral and written applications.
3. Consistency with subpart A. Bureau
interpretations that appear in this
supplement I in connection with
§§ 1002.2(f) and 1002.9 are generally
applicable to the definition of a covered
application in § 1002.103. However, the
definition of a covered application in
§ 1002.103 does not include inquiries
and prequalification requests. The
definition of a covered application also
does not include reevaluation,
extension, or renewal requests on an
existing business credit account, unless
the request seeks additional credit
amounts. See § 1002.103(b).
4. Solicitations and firm offers of
credit. For purposes of subpart B of this
part, the term covered application does
not include solicitations, firm offers of
credit, or other evaluations initiated by
the financial institution because in these
situations the business has not made a
request for credit. For example, if a
financial institution sends a firm offer of
credit to a business for a $10,000 line of
credit, and the business does not
respond, it is not a covered application
because the business never made a
request for credit. However, using the
same example, if the business seeks to
obtain the credit offered, assuming the
requirements of a covered application
are otherwise met, the business’s
request constitutes a covered
application for purposes of subpart B of
this part. See also comment 103(b)–4.
5. Requests for multiple covered credit
transactions at one time. Assuming the
requirements of a covered application
are met, if an applicant makes a request
for two or more covered credit
transactions at the same time, the
financial institution reports each request
as a separate covered application. For
example, if an applicant is seeking both
a term loan and a line of credit and
requests them both on the same
application form, the financial
institution reports the requests as two
separate covered applications, one for a
term loan and another for a line of
credit. See § 1002.107(d) for the
requirements for reusing data so that a
financial institution need only ask once
PO 00000
Frm 00392
Fmt 4701
Sfmt 4700
for certain data required under
§ 1002.107(a). If, on the other hand, the
applicant is only requesting a single
covered credit transaction, but has not
decided on which particular product,
the financial institution reports the
request as a single covered application.
For example, if the applicant indicates
interest in either a term loan or a line
of credit, but not both, the financial
institution reports the request as a single
covered application. See comment
107(a)(5)–1 for instructions on reporting
credit product in this situation.
6. Initial request for a single covered
credit transaction that would result in
the origination of multiple covered
credit transactions. Assuming the
requirements of a covered application
are met, if an applicant initially makes
a request for one covered credit
transaction, but over the course of the
application process requests multiple
covered credit transactions, each
covered credit transaction must be
reported as a separate covered
application. See § 1002.107(d) for the
requirements for reusing data so that a
financial institution need only ask once
for certain data required under
§ 1002.107(a).
7. Requests for multiple lines of credit
at one time. Assuming the requirements
of a covered application are met, if an
applicant requests multiple lines of
credit on a single credit account, it is
reported as one or more covered
applications based on the procedures
used by the financial institution for the
type of credit account. For example, if
a financial institution treats a request for
multiple lines of credit at one time as
sub-components of a single account, the
financial institution reports the request
as a single covered application. If, on
the other hand, the financial institution
treats each line of credit as a separate
account, then the financial institution
reports each request for a line of credit
as a separate covered application, as set
forth in comment 103(a)–5.
8. Duplicate applications. If a
financial institution receives two or
more duplicate covered applications
(i.e., from the same applicant, for the
same credit product, for the same
amount, at or around the same time), the
financial institution may treat the
request as a single covered application
for purposes of subpart B, so long as for
purposes of determining whether to
extend credit, it would also treat one or
more of the applications as a duplicate
under its procedures.
9. Changes in whether there is a
covered credit transaction. In certain
circumstances, an applicant may change
the type of product requested during the
course of the application process.
E:\FR\FM\31MYR2.SGM
31MYR2
lotter on DSK11XQN23PROD with RULES2
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
Assuming other requirements of a
covered application are met, if an
applicant initially requests a product
that is not a covered credit transaction,
but prior to final action taken decides to
seek instead a product that is a covered
credit transaction, the application is a
covered application and must be
reported pursuant to § 1002.109. In this
circumstance, the financial institution
shall endeavor to compile, maintain,
and report the data required under
§ 1002.107(a) in a manner that is
reasonable under the circumstances. If,
on the other hand, an applicant initially
requests a product that is a covered
credit transaction, but prior to final
action taken decides instead to seek a
product that is not a covered credit
transaction, the application is not a
covered application and thus is not
reported. See also § 1002.112(c)(4),
which provides a safe harbor for
incorrect collection of certain data if, at
the time of collection, the financial
institution had a reasonable basis for
believing that the application was a
covered application. Assuming other
requirements of a covered application
are met, if an applicant initially requests
a product that is a covered credit
transaction, the financial institution
counteroffers with a product that is not
a covered credit transaction, and the
applicant declines to proceed or fails to
respond, the application is reported as
a covered application. For example, if
an applicant initially applies for a term
loan, but then, after consultation with
the financial institution, decides that a
lease would better meet its needs and
decides to proceed with that product,
the application is not a covered
application and thus is not reported.
However, if an applicant initially
applies for a term loan, the financial
institution offers to consider the
applicant only for a lease, and the
applicant refuses, the transaction is a
covered application that must be
reported.
10. Multiple unaffiliated coapplicants. If a covered financial
institution receives a covered
application from multiple businesses
that are not affiliates, as defined by
§ 1002.102(a), it shall compile,
maintain, and report data pursuant to
§§ 1002.107 through 1002.109 for only a
single applicant that is a small business,
as defined in § 1002.106(b). A covered
financial institution shall establish
consistent procedures for designating a
single small business for purposes of
collecting and reporting data under
subpart B in situations where there is
more than one small business coapplicant, such as reporting on the first
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
small business listed on an application
form. For example, if three businesses
jointly apply as co-applicants for a term
loan to purchase a piece of equipment,
but only one of the businesses is a small
business, as defined in § 1002.106(b),
the financial institution reports on the
single small business. If, however, two
of the businesses are small businesses,
as defined in § 1002.106(b), the financial
institution must have a procedure for
designating which small business
among multiple small business coapplicants it will report information on,
such as consistently reporting on the
first small business listed on an
application form. See also
§ 1002.5(a)(4)(x), which permits a
creditor to collect certain protected
information about co-applicants under
certain circumstances.
11. Refinancings and evaluation,
extension, or renewal requests that
request additional credit amounts. As
discussed in comments 103(b)–2 and –3,
assuming other requirements of a
covered application are met, an
applicant’s request to refinance and an
applicant’s request for additional credit
amounts on an existing account both
constitute covered applications.
103(b) Circumstances That Are Not
Covered Applications
1. In general. The circumstances set
forth in § 1002.103(b) are not covered
applications for purposes of subpart B of
this part, even if considered
applications under subpart A of this
part. However, in no way are the
exclusions in § 1002.103(b) intended to
repeal, abrogate, annul, impair, change,
or interfere with the scope of the term
application in § 1002.2(f) as applicable
to subpart A.
2. Reevaluation, extension, or renewal
requests that do not request additional
credit amounts. An applicant’s request
to change one or more terms of an
existing account does not constitute a
covered application, unless the
applicant is requesting additional credit
amounts on the account. For example,
an applicant’s request to extend the
duration on a line of credit or to remove
a guarantor would not be a covered
application. However, assuming other
requirements of a covered application
are met, an applicant’s request to
refinance would be reportable. A
refinancing occurs when an existing
obligation is satisfied and replaced by a
new obligation undertaken by the same
borrower.
3. Reevaluation, extension, or renewal
requests that request additional credit
amounts. A Assuming other
requirements of a covered application
are met, an applicant’s request for
PO 00000
Frm 00393
Fmt 4701
Sfmt 4700
35541
additional credit amounts on an existing
account constitutes a covered
application. For example, an applicant’s
request for a line increase on an existing
line of credit, made in accordance with
a financial institution’s procedures for
the type of credit requested, would be
a covered application. As discussed in
comment 107(a)(7)–4, when reporting a
covered application that seeks
additional credit amounts on an existing
account, the financial institution need
only report the additional credit amount
sought, and not the entire credit
amount. For example, if an applicant
currently has a line of credit account for
$100,000, and seeks to increase the line
to $150,000, the financial institution
reports the amount applied for as
$50,000.
4. Reviews or evaluations initiated by
the financial institution. For purposes of
subpart B of this part, the term covered
application does not include
evaluations or reviews of existing
accounts initiated by the financial
institution because the business has not
made a request for credit. For example,
if a financial institution conducts
periodic reviews of its existing lines of
credit and decides to increase the
business’s line by $10,000, it is not a
covered application because the
business never made a request for the
additional credit amounts. However, if
such an evaluation or review of an
existing account by a financial
institution results in the financial
institution inviting the business to
apply for additional credit amounts on
an existing account and the business
does so, the business’s request
constitutes a covered application for
purposes of subpart B of this part,
assuming other requirements of a
covered application are met. Similarly,
as noted in comment 103(a)–4, the term
covered application also does not
include solicitations and firm offers of
credit.
5. Inquiries and prequalification
requests. An inquiry is a request by a
prospective applicant for information
about credit terms offered by the
financial institution. A prequalification
request is a request by a prospective
applicant for a preliminary
determination on whether the
prospective applicant would likely
qualify for credit under a financial
institution’s standards or for a
determination on the amount of credit
for which the prospective applicant
would likely qualify. Inquiries and
prequalification requests are not
covered applications under subpart B of
this part, even though in certain
circumstances inquiries and
prequalification requests may constitute
E:\FR\FM\31MYR2.SGM
31MYR2
35542
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
applications under subpart A. For
example, while an inquiry or
prequalification request may become an
‘‘application’’ under subpart A if the
creditor evaluates information about the
business, decides to decline the request,
and communicates this to the business,
such inquiries or prequalifications
would not be ‘‘covered applications’’
under subpart B of this part. Whether a
particular request is a covered
application, or whether instead it is an
inquiry or prequalification request that
is not reportable under subpart B, may
turn, for instance, on how a financial
institution structures and processes
such requests: does the financial
institution require or encourage a
preliminary review in order for a
business to be considered for a covered
credit transaction, or does the business
voluntarily seek preliminary feedback as
a tool to explore its options before it
decides whether to apply for credit with
the financial institution? The name used
by the financial institution for such a
request is not determinative. For
example, under subpart B, a review is a
reportable covered application if the
financial institution requires the
business, before it may apply for credit,
to pass through a mandatory screening
process that considers particular
information about the business and
denies or turns away the business if it
is ineligible or unlikely to qualify for
credit. In contrast, a business that
requests a financial institution to
identify credit products for which the
business might qualify based on limited
or self-described characteristics, and
without any commitment from the
financial institution to extend credit,
may not have submitted a covered
application for purposes of subpart B.
Section 1002.104—Covered Credit
Transactions and Excluded
Transactions
lotter on DSK11XQN23PROD with RULES2
104(a) Covered Credit Transaction
1. General. The term ‘‘covered credit
transaction’’ includes all business credit
(including loans, lines of credit, credit
cards, and merchant cash advances)
unless otherwise excluded under
§ 1002.104(b).
104(b) Excluded Transactions
1. Factoring. The term ‘‘covered credit
transaction’’ does not cover factoring as
described herein. For the purpose of this
subpart, factoring is an accounts
receivable purchase transaction between
businesses that includes an agreement
to purchase, transfer, or sell a legally
enforceable claim for payment for goods
that the recipient has supplied or
services that the recipient has rendered
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
but for which payment in full has not
yet been made. The name used by the
financial institution for a product is not
determinative of whether or not it is a
‘‘covered credit transaction.’’ This
description of factoring is not intended
to repeal, abrogate, annul, impair, or
interfere with any existing
interpretations, orders, agreements,
ordinances, rules, or regulations
adopted or issued pursuant to comment
9(a)(3)–3. A financial institution shall
report an extension of business credit
incident to a factoring arrangement that
is otherwise a covered credit transaction
as ‘‘Other sales-based financing
transaction’’ under § 1002.107(a)(5).
2. Leases. The term ‘‘covered credit
transaction’’ does not cover leases as
described herein. A lease, for the
purpose of this subpart, is a transfer
from one business to another of the right
to possession and use of goods for a
term, and for primarily business or
commercial (including agricultural)
purposes, in return for consideration. A
lease does not include a sale, including
a sale on approval or a sale or return,
or a transaction resulting in the
retention or creation of a security
interest. The name used by the financial
institution for a product is not
determinative of whether or not it is a
‘‘covered credit transaction.’’
3. Consumer-designated credit. The
term ‘‘covered credit transaction’’ does
not include consumer-designated credit
that is used for business or agricultural
purposes. A transaction qualifies as
consumer-designated credit if the
financial institution offers or extends
the credit primarily for personal, family,
or household purposes. For example, an
open-end credit account used for both
personal and business/agricultural
purposes is not business credit for the
purpose of subpart B of this part unless
the financial institution designated or
intended for the primary purpose of the
account to be business/agriculturalrelated.
4. Credit transaction purchases,
purchases of an interest in a pool of
credit transactions, and purchases of a
partial interest in a credit transaction.
The term ‘‘covered credit transaction’’
does not cover the purchase of an
originated credit transaction, the
purchase of an interest in a pool of
credit transactions, or the purchase of a
partial interest in a credit transaction
such as through a loan participation
agreement. Such purchases do not, in
themselves, constitute an application for
credit. See also comment 109(a)(3)–2.i.
104(b)(1) Trade Credit
1. General. Trade credit, as defined in
§ 1002.104(b)(1), is excluded from the
PO 00000
Frm 00394
Fmt 4701
Sfmt 4700
definition of a covered credit
transaction. An example of trade credit
involves a supplier that finances the
sale of equipment, supplies, or
inventory. However, an extension of
business credit by a financial institution
other than the supplier for the financing
of such items is not trade credit. Also,
credit extended by a business providing
goods or services to another business is
not trade credit for the purposes of this
subpart where the supplying business
intends to sell or transfer its rights as a
creditor to a third party.
2. Trade credit under subpart A. The
definition of trade credit under
comment 9(a)(3)–2 applies to relevant
provisions under subpart A, and
§ 1002.104(b)(1) is not intended to
repeal, abrogate, annul, impair, or
interfere with any existing
interpretations, orders, agreements,
ordinances, rules, or regulations
adopted or issued pursuant to comment
9(a)(3)–2.
Section 1002.105—Covered Financial
Institutions and Exempt Institutions
105(a) Financial Institution
1. Examples. Section 1002.105(a)
defines a financial institution as any
partnership, company, corporation,
association (incorporated or
unincorporated), trust, estate,
cooperative organization, or other entity
that engages in any financial activity.
This definition includes, but is not
limited to, banks, savings associations,
credit unions, online lenders, platform
lenders, community development
financial institutions, Farm Credit
System lenders, lenders involved in
equipment and vehicle financing
(captive financing companies and
independent financing companies),
commercial finance companies,
organizations exempt from taxation
pursuant to 26 U.S.C. 501(c), and
governments or governmental
subdivisions or agencies.
2. Motor vehicle dealers. Pursuant to
§ 1002.101(a), subpart B of this part
excludes from coverage persons defined
by section 1029 of the Consumer
Financial Protection Act of 2010, title X
of the Dodd-Frank Wall Street Reform
and Consumer Protection Act, Public
Law 111–203, 124 Stat. 1376, 2004
(2010).
105(b) Covered Financial Institution
1. Preceding calendar year. The
definition of covered financial
institution refers to preceding calendar
years. For example, in 2029, the two
preceding calendar years are 2027 and
2028. Accordingly, in 2029, Financial
Institution A does not meet the loan-
E:\FR\FM\31MYR2.SGM
31MYR2
lotter on DSK11XQN23PROD with RULES2
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
volume threshold in § 1002.105(b) if did
not originate at least 100 covered credit
transactions for small businesses both
during 2027 and during 2028.
2. Origination threshold. A financial
institution qualifies as a covered
financial institution based on total
covered credit transactions originated
for small businesses, rather than
covered applications received from
small businesses. For example, if in
both 2024 and 2025, Financial
Institution B received 105 covered
applications from small businesses and
originated 95 covered credit
transactions for small businesses, then
for 2026, Financial Institution B is not
a covered financial institution.
3. Counting originations when
multiple financial institutions are
involved in originating a covered credit
transaction. For the purpose of counting
originations to determine whether a
financial institution is a covered
financial institution under
§ 1002.105(b), in a situation where
multiple financial institutions are
involved in originating a single covered
credit transaction, only the last financial
institution with authority to set the
material terms of the covered credit
transaction is required to count the
origination.
4. Counting originations after
adjustments to the gross annual revenue
threshold due to inflation. Pursuant to
§ 1002.106(b)(2), every five years, the
gross annual revenue threshold used to
define a small business in
§ 1002.106(b)(1) shall be adjusted, if
necessary, to account for inflation. The
first time such an adjustment could
occur is in 2030, with an effective date
of January 1, 2031. A financial
institution seeking to determine
whether it is a covered financial
institution applies the gross annual
revenue threshold that is in effect for
each year it is evaluating. For example,
a financial institution seeking to
determine whether it is a covered
financial institution in 2032 counts its
originations of covered credit
transactions for small businesses in
calendar years 2030 and 2031. The
financial institution applies the initial
$5 million threshold to evaluate
whether its originations were to small
businesses in 2030. In this example, if
the small business threshold were
increased to $5.5 million effective
January 1, 2031, the financial institution
applies the $5.5 million threshold to
count its originations for small
businesses in 2031.
5. Reevaluation, extension, or renewal
requests, as well as credit line increases
and other requests for additional credit
amounts. While requests for additional
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
credit amounts on an existing account
can constitute a ‘‘covered application’’
pursuant to § 1002.103(b)(1), such
requests are not counted as originations
for the purpose of determining whether
a financial institution is a covered
financial institution pursuant to
§ 1002.105(b). In addition, transactions
that extend, renew, or otherwise amend
a transaction are not counted as
originations. For example, if a financial
institution originates 50 term loans and
30 lines of credit for small businesses in
each of the preceding two calendar
years, along with 25 line increases for
small businesses in each of those years,
the financial institution is not a covered
financial institution because it has not
originated at least 100 covered credit
transactions in each of the two
preceding calendar years.
6. Annual consideration. Whether a
financial institution is a covered
financial institution for a particular year
depends on its small business lending
activity in the preceding two calendar
years. Therefore, whether a financial
institution is a covered financial
institution is an annual consideration
for each year that data may be compiled
and maintained for purposes of subpart
B of this part. A financial institution
may be a covered financial institution
for a given year of data collection (and
the obligations arising from qualifying
as a covered financial institution shall
continue into subsequent years,
pursuant to §§ 1002.110 and 1002.111),
but the same financial institution may
not be a covered financial institution for
the following year of data collection. For
example, Financial Institution C
originated 105 covered transactions for
small businesses in both 2024 and 2025.
In 2026, Financial Institution C is a
covered financial institution and
therefore is obligated to compile and
maintain applicable 2026 small business
lending data under § 1002.107(a).
During 2026, Financial Institution C
originates 95 covered transactions for
small businesses. In 2027, Financial
Institution C is not a covered financial
institution with respect to 2027 small
business lending data, and is not
obligated to compile and maintain 2027
data under § 1002.107(a) (although
Financial Institution C may volunteer to
collect and maintain 2027 data pursuant
to § 1002.5(a)(4)(vii) and as explained in
comment 105(b)–10). Pursuant to
§ 1002.109(a), Financial Institution C
shall submit its small business lending
application register for 2026 data in the
format prescribed by the Bureau by June
1, 2027 because Financial Institution C
is a covered financial institution with
respect to 2026 data, and the data
PO 00000
Frm 00395
Fmt 4701
Sfmt 4700
35543
submission deadline of June 1, 2027
applies to 2026 data.
7. Merger or acquisition—coverage of
surviving or newly formed institution.
After a merger or acquisition, the
surviving or newly formed financial
institution is a covered financial
institution under § 1002.105(b) if it,
considering the combined lending
activity of the surviving or newly
formed institution and the merged or
acquired financial institutions (or
acquired branches or locations), satisfies
the criteria included in § 1002.105(b).
For example, Financial Institutions A
and B merge. The surviving or newly
formed financial institution meets the
threshold in § 1002.105(b) if the
combined previous components of the
surviving or newly formed financial
institution (A plus B) would have
originated at least 100 covered credit
transactions for small businesses for
each of the two preceding calendar
years. Similarly, if the combined
previous components and the surviving
or newly formed financial institution
would have reported at least 100
covered transactions for small
businesses for the year previous to the
merger as well as 100 covered
transactions for small businesses for the
year of the merger, the threshold
described in § 1002.105(b) would be met
and the surviving or newly formed
financial institution would be a covered
institution under § 1002.105(b) for the
year following the merger. Comment
105(b)–8 discusses a financial
institution’s responsibilities with
respect to compiling and maintaining
(and subsequently reporting) data
during the calendar year of a merger.
8. Merger or acquisition—coverage
specific to the calendar year of the
merger or acquisition. The scenarios
described below illustrate a financial
institution’s responsibilities specifically
for data from the calendar year of a
merger or acquisition. For purposes of
these illustrations, an ‘‘institution that is
not covered’’ means either an institution
that is not a financial institution, as
defined in § 1002.105(a), or a financial
institution that is not a covered
financial institution, as defined in
§ 1002.105(b).
i. Two institutions that are not
covered financial institutions merge.
The surviving or newly formed
institution meets all of the requirements
necessary to be a covered financial
institution. No data are required to be
compiled, maintained, or reported for
the calendar year of the merger (even
though the merger creates an institution
that meets all of the requirements
necessary to be a covered financial
institution).
E:\FR\FM\31MYR2.SGM
31MYR2
lotter on DSK11XQN23PROD with RULES2
35544
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
ii. A covered financial institution and
an institution that is not covered merge.
The covered financial institution is the
surviving institution, or a new covered
financial institution is formed. For the
calendar year of the merger, data are
required to be compiled, maintained,
and reported for covered applications
from the covered financial institution
and is optional for covered applications
from the financial institution that was
previously not covered.
iii. A covered financial institution and
an institution that is not covered merge.
The institution that is not covered is the
surviving institution and remains not
covered after the merger, or a new
institution that is not covered is formed.
For the calendar year of the merger, data
are required to be compiled and
maintained (and subsequently reported)
for covered applications from the
previously covered financial institution
that took place prior to the merger. After
the merger date, compiling,
maintaining, and reporting data is
optional for applications from the
institution that was previously covered
for the remainder of the calendar year of
the merger.
iv. Two covered financial institutions
merge. The surviving or newly formed
financial institution is a covered
financial institution. Data are required
to be compiled and maintained (and
subsequently reported) for the entire
calendar year of the merger. The
surviving or newly formed financial
institution files either a consolidated
submission or separate submissions for
that calendar year.
9. Foreign applicability. As discussed
in comment 1(a)–2, Regulation B
(including subpart B) generally does not
apply to lending activities that occur
outside the United States.
10. Voluntary collection and
reporting. Section 1002.5(a)(4)(vii)
through (x) permits a creditor that is not
a covered financial institution under
§ 1002.105(b) to voluntarily collect and
report information regarding covered
applications from small businesses in
certain circumstances. If a creditor is
voluntarily collecting information for
covered applications regarding whether
the applicant is a minority-owned
business, a women-owned business,
and/or an LGBTQI+-owned business
under § 1002.107(a)(18), and regarding
the ethnicity, race, and sex of the
applicant’s principal owners under
§ 1002.107(a)(19), it shall do so in
compliance with §§ 1002.107, 1002.108,
1002.111, 1002.112 as though it were a
covered financial institution. If a
creditor is reporting those covered
applications from small businesses to
the Bureau, it shall do so in compliance
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
with §§ 1002.109 and 1002.110 as
though it were a covered financial
institution.
Section 1002.106—Business and Small
Business
106(b) Small Business Definition
106(b)(1) Small Business
1. Change in determination of small
business status—business is ultimately
not a small business. If a financial
institution initially determines an
applicant is a small business as defined
in § 1002.106 based on available
information and collects data required
by § 1002.107(a)(18) and (19) but later
concludes that the applicant is not a
small business, the financial institution
does not violate the Act or this
regulation if it meets the requirements
of § 1002.112(c)(4). The financial
institution shall not report the
application on its small business
lending application register pursuant to
§ 1002.109.
2. Change in determination of small
business status—business is ultimately a
small business. Consistent with
comment 107(a)(14)–1, a financial
institution need not independently
verify gross annual revenue. If a
financial institution initially determines
that the applicant is not a small
business as defined in § 1002.106(b), but
later concludes the applicant is a small
business prior to taking final action on
the application, the financial institution
must report the covered application
pursuant to § 1002.109. In this situation,
the financial institution shall endeavor
to compile, maintain, and report the
data required under § 1002.107(a) in a
manner that is reasonable under the
circumstances. For example, if the
applicant initially provides a gross
annual revenue of $5.5 million (that is,
above the threshold for a small business
as initially defined in § 1002.106(b)(1)),
but during the course of underwriting
the financial institution discovers the
applicant’s gross annual revenue was in
fact $4.75 million (meaning that the
applicant is within the definition of a
small business under § 1002.106(b)), the
financial institution is required to report
the covered application pursuant to
§ 1002.109. In this situation, the
financial institution shall take
reasonable steps upon discovery to
compile, maintain, and report the data
necessary under § 1002.107(a) to comply
with subpart B of this part for that
covered application. Thus, in this
example, even if the financial
institution’s procedure is typically to
request applicant-provided data together
with the application form, in this
circumstance, the financial institution
PO 00000
Frm 00396
Fmt 4701
Sfmt 4700
shall seek to collect the data during the
application process necessary to comply
with subpart B in a manner that is
reasonable under the circumstances.
3. Applicant’s representations
regarding gross annual revenue;
inclusion of affiliate revenue; updated
or verified information. A financial
institution is permitted to rely on an
applicant’s representations regarding
gross annual revenue (which may or
may not include any affiliate’s revenue)
for purposes of determining small
business status under § 1002.106(b).
However, if the applicant provides
updated gross annual revenue
information or the financial institution
verifies the gross annual revenue
information (see comment 107(b)–1), the
financial institution must use the
updated or verified information in
determining small business status.
4. Multiple unaffiliated coapplicants—size determination. The
financial institution shall not aggregate
unaffiliated co-applicants’ gross annual
revenues for purposes of determining
small business status under
§ 1002.106(b). If a covered financial
institution receives a covered
application from multiple businesses
who are not affiliates, as defined by
§ 1002.102(a), where at least one
business is a small business under
§ 1002.106(b), the financial institution
shall compile, maintain, and report data
pursuant to §§ 1002.107 through
1002.109 regarding the covered
application for only a single applicant
that is a small business. See comment
103(a)–10 for additional details.
106(b)(2) Inflation Adjustment
1. Inflation adjustment methodology.
The small business gross annual
revenue threshold set forth in
§ 1002.106(b)(1) will be adjusted
upward or downward to reflect changes,
if any, in the Consumer Price Index for
All Urban Consumers (U.S. city average
series for all items, not seasonally
adjusted), as published by the United
States Bureau of Labor Statistics (‘‘CPI–
U’’). The base for computing each
adjustment is the January 2025 CPI–U;
this base value shall be compared to the
CPI–U value in January 2030 and every
five years thereafter. For example, after
the January 2030 CPI–U is made
available, the adjustment is calculated
by determining the percentage change in
the CPI–U between January 2025 and
January 2030, applying this change to
the $5 million gross annual revenue
threshold, and rounding to the nearest
$500,000. If, as a result of this rounding,
there is no change in the gross annual
revenue threshold, there will be no
adjustment. For example, if in January
E:\FR\FM\31MYR2.SGM
31MYR2
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
2030 the adjusted value were $4.9
million (reflecting a $100,000 decrease
from January 2025 CPI–U), then the
threshold would not adjust because $4.9
million would be rounded up to $5
million. If on the other hand, the
adjusted value were $5.7 million, then
the threshold would adjust to $5.5
million. Where the adjusted value is a
multiple of $250,000 (e.g., $5,250,000),
then the threshold adjusts upward (in
this example, to $5,500,000).
2. Substitute for CPI–U. If publication
of the CPI–U ceases, or if the CPI–U
otherwise becomes unavailable or is
altered in such a way as to be unusable,
then the Bureau shall substitute another
reliable cost of living indicator from the
United States Government for the
purpose of calculating adjustments
pursuant to § 1002.106(b)(2).
lotter on DSK11XQN23PROD with RULES2
Section 1002.107—Compilation of
Reportable Data
107(a) Data Format and Itemization
1. General. Section 1002.107(a)
describes a covered financial
institution’s obligation to compile and
maintain data regarding the covered
applications it receives from small
businesses.
i. A covered financial institution
reports these data even if the credit
originated pursuant to the reported
application was subsequently sold by
the institution.
ii. A covered financial institution
annually reports data for covered
applications for which final action was
taken in the previous calendar year.
iii. A covered financial institution
reports data for a covered application on
its small business lending application
register for the calendar year during
which final action was taken on the
application, even if the institution
received the application in a previous
calendar year.
2. Free-form text fields. A covered
financial institution may use technology
such as autocorrect and predictive text
when requesting applicant-provided
data under subpart B of this part that the
financial institution reports via freeform text fields, provided that such
technology does not restrict the
applicant’s ability to write in its own
response instead of using text suggested
by the technology.
3. Filing Instructions Guide.
Additional details and procedures for
compiling data pursuant to § 1002.107
are included in the Filing Instructions
Guide, which is available at https://
www.consumerfinance.gov/dataresearch/small-business-lending/filinginstructions-guide/.
4. Additional data point response
options. The Bureau may add additional
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
response options to the lists of
responses contained in the commentary
that follows for certain of the data
points set forth in § 1002.107(a), via the
Filing Instructions Guide. Refer to the
Filing Instructions Guide for any
updates for each reporting year.
107(a)(1) Unique Identifier
1. Unique within the financial
institution. A financial institution
complies with § 1002.107(a)(1) by
compiling and reporting an
alphanumeric application or loan
identifier unique within the financial
institution to the specific application.
The identifier must not exceed 45
characters, and must begin with the
financial institution’s Legal Entity
Identifier (LEI), as defined in comment
109(b)(6)–1. Separate applications for
the same applicant must have separate
identifiers. The identifier may only
include standard numerical and/or
upper-case alphabetical characters and
cannot include dashes, other special
characters, or characters with diacritics.
The financial institution may assign the
unique identifier at any time prior to
reporting the application. Refinancings
or applications for refinancing must be
assigned a different identifier than the
transaction that is being refinanced. A
financial institution with multiple
branches must ensure that its branches
do not use the same identifiers to refer
to multiple applications.
2. Does not include directly
identifying information. The unique
identifier must not include any directly
identifying information, such as a whole
or partial Social Security number or
employer identification number, about
the applicant or persons (natural or
legal) associated with the applicant. See
also § 1002.111(c) and related
commentary.
107(a)(2) Application Date
1. Consistency. Section 1002.107(a)(2)
requires that, in reporting the date of
covered application, a financial
institution shall report the date the
covered application was received or the
date shown on a paper or electronic
application form. Although a financial
institution need not choose the same
approach for its entire small business
lending application register, it should
generally be consistent in its approach
by, for example, establishing procedures
for how to report this date within
particular scenarios, products, or
divisions. If the financial institution
chooses to report the date shown on an
application form and the institution
retains multiple versions of the
application form, the institution reports
the date shown on the first application
PO 00000
Frm 00397
Fmt 4701
Sfmt 4700
35545
form satisfying the definition of covered
application pursuant to § 1002.103.
2. Application received. For an
application submitted directly to the
financial institution or its affiliate (as
described in § 1002.107(a)(4)), the
financial institution shall report the date
it received the covered application, as
defined under § 1002.103, or the date
shown on a paper or electronic
application form. For an application
initially submitted to a third party, see
comment 107(a)(2)–3.
3. Indirect applications. For an
application that was not submitted
directly to the financial institution or its
affiliate (as described in
§ 1002.107(a)(4)), the financial
institution shall report the date the
application was received by the party
that initially received the application,
the date the application was received by
the financial institution, or the date
shown on the application form.
Although a financial institution need
not choose the same approach for its
entire small business lending
application register, it should generally
be consistent in its approach by, for
example, establishing procedures for
how to report this date within particular
scenarios, products, or divisions.
4. Safe harbor. Pursuant to
§ 1002.112(c)(1), a financial institution
that reports on its small business
lending application register an
application date that is within three
business days of the actual application
date pursuant to § 1002.107(a)(2) does
not violate the Act or subpart B of this
part. For purposes of this paragraph, a
business day means any day the
financial institution is open for
business.
107(a)(3) Application Method
1. General. A financial institution
complies with § 1002.107(a)(3) by
reporting the means by which the
applicant submitted the application
from one of the following options: inperson, telephone, online, or mail. If the
financial institution retains multiple
versions of the application form, the
institution reports the means by which
the first application form satisfying the
definition of covered application
pursuant to § 1002.103 was submitted.
i. In-person. A financial institution
reports the application method as ‘‘inperson’’ if the applicant submitted the
application to the financial institution,
or to another party acting on the
financial institution’s behalf, in person.
The in-person application method
applies, for example, to applications
submitted at a branch office (including
applications hand delivered by the
applicant), at the applicant’s place of
E:\FR\FM\31MYR2.SGM
31MYR2
35546
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
business, or via electronic media with a
video component).
ii. Telephone. A financial institution
reports the application method as
‘‘telephone’’ if the applicant submitted
the application to the financial
institution, or another party acting on
the financial institution’s behalf, by
telephone call or via audio-based
electronic media without a video
component.
iii. Online. A financial institution
reports the application method as
‘‘online’’ if the applicant submitted the
application to the financial institution,
or another party acting on the financial
institution’s behalf, through a website,
mobile application (app), fax
transmission, electronic mail, text
message, or some other form of textbased electronic communication.
iv. Mail. A financial institution
reports the application method as
‘‘mail’’ if the applicant submitted the
application to the financial institution,
or another party acting on the financial
institution’s behalf, via United States
mail, courier or overnight service, or an
overnight drop box.
lotter on DSK11XQN23PROD with RULES2
107(a)(4) Application Recipient
1. Agents. When a financial
institution is reporting actions taken by
its agent consistent with comment
109(a)(3)–3, the agent is considered the
financial institution for the purposes of
§ 1002.107(a)(4). For example, assume
that an applicant submitted an
application to Financial Institution B,
and Financial Institution B made the
credit decision acting as Financial
Institution A’s agent under State law.
Financial Institution A reports the
application and indicates that the
application was submitted directly to
Financial Institution A.
107(a)(5) Credit Type
1. Reporting credit product—in
general. A financial institution complies
with § 1002.107(a)(5)(i) by selecting the
credit product applied for or originated,
from the list below. If the credit product
applied for or originated is not included
on this list, the financial institution
selects ‘‘other,’’ and reports the credit
product via free-form text field. If an
applicant requested more than one
credit product at the same time, the
financial institution reports each credit
product requested as a separate
application. However, if the applicant
only requested a single covered credit
transaction, but had not decided on
which particular product, the financial
institution complies with
§ 1002.107(a)(5)(i) by reporting the
credit product originated (if originated),
or the credit product denied (if denied),
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
or the credit product of greater interest
to the applicant, if readily determinable.
If the credit product of greater interest
to the applicant is not readily
determinable, the financial institution
complies with § 1002.107(a)(5)(i) by
reporting one of the credit products
requested as part of the request for a
single covered credit transaction, in its
discretion. See comment 103(a)–5 for
instructions on reporting requests for
multiple covered credit transactions at
one time.
i. Term loan—unsecured.
ii. Term loan—secured.
iii. Line of credit—unsecured.
iv. Line of credit—secured.
v. Credit card account, not privatelabel.
vi. Private-label credit card account.
vii. Merchant cash advance.
viii. Other sales-based financing
transaction.
ix. Other.
x. Not provided by applicant and
otherwise undetermined.
2. Credit card account, not privatelabel. A financial institution complies
with § 1002.107(a)(5)(i) by reporting the
credit product as a ‘‘credit card account,
not private-label’’ when the product is
a business-purpose open-end credit
account that is not private label and that
may be accessed from time to time by
a card, plate, or other single credit
device to obtain credit, except that
accounts or lines of credit secured by
real property and overdraft lines of
credit accessed by debit cards are not
credit card accounts. The term credit
card account does not include debit
card accounts or closed-end credit that
may be accessed by a card, plate, or
single credit device. The term credit
card account does include charge card
accounts that are generally paid in full
each billing period, as well as hybrid
prepaid-credit cards. A financial
institution reports multiple credit card
account, not private-label applications
requested at one time using the
guidance in comment 103(a)–7.
3. Private-label credit card account. A
financial institution complies with
§ 1002.107(a)(5)(i) by reporting the
credit product as a ‘‘private-label credit
card account’’ when the product is a
business-purpose open-end private-label
credit account that otherwise meets the
description of a credit card account in
comment 107(a)(5)–2. A private-label
credit card account is a credit card
account that can only be used to acquire
goods or services provided by one
business (for example, a specific
merchant, retailer, independent dealer,
or manufacturer) or a small group of
related businesses. A co-branded or
other card that can also be used for
PO 00000
Frm 00398
Fmt 4701
Sfmt 4700
purchases at unrelated businesses is not
a private-label credit card. A financial
institution reports multiple private-label
credit card account applications
requested at one time in the same
manner as credit card account, not
private-label applications, using the
guidance in comment 103(a)–7.
4. Credit product not provided by the
applicant and otherwise undetermined.
Pursuant to § 1002.107(c), a financial
institution is required to maintain
procedures reasonably designed to
collect applicant-provided data, which
includes credit product. However, if a
financial institution is nonetheless
unable to collect or otherwise determine
credit product information because the
applicant does not indicate what credit
product it seeks and the application is
denied, withdrawn, or closed for
incompleteness before a credit product
is identified, the financial institution
reports that the credit product is ‘‘not
provided by applicant and otherwise
undetermined.’’
5. Reporting credit product involving
counteroffers. If a financial institution
presents a counteroffer for a different
credit product than the product the
applicant had initially requested, and
the applicant does not agree to proceed
with the counteroffer, the financial
institution reports the application for
the original credit product as denied
pursuant to § 1002.107(a)(9). If the
applicant agrees to proceed with
consideration of the financial
institution’s counteroffer, the financial
institution reports the disposition of the
application based on the credit product
that was offered and does not report the
original credit product applied for. See
comment 107(a)(9)–2.
6. Other sales-based financing
transaction. For an extension of
business credit incident to a factoring
arrangement that is otherwise a covered
credit transaction, a financial institution
selects ‘‘other sales-based financing
transaction’’ as the credit product. See
comment 104(b)–1.
7. Guarantees. A financial institution
complies with § 1002.107(a)(5)(ii) by
selecting the type or types of guarantees
that were obtained for an originated
covered credit transaction, or that
would have been obtained if the covered
credit transaction was originated, from
the list below. The financial institution
selects, if applicable, up to a maximum
of five guarantees for a single
application. If the type of guarantee
does not appear on the list, the financial
institution selects ‘‘other’’ and reports
the type of guarantee via free-form text
field. If no guarantee is obtained or
would have been obtained if the covered
credit transaction was originated, the
E:\FR\FM\31MYR2.SGM
31MYR2
lotter on DSK11XQN23PROD with RULES2
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
financial institution selects ‘‘no
guarantee.’’ If an application is denied,
withdrawn, or closed for
incompleteness before any guarantee
has been identified, the financial
institution selects ‘‘no guarantee.’’ The
financial institution chooses State
government guarantee or local
government guarantee, as applicable,
based on the entity directly
administering the program, not the
source of funding.
i. Personal guarantee—owner(s).
ii. Personal guarantee—non-owner(s).
iii. SBA guarantee—7(a) program.
iv. SBA guarantee—504 program.
v. SBA guarantee—other.
vi. USDA guarantee.
vii. FHA insurance.
viii. Bureau of Indian Affairs
guarantee.
ix. Other Federal guarantee.
x. State government guarantee.
xi. Local government guarantee.
xii. Other.
xiii. No guarantee.
8. Loan term. A financial institution
complies with § 1002.107(a)(5)(iii) by
reporting the number of months in the
loan term for the covered credit
transaction. The loan term is the
number of months after which the legal
obligation will mature or terminate,
measured from the date of origination.
For transactions involving real property,
the financial institution may instead
measure the loan term from the date of
the first payment period and disregard
the time that elapses, if any, between
the settlement of the transaction and the
first payment period. For example, if a
loan closes on April 12, but the first
payment is not due until June 1 and
includes the interest accrued in May
(but not April), the financial institution
may choose not to include the month of
April in the loan term. In addition, the
financial institution may round the loan
term to the nearest full month or may
count only full months and ignore
partial months, as it so chooses. If a
credit product, such as a credit card,
does not have a loan term, the financial
institution reports that the loan term is
‘‘not applicable.’’ The financial
institution also reports that the loan
term is ‘‘not applicable’’ if the credit
product is reported as ‘‘not provided by
applicant and otherwise
undetermined.’’ For a credit product
that generally has a loan term, the
financial institution reports ‘‘not
provided by applicant and otherwise
undetermined’’ if the application is
denied, withdrawn, or determined to be
incomplete before a loan term has been
identified. For merchant cash advances
and other sales-based financing
transactions, the financial institution
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
complies with § 1002.107(a)(5)(iii) by
reporting the loan term, if any, that the
financial institution estimated or
specified in processing, underwriting or
providing disclosures for the
application or transaction. If more than
one such loan term is estimated or
specified, the financial institution
reports the one it considers to be most
accurate, in its discretion. For merchant
cash advances and other sales-based
financing transactions that do not have
a loan term, the financial institution
reports ‘‘not provided by applicant and
otherwise undetermined.’’
107(a)(6) Credit Purpose
1. General. A financial institution
complies with § 1002.107(a)(6) by
selecting the purpose or purposes of the
covered credit transaction applied for or
originated from the list below.
i. Purchase, construction/
improvement, or refinance of nonowner-occupied real property.
ii. Purchase, construction/
improvement, or refinance of owneroccupied real property.
iii. Purchase, refinance, or
rehabilitation/repair of motor vehicle(s)
(including light and heavy trucks).
iv. Purchase, refinance, or
rehabilitation/repair of equipment.
v. Working capital (includes
inventory or floor planning).
vi. Business start-up.
vii. Business expansion.
viii. Business acquisition.
ix. Refinance existing debt (other than
refinancings listed above).
x. Line increase.
xi. Overdraft.
xii. Other.
xiii. Not provided by applicant and
otherwise undetermined.
xiv. Not applicable.
2. More than one purpose. If the
applicant indicates or the financial
institution is otherwise aware of more
than one purpose for the credit applied
for or originated, the financial
institution reports those purposes, up to
a maximum of three, using the list
provided, in any order it chooses. For
example, if an applicant refinances a
commercial building it owns and uses
the funds to purchase a motor vehicle
and expand the business it runs in a
part of that building, the financial
institution reports that the three
purposes of the credit are purchase,
construction/improvement, or refinance
of owner-occupied real property;
purchase, refinance, or rehabilitation/
repair of motor vehicle(s) (including
light and heavy trucks); and business
expansion. If an application has more
than three purposes, the financial
institution reports any three of those
PO 00000
Frm 00399
Fmt 4701
Sfmt 4700
35547
purposes. In the example above, if the
funds were also used to purchase
equipment, the financial institution
would select only three of the relevant
purposes to report.
3. ‘‘Other’’ credit purpose. If a
purpose of an application does not
appear on the list of purposes provided,
the financial institution reports ‘‘other’’
as the credit purpose and reports the
credit purpose via free-form text field. If
the application has more than one
‘‘other’’ purpose, the financial
institution chooses the most significant
‘‘other’’ purpose, in its discretion, and
reports that ‘‘other’’ purpose. The
financial institution reports a maximum
of three credit purposes, including any
‘‘other’’ purpose.
4. Credit purpose not provided by
applicant and otherwise undetermined.
Pursuant to § 1002.107(c), a financial
institution shall maintain procedures
reasonably designed to collect
applicant-provided data, which
includes credit purpose. However, if a
financial institution is nonetheless
unable to collect or determine credit
purpose information, the financial
institution reports that the credit
purpose is ‘‘not provided by applicant
and otherwise undetermined.’’
5. Not applicable. If the application is
for a credit product that generally has
indeterminate or numerous potential
purposes, such as a credit card, the
financial institution may report credit
purpose as ‘‘not applicable.’’
6. Collecting credit purpose. Pursuant
to § 1002.107(c), a financial institution
shall maintain procedures reasonably
designed to collect applicant-provided
data, including credit purpose. The
financial institution is permitted, but
not required, to present the list of credit
purposes provided in comment
107(a)(6)–1 to the applicant. The
financial institution is also permitted to
ask about purposes not included on the
list provided in comment 107(a)(6)–1. If
the applicant chooses a purpose or
purposes not included on the provided
list, the financial institution follows the
instructions in comment 107(a)(6)–3
regarding reporting of ‘‘other’’ as the
credit purpose. If an applicant chooses
a purpose or purposes that are similar
to purposes on the list provided, but
uses different language, the financial
institution reports the purpose or
purposes from the list provided.
7. Owner-occupied real property. Real
property is owner-occupied if any
physical portion of the property is used
by the owner for any activity, including
storage.
8. Overdraft. When overdraft is
provided as an aspect of the covered
credit transaction applied for or
E:\FR\FM\31MYR2.SGM
31MYR2
35548
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
lotter on DSK11XQN23PROD with RULES2
originated, the financial institution
reports ‘‘Overdraft’’ as a purpose of the
credit. The financial institution reports
credit type pursuant to
§ 1002.107(a)(5)(i) as appropriate for the
underlying covered credit transaction,
such as ‘‘Line of credit—unsecured.’’
Providing occasional overdraft services
as part of a deposit account offering
would not be reported for the purpose
of subpart B.
107(a)(7) Amount Applied For
1. Initial amount requested. A
financial institution complies with
§ 1002.107(a)(7) by reporting the initial
amount of credit or the initial credit
limit requested by the applicant. The
financial institution is not required to
report credit amounts or limits
discussed before an application is made,
but must capture the initial amount
requested at the application stage. If the
applicant requests an amount as a range
of numbers, the financial institution
reports the midpoint of that range.
2. No amount requested. If the
applicant does not request a specific
amount at the application stage, but the
financial institution underwrites the
application for a specific amount, the
financial institution complies with
§ 1002.107(a)(7) by reporting the amount
considered for underwriting as the
amount applied for. If the particular
type of credit product applied for does
not involve a specific amount requested,
the financial institution reports that the
requirement is ‘‘not applicable.’’
3. Firm offers. When an applicant
responds to a ‘‘firm offer’’ that specifies
an amount or limit, which may occur in
conjunction with a pre-approved credit
solicitation, the financial institution
reports the amount of the firm offer as
the amount applied for, unless the
applicant requests a different amount. If
the firm offer does not specify an
amount or limit and the applicant does
not request a specific amount, the
amount applied for is the amount
underwritten by the financial
institution. If the firm offer specifies an
amount or limit as a range and the
applicant does not request a specific
amount, the amount applied for is the
amount underwritten by the financial
institution.
4. Additional amounts on an existing
account. When reporting a covered
application that seeks additional credit
amounts on an existing account, the
financial institution reports only the
additional credit amount sought, and
not any previous amounts extended. See
comment 103(b)–3.
5. Initial amount otherwise
undetermined. Pursuant to
§ 1002.107(c), a financial institution
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
shall maintain procedures reasonably
designed to collect applicant-provided
data, which includes the credit amount
initially requested by the applicant
(other than for products that do not
involve a specific amount requested).
However, if a financial institution is
nonetheless unable to collect or
otherwise determine the amount
initially requested, the financial
institution reports that the amount
applied for is ‘‘not provided by
applicant and otherwise
undetermined.’’ But see comment
107(a)(7)–2 for how to report the credit
amount initially requested by the
applicant for particular types of credit
products that do not involve a specific
amount requested.
107(a)(8) Amount Approved or
Originated
1. General. A financial institution
complies with § 1002.107(a)(8) by
reporting the amount approved or
originated for credit that is originated or
approved but not accepted. For
applications that the financial
institution, pursuant to § 1002.107(a)(9),
reports as denied, withdrawn by the
applicant, or incomplete, the financial
institution reports that the amount
approved or originated is ‘‘not
applicable.’’
2. Multiple approval amounts. A
financial institution may sometimes
approve an applicant for more than one
credit amount, allowing the applicant to
choose which amount the applicant
prefers for the extension or line of
credit. When multiple approval
amounts are offered for a closed-end
credit transaction for which the action
taken is approved but not accepted, and
the applicant does not accept the
approved offer of credit in any amount,
the financial institution reports the
highest amount approved. If the
applicant accepts the offer of closed-end
credit, the financial institution reports
the amount originated. When multiple
approval amounts are offered for an
open-end credit transaction for which
the action taken is approved but not
accepted, and the applicant does not
accept the approved offer of credit in
any amount, the financial institution
reports the highest amount approved. If
the applicant accepts the offer of openend credit, the financial institution
reports the actual credit limit
established.
3. Amount approved or originated—
closed-end credit transaction. For an
originated closed-end credit transaction,
the financial institution reports the
principal amount to be repaid. This
amount will generally be disclosed on
the legal obligation.
PO 00000
Frm 00400
Fmt 4701
Sfmt 4700
4. Amount approved or originated—
refinancing. For a refinancing, the
financial institution reports the amount
of credit approved or originated under
the terms of the new debt obligation.
5. Amount approved or originated—
counteroffer. If an applicant agrees to
proceed with consideration of a
counteroffer for an amount or limit
different from the amount for which the
applicant applied, and the covered
credit transaction is approved and
originated, the financial institution
reports the amount granted. If an
applicant does not agree to proceed with
consideration of a counteroffer or fails
to respond, the institution reports the
application as denied and reports ‘‘not
applicable’’ for the amount approved or
originated. See comment 107(a)(9)–2.
6. Amount approved or originated—
existing accounts. For additional credit
amounts that were approved for or
originated on an existing account, the
financial institution reports only the
additional credit amount approved or
originated, and not any previous
amounts extended.
107(a)(9) Action Taken
1. General. A financial institution
complies with § 1002.107(a)(9) by
selecting the action taken by the
financial institution on the application
from the following list: originated,
approved but not accepted, denied,
withdrawn by the applicant, or
incomplete. A financial institution
identifies the applicable action taken
code based on final action taken on the
covered application.
i. Originated. A financial institution
reports that the application was
originated if the financial institution
made a credit decision approving the
application and that credit decision
resulted in an extension of credit.
ii. Approved but not accepted. A
financial institution reports that the
application was approved but not
accepted if the financial institution
made a credit decision approving the
application, but the applicant or the
party that initially received the
application failed to respond to the
financial institution’s approval within
the specified time, or the covered credit
transaction was not otherwise
consummated or the account was not
otherwise opened.
iii. Denied. A financial institution
reports that the application was denied
if it made a credit decision denying the
application before an applicant
withdrew the application, before the
application was closed for
incompleteness, or before the
application was denied on the basis of
incompleteness.
E:\FR\FM\31MYR2.SGM
31MYR2
lotter on DSK11XQN23PROD with RULES2
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
iv. Withdrawn by the applicant. A
financial institution reports that the
application was withdrawn if the
application was expressly withdrawn by
the applicant before the financial
institution made a credit decision
approving or denying the application,
before the application was closed for
incompleteness, or before the
application was denied on the basis of
incompleteness.
v. Incomplete. A financial institution
reports that the application was
incomplete if the financial institution
took adverse action on the basis of
incompleteness under § 1002.9(a)(1)(ii)
and (c)(1)(i) or provided a written notice
of incompleteness under
§ 1002.9(c)(1)(ii) and (2), and the
applicant did not respond to the request
for additional information within the
period of time specified in the notice.
2. Treatment of counteroffers. If a
financial institution makes a
counteroffer to grant credit on terms
other than those originally requested by
the applicant (for example, for a shorter
loan maturity, with a different interest
rate, or in a different amount) and the
applicant declines the counteroffer or
fails to respond, the institution reports
the action taken as a denial on the
original terms requested by the
applicant. If the applicant agrees to
proceed with consideration of the
financial institution’s counteroffer, the
financial institution reports the action
taken as the disposition of the
application based on the terms of the
counteroffer. For example, assume an
applicant applies for a term loan and the
financial institution makes a
counteroffer to proceed with
consideration of a line of credit. If the
applicant declines to be considered for
a line of credit, the financial institution
reports the application as a denied
request for a term loan. If, on the other
hand, the applicant agrees to be
considered for a line of credit, then the
financial institution reports the action
taken as the disposition of the
application for the line of credit. For
instance, using the same example, if the
financial institution makes a credit
decision approving the line of credit,
but the applicant fails to respond to the
financial institution’s approval within
the specified time by accepting the
credit offer, the financial institution
reports the application on the line of
credit as approved but not accepted.
3. Treatment of rescinded
transactions. If a borrower successfully
rescinds a transaction after closing but
before a financial institution is required
to submit its small business lending
application register containing the
information for the application under
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
§ 1002.109, the institution reports the
application as approved but not
accepted.
4. Treatment of pending applications.
A financial institution does not report
any application still pending at the end
of the calendar year; it reports such
applications on its small business
lending application register for the year
in which final action is taken.
5. Treatment of conditional
approvals. If a financial institution
issues an approval that is subject to the
applicant meeting certain conditions
prior to closing, the financial institution
reports the action taken as provided
below dependent on whether the
conditions are solely customary
commitment or closing conditions or if
the conditions include any underwriting
or creditworthiness conditions.
Customary commitment or closing
conditions may include, for example, a
clear-title requirement, proof of
insurance policies, or a subordination
agreement from another lienholder.
Underwriting or creditworthiness
conditions may include, for example,
conditions that constitute a counteroffer
(such as a demand for a higher downpayment), satisfactory loan-to-value
ratios, or verification or confirmation, in
whatever form the institution requires,
that the applicant meets underwriting
conditions concerning applicant
creditworthiness, including
documentation or verification of
revenue, income or assets.
i. Conditional approval—denial. If the
approval is conditioned on satisfying
underwriting or creditworthiness
conditions, those conditions are not
met, and the financial institution takes
adverse action on some basis other than
incompleteness, the financial institution
reports the action taken as denied.
ii. Conditional approval—
incompleteness. If the approval is
conditioned on satisfying underwriting
or creditworthiness conditions that the
financial institution needs to make the
credit decision, and the financial
institution takes adverse action on the
basis of incompleteness under
§ 1002.9(a)(1)(ii) and (c)(1)(i), or has sent
a written notice of incompleteness
under § 1002.9(c)(1)(ii) and (2), and the
applicant did not respond within the
period of time specified in the notice,
the financial institution reports the
action taken as incomplete.
iii. Conditional approval—approved
but not accepted. If the approval is
conditioned on satisfying conditions
that are solely customary commitment
or closing conditions and the conditions
are not met, the financial institution
reports the action taken as approved but
not accepted. If all the conditions
PO 00000
Frm 00401
Fmt 4701
Sfmt 4700
35549
(underwriting, creditworthiness, or
customary commitment or closing
conditions) are satisfied and the
financial institution agrees to extend
credit but the covered credit transaction
is not originated (for example, because
the applicant withdraws), the financial
institution reports the action taken as
approved but not accepted.
iv. Conditional approval—withdrawn
by the applicant. If the applicant
expressly withdraws before satisfying
all underwriting or creditworthiness
conditions and before the institution
denies the application or before the
institution closes the file for
incompleteness, the financial institution
reports the action taken as withdrawn.
107(a)(10) Action Taken Date
1. Reporting action taken date for
denied applications. For applications
that are denied, a financial institution
reports either the date the application
was denied or the date the denial notice
was sent to the applicant.
2. Reporting action taken date for
applications withdrawn by applicant.
For applications that are withdrawn by
the applicant, the financial institution
reports the date the express withdrawal
was received, or the date shown on the
notification form in the case of a written
withdrawal.
3. Reporting action taken date for
applications that are approved but not
accepted. For applications approved by
a financial institution but not accepted
by the applicant, the financial
institution reports any reasonable date,
such as the approval date, the deadline
for accepting the offer, or the date the
file was closed. A financial institution
should generally be consistent in its
approach to reporting by, for example,
establishing procedures for how to
report this date for particular scenarios,
products, or divisions.
4. Reporting action taken date for
originated applications. For
applications that result in an extension
of credit, a financial institution
generally reports the closing or account
opening date. If the disbursement of
funds takes place on a date later than
the closing or account opening date, the
institution may, alternatively, use the
date of initial disbursement. A financial
institution should generally be
consistent in its approach to reporting
by, for example, establishing procedures
for how to report this date for particular
scenarios, products, or divisions.
5. Reporting action taken date for
incomplete applications. For
applications closed for incompleteness
or denied for incompleteness, the
financial institution reports either the
date the action was taken or the date the
E:\FR\FM\31MYR2.SGM
31MYR2
35550
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
lotter on DSK11XQN23PROD with RULES2
denial or incompleteness notice was
sent to the applicant.
107(a)(11) Denial Reasons
1. Reason for denial—in general. A
financial institution complies with
§ 1002.107(a)(11) by reporting the
principal reason or reasons it denied the
application, indicating up to four
reasons. The financial institution
reports only the principal reason or
reasons it denied the application. For
example, if a financial institution denies
an application due to insufficient
cashflow, unacceptable collateral, and
unverifiable business information, the
financial institution is required to report
these three reasons. The reasons
reported must accurately describe the
principal reason or reasons the financial
institution denied the application. A
financial institution reports denial
reasons by selecting its principal reason
or reasons for denying the application
from the following list:
i. Credit characteristics of the
business. A financial institution reports
the denial reason as ‘‘credit
characteristics of the business’’ if it
denies the application based on an
assessment of the business’s ability to
meet its current or future credit
obligations. Examples include business
credit score, history of business
bankruptcy or delinquency, and/or a
high number of recent business credit
inquiries.
ii. Credit characteristics of the
principal owner(s) or guarantor(s). A
financial institution reports the denial
reason as ‘‘credit characteristics of the
principal owner(s) or guarantor(s)’’ if it
denies the application based on an
assessment of the principal owner(s) or
guarantor(s)’s ability to meet its current
or future credit obligations. Examples
include principal owner(s) or
guarantor(s)’s credit score, history of
charge offs, bankruptcy or delinquency,
low net worth, limited or insufficient
credit history, or history of excessive
overdraft.
iii. Use of credit proceeds. A financial
institution reports the denial reason as
‘‘use of credit proceeds’’ if it denies an
application because, as a matter of
policy or practice, it places limits on
lending to certain kinds of businesses,
products, or activities it has identified
as high risk.
iv. Cashflow. A financial institution
reports the denial reason as ‘‘cashflow’’
when it denies an application due to
insufficient or inconsistent cashflow.
v. Collateral. A financial institution
reports the denial reason as ‘‘collateral’’
when it denies an application due to
collateral that it deems insufficient or
otherwise unacceptable.
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
vi. Time in business. A financial
institution reports the denial reason as
‘‘time in business’’ when it denies an
application due to insufficient time or
experience in a line of business.
vii. Government loan program
criteria. Certain loan programs are
backed by government agencies that
have specific eligibility requirements.
When those requirements are not met by
an applicant, and the financial
institution denies the application, the
financial institution reports the denial
reason as ‘‘government loan program
criteria.’’ For example, if an applicant
cannot meet a government-guaranteed
loan program’s requirement to provide a
guarantor or proof of insurance, the
financial institution reports the reason
for the denial as ‘‘government loan
program criteria.’’
viii. Aggregate exposure. Aggregate
exposure is a measure of the total
exposure or level of indebtedness of the
business and its principal owner(s)
associated with an application. A
financial institution reports the denial
reason as ‘‘aggregate exposure’’ where
the total debt associated with the
application is deemed high or exceeds
certain debt thresholds set by the
financial institution. For example, if an
application for unsecured credit exceeds
the maximum amount a financial
institution is permitted to approve per
applicant, as stated in its credit
guidelines, and the financial institution
denies the application for this reason,
the financial institution reports the
reason for denial as ‘‘aggregate
exposure.’’
ix. Unverifiable information. A
financial institution reports the denial
reason as ‘‘unverifiable information’’
when it is unable to verify information
provided as part of the application, and
denies the application for that reason.
The unverifiable information must be
necessary for the financial institution to
make a credit decision based on its
procedures for the type of credit
requested. Examples include
unverifiable assets or collateral,
unavailable business credit report, and
unverifiable business ownership
composition.
x. Other. A financial institution
reports the denial reason as ‘‘other’’
where none of the enumerated denial
reasons adequately describe the
principal reason or reasons it denied the
application, and the institution reports
the denial reason or reasons via freeform text field.
2. Reason for denial—not applicable.
A financial institution complies with
§ 1002.107(a)(11) by reporting that the
requirement is not applicable if the
action taken on the application,
PO 00000
Frm 00402
Fmt 4701
Sfmt 4700
pursuant to § 1002.107(a)(9), is not a
denial. For example, if the application
resulted in an originated covered credit
transaction, or the application was
approved but not accepted, the financial
institution complies with
§ 1002.107(a)(11) by reporting not
applicable.
107(a)(12) Pricing Information
1. General. For applications that a
financial institution, pursuant to
§ 1002.107(a)(9), reports as denied,
withdrawn by the applicant, or
incomplete, the financial institution
reports that pricing information is ‘‘not
applicable.’’
107(a)(12)(i) Interest Rate
1. General. A financial institution
complies with § 1002.107(a)(12)(i) by
reporting the interest rate applicable to
the amount of credit approved or
originated as reported pursuant to
§ 1002.107(a)(8).
2. Interest rate—initial period. If a
covered credit transaction includes an
initial period with an introductory
interest rate of 12 months or less, after
which the interest rate adjusts upwards
or shifts from a fixed to variable rate, a
financial institution complies with
§ 1002.107(a)(12)(i) by reporting
information about the interest rate
applicable after the initial period. If a
covered transaction includes an initial
period with an interest rate of more than
12 months after which the interest rate
resets, a financial institution complies
with § 1002.107(a)(12)(i) by reporting
information about the interest rate
applicable prior to the reset period. For
example, if a financial institution
originates a covered credit transaction
with a fixed, initial interest rate of 0
percent for six months following
origination, after which the interest rate
will adjust according to a Prime index
rate plus a 3 percent margin, the
financial institution reports the 3
percent margin, Prime as the name of
the index used to adjust the interest
rate, the number 6 for the length of the
initial period, and ‘‘not applicable’’ for
the index value. As another example, in
a 10/1 adjustable-rate mortgage
transaction, where the first 10 years of
the repayment period has a fixed rate of
3 percent and after year 10 the interest
rate will adjust according to a Prime
index rate plus a 3 percent margin, a
financial institution complies with
§ 1002.107(a)(12)(i) by reporting the
fixed rate of 3 percent, the number 120
for the initial period, and ‘‘not
applicable’’ in the fields for the index,
margin, and index value.
3. Multiple interest rates. If a covered
credit transaction includes multiple
E:\FR\FM\31MYR2.SGM
31MYR2
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
interest rates applicable to different
credit features, a financial institution
complies with § 1002.107(a)(12)(i) by
reporting the interest rate applicable to
the amount of credit approved or
originated reported pursuant to
§ 1002.107(a)(8). For example, if a
financial institution originates a credit
card with different interest rates for
purchases, balance transfers, cash
advances, and overdraft advances, the
financial institution reports the interest
rate applicable for purchases.
4. Index names. A financial
institution complies with
§ 1002.107(a)(12)(i) by selecting the
index used from the following list: Wall
Street Journal Prime, 6-month CD rate,
1-year T-Bill, 3-year T-Bill, 5-year TNote, 12-month average of 10-year TBill, Cost of Funds Index (COFI)National, Cost of Funds Index (COFI)11th District, Constant Maturity
Treasury (CMT). If the index used is
internal to the financial institution, the
financial institution reports ‘‘internal
index’’ via the list of indices provided.
If the index used does not appear on the
list of indices provided (and is not
internal to the financial institution), the
financial institution reports ‘‘other’’ and
reports the name of the index via freeform text field.
5. Index value. For covered
transactions with an adjustable interest
rate, a financial institution complies
with § 1002.107(a)(12)(i)(B) by reporting
the index value used to set the rate that
is or would be applicable to the covered
transaction.
lotter on DSK11XQN23PROD with RULES2
107(a)(12)(ii) Total Origination Charges
1. Charges in comparable cash
transactions. Charges imposed
uniformly in cash and credit
transactions are not reportable under
§ 1002.107(a)(12)(ii). In determining
whether an item is part of the total
origination charges, a financial
institution should compare the covered
credit transaction in question with a
similar cash transaction. A financial
institution financing the sale of property
or services may compare charges with
those payable in a similar cash
transaction by the seller of the property
or service.
2. Charges by third parties. A
financial institution includes fees and
amounts charged by someone other than
the financial institution in the total
charges reported if the financial
institution:
i. Requires the use of a third party as
a condition of or an incident to the
extension of credit, even if the applicant
can choose the third party; or
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
ii. Retains a portion of the third-party
charge, to the extent of the portion
retained.
3. Special rule; broker fees. A
financial institution complies with
§ 1002.107(a)(12)(ii) by including fees
charged by a broker (including fees paid
by the applicant directly to the broker
or to the financial institution for
delivery to the broker) in the total
origination charges reported even if the
financial institution does not require the
applicant to use a broker and even if the
financial institution does not retain any
portion of the charge. For more
information on broker fees, see
commentary for § 1002.107(a)(12)(iii).
4. Bundled services. Total origination
charges include all charges imposed
directly or indirectly by the financial
institution at or before origination as an
incident to or a condition of the
extension of credit. Accordingly, a
financial institution complies with
§ 1002.107(a)(12)(ii) by including
charges for other products or services
paid at or before origination in the total
origination charges reported if the
financial institution requires the
purchase of such other product or
service as a condition of or an incident
to the extension of credit.
5. Origination charges—examples.
Examples of origination charges may
include application fees, credit report
fees, points, appraisal fees, and other
similar charges.
6. Net lender credit. If a financial
institution provides a credit to an
applicant that is greater than the total
origination charges the applicant would
have paid, the financial institution
complies with § 1002.107(a)(12)(ii) by
reporting the net lender credit as a
negative amount. For example, if a
covered transaction has $500 provided
to the applicant at origination to offset
closing costs, and the financial
institution does not charge any
origination charges, the financial
institution complies with
§ 1002.107(a)(12)(ii) by reporting
negative $500 as the total origination
charges.
107(a)(12)(iii) Broker Fees
1. Amount. A financial institution
complies with § 1002.107(a)(12)(iii) by
including the fees reported in
§ 1002.107(a)(12)(ii) that are fees paid by
the applicant directly to the broker or to
the financial institution for delivery to
the broker. For example, a covered
transaction has $3,000 of total
origination charges. Of that $3,000, $250
are fees paid by the applicant directly to
a broker and an additional $300 are fees
paid to the financial institution for
delivery to the broker. The financial
PO 00000
Frm 00403
Fmt 4701
Sfmt 4700
35551
institution complies with
§ 1002.107(a)(12)(iii) by reporting $550
in the broker fees reported.
2. Fees paid directly to a broker by an
applicant. A financial institution
complies with § 1002.107(a)(12)(iii) by
relying on the best information readily
available to the financial institution at
the time final action is taken.
Information readily available could
include, for example, information
provided by an applicant or broker that
the financial institution reasonably
believes regarding the amount of fees
paid by the applicant directly to the
broker.
107(a)(12)(iv) Initial Annual Charges
1. Charges during the initial annual
period. The total initial annual charges
include all charges scheduled to be
imposed during the initial annual
period following origination. For
example, if a financial institution
originates a covered credit transaction
with a $50 monthly fee and a $100
annual fee, the financial institution
complies with § 1002.107(a)(12)(iv) by
reporting $700 in the initial annual
charges reported. If there will be a
charge in the initial annual period
following origination but the amount of
that charge is uncertain at the time of
origination, a financial institution
complies with § 1002.107(a)(12)(iv) by
not reporting that charge as scheduled
to be imposed during the initial annual
period following origination.
2. Interest excluded. A financial
institution complies with
§ 1002.107(a)(12)(iv) by excluding any
interest expense from the initial annual
charges reported.
3. Avoidable charges. A financial
institution complies with
§ 1002.107(a)(12)(iv) by only including
scheduled charges and excluding any
charges for events that are avoidable by
the applicant from the initial annual
charges reported. Examples of avoidable
charges include charges for late
payment, for exceeding a credit limit,
for delinquency or default, or for paying
items that overdraw an account.
4. Initial annual charges—examples.
Examples of charges scheduled to be
imposed during the initial annual
period may include monthly fees,
annual fees, and other similar charges.
5. Scheduled charges with variable
amounts. A financial institution
complies with § 1002.107(a)(12)(iv) by
reporting as the default the highest
amount for a charge scheduled to be
imposed. For example, if a covered
credit transaction has a $75 monthly fee,
but the fee is reduced to $0 if the
applicant maintains an account at the
financial institution originating the
E:\FR\FM\31MYR2.SGM
31MYR2
35552
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
covered credit transaction, the financial
institution complies with
§ 1002.107(a)(12)(iv) by reporting $900
($75 × 12) in the initial annual charges
reported.
6. Transactions with a term of less
than one year. For a transaction with a
term of less than one year, a financial
institution complies with
§ 1002.107(a)(12)(iv) by reporting all
charges scheduled to be imposed during
the term of the transaction.
lotter on DSK11XQN23PROD with RULES2
107(a)(12)(v) Additional Cost for
Merchant Cash Advances or Other
Sales-Based Financing
1. Merchant cash advances. Section
1002.107(a)(12)(v) requires a financial
institution to report the difference
between the amount advanced and the
amount to be repaid for a merchant cash
advance or other sales-based financing
transaction. Thus, in a merchant cash
advance, a financial institution reports
the difference between the amount
advanced and the amount to be repaid,
using the amounts (expressed in dollars)
provided in the contract between the
financial institution and the applicant.
107(a)(12)(vi) Prepayment Penalties
1. Policies and procedures applicable
to the covered credit transaction. The
policies and procedures applicable to
the covered credit transaction include
the practices that the financial
institution follows when evaluating
applications for the specific credit type
and credit purpose requested. For
example, assume that a financial
institution’s written procedures permit
it to include prepayment penalties in
the loan agreement for its term loans
secured by non-owner occupied
commercial real estate. For such
transactions, the financial institution
includes prepayment penalties in some
loan agreements but not others. For an
application for, or origination of, a term
loan secured by non-owner occupied
commercial real estate, the financial
institution reports under
§ 1002.107(a)(12)(vi)(A) that a
prepayment penalty could have been
included under the policies and
procedures applicable to the
transaction, regardless of whether the
term loan secured by non-owner
occupied commercial real estate
actually includes a prepayment penalty.
2. Balloon finance charges. A
financial institution complies with
§ 1002.107(a)(12)(vi) by reporting as a
prepayment penalty any balloon finance
charge that may be imposed for paying
all or part of the transaction’s principal
before the date on which the principal
is due. For example, under the terms of
a transaction, the amount of funds
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
advanced is $12,000, the amount to be
repaid is $24,000 (which includes
$12,000 in principal and $12,000 in
interest and fees), the length of the
transaction is 12 months, and the
applicant must repay $2,000 per month.
The terms of the transaction state that if
the applicant prepays the principal
before the 12-month period is over, the
applicant is responsible for paying the
difference between $24,000 and the
amount the applicant has already repaid
prior to initiating prepayment. The
difference between the $24,000 to be
repaid and what the applicant has
already repaid prior to initiating
prepayment is a balloon finance charge
and should be reported as a prepayment
penalty.
107(a)(13) Census Tract
1. General. A financial institution
complies with § 1002.107(a)(13) by
reporting a census tract number as
defined by the U.S. Census Bureau,
which includes State and county
numerical codes. A financial institution
complies with § 1002.107(a)(13) if it
uses the boundaries and codes in effect
on January 1 of the calendar year
covered by the small business lending
application register that it is reporting.
The financial institution reports census
tract based on the following:
i. Proceeds address. A financial
institution complies with
§ 1002.107(a)(13) by reporting a census
tract based on the address or location
where the proceeds of the credit applied
for or originated will be or would have
been principally applied, if known. For
example, a financial institution would
report a census tract based on the
address or location of the site where the
proceeds of a construction loan will be
applied.
ii. Main office or headquarters
address. If the address or location where
the proceeds of the credit applied for or
originated will be or would have been
principally applied is unknown, a
financial institution complies with
§ 1002.107(a)(13) by reporting a census
tract number based on the address or
location of the main office or
headquarters of the applicant, if known.
For example, the address or location of
the main office or headquarters of the
applicant may be the home address of
a sole proprietor or the office address of
a sole proprietor or other applicant.
iii. Another address or location. If
neither the address or location where
the proceeds of the credit applied for or
originated will be or would have been
principally applied nor the address or
location of the main office or
headquarters of the applicant are
known, a financial institution complies
PO 00000
Frm 00404
Fmt 4701
Sfmt 4700
with § 1002.107(a)(13) by reporting a
census tract number based on another
address or location associated with the
applicant.
iv. Type of address used. In addition
to reporting the census tract, pursuant to
§ 1002.107(a)(13)(iv) a financial
institution must report which one of the
three types of addresses or locations
listed in § 1002.107(a)(13)(i) through
(iii) and described in comments
107(a)(13)–1.i through iii that the census
tract is determined from.
2. Financial institution discretion. A
financial institution complies with
§ 1002.107(a)(13) by identifying the
appropriate address or location and the
type of that address or location in good
faith, using appropriate information
from the applicant’s credit file or
otherwise known by the financial
institution. A financial institution is not
required to make inquiries beyond its
standard procedures as to the nature of
the addresses or locations it collects.
3. Address or location not provided by
applicant and otherwise undetermined.
Pursuant to § 1002.107(c), a financial
institution shall maintain procedures
reasonably designed to collect
applicant-provided data, which
includes at least one address or location
for an applicant for census tract
reporting. However, if a financial
institution is nonetheless unable to
collect or otherwise determine any
address or location for an application,
the financial institution reports that the
census tract information is ‘‘not
provided by applicant and otherwise
undetermined.’’
4. Safe harbor. As described in
§ 1002.112(c)(2) and comment 112(c)–1,
a financial institution that obtains an
incorrect census tract by correctly using
a geocoding tool provided by the FFIEC
or the Bureau does not violate the Act
or subpart B of this part.
107(a)(14) Gross Annual Revenue
1. Collecting gross annual revenue. A
financial institution reports the
applicant’s gross annual revenue,
expressed in dollars, for its fiscal year
preceding when the information was
collected. A financial institution may
rely on the applicant’s statements or on
information provided by the applicant
in collecting and reporting gross annual
revenue, even if the applicant’s
statement or information is based on
estimation or extrapolation. However,
pursuant to § 1002.107(b), if the
financial institution verifies the gross
annual revenue provided by the
applicant, it must report the verified
information. Also, pursuant to comment
107(c)(1)–5, a financial institution
reports updated gross annual revenue
E:\FR\FM\31MYR2.SGM
31MYR2
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
lotter on DSK11XQN23PROD with RULES2
data if it obtains more current data from
the applicant during the application
process. If a financial institution has
already verified gross annual revenue
data and then the applicant updates it,
the financial institution reports the
information it believes to be more
accurate, in its discretion. The financial
institution may use the following
language to ask about gross annual
revenue and may rely on the applicant’s
answer (unless subsequently verified or
updated):
What was the gross annual revenue of
the business applying for credit in its
last full fiscal year? Gross annual
revenue is the amount of money the
business earned before subtracting taxes
and other expenses. You may provide
gross annual revenue calculated using
any reasonable method.
2. Gross annual revenue not provided
by applicant and otherwise
undetermined. Pursuant to
§ 1002.107(c), a financial institution
shall maintain procedures reasonably
designed to collect applicant-provided
data, which includes the gross annual
revenue of the applicant. However, if a
financial institution is nonetheless
unable to collect or determine the gross
annual revenue of the applicant, the
financial institution reports that the
gross annual revenue is ‘‘not provided
by applicant and otherwise
undetermined.’’
3. Affiliate revenue. A financial
institution is permitted, but not
required, to report the gross annual
revenue for the applicant that includes
the revenue of affiliates as well.
Likewise, as explained in comment
106(b)(1)–3, in determining whether the
applicant is a small business under
§ 1002.106(b), a financial institution
may rely on an applicant’s
representations regarding gross annual
revenue, which may or may not include
affiliates’ revenue.
4. Gross annual revenue for a startup
business. In a typical startup business
situation where the applicant has no
gross annual revenue for its fiscal year
preceding when the information is
collected, the financial institution
reports that the applicant’s gross annual
revenue in the preceding fiscal year is
‘‘zero.’’ The financial institution shall
not report pro forma projected revenue
figures because these figures do not
reflect actual gross revenue.
107(a)(15) NAICS Code
1. General. NAICS stands for North
American Industry Classification
System. The Office of Management and
Budget has charged the Economic
Classification Policy Committee with
the maintenance and review of NAICS.
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
A financial institution complies with
§ 1002.107(a)(15) if it uses the 3-digit
NAICS subsector codes in effect on
January 1 of the calendar year covered
by the small business lending
application register that it is reporting.
2. NAICS not provided by applicant
and otherwise undetermined. Pursuant
to § 1002.107(c), a financial institution
shall maintain procedures reasonably
designed to collect applicant-provided
data, which includes NAICS code.
However, if a financial institution is
nonetheless unable to collect or
otherwise determine a NAICS code for
the applicant, the financial institution
reports that the NAICS code is ‘‘not
provided by applicant and otherwise
undetermined.’’
3. Safe harbor. As described in
§ 1002.112(c)(3) and comment 112(c)–2,
a financial institution that obtains an
incorrect NAICS code does not violate
the Act or subpart B of this part if it
either relies on an applicant’s
representations or on an appropriate
third-party source, in accordance with
§ 1002.107(b), regarding the NAICS
code, or identifies the NAICS code
itself, provided that the financial
institution maintains procedures
reasonably adapted to correctly identify
a 3-digit NAICS code.
107(a)(16) Number of Workers
1. General. A financial institution
complies with § 1002.107(a)(16) by
reporting the number of people who
work for the applicant, using the ranges
prescribed in the Filing Instructions
Guide.
2. Collecting number of workers. A
financial institution may collect number
of workers from an applicant using the
ranges for reporting as specified by the
Bureau (see comment 107(a)(16)–1) or as
a numerical value. When asking for the
number of workers from an applicant, a
financial institution shall explain that
full-time, part-time and seasonal
employees, as well as contractors who
work primarily for the applicant, would
be counted as workers, but principal
owners of the applicant would not. If
asked, the financial institution shall
explain that volunteers are not counted
as workers, and workers for affiliates of
the applicant are counted if the
financial institution were also collecting
the affiliates’ gross annual revenue. The
financial institution may use the
following language to ask about the
number of workers and may rely on the
applicant’s answer (unless subsequently
verified or updated):
Counting full-time, part-time and
seasonal workers, as well as contractors
who work primarily for the business
applying for credit, but not counting
PO 00000
Frm 00405
Fmt 4701
Sfmt 4700
35553
principal owners of the business, how
many people work for the business
applying for credit?
3. Number of workers not provided by
applicant and otherwise undetermined.
Pursuant to § 1002.107(c), a financial
institution shall maintain procedures
reasonably designed to collect
applicant-provided data, which
includes the number of workers of the
applicant. However, if a financial
institution is nonetheless unable to
collect or determine the number of
workers of the applicant, the financial
institution reports that the number of
workers is ‘‘not provided by applicant
and otherwise undetermined.’’
107(a)(17) Time in Business
1. Collecting time in business. A
financial institution complies with
§ 1002.107(a)(17) by reporting the time
the applicant has been in business.
i. If a financial institution collects or
otherwise obtains the number of years
an applicant has been in business as
part of its procedures for evaluating an
application for credit, it reports the time
in business in whole years, rounded
down to the nearest whole year.
ii. If a financial institution does not
collect time in business as described in
comment 107(a)(17)–1.i, but as part of
its procedures determines whether or
not the applicant’s time in business is
less than two years, it reports the
applicant’s time in business as either
less than two years or two or more years
in business.
iii. If a financial institution does not
collect time in business as part of its
procedures for evaluating an application
for credit as described in comments
107(a)(17)–1.i or .ii, the financial
institution complies with
§ 1002.107(a)(17) by asking the
applicant whether it has been in
existence for less than two years or two
or more years and reporting the
information provided by the applicant
accordingly.
2. Time in business collected as part
of the financial institution’s procedures
for evaluating an application for credit.
A financial institution that collects or
obtains an applicant’s time in business
as part of its procedures for evaluating
an application for credit is not required
to collect or obtain time in business
pursuant to any particular definition of
time in business for this purpose. For
example, if the financial institution
collects the number of years the
applicant has existed (such as by asking
the applicant when its business was
started, or by obtaining the applicant’s
date of incorporation from a Secretary of
State or other State or Federal agency
that registers or licenses businesses) as
E:\FR\FM\31MYR2.SGM
31MYR2
35554
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
lotter on DSK11XQN23PROD with RULES2
the time in business, the financial
institution reports that information
accordingly pursuant to comment
107(a)(17)–1.i. Similarly, if the financial
institution collects the number of years
of experience the applicant’s owners
have in the current line of business, the
financial institution reports that
information accordingly pursuant to
comment 107(a)(17)–1.i. If, however, the
financial institution collects both the
number of years the applicant has
existed as well as some other measure
of time in business (such as the number
of years of experience the applicant’s
owners have in the current line of
business), the financial institution
reports the number of years the
applicant has existed as the time in
business pursuant to comment
107(a)(17)–1.i.
3. Time in business not provided by
applicant and otherwise undetermined.
Pursuant to § 1002.107(c), a financial
institution shall maintain procedures
reasonably designed to collect
applicant-provided data, which
includes the applicant’s time in
business. However, if a financial
institution is nonetheless unable to
collect or determine the applicant’s time
in business, the financial institution
reports that the time in business is ‘‘not
provided by applicant and otherwise
undetermined.’’
107(a)(18) Minority-Owned, WomenOwned, and LGBTQI+-Owned Business
Statuses
1. General. A financial institution
must ask an applicant whether it is a
minority-owned, women-owned, and/or
LGBTQI+-owned business. The
financial institution must permit an
applicant to refuse (i.e., decline) to
answer the financial institution’s
inquiry regarding business status and
must inform the applicant that the
applicant is not required to provide the
information. See the sample data
collection form in appendix E to this
part for sample language for providing
this notice to applicants. The financial
institution must report the applicant’s
substantive response regarding each
business status, that the applicant
declined to answer the inquiry (that is,
selected an answer option of ‘‘I do not
wish to provide this information’’ or
similar), or its failure to respond to the
inquiry (that is, ‘‘not provided by
applicant’’), as applicable.
2. Definitions. When inquiring about
minority-owned, women-owned, and
LGBTQI+-owned business statuses
(regardless of whether the request is
made on a paper form, electronically, or
orally), the financial institution also
must provide the applicant with
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
definitions of the terms ‘‘minorityowned business,’’ ‘‘women-owned
business,’’ and ‘‘LGBTQI+-owned
business’’ as set forth in § 1002.102 (m),
(s) and (l), respectively. The financial
institution satisfies this requirement if it
provides the definitions as set forth in
the sample data collection form in
appendix E.
3. Combining questions. A financial
institution may combine on the same
paper or electronic data collection form
the questions regarding minorityowned, women-owned, and LGBTQI+owned business status pursuant to
§ 1002.107(a)(18) with principal owners’
ethnicity, race, and sex pursuant to
§ 1002.107(a)(19) and the applicant’s
number of principal owners pursuant to
§ 1002.107(a)(20). See the sample data
collection form in appendix E.
4. Notices. When requesting minorityowned, women-owned, and LGBTQI+owned business statuses from an
applicant, a financial institution must
inform the applicant that the financial
institution cannot discriminate on the
basis of the applicant’s minority-owned,
women-owned, or LGBTQI+-owned
business statuses, or on whether the
applicant provides its minority-owned,
women-owned, or LGBTQI+-owned
business statuses. A financial institution
must also inform the applicant that
Federal law requires it to ask for an
applicant’s minority-owned, womenowned, and LGBTQI+-owned business
statuses to help ensure that all small
business applicants for credit are treated
fairly and that communities’ small
business credit needs are being fulfilled.
A financial institution may combine
these notices regarding minority-owned,
women-owned, and LGBTQI+-owned
business statuses with the notices that a
financial institution is required to
provide when requesting principal
owners’ ethnicity, race, and sex if a
financial institution requests
information pursuant to
§ 1002.107(a)(18) and (19) in the same
data collection form or at the same time.
See the sample data collection form in
appendix E for sample language that a
financial institution may use for these
notices.
5. Maintaining the record of an
applicant’s response regarding minorityowned, women-owned, and LGBTQI+owned business statuses separate from
the application. A financial institution
must maintain the record of an
applicant’s responses to the financial
institution’s inquiry pursuant to
§ 1002.107(a)(18) separate from the
application and accompanying
information. See § 1002.111(b) and
comment 111(b)–1. If the financial
institution provides a paper or
PO 00000
Frm 00406
Fmt 4701
Sfmt 4700
electronic data collection form, the data
collection form must not be part of the
application form or any other document
that the financial institution uses to
provide or collect any information other
than minority-owned business status,
women-owned business status,
LGBTQI+-owned business status,
principal owners’ ethnicity, race, and
sex, and the number of the applicant’s
principal owners. See the sample data
collection form in appendix E. For
example, if the financial institution
sends the data collection form via email,
the data collection form should be a
separate attachment to the email or
accessed through a separate link in the
email. If the financial institution uses a
web-based data collection form, the
form should be on its own page.
6. Minority-owned, women-owned,
and/or LGBTQI+-owned business
statuses not provided by applicant.
Pursuant to § 1002.107(c), a financial
institution shall maintain procedures
reasonably designed to collect
applicant-provided data, which
includes the applicant’s minorityowned, women-owned, and LGBTQI+owned business statuses. However, if a
financial institution does not receive a
response to the financial institution’s
inquiry pursuant to § 1002.107(a)(18),
the financial institution reports that the
applicant’s business statuses were ‘‘not
provided by applicant.’’
7. Applicant declines to provide
information about minority-owned,
women-owned, and/or LGBTQI+-owned
business statuses. A financial institution
reports that the applicant responded
that it did not wish to provide the
information about an applicant’s
minority-owned, women-owned, and
LGBTQI+-owned business statuses, if
the applicant declines to provide the
information by selecting such a
response option on a paper or electronic
form (e.g., by selecting an answer option
of ‘‘I do not wish to provide this
information’’ or similar). The financial
institution also reports an applicant’s
refusal to provide such information in
this way, if the applicant orally declines
to provide such information for a
covered application taken by telephone
or another medium that does not
involve providing any paper or
electronic documents.
8. Conflicting responses provided by
applicants. If the applicant both
provides a substantive response to the
financial institution’s inquiry regarding
business status (that is, indicates that it
is a minority-owned, women-owned,
and/or LGBTQI+-owned business, or
checks ‘‘none apply’’ or similar) and
also checks the box indicating ‘‘I do not
wish to provide this information’’ or
E:\FR\FM\31MYR2.SGM
31MYR2
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
lotter on DSK11XQN23PROD with RULES2
similar, the financial institution reports
the substantive response(s) provided by
the applicant (rather than reporting that
the applicant declined to provide the
information).
9. No verification of business statuses.
Notwithstanding § 1002.107(b), a
financial institution must report the
applicant’s substantive response(s), that
the applicant declined to answer the
inquiry (that is, selected an answer
option of ‘‘I do not wish to provide this
information’’ or similar), or the
applicant’s failure to respond to the
inquiry (that is, that the information was
‘‘not provided by applicant’’) pursuant
to § 1002.107(a)(18), even if the
financial institution verifies or
otherwise obtains an applicant’s
minority-owned, women-owned, and/or
LGBTQI+-owned business statuses for
other purposes. For example, if a
financial institution uses a paper data
collection form to ask an applicant if it
is a minority-owned business, a womenowned business, and/or an LGBTQI+owned business and the applicant does
not indicate that it is a minority-owned
business, the financial institution must
not report that the applicant is a
minority-owned business, even if the
applicant indicates that it is a minorityowned business for other purposes,
such as for a special purpose credit
program or a Small Business
Administration program.
107(a)(19) Ethnicity, Race, and Sex of
Principal Owners
1. General. A financial institution
must ask an applicant to provide its
principal owners’ ethnicity, race, and
sex. The financial institution must
permit an applicant to refuse (i.e.,
decline) to answer the financial
institution’s inquiry and must inform
the applicant that it is not required to
provide the information. See the sample
data collection form in appendix E to
this part for sample language for
providing this notice to applicants. The
financial institution must report the
applicant’s substantive responses
regarding principal owners’ ethnicity,
race, and sex, that the applicant
declined to answer an inquiry (that is,
selected an answer option of ‘‘I do not
wish to provide this information’’ or
similar), or its failure to respond to an
inquiry (that is, ‘‘not provided by
applicant’’), as applicable. The financial
institution must report an applicant’s
responses about its principal owners’
ethnicity, race, and sex, regardless of
whether an applicant declines or fails to
answer an inquiry about the number of
its principal owners under
§ 1002.107(a)(20). If an applicant
provides some, but not all, of the
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
requested information about the
ethnicity, race, and sex of a principal
owner, the financial institution reports
the information that was provided by
the applicant and reports that the
applicant declined to provide or did not
provide (as applicable) the remainder of
the information. See comments
107(a)(19)–6 and –7.
2. Definition of principal owner.
When requesting a principal owner’s
ethnicity, race, and sex, the financial
institution must also provide the
applicant with the definition of the term
‘‘principal owner’’ as set forth in
§ 1002.102(o). The financial institution
satisfies this requirement if it provides
the definition of principal owner as set
forth in the sample data collection form
in appendix E.
3. Combining questions. A financial
institution may combine on the same
paper or electronic data collection form
the questions regarding the principal
owners’ ethnicity, race, and sex
pursuant to § 1002.107(a)(19) with the
applicant’s number of principal owners
pursuant to § 1002.107(a)(20) and the
applicant’s minority-owned, womenowned, and LGBTQI+-owned business
statuses pursuant to § 1002.107(a)(18).
See the sample data collection form in
appendix E.
4. Notices. When requesting a
principal owner’s ethnicity, race, and
sex from an applicant, a financial
institution must inform the applicant
that the financial institution cannot
discriminate on the basis of a principal
owner’s ethnicity, race, or sex/gender,
or on whether the applicant provides
the information. A financial institution
must also inform the applicant that
Federal law requires it to ask for the
principal owners’ ethnicity, race, and
sex/gender to help ensure that all small
business applicants for credit are treated
fairly and that communities’ small
business credit needs are being fulfilled.
A financial institution may combine
these notices with the similar notices
that a financial institution is required to
provide when requesting minorityowned business status, women-owned
business status, and LGBTQI+-owned
business status, if a financial institution
requests information pursuant to
§ 1002.107(a)(18) and (19) in the same
data collection form or at the same time.
See the sample data collection form in
appendix E for sample language that a
financial institution may use for these
notices.
5. Maintaining the record of an
applicant’s responses regarding
principal owners’ ethnicity, race, and
sex separate from the application. A
financial institution must maintain the
record of an applicant’s response to the
PO 00000
Frm 00407
Fmt 4701
Sfmt 4700
35555
financial institution’s inquiries pursuant
to § 1002.107(a)(19) separate from the
application and accompanying
information. See § 1002.111(b) and
comment 111(b)–1. If the financial
institution provides a paper or
electronic data collection form, the data
collection form must not be part of the
application form or any other document
that the financial institution uses to
provide or collect any information other
than minority-owned business status,
women-owned business status,
LGBTQI+-owned business status,
principal owners’ ethnicity, race, and
sex, and the number of the applicant’s
principal owners. See the sample data
collection form in appendix E for
sample language. For example, if the
financial institution sends the data
collection form via email, the data
collection form should be a separate
attachment to the email or accessed
through a separate link in the email. If
the financial institution uses a webbased data collection form, the form
should be on its own page.
6. Ethnicity, race, or sex of principal
owners not provided by applicant.
Pursuant to § 1002.107(c), a financial
institution shall maintain procedures
reasonably designed to collect
applicant-provided data, which
includes the ethnicity, race, and sex of
an applicant’s principal owners.
However, if an applicant does not
provide the information, such as in
response to a request for a principal
owner’s ethnicity, race, or sex on a
paper or electronic data collection form,
the financial institution reports the
ethnicity, race, or sex (as applicable) as
‘‘not provided by applicant’’ for that
principal owner. For example, if the
financial institution provides a paper
data collection form to an applicant
with two principal owners, and asks the
applicant to complete and return the
form but the applicant does not do so,
the financial institution reports that the
two principal owners’ ethnicity, race,
and sex were ‘‘not provided by
applicant.’’ Similarly, if the financial
institution provides an electronic data
collection form, the applicant indicates
that it has two principal owners, the
applicant provides ethnicity, race, and
sex for the first principal owner, and the
applicant does not make any selections
for the second principal owner’s
ethnicity, race, and sex, the financial
institution reports the ethnicity, race,
and sex that the applicant provided for
the first principal owner and reports
that each of the ethnicity, race, and sex
for the second principal owner was ‘‘not
provided by applicant.’’ Additionally, if
the financial institution provides an
E:\FR\FM\31MYR2.SGM
31MYR2
lotter on DSK11XQN23PROD with RULES2
35556
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
electronic or paper data collection form,
the applicant indicates that it has one
principal owner, provides the principal
owner’s ethnicity and sex information,
but does not provide information about
the principal owner’s race and also does
not select a response of ‘‘I do not wish
to provide this information’’ with regard
to race, the financial institution reports
the ethnicity and sex provided by the
applicant and reports that the race of the
principal owner was ‘‘not provided by
applicant.’’
7. Applicant declines to provide
information about a principal owner’s
ethnicity, race, or sex. A financial
institution reports that the applicant
responded that it did not wish to
provide the information about a
principal owner’s ethnicity, race, or sex
(as applicable), if the applicant declines
to provide the information by selecting
such a response option on a paper or
electronic form (e.g., by selecting an
answer option of ‘‘I do not wish to
provide this information’’ or similar).
The financial institution also reports an
applicant’s refusal to provide such
information in this way, if the applicant
orally declines to provide such
information for a covered application
taken by telephone or another medium
that does not involve providing any
paper or electronic documents.
8. Conflicting responses provided by
applicant. If the applicant both provides
a substantive response to a request for
a principal owner’s ethnicity, race, or
sex (that is, identifies a principal
owner’s race, ethnicity, or sex) and also
checks the box indicating ‘‘I do not wish
to provide this information’’ or similar,
the financial institution reports the
information on ethnicity, race, or sex
that was provided by the applicant
(rather than reporting that the applicant
declined provide the information). For
example, if an applicant is completing
a paper data collection form and writes
in a response that a principal owner’s
sex is female and also indicates on the
form that the applicant does not wish to
provide information regarding that
principal owner’s sex, the financial
institution reports the principal owner’s
sex as female.
9. No verification of ethnicity, race,
and sex of principal owners.
Notwithstanding § 1002.107(b), a
financial institution must report the
applicant’s substantive responses as to
its principal owners’ ethnicity, race, and
sex (that is, the applicant’s
identification of its principal owners’
race, ethnicity, and sex), that the
applicant declined to answer the
inquiry (that is, selected an answer
option of ‘‘I do not wish to provide this
information’’ or similar), or the
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
applicant’s failure to respond to the
inquiry (that is, the information was
‘‘not provided by applicant’’) pursuant
to § 1002.107(a)(19), even if the
financial institution verifies or
otherwise obtains the ethnicity, race, or
sex of the applicant’s principal owners
for other purposes.
10. Reporting for fewer than four
principal owners. If an applicant has
fewer than four principal owners, the
financial institution reports ethnicity,
race, and sex information for the
number of principal owners that the
applicant has and reports the ethnicity,
race, and sex fields for additional
principal owners as ‘‘not applicable.’’
For example, if an applicant has only
one principal owner, the financial
institution reports ethnicity, race, and
sex information for the first principal
owner and reports as ‘‘not applicable’’
the ethnicity, race, and sex data fields
for principal owners two through four.
11. Previously collected ethnicity,
race, and sex information. If a financial
institution reports one or more principal
owners’ ethnicity, race, or sex
information based on previously
collected data under § 1002.107(d), the
financial institution does not need to
collect any additional ethnicity, race, or
sex information for other principal
owners (if any). See also comment
107(d)–9.
12. Guarantors. A financial institution
does not collect or report a guarantor’s
ethnicity, race, and sex unless the
guarantor is also a principal owner of
the applicant, as defined in
§ 1002.102(o).
13. Ethnicity. i. Aggregate categories.
A financial institution must permit an
applicant to provide each principal
owner’s ethnicity for purposes of
§ 1002.107(a)(19) using one or more of
the following aggregate categories:
A. Hispanic or Latino.
B. Not Hispanic or Latino.
ii. Disaggregated subcategories. A
financial institution must permit an
applicant to provide each principal
owner’s ethnicity for purposes of
§ 1002.107(a)(19) using one or more of
the following disaggregated
subcategories, regardless of whether the
applicant has indicated that the relevant
principal owner is Hispanic or Latino
and regardless of whether the applicant
selects any aggregate categories: Cuban;
Mexican; Puerto Rican; or Other
Hispanic or Latino. If an applicant
indicates that a principal owner is Other
Hispanic or Latino, the financial
institution must permit the applicant to
provide additional information
regarding the principal owner’s
ethnicity, by using free-form text on a
paper or electronic data collection form
PO 00000
Frm 00408
Fmt 4701
Sfmt 4700
or using language that informs the
applicant of the opportunity to selfidentify when taking the application by
means other than a paper or electronic
data collection form, such as by
telephone. The financial institution
must permit the applicant to provide
additional information indicating, for
example, that the principal owner is
Argentinean, Colombian, Dominican,
Nicaraguan, Salvadoran, or Spaniard.
See the sample data collection form in
appendix E for sample language. If an
applicant chooses to provide additional
information regarding a principal
owner’s ethnicity, such as by indicating
that a principal owner is Argentinean
orally or in writing on a paper or
electronic form, a financial institution
must report that additional information
via free-form text. If the applicant
provides such additional information
but does not also indicate that the
principal owner is Other Hispanic or
Latino (e.g., by selecting Other Hispanic
or Latino on a paper or electronic form),
a financial institution is permitted, but
not required, to report Other Hispanic or
Latino as well.
iii. Selecting multiple categories. The
financial institution must permit the
applicant to select one, both, or none of
the aggregate categories and as many
disaggregated subcategories as the
applicant chooses. A financial
institution must permit an applicant to
select a disaggregated subcategory even
if the applicant does not select the
corresponding aggregate category. For
example, an applicant must be
permitted to select the Mexican
disaggregated subcategory for a
principal owner without being required
to select the Hispanic or Latino
aggregate category. If an applicant
provides ethnicity information for a
principal owner, the financial
institution reports all of the aggregate
categories and disaggregated
subcategories provided by the applicant.
For example, if an applicant selects both
aggregate categories and four
disaggregated subcategories for a
principal owner, the financial
institution reports the two aggregate
categories that the applicant selected
and all four of the disaggregated
subcategories that the applicant
selected. Additionally, if an applicant
selects only the Mexican disaggregated
subcategory for a principal owner and
no aggregate categories, the financial
institution reports Mexican for the
ethnicity of the applicant’s principal
owner but does not also report Hispanic
or Latino. Further, if the applicant
selects an aggregate category (e.g., Not
Hispanic or Latino) and a disaggregated
E:\FR\FM\31MYR2.SGM
31MYR2
lotter on DSK11XQN23PROD with RULES2
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
subcategory that does not correspond to
the aggregate category (e.g., Puerto
Rican), the financial institution reports
the information as provided by the
applicant (e.g., Not Hispanic or Latino,
and Puerto Rican).
14. Race. i. Aggregate categories. A
financial institution must permit an
applicant to provide each principal
owner’s race for purposes of
§ 1002.107(a)(19) using one or more of
the following aggregate categories:
A. American Indian or Alaska Native.
B. Asian.
C. Black or African American.
D. Native Hawaiian or Other Pacific
Islander.
E. White.
ii. Disaggregated subcategories. The
financial institution must permit an
applicant to provide a principal owner’s
race for purposes of § 1002.107(a)(19)
using one or more of the disaggregated
subcategories as listed in this comment
107(a)(19)–14.ii, regardless of whether
the applicant has selected the
corresponding aggregate category.
A. The Asian aggregate category
includes the following disaggregated
subcategories: Asian Indian; Chinese;
Filipino; Japanese; Korean; Vietnamese;
and Other Asian. An applicant must
also be permitted to provide the
principal owner’s race using one or
more of these disaggregated
subcategories regardless of whether the
applicant indicates that the principal
owner is Asian and regardless of
whether the applicant selects any
aggregate categories. Additionally, if an
applicant indicates that a principal
owner is Other Asian, the financial
institution must permit the applicant to
provide additional information about
the principal owner’s race, by using
free-form text on a paper or electronic
data collection form or using language
that informs the applicant of the
opportunity to self-identify when taking
the application by means other than a
paper or electronic data collection form,
such as by telephone. The financial
institution must permit the applicant to
provide additional information
indicating, for example, that the
principal owner is Cambodian, Hmong,
Laotian, Pakistani, or Thai. See the
sample data collection form in appendix
E for sample language.
B. The Black or African American
aggregate category includes the
following disaggregated subcategories:
African American; Ethiopian; Haitian;
Jamaican; Nigerian; Somali; or Other
Black or African American. An
applicant must also be permitted to
provide the principal owner’s race using
one or more of these disaggregated
subcategories regardless of whether the
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
applicant indicates that the principal
owner is Black or African American and
regardless of whether the applicant
selects any aggregate categories.
Additionally, if an applicant indicates
that a principal owner is Other Black or
African American, the financial
institution must permit the applicant to
provide additional information about
the principal owner’s race, by using
free-form text on a paper or electronic
data collection form or using language
that informs the applicant of the
opportunity to self-identify when taking
the application by means other than a
paper or electronic data collection form,
such as by telephone. The financial
institution must permit the applicant to
provide additional information
indicating, for example, that the
principal owner is Barbadian, Ghanaian,
or South African. See the sample data
collection form in appendix E for
sample language.
C. The Native Hawaiian or Other
Pacific Islander aggregate category
includes the following disaggregated
subcategories: Guamanian or Chamorro;
Native Hawaiian; Samoan; and Other
Pacific Islander. An applicant must also
be permitted to provide the principal
owner’s race using one or more of these
disaggregated subcategories regardless
of whether the applicant indicates that
the principal owner is Native Hawaiian
or Other Pacific Islander and regardless
of whether the applicant selects any
aggregate categories. Additionally, if an
applicant indicates that a principal
owner is Other Pacific Islander, the
financial institution must permit the
applicant to provide additional
information about the principal owner’s
race, by using free-form text on a paper
or electronic data collection form or
using language that informs the
applicant of the opportunity to selfidentify when taking the application by
means other than a paper or electronic
data collection form, such as by
telephone. The financial institution
must permit the applicant to provide
additional information indicating, for
example, that the principal owner is
Fijian or Tongan. See the sample data
collection form in appendix E for
sample language.
D. If an applicant chooses to provide
additional information regarding a
principal owner’s race, such as
indicating that a principal owner is
Cambodian, Barbadian, or Fijian orally
or in writing on a paper or electronic
form, a financial institution must report
that additional information via free-form
text in the appropriate data reporting
field. If the applicant provides such
additional information but does not also
indicate that the principal owner is
PO 00000
Frm 00409
Fmt 4701
Sfmt 4700
35557
Other Asian, Other Black or African
American, or Other Pacific Islander, as
applicable (e.g., by selecting Other
Asian on a paper or electronic form), a
financial institution is permitted, but
not required, to report the
corresponding ‘‘Other’’ race
disaggregated subcategory (i.e., Other
Asian, Other Black or African American,
or Other Pacific Islander).
E. In addition to permitting an
applicant to indicate that a principal
owner is American Indian or Alaska
Native, a financial institution must
permit an applicant to provide the name
of an enrolled or principal tribe, by
using free-form text on a paper or
electronic data collection form or using
language that informs the applicant of
the opportunity to self-identify when
taking the application by means other
than a paper or electronic data
collection form, such as by telephone. If
an applicant chooses to provide the
name of an enrolled or principal tribe,
a financial institution must report that
information via free-form text in the
appropriate data reporting field. If the
applicant provides the name of an
enrolled or principal tribe but does not
also indicate that the principal owner is
American Indian or Alaska Native (e.g.,
by selecting American Indian or Alaska
Native on a paper or electronic form), a
financial institution is permitted, but
not required, to report American Indian
or Alaska Native as well.
iii. Selecting multiple categories. The
financial institution must permit the
applicant to select as many aggregate
categories and disaggregated
subcategories as the applicant chooses.
A financial institution must permit an
applicant to select one or more
disaggregated subcategories even if the
applicant does not select an aggregate
category. For example, an applicant
must be permitted to select the Chinese
disaggregated subcategory for a
principal owner without being required
to select the Asian aggregate category. If
an applicant provides race information
for a principal owner, the financial
institution reports all of the aggregate
categories and disaggregated
subcategories provided by the applicant.
For example, if an applicant selects two
aggregate categories and five
disaggregated subcategories for a
principal owner, the financial
institution reports the two aggregate
categories that the applicant selected
and the five disaggregated subcategories
that the applicant selected.
Additionally, if an applicant selects
only the Chinese disaggregated
subcategory for a principal owner, the
financial institution reports Chinese for
the race of the principal owner but does
E:\FR\FM\31MYR2.SGM
31MYR2
lotter on DSK11XQN23PROD with RULES2
35558
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
not also report that the principal owner
is Asian. Similarly, if the applicant
selects an aggregate category (e.g.,
Asian) and a disaggregated subcategory
that does not correspond to the
aggregate category (e.g., Native
Hawaiian), the financial institution
reports the information as provided by
the applicant (e.g., Asian and Native
Hawaiian).
15. Sex. Generally, a financial
institution must permit an applicant to
provide each principal owner’s sex for
purposes of § 1002.107(a)(19). When
requesting information about a principal
owner’s sex, a financial institution shall
use the term ‘‘sex/gender.’’ If the
financial institution uses a paper or
electronic data collection form to collect
the information, the financial institution
must allow the applicant to provide
each principal owner’s sex/gender using
free-form text. When a financial
institution collects the information
orally, such as by telephone, the
financial institution must inform the
applicant of the opportunity to provide
each principal owner’s sex/gender and
record the applicant’s response. A
financial institution reports the
substantive information provided by the
applicant (reported via free-form text in
the appropriate data reporting field), or
reports that the applicant declined to
provide the information.
16. Ethnicity and race information
requested orally. As described in
comments 107(a)(19)–13 and –14, when
collecting principal owners’ ethnicity
and race pursuant to § 1002.107(a)(19),
a financial institution must present the
applicant with the specified aggregate
categories and disaggregated
subcategories. When collecting ethnicity
and race information orally, such as by
telephone, a financial institution may
not present the applicant with the
option to decline to provide the
information without also presenting the
applicant with the specified aggregate
categories and disaggregated
subcategories.
i. Ethnicity and race categories.
Notwithstanding comments 107(a)(19)–
13 and –14, a financial institution is not
required to read aloud every
disaggregated subcategory when
collecting ethnicity and race
information orally, such as by
telephone. Rather, the financial
institution must orally present the lists
of aggregate ethnicity and race
categories, followed by the
disaggregated subcategories (if any)
associated with the aggregate categories
selected by the applicant or which the
applicant requests to be presented. After
the applicant makes any disaggregated
category selections associated with the
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
aggregate ethnicity or race category, the
financial institution must also ask if the
applicant wishes to hear the lists of
disaggregated subcategories for any
aggregate categories not selected by the
applicant. The financial institution must
record any aggregate categories selected
by the applicant, as well as any
disaggregated subcategories regardless
of whether such subcategories were
selected based on the disaggregated
subcategories read by the financial
institution or were otherwise provided
by the applicant.
ii. More than one principal owner. If
an applicant has more than one
principal owner, the financial
institution is permitted to ask about
ethnicity and race in a manner that
reduces repetition when collecting
ethnicity and race information orally,
such as by telephone. For example, if an
applicant has two principal owners, the
financial institution may ask for both
principal owners’ ethnicity at the same
time, rather than asking about ethnicity,
race, and sex for the first principal
owner followed by ethnicity, race, and
sex for the second principal owner.
107(a)(20) Number of Principal Owners
1. General. If the financial institution
asks the applicant to provide the
number of its principal owners pursuant
to § 1002.107(a)(20), a financial
institution must provide the definition
of principal owner set forth in
§ 1002.102(o). The financial institution
satisfies this requirement if it provides
the definition of principal owner as set
forth in the sample data collection form
in appendix E.
2. Number of principal owners
provided by applicant; verification of
number of principal owners. The
financial institution may rely on
statements or information provided by
the applicant in collecting and reporting
the number of the applicant’s principal
owners. However, pursuant to
§ 1002.107(b), if the financial institution
verifies the number of principal owners
provided by the applicant, it must
report the verified information.
3. Number of principal owners not
provided by applicant and otherwise
undetermined. Pursuant to
§ 1002.107(c), a financial institution
shall maintain procedures reasonably
designed to collect applicant-provided
data, which includes the number of
principal owners of the applicant.
However, if a financial institution is
nonetheless unable to collect or
otherwise determine the applicant’s
number of principal owners, the
financial institution reports that the
number of principal owners is ‘‘not
PO 00000
Frm 00410
Fmt 4701
Sfmt 4700
provided by applicant and otherwise
undetermined.’’
107(b) Reliance on and Verification of
Applicant-Provided Data
1. Reliance on information provided
by an applicant or appropriate thirdparty sources. A financial institution
may rely on statements made by an
applicant (whether made in writing or
orally) or information provided by an
applicant when compiling and reporting
data pursuant to subpart B of this part
for applicant-provided data; the
financial institution is not required to
verify those statements or that
information. However, if the financial
institution does verify applicant
statements or information for its own
business purposes, such as statements
relating to gross annual revenue or time
in business, the financial institution
reports the verified information.
Depending on the circumstances and
the financial institution’s procedures,
certain applicant-provided data can be
collected from appropriate third-party
sources without a specific request from
the applicant, and such information
may also be relied on. For example,
gross annual revenue or NAICS code
may be collected from tax return
documents; a financial institution may
also collect an applicant’s NAICS code
using third-party sources such as
business information products.
Applicant-provided data are the data
that are or could be provided by the
applicant, including § 1002.107(a)(5)
through (7) and (13) through (20). See
comment 107(c)(1)–3. In regard to
restrictions on verification of minorityowned, women-owned, and LGBTQI+owned business statuses, and principal
owners’ ethnicity, race, and sex, see
comments 107(a)(18)–9 and 107(a)(19)–
9.
107(c) Time and Manner of Collection
107(c)(1) In General
1. Procedures. The term ‘‘procedures’’
refers to the actual practices followed by
a financial institution as well as its
stated procedures. For example, if a
financial institution’s stated procedure
is to collect applicant-provided data on
or with a paper application form, but
employees encourage applicants to skip
the page that asks whether the applicant
is a minority-owned business, a womenowned business, or an LGBTQI+-owned
business under § 1002.107(a)(18), the
financial institution’s procedures are
not reasonably designed to obtain a
response.
2. Latitude to design procedures. A
financial institution has flexibility to
establish procedures concerning the
E:\FR\FM\31MYR2.SGM
31MYR2
lotter on DSK11XQN23PROD with RULES2
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
timing and manner in which it collects
applicant-provided data that work best
for its particular lending model and
product offerings, provided those
procedures are reasonably designed to
collect the applicant-provided data in
§ 1002.107(a), as required pursuant to
§ 1002.107(c)(1), and where applicable
comply with the minimum
requirements set forth in
§ 1002.107(c)(2).
3. Applicant-provided data.
Applicant-provided data are the data
that are or could be provided by the
applicant, including § 1002.107(a)(5)
(credit type), § 1002.107(a)(6) (credit
purpose), § 1002.107(a)(7) (amount
applied for), § 1002.107(a)(13) (address
or location for purposes of determining
census tract), § 1002.107(a)(14) (gross
annual revenue), § 1002.107(a)(15)
(NAICS code, or information about the
business such that the financial
institution can determine the
applicant’s NAICS code),
§ 1002.107(a)(16) (number of workers),
§ 1002.107(a)(17) (time in business),
§ 1002.107(a)(18) (minority-owned
business status, women-owned business
status, and LGBTQI+-owned business
status), § 1002.107(a)(19) (ethnicity,
race, and sex of the applicant’s principal
owners), and § 1002.107(a)(20) (number
of principal owners). Applicantprovided data do not include data that
are generated or supplied only by the
financial institution, including
§ 1002.107(a)(1) (unique identifier),
§ 1002.107(a)(2) (application date),
§ 1002.107(a)(3) (application method),
§ 1002.107(a)(4) (application recipient),
§ 1002.107(a)(8) (amount approved or
originated), § 1002.107(a)(9) (action
taken), § 1002.107(a)(10) (action taken
date), § 1002.107(a)(11) (denial reasons),
§ 1002.107(a)(12) (pricing information),
and § 1002.107(a)(13) (census tract,
based on address or location provided
by the applicant).
4. Collecting applicant-provided data
without a direct request to the
applicant. Depending on the
circumstances and the financial
institution’s procedures, certain
applicant-provided data can be
collected without a direct request to the
applicant. For example, credit type may
be collected based on the type of
product chosen by the applicant.
Similarly, a financial institution may
rely on appropriate third-party sources
to collect certain applicant-provided
data. See § 1002.107(b) concerning the
use of third-party sources.
5. Data updated by the applicant. A
financial institution reports updated
data if it obtains more current data from
the applicant during the application
process. For example, if an applicant
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
states its gross annual revenue for the
preceding fiscal year was $3 million, but
then the applicant notifies the financial
institution that its revenue in the
preceding fiscal year was actually $3.2
million, the financial institution reports
gross annual revenue of $3.2 million.
For reporting verified applicantprovided data, see § 1002.107(b) and
comment 107(b)–1. If a financial
institution has already verified data and
then the applicant updates it, the
financial institution reports the
information it believes to be more
accurate, in its discretion. If a financial
institution receives updates from the
applicant after the application process
has closed (for example, after closing or
account opening), the financial
institution may, at its discretion, update
the data at any time prior to reporting
the covered application to the Bureau.
107(c)(2) Applicant-Provided Data
Collected Directly From the Applicant
1. In general. Whether a financial
institution’s procedures are reasonably
designed to collect applicant-provided
data is a fact-based determination and
may depend on the financial
institution’s particular lending model,
product offerings, and other
circumstances; procedures that are
reasonably designed to obtain a
response may therefore require
additional provisions beyond the
minimum criteria set forth in
§ 1002.107(c)(2). In general, reasonably
designed procedures will seek to
maximize collection of applicantprovided data and minimize missing or
erroneous data. While the requirements
of § 1002.107(c)(2) do not apply to
applicant-provided data that a financial
institution obtains without a direct
request to the applicant, as explained in
comment 107(c)(1)–4, in such instances,
a covered financial institution must still
comply with § 1002.107(c)(1).
2. Specific components. i. Timing of
initial collection attempt. While a
financial institution has some flexibility
concerning when applicant-provided
data is are collected, under no
circumstances may the initial request
for applicant-provided data occur
simultaneous with or after notifying an
applicant of final action taken on a
covered application. Generally, the
earlier in the application process the
financial institution initially seeks to
collect applicant-provided data, the
more likely the timing of collection is
reasonably designed to obtain a
response.
ii. The request for applicant-provided
data is prominently displayed or
presented. Pursuant to
§ 1002.107(c)(2)(ii), a financial
PO 00000
Frm 00411
Fmt 4701
Sfmt 4700
35559
institution must ensure an applicant
actually sees, hears, or is otherwise
presented with the request for
applicant-provided data. If an applicant
is likely to overlook or miss a request for
applicant-provided data, the financial
institution does not have reasonably
designed procedures. Similarly, a
financial institution also does not have
reasonably designed procedures if it
obscures, prevents, or inhibits an
applicant from accessing or reviewing a
request for applicant-provided data.
iii. The collection does not have the
effect of discouraging an applicant from
responding to a request for applicantprovided data. A. A covered financial
institution avoids discouraging a
response by, for example,
communicating to the applicant that the
collection of applicant-provided data is
worthy of the applicant’s attention or is
as important as information collected in
connection with the financial
institution’s creditworthiness
determination. In contrast, a covered
financial institution that collects
applicant-provided data in a time or
manner that directly or indirectly
discourages or obstructs an applicant
from responding or providing a
particular response violates
§ 1002.107(c)(2)(iii). For example, a
financial institution may not discourage
a response to inquiries regarding the
demographic data pursuant to
§ 1002.107(a)(18) and (19) by
communicating to the applicant that the
request is unimportant, encouraging the
applicant to bypass the form altogether,
or attempting to influence or alter the
applicant’s preferred response.
B. A covered financial institution also
avoids discouraging a response by
requiring an applicant to provide a
response to one or more requests for
applicant-provided data in order to
proceed with a covered application,
including, as applicable, a response of
‘‘I do not wish to provide this
information’’ or similar. (As described
in comments 107(a)(18)–1 and
107(a)(19)–1, a financial institution
must permit an applicant to decline to
provide the demographic data required
by § 1002.107(a)(18) and (19), which can
be satisfied by providing a response
option of ‘‘I do not wish to provide this
information’’ or similar.) For example,
in an electronic application, a financial
institution may require the applicant to
either make a substantive selection
about a principal owner’s ethnicity,
race, or sex, select an option of ‘‘I do not
wish to provide this information’’ or
similar, or indicate there are no
principal owners before allowing the
applicant to proceed to the next page of
requested information.
E:\FR\FM\31MYR2.SGM
31MYR2
lotter on DSK11XQN23PROD with RULES2
35560
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
iv. The applicant can easily provide a
response. Pursuant to
§ 1002.107(c)(2)(iv), a financial
institution must structure the request for
information in a manner that makes it
easy for the applicant to provide a
response. For example, a financial
institution requests applicant-provided
data in the same format as other
information required for the covered
application, provides applicants
multiple methods to provide or return
applicant-provided data (for example,
on a written form, through a web portal,
or through other means), or provides the
applicant some other type of
straightforward and seamless method to
provide a response. Conversely, a
financial institution must avoid
imposing unnecessary burden on an
applicant to provide the information
requested or requiring the applicant to
take steps that are inconsistent with the
rest of its application process. For
example, a financial institution does not
have reasonably designed procedures if
it collects application information
related to its own creditworthiness
determination in electronic form, but
mails a paper form to the applicant
initially seeking the data required under
§ 1002.107(a) that the financial
institution does not otherwise need for
its creditworthiness determination and
requiring the applicant to mail it back.
On the other hand, a financial
institution complies with
§ 1002.107(c)(2)(iv) if, at its discretion, it
requests the applicant to respond to
inquiries made pursuant to
§ 1002.107(a)(18) and (19) through a
reasonable method intended to keep the
applicant’s responses discrete and
protected from view.
v. Multiple requests for applicantprovided data. A financial institution is
permitted, but not required, to make
more than one attempt to obtain
applicant-provided data if the applicant
does not respond to an initial request.
For example, if an applicant initially
does not respond when asked early in
the application process (before notifying
the applicant of final action taken on the
application, pursuant to
§ 1002.107(c)(2)(i)) to inquiries made
pursuant to § 1002.107(a)(18) and (19), a
financial institution may request this
information again, for example, during a
subsequent in-person meeting with the
applicant or after notifying the applicant
of final action taken on the covered
application.
107(c)(3) Procedures To Monitor
Compliance
1. Procedures to identify and respond
to indicia of potential discouragement,
including low response rates. Section
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
1002.107(c)(3) requires a covered
financial institution to maintain
procedures designed to identify and
respond to indicia of potential
discouragement, including low response
rates for applicant-provided data. In
general, these include monitoring for
low response rates (i.e., the percentage
of covered applications for which the
financial institution has obtained some
type of response to requests for
applicant-provided data, including, as
applicable, an applicant response of ‘‘I
do not wish to provide this
information’’ or similar); monitoring for
significant irregularities in any
particular response that may indicate
steering, improper interference, or other
potential discouragement or obstruction
of applicants’ preferred responses;
monitoring response rates and responses
by division, location, loan officer, or
other factors to ensure that no
discouragement or improper conduct is
occurring in some parts of a financial
institution, even if the financial
institution maintains adequate response
rates and responses overall; providing
adequate training to loan officers and
other persons involved in collecting
applicant-provided data; promptly
investigating any indicia of potential
discouragement; and taking prompt
remedial action if discouragement or
other improper conduct is identified.
107(c)(4) Low Response Rates
1. In general. A low response rate for
applicant-provided data may indicate
that the financial institution has
engaged in discouragement or otherwise
failed to maintain reasonably designed
procedures. Response rate generally
refers to whether the financial
institution has obtained some type of
response to requests for applicantprovided data (including, as applicable,
an applicant response of ‘‘I do not wish
to provide this information’’ or similar).
A response rate may be measured, as
appropriate, as compared to financial
institutions of a similar size, type, and/
or geographic reach, or other factors, as
appropriate. Similarly, significant
irregularities in a particular response
(for example, very high rates of an
applicant response of ‘‘I do not wish to
provide this information’’ or similar)
may also indicate that a financial
institution does not have reasonably
designed procedures, for example,
because of steering, improper
interference, or other potential
discouragement or obstruction of
applicants’ preferred responses.
Response rates may be relevant across
all applicant-provided data, though are
particularly relevant for the collection of
the demographic data pursuant to
PO 00000
Frm 00412
Fmt 4701
Sfmt 4700
§ 1002.107(a)(18) and (19) given the
heightened sensitivity of these inquiries
and the importance of those data to the
purposes of subpart B.
107(d) Previously Collected Data
1. In general. A financial institution
may, for the purpose of reporting such
data pursuant to § 1002.109, reuse
certain previously collected data if the
requirements of § 1002.107(d) are met.
In that circumstance, a financial
institution need not seek to collect the
data anew in connection with a
subsequent covered application to
satisfy the requirements of this subpart.
For example, if an applicant applies for
and is granted a term loan, and then
subsequently applies for a credit card in
the same calendar year, the financial
institution need not request again the
data specified in § 1002.107(d).
Similarly, if an applicant applies for
more than one covered credit
transaction at one time, a financial
institution need only ask once for the
data specified in § 1002.107(d).
2. Data that can be reused. Subject to
the requirements of § 1002.107(d), a
financial institution may reuse the
following data: § 1002.107(a)(13)
(address or location for purposes of
determining census tract),
§ 1002.107(a)(14) (gross annual revenue)
(subject to comment 107(d)–7),
§ 1002.107(a)(15) (NAICS code),
§ 1002.107(a)(16) (number of workers),
§ 1002.107(a)(17) (time in business)
(subject to comment 107(d)–8),
§ 1002.107(a)(18) (minority-owned
business status, women-owned business
status, and LGBTQI+-owned business
status) (subject to comment 107(d)–9),
§ 1002.107(a)(19) (ethnicity, race, and
sex of applicant’s principal owners)
(subject to comment 107(d)–9), and
§ 1002.107(a)(20) (number of principal
owners). A financial institution is not,
however, permitted to reuse other data,
such as § 1002.107(a)(6) (credit
purpose).
3. Previously reported data without a
substantive response. Data have not
been ‘‘previously collected’’ within the
meaning of § 1002.107(d) if the
applicant did not provide a substantive
response to the financial institution’s
request for that data and the financial
institution was not otherwise able to
obtain the requested data (for example,
from the applicant’s credit report, or tax
returns).
4. Updated data. If, after the
application process has closed on a
prior covered application, a financial
institution obtains updated information
relevant to the data required to be
collected and reported pursuant to
§ 1002.107(a)(13) through (20), and the
E:\FR\FM\31MYR2.SGM
31MYR2
lotter on DSK11XQN23PROD with RULES2
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
applicant subsequently submits a new
covered application, the financial
institution must use the updated
information in connection with the new
covered application (if the requirements
of § 1002.107(d) are otherwise met) or
seek to collect the data again. For
example, if a business notifies a
financial institution of a change of
address of its sole business location, and
subsequently submits a covered
application within the time period
specified in § 1002.107(d)(1) for reusing
previously collected data, the financial
institution must report census tract
based on the updated information. In
that circumstance, the financial
institution may still reuse other
previously collected data to satisfy
§ 1002.107(a)(14) through (20) if the
requirements of § 1002.107(d) are met.
5. Collection within the preceding 36
months. Pursuant to § 1002.107(d)(1),
data can be reused to satisfy
§ 1002.107(a)(13) and (15) through (20)
if they are collected within the
preceding 36 months. A financial
institution may measure the 36-month
period from the date of final action
taken (§ 1002.107(a)(9)) on a prior
application to the application date
(§ 1002.107(a)(2)) on a subsequent
application. For example, if a financial
institution takes final action on an
application on February 1, 2025, it may
reuse certain previously collected data
pursuant to § 1002.107(d)(1) for
subsequent covered applications dated
or received by the financial institution
through January 31, 2028.
6. Reason to believe data are
inaccurate. Whether a financial
institution has reason to believe data are
inaccurate pursuant to § 1002.107(d)(2)
depends on the particular facts and
circumstances. For example, a financial
institution may have reason to believe
data on the applicant’s minority-owned
business status, women-owned business
status, and LGBTQI+-owned business
status may be inaccurate if it knows that
the applicant has had a change in
ownership or a change in an owner’s
percentage of ownership.
7. Collection of gross annual revenue
in the same calendar year. Pursuant to
§ 1002.107(d)(1), gross annual revenue
information can be reused to satisfy
§ 1002.107(a)(14) provided it is
collected in the same calendar year as
the current covered application, as
measured from the application date. For
example, if an application is received
and gross annual revenue is collected in
connection with a covered application
in one calendar year, but then final
action was taken on the application in
the following calendar year, the data
may only be reused for the calendar year
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
in which it was collected and not the
calendar year in which final action was
taken on the application. However, if an
application is received and gross annual
revenue is collected in connection with
a covered application in one calendar
year, a financial institution may reuse
that data pursuant to § 1002.107(d) in a
subsequent application initiated in the
same calendar year, even if final action
was taken on the subsequent application
in the following calendar year.
8. Time in business. A financial
institution that decides to reuse
previously collected data to satisfy
§ 1002.107(a)(17) (time in business)
must update the data to reflect the
passage of time since the data were
collected. If a financial institution only
knows that the applicant had been in
business less than two years at the time
the data was initially collected, as
described in comment 107(a)(17)–1.ii or
iii, it updates the data based on the
assumption that the applicant had been
in business for 12 months at the time of
the prior collection. For example:
i. If a financial institution previously
collected data on a prior covered
application that the applicant has been
in business for four years, and then
seeks to reuse that data for a subsequent
covered application submitted one year
later, it must update the data to reflect
that the applicant has been in business
for five years.
ii. If a financial institution previously
collected data on a prior covered
application that the applicant had been
in business less than two years (and was
not aware of the business’s actual length
of time in business at the time), and
then seeks to reuse that data for a
subsequent covered application
submitted 18 months later, the financial
institution reports time in business on
the subsequent covered application as
over two years in business.
9. Minority-owned business status,
women-owned business status,
LGBTQI+-owned business status, and
principal owners’ ethnicity, race, and
sex. A financial institution may not
reuse data to satisfy § 1002.107(a)(18)
and (19) unless the data were collected
in connection with a prior covered
application pursuant to this subpart B.
If the financial institution previously
asked the applicant to provide its
minority-owned business status,
women-owned business status, and
LGBTQI+-owned business status, and
principal owners’ ethnicity, race, and
sex for purposes of § 1002.107(a)(18)
and (19), and the applicant declined to
provide the information (such as by
selecting ‘‘I do not wish to provide this
information’’ or similar on a data
collection form or by telling the
PO 00000
Frm 00413
Fmt 4701
Sfmt 4700
35561
financial institution that it did not wish
to provide the information), the
financial institution may use that
response when reporting data for a
subsequent application pursuant to
§ 1002.107(d). However, if the applicant
failed to respond (such as by leaving the
response to the question blank or by
failing to return a data collection form),
the financial institution must inquire
about the applicant’s minority-owned
business status, women-owned business
status, LGBTQI+-owned business status,
and principal owners’ ethnicity, race, or
sex, as applicable, in connection with a
subsequent application because the data
were not previously obtained. See also
comment 107(a)(19)–11 concerning
previously collected ethnicity, race, and
sex information.
Section 1002.108—Firewall
108(a) Definitions
1. Involved in making any
determination concerning a covered
application from a small business. i.
General. An employee or officer is
involved in making a determination
concerning a covered application from a
small business for purposes of
§ 1002.108 if the employee or officer
makes, or otherwise participates in, a
decision regarding the evaluation of a
covered application from a small
business or the creditworthiness of a
small business applicant for a covered
credit transaction. This includes, but is
not limited to, employees and officers
serving as underwriters. The decision
that an employee or officer makes or
participates in must be about a specific
covered application or about the
creditworthiness of a specific applicant.
An employee or officer is not involved
in making a determination concerning a
covered application if the employee or
officer is only involved in making a
decision that affects covered
applications generally, or if the
employee or officer only interacts with
small businesses prior to them
becoming applicants or submitting an
application. An employee or officer may
be participating in a determination
concerning a covered application even if
the employee or officer is not the
ultimate decision maker or the sole
decision maker. For example, an
employee participates in a
determination concerning a covered
application if the employee
recommends that another employee or
officer approve or deny the application.
Similarly, an employee or officer
participates in a determination
concerning a covered application if the
employee or officer is part of a larger
group, such as a committee, that makes
E:\FR\FM\31MYR2.SGM
31MYR2
lotter on DSK11XQN23PROD with RULES2
35562
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
a determination concerning a covered
application. For example, an employee
participates in a decision if the
employee is a member of a committee
that approves the terms offered to an
applicant for a covered application. This
is true even if the employee does not
support the committee’s ultimate
decision regarding the terms offered.
Conversely, an employee or officer does
not participate in a determination
concerning a covered application if the
employee or officer only performs
ministerial functions for the committee,
such as recording the minutes, or if the
committee does not make a
determination concerning a specific
covered application.
ii. Examples of activities that do not
constitute being involved in making a
determination concerning a covered
application from a small business. The
following are examples of activities that
do not constitute being involved in
making a determination concerning a
covered application:
A. Developing policies and
procedures, designing or programming
computer or other systems, or
conducting marketing.
B. Discussing credit products, loan
terms, or loan requirements with a small
business before it submits a covered
application.
C. Making or participating in a
decision after the financial institution
has taken final action on the covered
application, such as a decision about
servicing or collecting a covered credit
transaction.
D. Using a check box form to confirm
whether an applicant has submitted all
necessary documents or handling a
minor or clerical matter during the
application process, such as suggesting
or selecting a time for an appointment
with an applicant.
E. Gathering information (including
information collected pursuant to
§ 1002.107(a)(18) or (19)) and
forwarding the information or a covered
application to other individuals or
entities.
F. Reviewing previously collected
data to determine if it can be reused for
a later covered application pursuant to
§ 1002.107(d).
iii. Examples of activities that
constitute being involved in making a
determination concerning a covered
application from a small business. The
following are examples of activities
(done individually or as part of a group)
that constitute being involved in making
a determination concerning a covered
application:
A. Making or participating in a
decision to approve or deny a specific
covered application. This includes, but
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
is not limited to, making or participating
in a decision that an applicant does not
satisfy one or more of the requirements
for the covered credit transaction for
which it has applied.
B. Making or participating in a
decision regarding the reason(s) for
denial of a covered application.
C. Making or participating in a
decision that a guarantor or collateral is
required in order to approve a specific
covered application.
D. Making or participating in a
decision regarding the credit amount or
credit limit that will be approved for a
specific covered application.
E. Making or participating in a
decision to set one or more of the other
terms that will be offered for a specific
covered credit transaction. This
includes, but is not limited to, making
or participating in a decision regarding
the interest rate, the loan term, or the
payment schedule that will be offered
for a specific covered credit transaction.
F. Making or participating in a
decision regarding a counteroffer made
to a specific applicant, including a
decision regarding the terms of such a
counteroffer.
G. Recommending that another
decision maker approve or deny a
specific covered application, provide a
specific reason for denying a covered
application, require a guarantor or
collateral in order to approve a covered
application, approve a credit amount or
credit limit for a covered credit
transaction, set one or more other terms
for a covered credit transaction, make a
counteroffer regarding a covered
application, or set a specific term for
such a counteroffer.
2. Should have access. i. General. A
financial institution may determine that
an employee or officer who is involved
in making a determination concerning a
covered application from a small
business should have access to
information otherwise subject to the
prohibition in § 1002.108(b) if that
employee or officer is assigned one or
more job duties that may require the
employee or officer to collect, see,
consider, refer to, or otherwise use
information subject to the prohibition in
§ 1002.108(b). If the employee or officer
might need to collect, see, consider,
refer to, or use such information to
perform the employee’s or officer’s
assigned job duties, the financial
institution may determine that the
employee or officer should have access.
For example, if a loan officer is involved
in making a determination concerning a
covered application and that loan
officer’s job description or the financial
institution’s policies and procedures
state that the loan officer may need to
PO 00000
Frm 00414
Fmt 4701
Sfmt 4700
collect information pursuant to
§ 1002.107(a)(18) or (19), the financial
institution may determine that the loan
officer should have access.
ii. When a group of employees or
officers should have access. A financial
institution may determine that all
employees or officers with the same job
description or assigned duties should
have access for purposes of § 1002.108.
For example, if a job description, a
policy, a procedure, or another
document states that a loan officer may
have to collect or explain any part of a
data collection form that includes the
inquiries described in § 1002.107(a)(18)
and (19), the financial institution may
determine that all employees and
officers who have been assigned the
position of loan officer should have
access for purposes of § 1002.108.
iii. Making a determination regarding
who should have access. A financial
institution is permitted to choose what
lawful factors it will consider when
determining whether an employee or
officer should have access. A financial
institution’s determination that an
employee or officer should have access
may take into account relevant
operational factors and lawful business
practices. For example, a financial
institution may consider its size, the
number of employees and officers
within the relevant line of business or
at a particular branch or office location,
and/or the number of covered
applications the financial institution has
received or expects to receive.
Additionally, a financial institution may
consider its current or its reasonably
anticipated staffing levels, operations,
systems, processes, policies, and
procedures. A financial institution is
not required to hire additional staff,
upgrade its systems, change its lending
or operational processes, or revise its
policies or procedures for the sole
purpose of limiting who should have
access.
108(b) Prohibition on Access to Certain
Information
1. Scope of persons subject to the
prohibition. The prohibition in
§ 1002.108(b) applies to an employee or
officer of a covered financial institution
or its affiliate if the employee or officer
is involved in making any
determination concerning a covered
application from a small business. For
example, if a financial institution is
affiliated with company B and an
employee of company B is involved in
making a determination concerning a
covered application on behalf of the
financial institution, then the financial
institution must comply with § 1002.108
with regard to company B’s employee.
E:\FR\FM\31MYR2.SGM
31MYR2
lotter on DSK11XQN23PROD with RULES2
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
Section 1002.108 does not require a
financial institution to limit the access
of employees and officers of third
parties who are not affiliates of the
financial institution.
2. Scope of information that cannot be
accessed when the prohibition applies
to an employee or officer. i. Information
that cannot be accessed when the
prohibition applies. If a particular
employee or officer is involved in
making a determination concerning a
covered application from a small
business, the prohibition in
§ 1002.108(b) only limits that
employee’s or officer’s access to that
small business applicant’s responses to
the inquiries that the covered financial
institution makes to satisfy
§ 1002.107(a)(18) and (19). For example,
if a financial institution uses a paper
data collection form to request
information pursuant to
§ 1002.107(a)(18) and (19), an employee
or officer that is subject to the
prohibition is not permitted access to
the paper data collection form that
contains the applicant’s responses to the
inquiries made pursuant to pursuant to
§ 1002.107(a)(18) and (19), or to any
other record that identifies how the
particular applicant responded to those
inquires. Similarly, if a financial
institution makes the inquiries required
pursuant to § 1002.107(a)(18) and (19)
during a telephone call, the prohibition
applies to the applicant’s responses to
those inquiries provided during that
telephone call and to any record that
identifies how the particular applicant
responded to those inquiries.
ii. Information that can be accessed
when the prohibition applies. If a
particular employee or officer is
involved in making a determination
concerning a covered application, the
prohibition in § 1002.108(b) does not
limit that employee’s or officer’s access
to an applicant’s responses to inquiries
regarding whether the applicant is a
minority-owned, women-owned, or
LGBTQI+-owned business, or principal
owners’ ethnicity, race, or sex, made for
purposes other than compliance with
§ 1002.107(a)(18) or (19). Thus, for
example, an employee or officer who is
subject to the prohibition in
§ 1002.108(b) may have access to
information regarding whether an
applicant is eligible for a Small Business
Administration program for womenowned businesses without regard to
whether the exception in § 1002.108(c)
is satisfied. Additionally, an employee
or officer who knows that an applicant
is a minority-owned business, womenowned business, or LGBTQI+-owned
business, or who knows the ethnicity,
race, or sex of any of the applicant’s
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
principal owners due to activities
unrelated to the inquiries made to
satisfy the financial institution’s
obligations under § 1002.107(a)(18) and
(19) is not prohibited from making a
determination concerning the
applicant’s covered application. Thus,
an employee or officer who knows, for
example, that an applicant is a minorityowned business due to a social
relationship or another professional
relationship with the applicant or any of
its principal owners may make
determinations concerning the
applicant’s covered application.
Furthermore, an employee or officer that
is involved in making a determination
concerning a covered application may
see, consider, refer to, or use data
collected to satisfy aspects of § 1002.107
other than § 1002.107(a)(18) or (19),
such as gross annual revenue, number of
workers, and time in business.
108(c) Exception to the Prohibition on
Access to Certain Information
1. General. A financial institution is
not required to limit the access of an
employee or officer who is involved in
making determinations concerning a
covered application from a small
business if the financial institution
determines that the particular employee
or officer should have access to the
information collected pursuant to
§ 1002.107(a)(18) or (19), and the
financial institution provides the notice
required by § 1002.108(d). A financial
institution is not required to perform a
separate analysis of the feasibility of
maintaining a firewall. A determination
that an employee or officer should have
access means that it is not feasible to
maintain a firewall as to that particular
employee or officer, and the exception
applies to that employee or officer if the
financial institution provides the notice
required by § 1002.108(d). However, the
fact that a financial institution has made
a determination that an employee or
officer should have access does not
mean that the financial institution can
permit other employees and officers
who are involved in making
determinations concerning a covered
application to have access to the
information collected pursuant to
§ 1002.107(a)(18) and (19). A financial
institution may only permit an
employee or officer who is involved in
making a determination concerning a
covered application to have access to
information collected pursuant to
§ 1002.107(a)(18) and (19) if it has
determined that employee or officer or
a group of which the employee or officer
is a member should have access to the
information.
PO 00000
Frm 00415
Fmt 4701
Sfmt 4700
35563
2. Applying the exception to a specific
employee or officer or group of similarly
situated employees or officers. The
exception applies to an employee or
officer if the financial institution
determines that the employee or officer
should have access to the information
collected pursuant to § 1002.107(a)(18)
or (19), and the financial institution
provides the notice required by
§ 1002.108(d). A financial institution
can also determine that several
employees and officers should have
access, that all of a group of similarly
situated employees or officers should
have access, and that multiple groups of
similarly situated employees or officers
should have access to information
collected pursuant to § 1002.107(a)(18)
or (19). See also comment 108(a)–2. For
example, a financial institution could
determine that all its small business
loan officers, small business loan
processors, compliance officers, and
legal officers should have access. If the
financial institution provides the notice
required in § 1002.108(d), the financial
institution may permit all of its small
business loan officers, small business
loan processors, compliance officers,
and legal officers to have access.
However, the financial institution
cannot permit other employees and
officers to have access simply because it
has determined that the small business
loan officers, loan processors,
compliance officers, and legal officers
should have access. For example, in this
case, the financial institution may not
permit its underwriters or chief
executive officer to have access to the
information collected from the applicant
pursuant to § 1002.107(a)(18) or (19) if
they are involved in making any
determination concerning a covered
application, unless the financial
institution also determines that they
should have access. This would be true
even if the chief executive officer or
underwriter had some of the same
assigned duties as a loan officer, such as
being a member of a credit committee,
but has not been assigned the task(s)
that may require access to one or more
applicants’ responses to the financial
institution’s inquiries under
§ 1002.107(a)(18) or (19). If the financial
institution separately determines that
underwriters and the chief executive
officer should have access, then the
underwriters and chief executive officer
may also have access.
108(d) Notice
1. General. If a financial institution
determines that one or more employees
or officers should have access pursuant
to § 1002.108(c), the financial institution
must provide the required notice to, at
E:\FR\FM\31MYR2.SGM
31MYR2
35564
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
lotter on DSK11XQN23PROD with RULES2
a minimum, the applicant or applicants
whose responses will be accessed by an
employee or officer involved in making
determinations concerning the
applicant’s or applicants’ covered
applications. Alternatively, a financial
institution may also provide the
required notice to applicants whose
responses will not or might not be
accessed. For example, a financial
institution could provide the notice to
all applicants for covered credit
transactions or all applicants for a
specific type of product.
2. Content of the required notice. The
notice must inform the applicant that
one or more employees and officers
involved in making determinations
concerning the applicant’s covered
application may have access to the
applicant’s responses regarding the
applicant’s minority-owned business
status, women-owned business status,
LGBTQI+-owned business status, and its
principal owners’ ethnicity, race, and
sex. See the sample data collection form
in appendix E to this part for sample
language for providing this notice to
applicants. If a financial institution
establishes and maintains a firewall and
chooses to use the sample data
collection form, the financial institution
can delete this sample language from
the form.
3. Timing for providing the notice. If
the financial institution is providing the
notice orally, it must provide the notice
required by § 1002.108(d) prior to asking
the applicant if it is a minority-owned
business, women-owned business, or
LGBTQI+-owned business and prior to
asking for a principal owner’s ethnicity,
race, or sex. If the notice is provided on
the same paper or electronic data
collection form as the inquiries about
minority-owned business status,
women-owned business status,
LGBTQI+-owned business status and
the principal owners’ ethnicity, race, or
sex, the notice must appear before the
inquiries. If the notice is provided in an
electronic or paper document that is
separate from the data collection form,
the notice must be provided at the same
time as the data collection form or prior
to providing the data collection form.
Additionally, the notice must be
provided with the non-discrimination
notices required pursuant to
§ 1002.107(a)(18) and (19). See appendix
E for sample language.
Section 1002.109—Reporting of Data to
the Bureau
109(a) Reporting to the Bureau
109(a)(2) Reporting by Subsidiaries
1. Subsidiaries. A covered financial
institution is considered a subsidiary of
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
another covered financial institution for
purposes of reporting data pursuant to
§ 1002.109 if more than 50 percent of
the ownership or control of the first
covered financial institution is held by
the second covered financial institution.
109(a)(3) Reporting Obligations Where
Multiple Financial Institutions Are
Involved in a Covered Credit
Transaction
1. General. The following clarifies
how to report applications involving
more than one financial institution. The
discussion below assumes that all
parties involved with the covered credit
transaction are covered financial
institutions. However, the same
principles apply if any party is not a
covered financial institution.
i. A financial institution shall report
the action that it takes on a covered
application, whether or not the covered
credit transaction closed in the financial
institution’s name and even if the
financial institution used underwriting
criteria supplied by another financial
institution. However, where it is
necessary for more than one financial
institution to make a credit decision in
order to approve a single covered credit
transaction, only the last financial
institution with authority to set the
material terms of the covered credit
transaction is required to report. Setting
the material terms of the covered credit
transaction include, for example,
selecting among competing offers, or
modifying pricing information, amount
approved or originated, or repayment
duration. In this situation, the
determinative factor is not which
financial institution actually made the
last credit decision prior to closing, but
rather which financial institution last
had the authority for setting the material
terms of the covered credit transaction
prior to closing. Whether a financial
institution has taken action for purposes
of § 1002.109(a)(3) and comment
109(a)(3)–1 is not relevant to, and is not
intended to repeal, abrogate, annul,
impair, or interfere with, section 701(d)
(15 U.S.C. 1691(d)) of the Act, § 1002.9,
or any other provision within subpart A
of this Regulation.
ii. A financial institution takes action
on a covered application for purposes of
§ 1002.109(a)(3) if it denies the
application, originates the application,
approves the application but the
applicant did not accept the transaction,
or closes the file or denies for
incompleteness. The financial
institution must also report the
application if it was withdrawn. For
reporting purposes, it is not relevant
whether the financial institution
receives the application directly from
PO 00000
Frm 00416
Fmt 4701
Sfmt 4700
the applicant or indirectly through
another party, such as a broker, or
(except as otherwise provided in
comment 109(a)(3)–1.i) whether another
financial institution also reviews and
reports an action taken on a covered
application involving the same credit
transaction.
iii. Where it is necessary for more
than one financial institution to make a
credit decision in order to approve a
single covered credit transaction and
where more than one financial
institution denies the application or
otherwise does not approve the
application, the reporting financial
institution (the last financial institution
with authority to set the material terms
of the covered credit transaction) shall
have a consistent procedure for
determining how it reports inconsistent
or differing data points for purposes of
subpart B. For example, Financial
Institution A is the reporting entity
because it has the last authority to set
the material credit terms. Financial
Institution A sends the application to
Financial Institution B and Financial
Institution C for review, but both
Financial Institution B and Financial
Institution C deny the application, with
different denial reasons. Based on these
denials, Financial Institution A follows
suit and denies the application.
Financial Institution A must have a
consistent procedure for what denial
reason(s) to report, such as reporting the
denial reason(s) from the first financial
institution that denied the covered
application.
2. Examples. The following scenarios
illustrate how a financial institution
reports a particular covered application.
The illustrations assume that all parties
involved with the covered credit
transaction are covered financial
institutions. However, the same
principles apply if any party is not a
covered financial institution. Examples
i through iv involve a single financial
institution with responsibility for
making a credit decision without the
involvement of an intermediary.
Example v describes a financial
institution intermediary with only
passive involvement in the covered
credit transaction. Example vi describes
a transaction where multiple financial
institutions independently decision and
take action on a covered application.
Examples vii and viii describe situations
where more than one financial
institution must make a credit decision
in order to approve the covered credit
transaction. Examples ix and x describe
situations involving pooled and
participation interests.
i. Financial Institution A received a
covered application from an applicant
E:\FR\FM\31MYR2.SGM
31MYR2
lotter on DSK11XQN23PROD with RULES2
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
and approved the application before
closing the covered credit transaction in
its name. Financial Institution A was
not acting as Financial Institution B’s
agent. Financial Institution B later
purchased the covered credit
transaction from Financial Institution A.
Financial Institution A was not acting as
Financial Institution B’s agent.
Financial Institution A reports the
application. Financial Institution B has
no reporting obligation for this
transaction.
ii. Financial Institution A received a
covered application from an applicant.
If approved, the covered credit
transaction would have closed in
Financial Institution B’s name.
Financial Institution A denied the
application without sending it to
Financial Institution B for approval.
Financial Institution A was not acting as
Financial Institution B’s agent. Since
Financial Institution A took action on
the application, Financial Institution A
reports the application as denied.
Financial Institution B does not report
the application.
iii. Financial Institution A reviewed a
covered application and made a credit
decision to approve it using the
underwriting criteria provided by a
Financial Institution B. Financial
Institution B did not review the
application and did not make a credit
decision prior to closing. Financial
Institution A was not acting as Financial
Institution B’s agent. Financial
Institution A reports the application.
Financial Institution B has no reporting
obligation for this application.
iv. Financial Institution A reviewed
and made the credit decision on a
covered application based on the
criteria of a third-party insurer or
guarantor (for example, a government or
private insurer or guarantor). Financial
Institution A reports the action taken on
the application.
v. Financial Institution A received a
covered application from an applicant
and forwarded that application to
Financial Institution B. Financial
Institution B reviewed the application
and made a credit decision approving
the application prior to closing. The
covered credit transaction closed in
Financial Institution A’s name.
Financial Institution B purchased the
covered credit transaction from
Financial Institution A after closing.
Financial Institution B was not acting as
Financial Institution A’s agent. Since
Financial Institution B made the credit
decision prior to closing, and Financial
Institution A’s approval was not
necessary for the credit transaction,
Financial Institution B reports the
origination. Financial Institution A does
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
not report the application. Assume the
same facts, except that Financial
Institution B reviewed the application
before the covered credit transaction
would have closed, but Financial
Institution B denied the application.
Financial Institution B reports the
application as denied. Financial
Institution A does not report the
application because it did not take an
action on the application. If, under the
same facts, the application was
withdrawn before Financial Institution
B made a credit decision, Financial
Institution B would report the
application as withdrawn and Financial
Institution A would not report the
application for the same reason.
vi. Financial Institution A received a
covered application and forwarded it to
Financial Institutions B and C. Financial
Institution A made a credit decision,
acting as Financial Institution D’s agent,
and approved the application. Financial
Institutions B and C are not working
together with Financial Institutions A or
D, or with each other, and are solely
responsible for setting the terms of their
own credit transactions. Financial
Institution B made a credit decision
approving the application, and
Financial Institution C made a credit
decision denying the application. The
applicant did not accept the covered
credit transaction from Financial
Institution D. Financial Institution D
reports the application as approved but
not accepted. Financial Institution A
does not report the application, because
it was acting as Financial Institution D’s
agent. The applicant accepted the offer
of credit from Financial Institution B,
and credit was extended. Financial
Institution B reports the application as
originated. Financial Institution C
reports the application as denied.
vii. Financial Institution A received a
covered application and made a credit
decision to approve it using the
underwriting criteria provided by
Financial Institution B. Financial
Institution A was not acting as Financial
Institution B’s agent. Financial
Institution A forwarded the application
to Financial Institution B. Financial
Institution B reviewed the application
and made a credit decision approving
the application prior to closing.
Financial Institution A makes a credit
decision on the application and
modifies the credit terms (the interest
rate and repayment term) offered by
Financial Institution B. The covered
credit transaction reflecting the
modified terms closes in Financial
Institution A’s name. Financial
Institution B purchases the covered
credit transaction from Financial
Institution A after closing. As the last
PO 00000
Frm 00417
Fmt 4701
Sfmt 4700
35565
financial institution with the authority
for setting the material terms of the
covered credit transaction, Financial
Institution A reports the application as
originated. Financial Institution B does
not report the origination because it was
not the last financial institution with the
authority to set the material terms on
the application. If, under the same facts,
Financial Institution A did not modify
the credit terms offered by Financial
Institution B, Financial Institution A
still reports the application as originated
because it was still the last financial
institution with the authority for setting
the material terms, even if it chose not
to so do in a particular instance.
Financial Institution B does not report
the origination.
viii. Financial Institution A received a
covered application and forwarded it to
Financial Institutions B, C, and D.
Financial Institution A was not acting as
anyone’s agent. Financial Institution B
and C reviewed the application and
made a credit decision approving the
application and Financial Institution D
reviewed the application and made a
credit decision denying the application.
Prior to closing, Financial Institution A
makes a credit decision on the
application by deciding to offer to the
applicant the credit terms offered by
Financial Institution B and does not
convey to the applicant the credit terms
offered by Financial Institution C. The
applicant does not accept the covered
credit transaction. As the last financial
institution with the authority for setting
the material terms of the covered credit
transaction, Financial Institution A
reports the application as approved but
not accepted. Financial Institutions B,
C, and D do not report the application
because they were not the last financial
institution with the authority for setting
the material terms of the covered credit
transaction. Assume the same facts,
except the applicant accepts the terms
of the covered credit transaction from
Financial Institution B as offered by
Financial Institution A. The covered
credit transaction closes in Financial
Institution A’s name. Financial
Institution B purchases the transaction
after closing. Here, Financial Institution
A reports the application as originated.
Financial Institutions B, C, and D do not
report the application because they were
not the last financial institution
responsible for setting the material
terms of the covered credit transaction.
ix. Financial Institution A receives a
covered application and approves it,
and then Financial Institution A elects
to organize a loan participation
agreement where Financial Institutions
B and C agree to purchase a partial
interest in the covered credit
E:\FR\FM\31MYR2.SGM
31MYR2
35566
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
transaction. Financial Institution A
reports the application. Financial
Institutions B and C have no reporting
obligation for this application.
x. Financial Institution A purchases
an interest in a pool of covered credit
transactions, such as credit-backed
securities or real estate investment
conduits. Financial Institution A does
not report this purchase.
3. Agents. If a covered financial
institution takes action on a covered
application through its agent, the
financial institution reports the
application. For example, acting as
Financial Institution A’s agent,
Financial Institution B approved an
application prior to closing and a
covered credit transaction was
originated. Financial Institution A
reports the covered credit transaction as
an origination. State law determines
whether one party is the agent of
another.
Paragraph 109(b)(6)
109(b) Financial Institution Identifying
Information
1. RSSD ID number. The RSSD ID is
a unique identifying number assigned to
institutions, including main offices and
branches, by the Board of Governors of
the Federal Reserve System. A financial
institution’s RSSD ID may be found on
the website of the National Information
Center, which provides comprehensive
financial and structure information on
banks and other institutions for which
the Federal Reserve Board has a
supervisory, regulatory, or research
interest including both domestic and
foreign banking organizations that
operate in the United States. If a
financial institution does not have an
RSSD ID, it reports that this information
is not applicable.
1. Changes to financial institution
identifying information. If a financial
institution’s information required
pursuant to § 1002.109(b) changes, the
financial institution shall provide the
new information with the data
submission for the collection year of the
change. For example, assume two
financial institutions that previously
reported data under subpart B of this
part merge and the surviving institution
retained its Legal Entity Identifier but
obtained a new TIN in February 2026.
The surviving institution must report
the new TIN with its data submission
for its 2026 data (which is due by June
1, 2027) pursuant to § 1002.109(b)(5).
Likewise, if that financial institution’s
Federal prudential regulator changes in
February 2026 as a result of the merger,
it must identify its new Federal
prudential regulator in its annual
submission for its 2026 data.
lotter on DSK11XQN23PROD with RULES2
Paragraph 109(b)(4)
1. Federal prudential regulator. For
purposes of § 1002.109(b)(4), Federal
prudential regulator means, if
applicable, the Federal prudential
regulator for a financial institution that
is a depository institution as determined
pursuant to section 3q of the Federal
Deposit Insurance Act (12 U.S.C.
1813(q)), including the Office of the
Comptroller of the Currency, the Federal
Deposit Insurance Corporation, or the
Board of Governors of the Federal
Reserve System; or the National Credit
Union Administration Board for
financial institutions that are Federal
credit unions.
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
1. Legal Entity Identifier (LEI). A Legal
Entity Identifier is a utility endorsed by
the LEI Regulatory oversight committee,
or a utility endorsed or otherwise
governed by the Global LEI Foundation
(GLEIF) (or any successor of the GLEIF)
after the GLEIF assumes operational
governance of the global LEI system. A
financial institution complies with
§ 1002.109(b)(6) by reporting its current
LEI number. A financial institution that
does not currently possess an LEI
number must obtain an LEI number, and
has an ongoing obligation to maintain
the LEI number. The GLEIF website
provides a list of LEI issuing
organizations. A financial institution
may obtain an LEI, for purposes of
complying with § 1002.109(b)(6), from
any one of the issuing organizations
listed on the GLEIF website.
Paragraph 109(b)(7)
Paragraph 109(b)(8)
1. Immediate parent entity. An entity
is the immediate parent of a financial
institution for purposes of
§ 1002.109(b)(8)(i) through (iii) if it is a
separate entity that directly owns more
than 50 percent of the financial
institution.
2. Top-holding parent entity. An
entity is the top-holding parent of a
financial institution for purposes of
§ 1002.109(b)(8)(iv) through (vi) if it
ultimately owns more than 50 percent of
the financial institution, and the entity
itself is not controlled by any other
entity. If the immediate parent entity
and the top-holding parent entity are the
same, the financial institution reports
that § 1002.109(b)(8)(iv) through (vi) are
not applicable.
3. LEI. For purposes of
§ 1002.109(b)(8)(ii) and (v), a financial
institution shall report the LEI of a
parent entity if the parent entity has an
LEI number. If a financial institution’s
PO 00000
Frm 00418
Fmt 4701
Sfmt 4700
parent entity does not have an LEI, the
financial institution reports that this
information is not applicable.
4. RSSD ID numbers. For purposes of
§ 1002.109(b)(8)(iii) and
§ 1002.109(b)(8)(vi), a financial
institution shall report the RSSD ID
number of a parent entity if the entity
has an RSSD ID number. If a financial
institution’s parent entity does not have
an RSSD ID, the financial institution
reports that this information is not
applicable.
Paragraph 109(b)(9)
1. Type of financial institution. A
financial institution complies with
§ 1002.109(b)(9) by selecting the
applicable type or types of financial
institution from the list below. A
financial institution shall select all
applicable types.
i. Bank or savings association.
ii. Minority depository institution.
iii. Credit union.
iv. Nondepository institution.
v. Community development financial
institution (CDFI).
vi. Other nonprofit financial
institution.
vii. Farm Credit System institution.
viii. Government lender.
ix. Commercial finance company.
x. Equipment finance company.
xi. Industrial loan company.
xii. Online lender.
xiii. Other.
2. Use of ‘‘other’’ for type of financial
institution. A financial institution
reports type of financial institution as
‘‘other’’ where none of the enumerated
types of financial institution
appropriately describe the applicable
type of financial institution, and the
institution reports the type of financial
institution via free-form text field. A
financial institution that selects at least
one type from the list is permitted, but
not required, to also report ‘‘other’’
(with appropriate free-form text) if there
is an additional aspect of its business
that is not one of the enumerated types
set out in comment 109(b)(9)–1.
3. Additional types of financial
institution. The Bureau may add
additional types of financial institutions
via the Filing Instructions Guide and
related materials. Refer to the Filing
Instructions Guide for any updates for
each reporting year.
Paragraph 109(b)(10)
1. Financial institutions that
voluntarily report covered applications
under subpart B of this part. A financial
institution that is not a covered
financial institution pursuant to
§ 1002.105(b) but that elects to
voluntarily compile, maintain, and
E:\FR\FM\31MYR2.SGM
31MYR2
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
report data under §§ 1002.107 through
1002.109 (see comment 105(b)–10)
complies with § 1002.109(b)(10) by
selecting ‘‘voluntary reporter.’’
Section 1002.110—Publication of Data
and Other Disclosures
110(c) Statement of Financial
Institution’s Small Business Lending
Data Available on the Bureau’s Website
1. Statement. A financial institution
shall provide the statement required by
§ 1002.110(c) using the following, or
substantially similar, language:
Small Business Lending Data Notice
Data about our small business lending
are available online for review at the
Consumer Financial Protection Bureau’s
(CFPB’s) website at https://
www.consumerfinance.gov/dataresearch/small-business-lending/. The
data show the geographic distribution of
our small business lending applications;
information about our loan approvals
and denials; and demographic
information about the principal owners
of our small business applicants. The
CFPB may delete or modify portions of
our data prior to posting it if doing so
would advance a privacy interest. Small
business lending data for many other
financial institutions are also available
at this website.
2. Website. A financial institution
without a website complies with
§ 1002.110(c) by making a written
statement using the language in
comment 110(c)–1, or substantially
similar language, available upon
request.
3. Revised location for publicly
available data. The Bureau may modify
the location specified in comment
110(c)–1 at which small business
lending data are available via the Filing
Instructions Guide and related
materials. Refer to the Filing
Instructions Guide for any updates for
each reporting year.
lotter on DSK11XQN23PROD with RULES2
Section 1002.111—Recordkeeping
111(a) Record Retention
1. Evidence of compliance. Section
1002.111(a) requires a financial
institution to retain evidence of
compliance with subpart B of this part
for at least three years after its small
business lending application register is
required to be submitted to the Bureau
pursuant to § 1002.109. In addition to
the financial institution’s small business
lending application register, such
evidence of compliance is likely to
include, but is not limited to, the
applications for credit from which
information in the register is drawn, as
well as the files or documents that,
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
under § 1002.111(b), are kept separate
from the applications for credit. This
three-year record retention requirement
applies to any records covered by
§ 1002.111(a), notwithstanding the more
general 12-month retention period for
records related to business credit
specified in § 1002.12(b).
2. Record retention for creditors under
§ 1002.5(a)(4)(vii) and (viii). A creditor
that is voluntarily, under
§ 1002.5(a)(4)(vii) and (viii), collecting
information pursuant to subpart B of
this part complies with § 1002.111(a) by
retaining evidence of compliance with
subpart B for at least three years after
June 1 of the year following the year that
data was collected.
111(b) Certain Information Kept
Separate From the Rest of the
Application
1. Separate from the application. A
financial institution may satisfy the
requirement in § 1002.111(b) by keeping
an applicant’s responses to the financial
institution’s request pursuant to
§ 1002.107(a)(18) and (19) in a file or
document that is discrete or distinct
from the application and its
accompanying information. For
example, such information could be
collected on a piece of paper that is
separate from the rest of the application
form. In order to satisfy the requirement
in § 1002.111(b), an applicant’s
responses to the financial institution’s
request pursuant to § 1002.107(a)(18)
and (19) need not be maintained in a
separate electronic system, nor need
they be removed from the physical files
containing the application so long as
there is some separation between the
demographic information and the rest of
the application and its accompanying
information. However, the financial
institution may nonetheless need to
keep this information in a different
electronic or physical file in order to
satisfy the prohibition in § 1002.108(b).
2. Number of principal owners. A
financial institution is permitted to
maintain information regarding the
applicant’s number of principal owners
pursuant to § 1002.107(a)(20) with an
applicant’s responses to the financial
institution’s request pursuant to
§ 1002.107(a)(18) and (19).
111(c) Limitation on Personally
Identifiable Information in Certain
Records Retained Under This Section
1. Small business lending application
register. The prohibition in
§ 1002.111(c) applies to data in the
small business lending application
register submitted by the financial
institution to the Bureau under
§ 1002.109, the version of the register
PO 00000
Frm 00419
Fmt 4701
Sfmt 4700
35567
that the financial institution maintains
under § 1002.111(a), and the separate
record of certain information created
pursuant to § 1002.111(b).
2. Examples. Section 1002.111(c)
prohibits a financial institution from
including any name, specific address
(other than the census tract required
under § 1002.107(a)(13)), telephone
number, or email address of any
individual who is, or is connected with,
an applicant in the small business
lending application register it reports
pursuant to § 1002.109, in the copy of
the register the financial institution
retains under § 1002.111(a), and in the
records of certain information it must
retain separately from the application
pursuant to § 1002.111(b). It likewise
prohibits a financial institution from
including any other personally
identifiable information concerning any
individual who is, or is connected with,
an applicant, except as required
pursuant to § 1002.107 or § 1002.111(b).
Examples of such personally
identifiable information that a financial
institution may not include in its small
business lending application register
include, but are not limited to, the
following: date of birth, Social Security
number, official government-issued
driver’s license or identification
number, alien registration number,
government passport number, or
employer or taxpayer identification
number.
3. Other records. The prohibition in
§ 1002.111(c) does not extend to an
application for credit, or any other
records that the financial institution
maintains that are not specifically
enumerated in § 1002.111(c).
4. Name and business contact
information for submission. The
prohibition in § 1002.111(c) does not bar
financial institutions from providing to
the Bureau, pursuant to
§ 1002.109(b)(3), the name and business
contact information of the person who
may be contacted by the Bureau or other
regulators with questions about the
financial institution’s submission under
§ 1002.109.
Section 1002.112—Enforcement
112(b) Bona Fide Errors
1. Tolerances for bona fide errors.
Section 1002.112(b) provides that a
financial institution is presumed to
maintain procedures reasonably adapted
to avoid errors with respect to a given
data field if the number of errors found
in a random sample of the financial
institution’s data submission for the
data field does not equal or exceed a
threshold specified by the Bureau for
this purpose. The Bureau’s thresholds
E:\FR\FM\31MYR2.SGM
31MYR2
35568
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
lotter on DSK11XQN23PROD with RULES2
appear in column C of the table in
appendix F. The size of the random
sample, set out in column B, shall
depend on the size of the financial
institution’s small business lending
application register, as shown in
column A of the table in appendix F. A
financial institution has not maintained
procedures reasonably adapted to avoid
errors if either there is a reasonable
basis to believe the error was intentional
or there is evidence that the financial
institution has not maintained
procedures reasonably adapted to avoid
errors.
2. Tolerances and data fields. For
purposes of determining whether an
error is bona fide under § 1002.112(b),
the term ‘‘data field’’ generally refers to
individual fields. All required data
fields, and valid response options for
those fields, are set forth in the Bureau’s
Filing Instructions Guide, available at
https://www.consumerfinance.gov/dataresearch/small-business-lending/filinginstructions-guide/. Some data fields
may allow for more than one response.
For example, with respect to
information on the ethnicity and race of
an applicant’s principal owner, a data
field may identify more than one race or
ethnicity. If there are one or more errors
within an ethnicity data field, or within
a race data field, for a particular
principal owner, they would count as
one (and only one) error for that data
field. For instance, in the ethnicity data
field, if an applicant indicates that one
of its principal owners is Cuban, but the
financial institution reports that the
principal owner is Mexican and Puerto
Rican, the financial institution has made
one error in the ethnicity data field for
that principal owner. For purposes of
the error threshold table in appendix F,
the financial institution is deemed to
have made one error, not two.
3. Tolerances and safe harbors. An
error that meets the criteria for one of
the four safe harbor provisions in
§ 1002.112(c) is not counted as an error
for purposes of determining whether a
financial institution has exceeded the
relevant error threshold in appendix F
for a given data field.
112(c) Safe Harbors
1. Information from a Federal
agency—census tract. Section
1002.112(c)(2) provides that an incorrect
entry for census tract is not a violation
of the Act or subpart B of this part, if
the financial institution obtained the
census tract using a geocoding tool
provided by the FFIEC or the Bureau.
However, this safe harbor provision
does not extend to a financial
institution’s failure to provide the
correct census tract number for a
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
covered application on its small
business lending application register, as
required by § 1002.107(a)(13), because
the FFIEC or Bureau geocoding tool did
not return a census tract for the address
provided by the financial institution. In
addition, this safe harbor provision does
not extend to a census tract error that
results from a financial institution
entering an inaccurate address into the
FFIEC or Bureau geocoding tool.
2. Applicability of NAICS code safe
harbor. The safe harbor in
§ 1002.112(c)(3) applies to an incorrect
entry for the 3-digit NAICS code that
financial institutions must collect and
report pursuant to § 1002.107(a)(15),
provided certain conditions are met. For
purposes of § 1002.112(c)(3)(i), a
financial institution is permitted to rely
on statements made by the applicant,
information provided by the applicant,
or on other information obtained
through its use of appropriate thirdparty sources, including business
information products. See also
comments 107(a)(15)–4 and 107(b)–1.
3. Incorrect determination of small
business status, covered credit
transaction, or covered application—
examples. Section 1002.112(c)(4)
provides a safe harbor from violations of
the Act or this regulation for a financial
institution that initially collects data
under § 1002.107(a)(18) and (19)
regarding whether an applicant for a
covered credit transaction is a minorityowned, a women-owned, or LGBTQI+owned business, and the ethnicity, race,
and sex of the applicant’s principal
owners, but later concludes that it
should not have collected this data, if
certain conditions are met. Specifically,
to qualify for this safe harbor,
§ 1002.112(c)(4) requires that the
financial institution have had a
reasonable basis at the time it collected
data under § 1002.107(a)(18) and (19) for
believing that the application was a
covered application for a covered credit
transaction from a small business
pursuant to §§ 1002.103, 1002.104, and
1002.106, respectively. For example,
Financial Institution A collected data
under § 1002.107(a)(18) and (19) from
an applicant for a covered credit
transaction that had self-reported its
gross annual revenue as $4.8 million.
Sometime after Financial Institution A
had collected this data from the
applicant, the financial institution
reviewed the applicant’s tax returns,
which indicated the applicant’s gross
annual revenue was in fact $5.2 million.
Financial Institution A is permitted to
rely on representations made by the
applicant regarding gross annual
revenue in determining whether an
applicant is a small business (see
PO 00000
Frm 00420
Fmt 4701
Sfmt 4700
§ 1002.107(b) and comments 106(b)(1)–
3 and 107(a)(14)–1). Thus, Financial
Institution A may have had a reasonable
basis to believe, at the time it collected
data under § 1002.107(a)(18) and (19),
that the applicant was a small business
pursuant to § 1002.106, in which case
Financial Institution A’s collection of
such data would not violate the Act or
this regulation.
Section 1002.114—Effective Date,
Compliance Date, and Special
Transition Rules
114(b) Compliance Date
1. Application of compliance date.
The applicable compliance date in
§ 1002.114(b) is the date by which the
covered financial institution must begin
to compile data as specified in
§ 1002.107, comply with the firewall
requirements of § 1002.108, and begin to
maintain records as specified in
§ 1002.111. In addition, the covered
financial institution must comply with
§ 1002.110(c) and (d) no later than June
1 of the year after the applicable
compliance date. For instance, if
§ 1002.114(b)(2) applies to a financial
institution, it must comply with
§§ 1002.107 and 1002.108, and portions
of § 1002.111, beginning April 1, 2025,
and it must comply with § 1002.110(c)
and (d), and portions of § 1002.111, no
later than June 1, 2026.
2. Initial partial year collections
pursuant to § 1002.114(b). i. When the
compliance date of October 1, 2024
specified in § 1002.114(b)(1) applies to a
covered financial institution, the
financial institution is required to
collect data for covered applications
during the period from October 1, 2024
to December 31, 2024. The financial
institution must compile data for this
period pursuant to § 1002.107, comply
with the firewall requirements of
§ 1002.108, and maintain records as
specified in § 1002.111. In addition, for
data collected during this period, the
covered financial institution must
comply with §§ 1002.109 and
1002.110(c) and (d) by June 1, 2025.
ii. When the compliance date of April
1, 2025 specified in § 1002.114(b)(2)
applies to a covered financial
institution, the financial institution is
required to collect data for covered
applications during the period from
April 1, 2025 to December 31, 2025. The
financial institution must compile data
for this period pursuant to § 1002.107,
comply with the firewall requirements
of § 1002.108, and maintain records as
specified in § 1002.111. In addition, for
data collected during this period, the
covered financial institution must
E:\FR\FM\31MYR2.SGM
31MYR2
lotter on DSK11XQN23PROD with RULES2
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
comply with §§ 1002.109 and
1002.110(c) and (d) by June 1, 2026.
3. Informal names for compliance
date provisions. To facilitate discussion
of the compliance dates specified in
§ 1002.114(b)(1), (2), and (3), in the
official commentary and any other
documents referring to these
compliance dates, the Bureau adopts the
following informal simplified names.
Tier 1 refers to the cohort of covered
financial institutions that have a
compliance date of October 1, 2024
pursuant to § 1002.114(b)(1). Tier 2
refers to the cohort of covered financial
institutions that have a compliance date
of April 1, 2025 pursuant to
§ 1002.114(b)(2). Tier 3 refers to the
cohort of covered financial institutions
that have a compliance date of January
1, 2026 pursuant to § 1002.114(b)(3).
4. Examples. The following scenarios
illustrate how to determine whether a
financial institution is a covered
financial institution and which
compliance date specified in
§ 1002.114(b) applies.
i. Financial Institution A originated
3,000 covered credit transactions for
small businesses in calendar year 2022,
and 3,000 in calendar year 2023.
Financial Institution A is in Tier 1 and
has a compliance date of October 1,
2024.
ii. Financial Institution B originated
2,000 covered credit transactions for
small businesses in calendar year 2022,
and 3,000 in calendar year 2023.
Because Financial Institution B did not
originate at least 2,500 covered credit
transactions for small businesses in each
of 2022 and 2023, it is not in Tier 1.
Because Financial Institution B did
originate at least 500 covered credit
transactions for small businesses in each
of 2022 and 2023, it is in Tier 2 and has
a compliance date of April 1, 2025.
iii. Financial Institution C originated
400 covered credit transactions to small
businesses in calendar year 2022, and
1,000 in calendar year 2023. Because
Financial Institution C did not originate
at least 2,500 covered credit transactions
for small businesses in each of 2022 and
2023, it is not in Tier 1, and because it
did not originate at least 500 covered
credit transactions for small businesses
in each of 2022 and 2023, it is not in
Tier 2. Because Financial Institution C
did originate at least 100 covered credit
transactions for small businesses in each
of 2022 and 2023, it is in Tier 3 and has
a compliance date of January 1, 2026.
iv. Financial Institution D originated
90 covered credit transactions to small
businesses in calendar year 2022, 120 in
calendar year 2023, and 90 in both of
the calendar years 2024 and 2025.
Because Financial Institution D did not
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
originate at least 100 covered credit
transactions for small businesses in each
of 2022 and 2023, it is not in Tier 1, Tier
2, or Tier 3. Because Financial
Institution D did not originate at least
100 covered credit transactions for small
businesses in subsequent consecutive
calendar years, it is not a covered
financial institution under § 1002.105(b)
and is not required to comply with the
rule in 2024, 2025, or 2026.
v. Financial Institution E originated
120 covered credit transactions for small
businesses in each of calendar years
2022, 2023, and 2024, and 90 in 2025.
Because Financial Institution E did not
originate at least 2,500 or 500 covered
credit transactions for small businesses
in each of 2022 and 2023, it is not in
Tier 1 or Tier 2. Because Financial
Institution E originated at least 100
covered credit transactions for small
businesses in each of 2022 and 2023, it
is in Tier 3 and has a compliance date
of January 1, 2026. However, because
Financial Institution E did not originate
at least 100 covered credit transactions
for small businesses in each of 2024 and
2025, it no longer satisfies the definition
of a covered financial institution in
§ 1002.105(b) at the time of the
compliance date for Tier 3 institutions
and thus is not required to comply with
the rule in 2026.
vi. Financial Institution F originated
90 covered credit transactions for small
businesses in calendar year 2022, and
120 in 2023, 2024, and 2025. Because
Financial Institution F did not originate
at least 100 covered credit transactions
for small businesses in each of 2022 and
2023, it is not in Tier 1, Tier 2, or Tier
3. Because Financial Institution F
originated at least 100 covered credit
transactions for small businesses in
subsequent calendar years,
§ 1002.114(b)(4), which cross-references
§ 1002.105(b), applies to Financial
Institution F. Because Financial
Institution F originated at least 100
covered credit transactions for small
businesses in each of 2024 and 2025, it
is a covered financial institution under
§ 1002.105(b) and is required to comply
with the rule beginning January 1, 2026.
vii. Financial Institution G originated
90 covered credit transactions for small
businesses in each of calendar years
2022, 2023, 2024, and 2025, and 120 in
each of 2026 and 2027. Because
Financial Institution F did not originate
at least 100 covered credit transactions
for small businesses in each of 2022 and
2023, it is not in Tier 1, Tier 2, or Tier
3. Because Financial Institution G
originated at least 100 covered credit
transactions for small businesses in
subsequent calendar years,
§ 1002.114(b)(4), which cross-references
PO 00000
Frm 00421
Fmt 4701
Sfmt 4700
35569
§ 1002.105(b), applies to Financial
Institution G. Because Financial
Institution G originated at least 100
covered credit transactions for small
businesses in each of 2026 and 2027, it
is a covered financial institution under
§ 1002.105(b) and is required to comply
with the rule beginning January 1, 2028.
114(c) Special Transition Rules
1. Collection of certain information
prior to a financial institution’s
compliance date. Notwithstanding
§ 1002.5(a)(4)(ix), a financial institution
that chooses to collect information on
covered applications as permitted by
§ 1002.114(c)(1) in the 12 months prior
to its initial compliance date as
specified in § 1002.114(b)(1), (2) or (3)
need comply only with the
requirements set out in
§§ 1002.107(a)(18) and (19), 1002.108,
and 1002.111(b) and (c) with respect to
the information collected. During this
12-month period, a covered financial
institution need not comply with the
provisions of § 1002.107 (other than
§§ 1002.107(a)(18) and (19)), 1002.109,
1002.110, 1002.111(a), or 1002.114.
2. Transition rule for applications
received prior to a compliance date but
final action is taken after a compliance
date. If a covered financial institution
receives a covered application from a
small business prior to its initial
compliance date specified in
§ 1002.114(b), but takes final action on
or after that date, the financial
institution is not required to collect data
regarding that application pursuant to
§ 1002.107 nor to report the application
pursuant to § 1002.109. For example, if
a financial institution is subject to a
compliance date of October 1, 2024, and
it receives an application on September
15, 2024 but does not take final action
on the application until October 5, 2024,
the financial institution is not required
to collect data pursuant to § 1002.107
nor to report data to the Bureau
pursuant to § 1002.109 regarding that
application.
3. Has readily accessible the
information needed to determine small
business status. A financial institution
has readily accessible the information
needed to determine whether its
originations of covered credit
transactions were for small businesses
as defined in § 1002.106 if, for instance,
it in the ordinary course of business
collects data on the precise gross annual
revenue of the businesses for which it
originates loans, it obtains information
sufficient to determine whether an
applicant for business credit had gross
annual revenues of $5 million or less, or
if it collects and reports similar data to
E:\FR\FM\31MYR2.SGM
31MYR2
lotter on DSK11XQN23PROD with RULES2
35570
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
Federal or State government agencies
pursuant to other laws or regulations.
4. Does not have readily accessible the
information needed to determine small
business status. A financial institution
does not have readily accessible the
information needed to determine
whether its originations of covered
credit transactions were for small
businesses as defined in § 1002.106 if it
did not in the ordinary course of
business collect either precise or
approximate information on whether
the businesses to which it originated
covered credit had gross annual revenue
of $5 million or less. In addition, even
if precise or approximate information on
gross annual revenue was initially
collected, a financial institution does
not have readily accessible this
information if, to retrieve this
information, for example, it must review
paper loan files, recall such information
from either archived paper records or
scanned records in digital archives, or
obtain such information from third
parties that initially obtained this
information but did not transmit such
information to the financial institution.
5. Reasonable method to estimate the
number of originations. The reasonable
methods that financial institutions may
use to estimate originations for 2022 and
2023 include, but are not limited to, the
following:
i. A financial institution may comply
with § 1002.114(c)(2) by determining the
small business status of covered credit
transactions by asking every applicant,
prior to the closing of approved
transactions, to self-report whether it
had gross annual revenue for its
preceding fiscal year of $5 million or
less, during the period October 1
through December 31, 2023. The
financial institution may annualize the
number of covered credit transactions it
originates to small businesses from
October 1 through December 31, 2023
by quadrupling the originations for this
period, and apply the annualized
number of originations to both calendar
years 2022 and 2023.
ii. A financial institution may comply
with § 1002.114(c)(2) by assuming that
every covered credit transaction it
originates for business customers in
calendar years 2022 and 2023 is to a
small business.
iii. A financial institution may
comply with § 1002.114(c)(2) by using
another methodology provided that
such methodology is reasonable and
documented in writing.
6. Examples. The following scenarios
illustrate the potential application of
§ 1002.114(c)(2) to a financial
institution’s compliance date under
§ 1002.114(b).
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
i. Prior to October 1, 2023, Financial
Institution A did not collect gross
annual revenue or other information
that would allow it to determine the
small business status of the businesses
for whom it originated covered credit
transactions in calendar years 2022 and
2023. Financial Institution A chose to
use the methodology set out in comment
114(c)–5.i and as of October 1, 2023
began to collect information on gross
annual revenue as defined in
§ 1002.107(a)(14) for its covered credit
transactions originated for businesses.
Using this information, Financial
Institution A determined that it had
originated 750 covered credit
transactions for businesses that were
small as defined in § 1002.106. On an
annualized basis, Financial Institution
A originated 3,000 covered credit
transactions for small businesses (750
originations * 4 = 3,000 originations per
year). Applying this annualized figure of
3,000 originations to both calendar years
2022 and 2023, Financial Institution A
is in Tier 1 and has a compliance date
of October 1, 2024.
ii. Prior to July 1, 2023, Financial
Institution B collected gross annual
revenue information for some applicants
for business credit, but such information
was only noted in its paper loan files.
Financial Institution B thus does not
have reasonable access to information
that would allow it to determine the
small business status of the businesses
for whom it originated covered credit
transactions for calendar years 2022 and
2023. Financial Institution B chose to
use the methodology set out in comment
114(c)–5.i, and as of October 1, 2023,
Financial Institution B began to ask all
businesses for whom it was closing
covered credit transactions if they had
gross annual revenues in the preceding
fiscal year of $5 million or less. Using
this information, Financial Institution B
determined that it had originated 350
covered credit transactions for
businesses that were small as defined in
§ 1002.106. On an annualized basis,
Financial Institution B originated 1,400
covered credit transactions for small
businesses (350 originations * 4 = 1,400
originations per year). Applying this
estimated figure of 1,400 originations to
both calendar years 2022 and 2023,
Financial Institution B is in Tier 2 and
has a compliance date of April 1, 2025.
iii. Prior to April 1, 2023, Financial
Institution C did not collect gross
annual revenue or other information
that would allow it to determine the
small business status of the businesses
for whom it originated covered credit
transactions in calendar years 2022 and
2023. Financial Institution C chose its
own methodology pursuant to comment
PO 00000
Frm 00422
Fmt 4701
Sfmt 4700
114(c)–5.iii, basing it in part on the
methodology specified in comment
114(c)–5.i. Starting on April 1, 2023,
Financial Institution C began to ask all
business applicants for covered credit
transactions if they had gross annual
revenue in their preceding fiscal year of
$5 million or less. Using this
information, Financial Institution C
determined that it had originated 100
covered credit transactions for
businesses that were small as defined in
§ 1002.106. On an annualized basis,
Financial Institution C originated
approximately 133 covered credit
transactions for small businesses ((100
originations * 365 days)/275 days =
132.73 originations per year). Applying
this estimate of 133 originations to both
calendar years 2022 and 2023, Financial
Institution C is in Tier 3 and has a
compliance date of January 1, 2026.
iv. Financial Institution D did not
collect gross annual revenue or other
information that would allow it to
determine the small business status of
the businesses for whom it originated
covered credit transactions in calendar
years 2022 and 2023. Financial
Institution D determined that it had
originated 3,000 total covered credit
transactions for businesses in each of
2022 and 2023. Applying the
methodology specified in comment
114(c)–5.ii, Financial Institution D
assumed that all 3,000 covered credit
transactions originated in each of 2022
and 2023 were to small businesses. On
that basis, Financial Institution D is in
Tier 1 and has a compliance date of
October 1, 2024.
v. Financial Institution E did not
collect gross annual revenue or other
information that would allow it to
determine the small business status of
the businesses for whom it originated
covered credit transactions in calendar
years 2022 and 2023. Financial
Institution E determined that it had
originated 700 total covered credit
transactions for businesses in each of
2022 and 2023. Applying the
methodology specified in comment
114(c)–5.ii, Financial Institution E
assumed that all such transactions in
each of 2022 and 2023 were originated
for small businesses. On that basis,
Financial Institution E is in Tier 2 and
has a compliance date of April 1, 2025.
vi. Financial Institution F did does
not have readily accessible gross annual
revenue or other information that would
allow it to determine the small business
status of the businesses for whom it
originated covered credit transactions in
calendar years 2022 and 2023. Financial
Institution F determined that it had
originated 80 total covered credit
transactions for businesses in 2022 and
E:\FR\FM\31MYR2.SGM
31MYR2
Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules and Regulations
150 total covered credit transactions for
businesses in 2023. Applying the
methodology set out in comment
114(c)–5.ii, Financial Institution F
assumed that all such transactions
originated in 2022 and 2023 were
originated for small businesses. On that
basis, Financial Institution E is not in
Tier 1, Tier 2 or Tier 3, and is subject
35571
to the compliance date provision
specified in § 1002.114(b)(4).
*
*
*
*
*
Rohit Chopra,
Director, Consumer Financial Protection
Bureau.
[FR Doc. 2023–07230 Filed 5–30–23; 8:45 am]
lotter on DSK11XQN23PROD with RULES2
BILLING CODE 4810–AM–P
VerDate Sep<11>2014
18:47 May 30, 2023
Jkt 259001
PO 00000
Frm 00423
Fmt 4701
Sfmt 9990
E:\FR\FM\31MYR2.SGM
31MYR2
]]>Agencies
- CONSUMER FINANCIAL PROTECTION BUREAU
[Federal Register Volume 88, Number 104 (Wednesday, May 31, 2023)]
[Rules and Regulations]
[Pages 35150-35571]
From the Federal Register Online via the Government Publishing Office [www.gpo.gov]
[FR Doc No: 2023-07230]
[[Page 35149]]
Vol. 88
Wednesday,
No. 104
May 31, 2023
Part III
Consumer Financial Protection Bureau
-----------------------------------------------------------------------
12 CFR Part 1002
Small Business Lending Under the Equal Credit Opportunity Act
(Regulation B); Final Rule
��Federal Register / Vol. 88, No. 104 / Wednesday, May 31, 2023 / Rules
and Regulations��
[[Page 35150]]
-----------------------------------------------------------------------
CONSUMER FINANCIAL PROTECTION BUREAU
12 CFR Part 1002
[Docket No. CFPB-2021-0015]
RIN 3170-AA09
Small Business Lending Under the Equal Credit Opportunity Act
(Regulation B)
AGENCY: Consumer Financial Protection Bureau.
ACTION: Final rule.
-----------------------------------------------------------------------
SUMMARY: The Consumer Financial Protection Bureau (CFPB or Bureau) is
amending Regulation B to implement changes to the Equal Credit
Opportunity Act (ECOA) made by section 1071 of the Dodd-Frank Wall
Street Reform and Consumer Protection Act (Dodd-Frank Act). Consistent
with section 1071, covered financial institutions are required to
collect and report to the CFPB data on applications for credit for
small businesses, including those that are owned by women or
minorities. The final rule also addresses the CFPB's approach to
privacy interests and the publication of data; shielding certain
demographic data from underwriters and other persons; recordkeeping
requirements; enforcement provisions; and the rule's effective and
compliance dates.
DATES:
Effective date: This final rule is effective August 29, 2023.
Compliance dates: Covered financial institutions must comply with
the final rule beginning October 1, 2024, April 1, 2025, or January 1,
2026, as set forth in Sec. 1002.114(b).
FOR FURTHER INFORMATION CONTACT: Camille Gray, Paralegal Specialist;
Kris Andreassen, Pavitra Bacon, Joseph Devlin, Amy Durant, Angela Fox,
Caroline Hong, David Jacobs, Kathryn Lazarev, Lawrence Lee, Adam Mayle,
Kristen Phinnessee, or Melissa Stegman, Senior Counsels, Office of
Regulations, at 202-435-7700 or https://reginquiries.consumerfinance.gov/. If you require this document in an
alternative electronic format, please contact
[email protected].
SUPPLEMENTARY INFORMATION:
I. Summary of the Final Rule
In 2010, Congress passed the Dodd-Frank Act. Section 1071 of that
Act \1\ amended ECOA \2\ to require that financial institutions collect
and report to the CFPB certain data regarding applications for credit
for women-owned, minority-owned, and small businesses. Section 1071's
statutory purposes are to (1) facilitate enforcement of fair lending
laws, and (2) enable communities, governmental entities, and creditors
to identify business and community development needs and opportunities
of women-owned, minority-owned, and small businesses.
---------------------------------------------------------------------------
\1\ Public Law 111-203, tit. X, section 1071, 124 Stat. 1376,
2056 (2010), codified at ECOA section 704B, 15 U.S.C. 1691c-2.
\2\ 15 U.S.C. 1691 et seq.
---------------------------------------------------------------------------
Section 1071 specifies a number of data points that financial
institutions are required to collect and report, and also provides
authority for the CFPB to require any additional data that it
determines would aid in fulfilling section 1071's statutory purposes.
Section 1071 also contains a number of other requirements, including
those that address restricting the access of underwriters and other
persons to certain data; recordkeeping; publication of small business
lending data; and modifications or deletions of data prior to
publication in order to advance a privacy interest.
Section 1071 directs the CFPB to prescribe such rules and issue
such guidance as may be necessary to carry out, enforce, and compile
data pursuant to section 1071, and permits it to adopt exceptions to
any requirement or to exempt financial institutions from the
requirements of section 1071 as it deems necessary or appropriate to
carry out the purposes of section 1071. The CFPB is adding a new
subpart B to Regulation B to implement the requirements of section
1071. Key aspects of the CFPB's final rule are summarized below.
As envisioned by Congress, the small business lending rule will
create our nation's first consistent and comprehensive database
regarding lending to small businesses, including small farms. This will
fulfill section 1071's statutory purposes by allowing Federal, State,
and local enforcement agencies to assess potential areas for fair
lending enforcement and by enabling a range of stakeholders to better
identify business and community development needs and opportunities for
small businesses, including women-owned and minority-owned small
businesses. The database, again as dictated by Congress, will not
reveal privacy-protected information about any particular small
business applicant, and small businesses will retain control over how
much of their demographic information they choose to divulge. In
addition, the CFPB believes that its final rule will help to sharpen
competition in credit supply by creating greater transparency around
small business lending.
Scope. The CFPB is requiring financial institutions to collect and
report data regarding applications for credit for small businesses,
including those that are owned by women and minorities. The CFPB is not
requiring financial institutions to collect and report data regarding
applications for women-owned and minority-owned businesses that are not
small. Because more than 99 percent of women-owned and minority-owned
businesses are small businesses, covering small businesses necessarily
means nearly all women-owned and minority-owned businesses will also be
covered. The CFPB believes that this scope is consistent with the
statute and will allow the rule to carry out section 1071's purposes
without requiring collection of data that would be of limited utility.
Covered financial institutions. Consistent with language from
section 1071, a ``financial institution'' is defined to include any
partnership, company, corporation, association (incorporated or
unincorporated), trust, estate, cooperative organization, or other
entity that engages in any financial activity. The rule thus applies to
a variety of entities that engage in small business lending, including
depository institutions (i.e., banks, savings associations, and credit
unions),\3\ online lenders, platform lenders, community development
financial institutions (both depository and nondepository
institutions), Farm Credit System lenders, lenders involved in
equipment and vehicle financing (captive financing companies and
independent financing companies), commercial finance companies,
governmental lending entities, and nonprofit nondepository lenders.\4\
---------------------------------------------------------------------------
\3\ For purposes of this document, the Bureau is using the term
depository institution to mean any bank or savings association
defined by the Federal Deposit Insurance Act, 12 U.S.C. 1813(c)(1),
or credit union defined pursuant to the Federal Credit Union Act, 12
U.S.C. 1751 et seq., as implemented by 12 CFR 700.2. The Bureau
notes that the Dodd-Frank Act defines a depository institution to
mean any bank or savings association defined by the Federal Deposit
Insurance Act, 12 U.S.C. 1811 et seq.; there, that term does not
encompass credit unions. 12 U.S.C. 5301(18)(A), 1813(c)(1). To
facilitate analysis and discussion, the Bureau is referring to banks
and savings associations together with credit unions as depository
institutions throughout this document, unless otherwise specified.
\4\ The Bureau's rules, including this final rule to implement
section 1071, generally do not apply to motor vehicle dealers, as
defined in section 1029(f)(2) of the Dodd-Frank Act, that are
predominantly engaged in the sale and servicing of motor vehicles,
the leasing and servicing of motor vehicles, or both. 12 U.S.C.
5519.
---------------------------------------------------------------------------
[[Page 35151]]
The rule uses the term ``covered financial institution'' to refer
to those financial institutions that are required to comply with its
data collection and reporting requirements. A covered financial
institution is defined as a financial institution that originated at
least 100 covered credit transactions (rather than 25, as proposed) for
small businesses in each of the two preceding calendar years. The CFPB
is not adopting an asset-based exemption threshold for depository
institutions, or any other general exemptions for particular categories
of financial institutions.
The final rule also permits creditors that are not covered
financial institutions to voluntarily collect and report small business
lending data in certain circumstances.
Covered credit transactions. Covered financial institutions are
required to collect and report data regarding covered applications from
small businesses for covered credit transactions. A ``covered credit
transaction'' is one that meets the definition of business credit under
existing Regulation B, with certain exceptions. Transactions within the
scope of the rule include loans, lines of credit, credit cards,
merchant cash advances, and credit products used for agricultural
purposes. The CFPB is excluding trade credit, public utilities credit,
securities credit, and incidental credit as proposed. In addition, the
CFPB has added exclusions for transactions that are reportable under
the Home Mortgage Disclosure Act of 1975 (HMDA) \5\ and insurance
premium financing. Consistent with the CFPB's proposal, factoring,
leases, and consumer-designated credit that is used for business or
agricultural purposes are also not covered credit transactions. In
addition, the CFPB has made clear that purchases of originated covered
credit transactions are not reportable.
---------------------------------------------------------------------------
\5\ 12 U.S.C. 2801 et seq.
---------------------------------------------------------------------------
Covered applications. A ``covered application''--which triggers
data collection, reporting, and related requirements when submitted by
a small business--is defined as an oral or written request for a
covered credit transaction that is made in accordance with procedures
used by a financial institution for the type of credit requested. This
definition of covered application is largely consistent with the
existing Regulation B definition of that term. However, certain
circumstances are not covered applications for purposes of this rule,
even if they are considered applications under existing Regulation B.
Specifically, covered applications for purposes of this rule do not
include (1) reevaluation, extension, or renewal requests on existing
business credit accounts, unless the request seeks additional credit
amounts; or (2) inquiries and prequalification requests.
Small business definition. A covered financial institution is
required to collect and report data on a covered application from a
``small business,'' which the rule defines in accordance with the
meaning of ``business concern or concern'' and ``small business
concern'' under the Small Business Act \6\ and Small Business
Administration (SBA) regulations. However, in lieu of using the SBA's
size standards for defining a small business concern, the definition in
this final rule looks to whether the business had $5 million or less in
gross annual revenue for its preceding fiscal year. The CFPB believes
that a straightforward $5 million threshold strikes the right balance
in terms of broadly covering the small business credit market to
fulfill section 1071's statutory purposes while meeting the SBA's
criteria for an alternative size standard.\7\ The final rule also
anticipates updates to this size standard, not more than every five
years, to account for inflation. The SBA Administrator has approved the
CFPB's use of this alternative size standard pursuant to the Small
Business Act.\8\
---------------------------------------------------------------------------
\6\ 15 U.S.C. 631 et seq.
\7\ See 15 U.S.C. 632(a)(2)(C); 13 CFR 121.903.
\8\ See 15 U.S.C. 632(a)(2)(C).
---------------------------------------------------------------------------
Data to be collected and reported. The rule addresses the data
points that must be collected and reported by covered financial
institutions for covered applications from small businesses. Congress
specifically enumerated many of these data points in ECOA section
704B(e)(2); for the others, the Congress granted the CFPB express
authority in 704B(e)(2)(H) to require financial institutions to compile
and maintain, along with enumerated data points, a record of ``any
additional data that the Bureau determines would aid in fulfilling the
purposes'' of section 1071. Certain of these data points are or could
be collected from the applicant; other data points are based on
information within the financial institution's control. Covered
financial institutions must not discourage an applicant from responding
to requests for applicant-provided data and must otherwise maintain
procedures to collect such data at a time and in a manner that are
reasonably designed to obtain a response; when collecting data directly
from the applicant, the rule identifies certain minimum provisions that
must be included within financial institutions' procedures in order for
them to be considered ``reasonably designed.'' The rule also addresses
what financial institutions should do if, despite having such
procedures in place, they are unable to obtain certain data from an
applicant. Furthermore, the rule makes clear that a financial
institution may rely on information from the applicant, or appropriate
third-party sources, when compiling data. If the financial institution
verifies particular information, however, it must report that verified
information. Financial institutions are permitted to reuse previously
collected data in certain circumstances, rather than having to request
it from the applicant for each covered application.
As noted above, the rule includes data points that are, or could
be, provided by the applicant. Some data points specifically relate to
the credit being applied for: the credit type (which includes
information on the credit product, types of guarantees, and loan term);
the credit purpose; and the amount applied for. There are also data
points that relate to the applicant's business: census tract based on
an address or location provided by the applicant; gross annual revenue
for the applicant's preceding full fiscal year; the 3-digit North
American Industry Classification System (NAICS) code for the applicant;
the number of workers that the applicant has; the applicant's time in
business; and the number of principal owners the applicant has.
There are also applicant-provided data points on the demographics
of the applicant's ownership: first, whether the applicant is a
minority-owned business or a women-owned business, along with a new
data field capturing whether the applicant is an LGBTQI+-owned
business; and second, the ethnicity, race, and sex of the applicant's
principal owners. The CFPB refers to these data points collectively as
an applicant's ``protected demographic information.'' Principal owners'
ethnicity and race will be collected from applicants using aggregate
categories as well as disaggregated subcategories. Principal owners'
sex/gender will be collected from applicants without using pre-defined
response categories.
The CFPB is not finalizing its proposed requirement to have
financial institutions collect race and ethnicity via visual
observation or surname if an in-person applicant does not provide any
ethnicity, race, or sex information for any principal owners; instead,
the final rule requires that these data be reported based only on
information provided by the applicant.
[[Page 35152]]
The CFPB is providing lenders with a sample data collection form,
in both digital and paper form, to assist them in collecting protected
demographic data from applicants. Although the contents of the sample
form reflect certain legal requirements that financial institutions
must follow, their use of the sample form is not itself required under
the final rule. Rather, it is an available resource to financial
institutions.
In addition, the rule includes data points that will be generated
or supplied solely by the financial institution. These data points
include, for all applications: a unique identifier for each application
for or extension of credit; the application date; the application
method (that is, the means by which the applicant submitted the
application); the application recipient (that is, whether the financial
institution or its affiliate received the application directly, or
whether it was received by the financial institution via a third
party); the action taken by the financial institution on the
application; and the action taken date. For denied applications, there
is also a data point for denial reasons. For applications that are
originated or approved but not accepted, there is a data point for the
amount originated or approved, and a data point for pricing information
(which includes, as applicable, interest rate, total origination
charges, broker fees, initial annual charges, additional cost for
merchant cash advances or other sales-based financing, and prepayment
penalties).
Firewall. The CFPB's rule implements a requirement in section 1071
that certain data collected from applicants be shielded from
underwriters and certain other persons (or, if a firewall is not
feasible, a notice is given instead); the CFPB refers to this as the
``firewall.''
Generally, an employee or officer of a financial institution or a
financial institution's affiliate that is involved in making any
determination concerning a covered application is prohibited from
accessing the applicant's responses to the inquiries about protected
demographic information that the financial institution makes pursuant
to the rule. This prohibition does not apply to an employee or officer,
however, if the financial institution determines that employee or
officer should have access to an applicant's responses to its inquiries
regarding the applicant's protected demographic information and the
financial institution provides a notice to the applicant regarding that
access. The notice must be provided to each applicant whose information
will be accessed or, alternatively, the financial institution could
provide the notice to all applicants. The final rule does not require
specific language for this notice but does provide sample language that
a covered financial institution may use. The final rule also clarifies
several key points of the firewall provision.
Reporting data to the CFPB; publication of data by the CFPB and
other disclosures; and privacy considerations. Financial institutions
must collect small business lending data on a calendar year basis and
report it to the CFPB on or before June 1 of the following year.
Financial institutions reporting data to the CFPB are required to
provide certain identifying information about themselves as part of
their submission. The CFPB is releasing, concurrently with this final
rule, technical instructions for the submission of small business
lending data in a Filing Instructions Guide.\9\
---------------------------------------------------------------------------
\9\ See CFPB, Small Business Lending Filing Instructions Guide,
https://www.consumerfinance.gov/data-research/small-business-lending/filing-instructions-guide/.
---------------------------------------------------------------------------
The CFPB will make available to the public, on an annual basis, the
application-level data submitted to it by financial institutions,
subject to modifications or deletions made by the CFPB, to advance
privacy interests. To ease burden on covered entities, CFPB publication
of application-level data will satisfy financial institutions'
statutory obligation to make data available to the public upon request.
At this time, the CFPB is not making a final decision on the best way
to protect privacy interests through pre-publication modification and
deletion of reported data. Assessing the many comments it received in
this area, the CFPB is preliminarily of the view that its privacy
assessment will focus primarily on whether (and, if so, how) small
business lending data, individually or in combination with other data,
pose re-identification risk for small businesses and, as a result, for
their owners. The CFPB also anticipates taking account of compelling
risks to financial institution privacy interests. The CFPB does not
anticipate that it can carry out the necessary analysis of pre-
publication modifications and deletions without at least one full year
of application-level data. The CFPB intends to further engage with
stakeholders on the issue of data publication before it resolves on a
particular approach to protecting privacy interests through
modifications and deletions. Finally, the CFPB anticipates publishing
select aggregate data--i.e., data that does not include application-
level information--before it publishes application-level data.
In addition, the final rule prohibits a financial institution or
third party from disclosing protected demographic information, except
in limited circumstances. Specifically, the final rule prohibits
financial institutions from disclosing or providing to third parties
the protected demographic information collected pursuant to the rule,
except to further compliance with ECOA or Regulation B or as required
by law. The final rule also limits third parties' disclosure of
protected demographic information.
Recordkeeping, enforcement, and severability. The rule addresses
issues related to recordkeeping, enforcement of violations, and
severability. The CFPB is also finalizing provisions regarding
treatment of bona fide errors under the rule in general along with
several safe harbors for particular kinds of errors. Relatedly, as
explained in part VII below, covered financial institutions will also
have a 12-month grace period during which the CFPB--for institutions
under its jurisdiction--will not assess penalties for errors in data
reporting, and will conduct examinations only to assist institutions in
diagnosing compliance weaknesses, to the extent that these institutions
engaged in good faith compliance efforts.
Effective and compliance dates, transitional provisions. This final
rule will become effective 90 days after publication in the Federal
Register. The CFPB is adopting a tiered compliance date schedule
because it believes that smaller and mid-sized lenders would have
particular difficulties complying within the single 18-month compliance
period proposed in the NPRM. Compliance with the rule beginning October
1, 2024 is required for financial institutions that originate the most
covered credit transactions for small businesses. However, institutions
with a moderate transaction volume have until April 1, 2025 to begin
complying with the rule, and those with the lowest volume have until
January 1, 2026. Covered financial institutions may begin collecting
applicants' protected demographic information one year prior to their
compliance date to help prepare for coming into compliance with this
final rule. The CFPB is also adopting a new provision to permit
financial institutions that do not have ready access to sufficient
information to determine their compliance tier (or whether they are
covered by the rule at all) to use reasonable methods to estimate their
volume of originations to small businesses for this purpose.
[[Page 35153]]
Compliance and technical assistance. The CFPB is supporting small
business lenders with a variety of compliance and technical tools to
help them determine if they are covered by this new rule, and if so
when their obligations arise. For lenders that are covered, the agency
is also making available a range of resources to assist with effective
implementation of the rule, including a small entity compliance guide.
These materials are available at https://www.consumerfinance.gov/compliance/compliance-resources/small-business-lending-resources/small-business-lending-collection-and-reporting-requirements. The CFPB is
also launching a dedicated regulatory and technical support program
that can provide oral and written assistance in response to stakeholder
questions about collection and reporting obligations, and a range of
technical resources to make it easier to report data to the CFPB. The
support program and related materials are available at https://www.consumerfinance.gov/data-research/small-business-lending-data/. To
further assist covered financial institutions that serve small business
customers in their preferred languages, the CFPB will make the sample
data collection form available in several languages. The CFPB is also
planning to develop resources to help small businesses understand how
their data are treated, the availability of the dataset, and the
broader purposes of the rule.
Use of technology partners and industry consortia for accurate,
cost-efficient data collection and reporting. The final rule broadly
permits financial institutions to work with third parties, including
industry consortia, to develop services and technologies to aid in
collecting and reporting data. So long as they meet the obligations
stated in the rule, including collecting data in a manner that does not
discourage small businesses from providing it, financial institutions
are free to work with third parties to assist them with their
compliance obligations, whether that is with respect to data
collection, maintenance or reporting. The CFPB plans to work with
consortia or other entities seeking to assist financial institutions to
deploy industry-identified solutions. For example, the CFPB plans to
provide Application Programming Interfaces in an open-source
environment to assist financial institutions' technology partners to
develop accurate and efficient data reporting tools.
II. Background
As discussed above, in 2010, Congress enacted the Dodd-Frank Act.
Section 1071 of the Dodd-Frank Act, which amended ECOA, requires
financial institutions to collect and report to the CFPB data regarding
applications for credit for women-owned, minority-owned, and small
businesses. Section 1071 was adopted for the dual purposes of
facilitating fair lending enforcement and enabling communities,
governmental entities, and creditors to identify business and community
development needs and opportunities of such businesses. Section 1071
complements other Federal efforts to ensure fair lending and to promote
community development for small businesses, including through ECOA, the
Community Reinvestment Act of 1977 (CRA),\10\ and the Community
Development Financial Institutions (CDFI) Fund.\11\
---------------------------------------------------------------------------
\10\ 12 U.S.C. 2901 et seq.
\11\ The Riegle Community Development Banking and Financial
Institutions Act of 1994, 12 U.S.C. 4701 et seq., authorized the
Community Development Financial Institution Fund (CDFI Fund). The
CDFI Fund is discussed in more detail in part II.F.2.ii below.
---------------------------------------------------------------------------
The collection and subsequent publication of more robust and
granular data regarding credit applications for small businesses will
provide much-needed transparency to the small business lending market.
The COVID-19 pandemic has shown that transparency is essential,
particularly at a time of crisis, when small businesses are in urgent
need of credit to recover from economic shocks.
In addition to informing policymaking, data collected under the
final rule can help creditors identify potentially profitable
opportunities to extend credit. As a result, small business owners
stand to benefit from increased credit availability. More transparency
will also allow small business owners to more easily compare credit
terms and evaluate credit alternatives, helping them to find the credit
product that best suits their needs at the best price. In these
different ways, the data will help stakeholders to enhance business and
community development, boosting broad-based economic activity and
growth. Furthermore, in the years and decades to come, the collection
and publication of these data will be helpful in identifying potential
fair lending violations and otherwise facilitating the enforcement of
anti-discrimination laws.
Overview
Small businesses are a cornerstone of the U.S. economy. There were
over 33 million small businesses in the U.S. in 2019, employing almost
half of all private sector employees.\12\ Small businesses,
particularly start-ups, also generated 62 percent of new jobs since
1995.\13\ Small businesses were hit hard by two major shocks in the
last two decades. First, the Great Recession, which began in 2007,
disproportionately affected small businesses.\14\ Between 2007 and
2009, employment at businesses with under 50 employees fell by 10.4
percent, compared with 7.5 percent at larger firms,\15\ while between
2008 and 2011, lending to small firms fell by 18 percent, compared with
9 percent for all firms.\16\ Small businesses suffered again because of
the COVID-19 pandemic. Around 40 percent of small businesses were at
least temporarily closed in late March and early April 2020, due
primarily to demand shocks and employee health concerns.\17\ Across the
first year of the pandemic, some
[[Page 35154]]
200,000 more businesses exited the market relative to historic
levels.\18\ It took until July 2021 for non-farm private sector jobs at
establishments with fewer than 50 employees to recover to pre-pandemic
levels.\19\ As of mid-2022, small business loan approvals (other than
for government emergency programs) still remained below pre-pandemic
levels.\20\
---------------------------------------------------------------------------
\12\ Off. of Advocacy, Small Bus. Admin., 2022 Small Business
Profile, at 2, 4 (Aug. 2022), https://cdn.advocacy.sba.gov/wp-content/uploads/2022/08/30121338/Small-Business-Economic-Profile-US.pdf (estimating 33.2 million small businesses in the United
States, accounting for 46.4 percent of employees) (2022 Small
Business Profile).
\13\ Off. of Advocacy, Small Bus. Admin., Frequently Asked
Questions About Small Business, at 1 (Dec. 2021), https://cdn.advocacy.sba.gov/wp-content/uploads/2021/12/06095731/Small-Business-FAQ-Revised-December-2021.pdf (SBA OA 2021 FAQs). See
generally Cong. Rsch. Serv., Small Business Administration and Job
Creation (updated Jan. 4, 2022), https://fas.org/sgp/crs/misc/R41523.pdf (discussing small business job creation); John
Haltiwanger et al., Who Creates Jobs? Small Versus Large Versus
Young, 95 Rev. Econ. Stat. 347, 347-48 (May 2013), https://direct.mit.edu/rest/article/95/2/347/58100/Who-Creates-Jobs-Small-versus-Large-versus-Young (finding that young firms, which are
generally small, contribute disproportionately to both gross and net
job creation).
\14\ Jason Dietrich et al., CFPB, Data Point: Small Business
Lending and the Great Recession, at 9 (Jan. 23, 2020), https://files.consumerfinance.gov/f/documents/cfpb_data-point_small-business-lending-great-recession.pdf (finding that small business
lending fell sharply during the Great Recession and recovered
slowly, still not reaching pre-Recession levels by 2017).
\15\ Ay[scedil]eg[uuml]l [Scedil]ahin et al., Fed. Rsrv. Bank of
N.Y., 17 Current Issues in Econ. & Fin., Why Small Businesses Were
Hit Harder by the Recent Recession, at 1 (2011), https://www.newyorkfed.org/medialibrary/media/research/current_issues/ci17-4.pdf.
\16\ Rebel A. Cole, Off. of Advocacy, Small Bus. Admin., How Did
the Financial Crisis Affect Small Business Lending in the United
States?, at 25-26 (Nov. 2012), https://www.microbiz.org/wp-content/uploads/2014/04/SBA-SmallBizLending-and-FiscalCrisis.pdf.
\17\ Alexander W. Bartik et al., The Impact of COVID-19 on Small
Business Outcomes and Expectations, 117 Proc. Nat'l Acad. Sci.
17656, 17656 (July 2020), https://www.pnas.org/content/pnas/117/30/17656.full.pdf.
\18\ Leland D. Crane et al., Bd. of Governors of the Fed. Rsrv.
Sys., Finance and Economics Discussion Series, 2020-089, Business
Exit During the COVID-19 Pandemic: Non-Traditional Measures in
Historical Context, at 4 (2020), https://www.federalreserve.gov/econres/feds/files/2020089r1pap.pdf (estimating excess establishment
exits and analyzing other estimates of small business exits during
the pandemic). The paper defines ``exit'' as permanent shutdown and
calculates ``excess'' exits by comparing the number of exits during
the 12-month period from March 2020 to February 2021 with previous
years. Id. at 2-4. See also Ryan A. Decker & John Haltiwanger, Bd.
of Governors of the Fed. Rsrv. Sys., FEDS Notes, Business Entry and
Exit in the COVID-19 Pandemic: A Preliminary Look at Official Data
(May 6, 2022), https://www.federalreserve.gov/econres/notes/feds-notes/business-entry-and-exit-in-the-covid-19-pandemic-a-preliminary-look-at-official-data-20220506.html (estimating excess
establishment exits to be roughly 181,000).
\19\ ADP Rsch. Inst., ADP National Employment Report, https://adpemploymentreport.com/ (last visited Mar. 20, 2023) (seasonally
adjusted non-farm private sector jobs at establishments with between
1-49 employees as of July 1, 2021 as compared to March 1, 2020).
\20\ Biz2Credit, Biz2Credit Small Business Lending Index Finds
April 2021 Non-PPP Loan Approval Rates Move Little for All Types of
Lenders (Apr. 2021), https://www.biz2credit.com/small-business-lending-index/april-2021; Biz2Credit, Biz2Credit Small Business
Lending Index Finds Business Loan Approval Rates Rose at Small
Banks, dipped at Big Banks in July 2022 (July 2022), https://www.biz2credit.com/small-business-lending-index/july-2022 (approvals
as of July 2022).
---------------------------------------------------------------------------
During the last two decades, the small business lending landscape
has also transformed. Traditional providers--namely banks--
consolidated, leading to branch closures. The number of banks in the
U.S. has declined from over 18,000 in 1986 to under 4,800 as of June
30, 2022 and the number of branches declined by 14 percent from 2009 to
2020.\21\ Meanwhile, new providers and products, such as online lenders
and merchant cash advances, have become increasingly prevalent in the
small business lending market. Financing by merchant cash advance
providers is estimated to have increased from $8.6 billion in volume in
2014 to $15.3 billion in 2017.\22\ From 2017 to 2019, the volume may
have increased further to $19 billion.\23\ Meanwhile, financing
provided by online ``fintech'' \24\ lenders is estimated to have
increased from $1.4 billion \25\ in outstanding balances in 2013 to
approximately $25 billion \26\ in 2019.
---------------------------------------------------------------------------
\21\ Cong. Rsch. Serv., Small Business Credit Markets and
Selected Policy Issues, at 6 (Aug. 20, 2019), https://fas.org/sgp/crs/misc/R45878.pdf (decline since 1986); Fed. Deposit Ins. Corp.,
Quarterly Banking Profile, at 6 (Aug. 2022), https://www.fdic.gov/analysis/quarterly-banking-profile/qbp/2022jun/qbp.pdf (number of
banks as of June 30, 2022); Bruce C. Mitchell et al., Nat'l Cmty.
Reinvestment Coal., Relationships Matter: Small Business and Bank
Branch Locations (Mar. 2021), https://ncrc.org/relationships-matter-small-business-and-bank-branch-locations/ (branch closures).
\22\ PYMNTS, How Long Can MCAs Avoid the `Loan' Label? (Jan. 20,
2016), https://www.pymnts.com/in-depth/2016/how-long-can-mcas-avoid-the-loan-label/.
\23\ Paul Sweeney, Gold Rush: Merchant Cash Advances are Still
Hot, deBanked (Aug. 18, 2019), https://debanked.com/2019/08/gold-rush-merchant-cash-advances-are-still-hot/. Although the article
does not specify one way or the other, estimates by the underlying
source, Bryant Park Capital, appear to reference origination volumes
rather than outstanding balances. See Nimayi Dixit, S&P Glob. Mkt.
Intel., Payment Fintechs Leave Their Mark On Small Business Lending
(Aug. 28, 2018), https://www.spglobal.com/marketintelligence/en/news-insights/research/payment-fintechs-leave-their-mark-on-small-business-lending. Depending on credit multiplier effects, the value
of annual origination volumes could be smaller or greater than
outstanding balances. Without information on outstanding balances
and for the purposes of calculating a market size for small business
financing in 2019, the Bureau assumes in this paper a 1:1 ratio
between annual origination volumes and outstanding balances for
merchant cash advance products. See part II.D below for discussion
of credit multiplier effects and for market size calculations for
merchant cash advance and other small business financing products in
2019.
\24\ ``Fintechs'' have been defined as ``technology companies
providing alternatives to traditional banking services, most often
exclusively in an online environment,'' and may overlap in part with
other categories of financial institutions, such as commercial
finance companies and/or providers of specialized products,
including factoring and merchant cash advances. Brett Barkley & Mark
Schweitzer, The Rise of Fintech Lending to Small Businesses:
Businesses' Perspectives on Borrowing, 17 Int'l J. Cent. Banking 35,
35-36 (Mar. 2021), https://www.ijcb.org/journal/ijcb21q1a2.pdf.
\25\ Id. (citing Katie Darden et al., S&P Glob. Mkt. Intel.,
2018 US Fintech Market Report, at 5, https://www.spglobal.com/marketintelligence/en/documents/2018-us-fintech-market-report.pdf
(2018 US Fintech Market Report)). This figure annualizes $121
million in estimated 2013 quarterly originations to $484 million in
annual originations and scales up to estimated outstanding balances
using the ratio between the FFIEC Call Report and the CRA data
discussed in part II.D below.
\26\ 2018 US Fintech Market Report at 6. This figure scales up
$9.3 billion in estimated 2019 credit originations for small- to
medium-sized enterprise borrowers to outstanding balances using the
ratio methodology discussed in part II.D below.
---------------------------------------------------------------------------
Regarding trends in the small business financing landscape, the
shift away from traditional providers of small business credit toward
newer types of providers gives rise to both potential harm and
opportunity. In terms of potential harms, bank closures may have made
it more difficult for small businesses, particularly those that are
already underserved, to access credit and remain open--especially in
low- and moderate-income areas and rural communities. Newer providers,
often offering newer products, have less experience complying with both
Federal and State lending laws and regulations than traditional
providers. Differences in funding models may also make non-traditional
credit providers less resilient than depository banks or credit unions
during shocks to the financial system such as the onset of the COVID-19
pandemic.\27\ Additionally, they may use complex algorithms and
artificial intelligence, which may create or heighten ``risks of
unlawful discrimination, unfair, deceptive, or abusive acts or
practices . . . or privacy concerns.'' \28\ Opaque product terms and
high costs can also trap business owners in cycles of debt. In terms of
opportunity, some newer approaches may help applicants with low or
nonexistent personal or business credit scores--including women and
minorities who own or seek to start small businesses but on average
have lower personal credit scores than male and white business owners
\29\--to access credit.\30\ Non-traditional credit providers as well as
digital offerings by traditional financial institutions may also help
offset decreases in lending
[[Page 35155]]
associated with the closure of bank branches.\31\
---------------------------------------------------------------------------
\27\ Itzhak Ben-David et al., Nat'l Bureau of Econ. Res., Why
Did Small Business Fintech Lending Dry Up During March 2020, at 1-7
(Sept. 2021), https://www.nber.org/system/files/working_papers/w29205/w29205.pdf (discussing how nondepository lenders faced a
credit crunch in March 2020 that impaired their ability to continue
funding small business borrowers despite increased demand due to the
COVID-19 shock).
\28\ 86 FR 16837, 16839 (Mar. 31, 2021); see also Rohit Chopra,
CFPB, Remarks of Director Rohit Chopra at a Joint DOJ, CFPB, and OCC
Press Conference on the Trustmark National Bank Enforcement Action
(Oct. 22, 2021), https://www.consumerfinance.gov/about-us/newsroom/remarks-of-director-rohit-chopra-at-a-joint-doj-cfpb-and-occ-press-conference-on-the-trustmark-national-bank-enforcement-action/
(discussing risks of discriminatory bias from black box underwriting
algorithms).
\29\ Geng Li, Bd. of Governors of the Fed. Rsrv. Sys., FEDS
Notes: Gender-Related Differences in Credit Use and Credit Scores
(June 22, 2018), https://www.federalreserve.gov/econres/notes/feds-notes/gender-related-differences-in-credit-use-and-credit-scores-20180622.htm (finding that single women on average have lower credit
scores than single men); Alicia Robb, Off. of Advocacy, Small Bus.
Admin., Minority-Owned Employer Businesses and their Credit Market
Experiences in 2017, at 4 (July 22, 2020), https://cdn.advocacy.sba.gov/wp-content/uploads/2020/07/22172533/Minority-Owned-Employer-Businesses-and-their-Credit-Market-Experiences-in-2017.pdf (finding that Black and Hispanic small business borrowers
are disproportionately denied credit or discouraged from applying
for credit on the basis of their credit score).
\30\ See Jessica Battisto et al., Who Benefited from PPP Loans
by Fintech Lenders?, Liberty St. Econ. (May 27, 2021), https://libertystreeteconomics.newyorkfed.org/2021/05/who-received-ppp-loans-by-fintech-lenders.html (Who Benefited from PPP Loans)
(showing that online lenders were an important source of credit for
Black owners during the COVID-19 pandemic.
\31\ See Cong. Rsch. Serv., Fintech: Overview of Innovative
Financial Technology and Selected Policy Issues, at 1 (Apr. 28,
2020), https://crsreports.congress.gov/product/pdf/R/R46332.
---------------------------------------------------------------------------
The precise impacts of these broader trends are not well understood
at present because there are no comprehensive, comparable, and
application-level data across the fragmented and complex small business
lending market. Some small business lending data exist, provided in
data reported to Federal regulators, but available data are incomplete
in certain ways. Some do not include lending by certain categories of
institutions, such as smaller depository institutions. And none include
lending by nondepository institutions, which comprises almost half of
all small business financing.\32\
---------------------------------------------------------------------------
\32\ The Bureau estimates that nondepository private business
financing totaled approximately $550 billion out of around $1.2
trillion in total private outstanding balances in 2019 (47 percent).
This $550 billion figure includes estimated financing by fintechs
(around $25 billion), commercial finance companies (around $160
billion), nondepository CDFIs (around $1.5 billion), merchant cash
advance providers (around $19 billion), factors (around $100
billion), equipment leasing providers (around $160 billion),
nondepository mortgage lenders originating loans for 5+ unit
residential developments (around $30 billion), and non-financial
trade creditors (around $50 billion). There may additionally be
lending that is not captured here by equipment and vehicle dealers
originating loans in their own names. Public lenders include SBA,
the Federal Housing Administration, Fannie Mae and Freddie Mac, and
the Farm Credit System, with public lending totaling around $210
billion in traditional lending programs plus $1 trillion in
emergency COVID-19 SBA lending programs. See part II.D below for
methodology and sources regarding market size estimates for each
lending category.
---------------------------------------------------------------------------
The datasets that do exist both over- and underestimate small
business lending in certain respects by including small dollar loans to
non-small businesses and by excluding larger loans to small
businesses.\33\ Further, these datasets almost exclusively concern
originated loans; they do not include information on applications that
do not result in originated loans. Nor do they generally include
borrower demographics. Other public, private, and nonprofit datasets
offer only partial snapshots of particular areas of the market.
Finally, much of the publicly available data are aggregated, which does
not permit more granular, loan- or application-level analysis that
would facilitate fair lending or business and community development
analysis by stakeholders other than those that collected the data. See
part II.B below for a detailed discussion on existing data on small
business financing.
---------------------------------------------------------------------------
\33\ See part II.B below.
---------------------------------------------------------------------------
The remainder of this part II focuses on several broad topics that
explain, in more detail, the need for the small business lending data
that the CFPB's rule to implement section 1071 will provide: (A)
improved understanding of the role of small businesses in the U.S.
economy; (B) existing data on small business financing; (C) the
landscape of small business financing; (D) estimating the size of the
small business financing market despite limited data; (E) the
particular challenges faced by women-owned, minority-owned, and
LGBTQI+-owned small businesses; and (F) the purposes and impact of
section 1071.
A. Small Businesses in the United States
Small businesses are an important, dynamic, and widely diverse part
of the U.S. economy. They are critical to employment, innovation, and
economic growth and stability, both overall and specifically for
minority, women, and LGBTQI+ entrepreneurs.
The Small Business Act, as implemented by the Small Business
Administration (SBA), defines a small business using size standards
that generally hinge on the average number of employees or average
annual receipts of the business concern and are customized industry by
industry across 1,012 six-digit North American Industry Classification
System (NAICS) codes.\34\ Size standards based on average number of
employees are used in all industries in the manufacturing and wholesale
trade sectors, as well as in certain industries across a variety of
other sectors. Employee-based size standards range from 100 employees
(used almost entirely in certain industries within the wholesale trade
sector) to 1,500 employees (used in industries across a variety of
sectors including, for example, petroleum refineries, automobile
manufacturing, and greeting card publishers).\35\ Size standards based
on average annual receipts are used in nearly all other industries, and
range from $2.25 million (used in several industries in the crop
production and animal production and aquaculture subsectors) to $47
million (used in industries across a variety of sectors including, for
example, passenger car leasing, television broadcasting, and general
medical and surgical hospitals).\36\
---------------------------------------------------------------------------
\34\ See Small Bus. Admin., Table of Small Business Size
Standards Matched to North American Industry Classification System
Codes (effective Mar. 17, 2023), https://www.sba.gov/sites/default/files/2023-03/Table%20of%20Size%20Standards_Effective%20March%2017%2C%202023%20%281%29%20%281%29_0.pdf.
\35\ See id.
\36\ A small number of industries use a size standard based on a
metric other than average annual receipts or average number of
employees. For example, the commercial banking industry (NAICS
522110) is subject to an asset-based size standard. See id.
---------------------------------------------------------------------------
Simpler definitions of what constitutes a small business are used
in certain contexts. For example, in certain annual research releases
the SBA Office of Advocacy defines a small business as one that has
fewer than 500 employees.\37\ According to the Office of Advocacy, and
based on this definition of a small business, in 2018 there were 32.5
million such businesses in the U.S. that represent 99.9 percent of all
U.S. firms and employ over 60 million Americans.\38\ Over six million
of these small businesses have paid employees, while 26.5 million are
non-employer businesses (i.e., the owner(s) are the only people
involved in the business).\39\ From 1995 to 2020, small businesses,
particularly young businesses and start-ups, created 12.7 million net
new jobs in the U.S., while large businesses created 7.9 million.\40\
---------------------------------------------------------------------------
\37\ See SBA OA 2021 FAQs at 1.
\38\ See id.
\39\ See id.
\40\ See id.; see also Haltiwanger et al., 95 Rev. Econ. Stat.
at 347-48 (finding that young firms, which are generally small,
contribute disproportionately to both gross and net job creation).
---------------------------------------------------------------------------
Nearly one third of all businesses are minority-owned and more than
one third are women-owned, though minorities and women own a smaller
share of employer firms. As of 2019, minorities owned around 1.1
million employer firms in the U.S. (amounting to 18.7 percent of all
employer firms) \41\ and, as of 2018, approximately 8.7 million non-
employer firms (33.6 percent of all non-employer firms).\42\ Likewise,
as of 2019, women owned about 1.2 million employer firms (20.9 percent
of all employer firms) \43\ and, as of 2018, approximately 10.9 million
non-employer firms (41.0 percent of all non-employer firms).\44\
Additionally, in
[[Page 35156]]
2016 there were an estimated 1.4 million LGBTQI+ business owners in the
United States.\45\
---------------------------------------------------------------------------
\41\ See Press Release, U.S. Census Bureau, Census Bureau
Releases New Data on Minority-Owned, Veteran-Owned and Women-Owned
Businesses (Oct. 28, 2021), https://www.census.gov/newsroom/press-releases/2021/characteristics-of-employer-businesses.html (Census
Bureau 2021 Minority- and Women-Owned Businesses Data).
\42\ Minority Bus. Dev. Agency, U.S. Dep't of Com., All
Minority-Owned Firms: Fact Sheet (June 10, 2022), https://www.mbda.gov/sites/default/files/2022-06/All%20Minority%20Owned%20Firms%20Fact%20Sheet%20-%20FINAL%206.10.2022.pdf (stating that the nearly 8.7 million
minority non-employer firms in the U.S. generated $306.1 billion in
revenues in 2018).
\43\ See Census Bureau 2021 Minority- and Women-Owned Businesses
Data.
\44\ See Press Release, U.S. Census Bureau, Nonemployer
Statistics by Demographics (Dec. 16, 2021), https://www.census.gov/newsroom/press-releases/2021/nonemployer-statistics-by-demographics.html (also stating that these firms collectively
generated $300 billion in annual receipts). In 2017, nearly half of
all women-owned non-employer firms generated less than $10,000 in
annual receipts, while only 0.05 percent generated $1 million or
more in receipts. See Press Release, Nat'l Women's Bus. Council,
NWBC Shares 2017 Nonemployer Statistics by Demographics Estimates
for Women-Owned Businesses (Dec. 17, 2020), https://www.nwbc.gov/2020/12/17/nwbc-shares-2017-nonemployer-statistics-by-demographics-estimates-for-women-owned-businesses/.
\45\ Nat'l Gay & Lesbian Chamber of Com., America's LGBT
Economy: The Premiere Report on the Impact of LGBT-Owned Businesses,
at 2 (Jan. 2017), https://nglcc.org/wp-content/uploads/2022/02/REPORT-NGLCC-Americas-LGBT-Economy-1-1.pdf.
---------------------------------------------------------------------------
Businesses are legally structured in several ways. In 2018, 87
percent of non-employer businesses were sole proprietorships, which
means that the business is not distinguishable from the owner for tax
and legal purposes; the owner receives profits directly but is also
legally responsible for the business's obligations.\46\ Seven percent
of non-employer businesses were partnerships, which can be structured
to limit the personal liability of some or all owners; limited partners
may exchange control for limited liability, while general partners that
run the business may remain personally liable.\47\ Six percent of non-
employer businesses were structured as corporations--4.5 percent are S-
corporations and 1.5 percent are C-corporations--which are independent
legal entities owned by shareholders who are not personally liable for
the corporation's obligations.\48\ In 2018, most small employer
businesses were corporations, with 52.1 percent choosing to be S-
corporations and 15.3 percent preferring C-corporation status, although
sole proprietorship and partnership structures remained relatively
popular at 13.7 percent and 11.9 percent, respectively.\49\ By
contrast, in 2017, 74.2 percent of large employer businesses chose to
be C-corporations, with 9.3 percent preferring a partnership structure
and 8.1 percent S-corporation status.\50\
---------------------------------------------------------------------------
\46\ See SBA OA 2021 FAQs at 3.
\47\ Id. at 4.
\48\ Id.
\49\ Id.
\50\ Off. of Advocacy, Small Bus. Admin., Frequently Asked
Questions About Small Business, at 4 (Oct. 2020), https://cdn.advocacy.sba.gov/wp-content/uploads/2020/11/05122043/Small-Business-FAQ-2020.pdf (SBA OA 2020 FAQs).
---------------------------------------------------------------------------
Small businesses are particularly important in specific sectors of
the economy. In 2019, in the services sector, small businesses supplied
9.2 million healthcare and social services jobs (44 percent of all
healthcare and social services jobs), 8.8 million accommodation and
food services jobs (61 percent), and 5.7 million construction jobs (81
percent).\51\ In the same year, in manufacturing, small businesses
supplied 5.1 million manufacturing jobs (42 percent of all
manufacturing jobs).\52\ Finally, in 2016, family farms with annual
gross sales under $500,000 totaled over 91 percent out of 2.2 million
farms,\53\ and small businesses provided over 137,000 agriculture,
forestry, fishing and hunting jobs (84 percent of all agriculture,
forestry, fishing and hunting jobs).\54\ As such, the financial health
of small businesses is essential to the U.S. economy, especially to the
supply of critical and basic goods and services--from producing food to
serving it at restaurants, and from home building to healthcare.
---------------------------------------------------------------------------
\51\ See 2022 Small Business Profile at 4.
\52\ Id.
\53\ Nat'l Inst. of Food & Agric., U.S. Dep't of Agric., Family
Farms, https://nifa.usda.gov/family-farms (last visited Mar. 20,
2023) (classifying family farms as any farm organized as a sole
proprietorship, partnership, or family corporation. Family farms
exclude farms organized as non-family corporations or cooperatives,
as well as farms with hired managers).
\54\ 2022 Small Business Profile at 4.
---------------------------------------------------------------------------
Small businesses were especially hard-hit by the onset of the
COVID-19 pandemic. At one point in the pandemic in April 2020, 20
percent of self-employed workers had temporarily exited the labor
market.\55\ Industries in which small businesses played a large role
have been particularly impacted. For example, comparing April 2020 with
April 2019, employment declined by almost 50 percent in the leisure and
hospitality businesses (also declining by almost 50 percent among food
services and drinking establishments within the leisure and hospitality
industry), in which small businesses employ over 60 percent of
workers.\56\ Women-, minority-, and LGBTQI+-owned small businesses were
hit particularly hard. Between February and April 2020, some 373,000
jobs were lost in child daycare services, a sector in which women-
ownership predominates and minority-ownership is very significant. Only
54 percent of these jobs were recovered by the end of 2020.\57\ In
2021, 85 percent of LGBTQI+-owned small businesses reported the
pandemic was having a negative effect on their business, compared to 76
percent of non-LGBTQI+-owned small businesses.\58\ Since 2022, small
businesses have faced different economic shocks, including inflation
and a shortage of labor, as the economy reopened and resurgent consumer
demand has stretched still-fragile supply chains.\59\
---------------------------------------------------------------------------
\55\ Daniel Wilmoth, Off. of Advocacy, Small Bus. Admin., The
Effects of the COVID-19 Pandemic on Small Businesses (Issue Brief
No. 16), at 5 (Mar. 2021), https://cdn.advocacy.sba.gov/wp-content/uploads/2021/03/02112318/COVID-19-Impact-On-Small-Business.pdf.
\56\ Id. at 4. By the third quarter of 2020 many of these jobs
had since returned as mandatory closure orders ended and the economy
began to recover. Cf. Robert W. Fairlie et al., Nat'l Bureau of
Econ. Res., Were Small Businesses More Likely to Permanently Close
in the Pandemic, at 3, 14 (July 2022), https://www.nber.org/system/files/working_papers/w30285/w30285.pdf (finding a sharp increase in
California business closures in the first and second quarters of
2020 that reversed in the third quarter of 2020). However, small
businesses still appear to have suffered more than large businesses.
See id. (finding that small businesses experienced substantially
higher closure rates than large businesses).
\57\ Bureau of Labor Stat., COVID-19 Ends Longest Employment
Recovery and Expansion in CES History, Causing Unprecedented Job
Losses in 2020 (June 2021), https://www.bls.gov/opub/mlr/2021/article/covid-19-ends-longest-employment-expansion-in-ces-history.htm. An estimated 90 percent of childcare businesses are
women-owned and over half of these owners are minority women. Cindy
Larson & Bevin Parker-Cerkez, Investing in Child Care Fuels Women-
owned Businesses & Racial Equity, Loc. Initiatives Support Corp.
(Mar. 8, 2022), https://www.lisc.org/our-stories/story/investing-child-care-fuels-women-owned-businesses-racial-equity/.
\58\ Spencer Watson et al., LGBTQ-Owned Small Businesses in
2021, Ctr. for LGBTQ Econ. Advancement & Rsch. And Movement
Advancement Project, at 9 (July 2022), https://www.lgbtmap.org/file/LGBTQ-Small-Businesses-in-2021.pdf (using data from the Federal
Reserve's Small Business Credit Survey, which began collecting
demographic data on LGBTQ small business ownership in 2021).
\59\ See William C. Dunkelberg & Holly Wade, Small Business
Economic Trends, Nat'l Fed'n of Indep. Bus., at 2, 11, 19 (Aug.
2022), https://assets.nfib.com/nfibcom/SBET-August-2022.pdf (finding
that, out of 622 small businesses polled, 29 percent considered
inflation their biggest problem, 49 percent had at least one
unfilled job opening, and 32 percent reported that supply chain
disruptions had a significant impact on their business).
---------------------------------------------------------------------------
B. Existing Data on Small Business Lending
While small businesses are a critical part of the U.S. economy and
require financial support, it is still true--as it was in 2017 when the
CFPB published its White Paper on small business lending--that it is
not possible with current data to confidently answer basic questions
regarding the state of small business lending. This limitation is
especially the case with regard to the ethnicity, race, and sex of
small business owners, applications as opposed to originations, and for
small business financing products that are not currently reported in
Call Report data.\60\
---------------------------------------------------------------------------
\60\ CFPB, Key dimensions of the small business lending
landscape, at 39-40 (May 2017), https://files.consumerfinance.gov/f/documents/201705_cfpb_Key-Dimensions-Small-Business-Lending-Landscape.pdf (White Paper).
---------------------------------------------------------------------------
Data on small business lending are fragmented, incomplete, and not
standardized, making it difficult to
[[Page 35157]]
conduct meaningful comparisons across products and over time. Against
this background, it is not hard to see why Congress believed that the
collection of small business application data would serve to identify
business and community development needs and opportunities. The lack of
data hinders attempts by policymakers and other stakeholders to
understand the size, shape, and dynamics of the small business lending
marketplace, including the interaction of supply and demand, as well as
potentially problematic lending practices, gaps in the market, or
trends in funding that may be holding back some communities.\61\ For
example, absent better data, it is hard to determine if relatively
lower levels of bank loans to small businesses in the decade before the
pandemic began were reflective of a net relative decline in lending to
small businesses as compared to large businesses or rather a shift
within small business lending from banks to nondepository lenders.\62\
To the extent there may have been a relative decline, it is difficult
to assess if that decline affected certain types of small businesses
more than others, including women-owned and minority-owned small
businesses.\63\
---------------------------------------------------------------------------
\61\ While Call Report and CRA data provide some indication of
the level of supply of small business credit, the lack of data on
small business credit applications makes demand for credit by small
businesses more difficult to assess, including with respect to local
markets or protected classes.
\62\ Rebel A. Cole, Off. of Advocacy, Small Bus. Admin., How Did
Bank Lending to Small Business in the United States Fare After the
Financial Crisis?, at 26 (Jan. 2018), https://cdn.advocacy.sba.gov/wp-content/uploads/2019/05/09134658/439-How-Did-Bank-Lending-to-Small-Business-Fare.pdf (showing a decline in bank loans to small
businesses from 2008 to 2015 from $710 billion to $600 billion). The
level of bank lending to small businesses has recovered somewhat
since a trough in 2012-13 that represented the lowest amount of
lending since 2005. Fed. Deposit Ins. Corp., Quarterly Banking
Profile, https://www.fdic.gov/analysis/quarterly-banking-profile/qbp/timeseries/small-business-farm-loans.xlsx (last visited Mar. 20,
2023).
\63\ White Paper at 40.
---------------------------------------------------------------------------
The primary sources of information on lending by depository
institutions are the Federal Financial Institutions Examination Council
(FFIEC) and National Credit Union Administration (NCUA) Consolidated
Reports of Condition and Income (Call Reports), as well as reporting
under the Community Reinvestment Act (CRA). Under the FFIEC and CRA
reporting regimes, small loans to businesses of any size are used in
whole or in part as a proxy for loans to small businesses. The FFIEC
Call Report captures banks' outstanding number and amount of small
loans to businesses (that is, loans originated under $1 million to
businesses of any size; small loans to farms are those originated under
$500,000).\64\ The CRA currently requires banks and savings
associations with assets over a specified threshold to report loans in
original amounts of $1 million or less to businesses; reporters are
asked to indicate whether the borrower's gross annual revenue is $1
million or less, if they have that information.\65\ The NCUA Call
Report captures data on all loans over $50,000 to members for
commercial purposes, regardless of any indicator about the business's
size.\66\ There are no similar sources of information about lending to
small businesses by nondepository institutions. The SBA also releases
loan-level data concerning some of its loan programs, but these
typically do not include demographic information, and cover only a
small portion of the overall small business financing market.
---------------------------------------------------------------------------
\64\ See Fed. Fin. Insts. Examination Council, Reporting Forms
31, 41, and 51 (last updated Mar. 16, 2023), https://www.ffiec.gov/ffiec_report_forms.htm (FFIEC Call Report).
\65\ See Fed. Fin. Insts. Examination Council, A Guide to CRA
Data Collection and Reporting, at 11, 13 (2015), https://www.ffiec.gov/cra/pdf/2015_CRA_Guide.pdf (2015 FFIEC CRA Guide).
Small business loans are currently defined for CRA purposes as loans
whose original amounts are $1 million or less and that were reported
on the institution's Call Report or Thrift Financial Report as
either ``Loans secured by nonfarm or nonresidential real estate'' or
``Commercial and industrial loans.'' Small farm loans are currently
defined for CRA purposes as loans whose original amounts are
$500,000 or less and were reported as either ``Loans to finance
agricultural production and other loans to farmers'' or ``Loans
secured by farmland.'' Id. at 11. The Federal agencies responsible
for implementing the CRA have proposed to amend the CRA regulations
to adopt the Bureau's definition of small business. 87 FR 33884
(June 3, 2022).
\66\ See Nat'l Credit Union Admin., Call Report Form 5300
Instructions, at 74-84 (Mar. 31, 2022), https://www.ncua.gov/files/publications/regulations/call-report-instructions-march-2022.pdf
(Call Report Form 5300 Instructions).
---------------------------------------------------------------------------
These public data sources provide some of the most extensive
information currently available on small business lending. However,
they suffer from four material limitations: namely that the data
capture only parts of the market, are published at a high level of
aggregation, do not permit detailed analysis across the market, and
lack standardization across different agencies.
First, these datasets exclude entire categories of lenders. For
example, banks under $1.384 billion in assets, as of 2022, do not have
to report under the CRA.\67\ The FFIEC and NCUA Call Reports and CRA
data do not include lending by nondepository financial institutions,
which the CFPB estimates to represent 37 percent of the small business
financing market and is rapidly growing.\68\
---------------------------------------------------------------------------
\67\ Joint Press Release, Bd. of Governors of the Fed. Rsrv.
Sys. & Fed. Deposit Ins. Corp., Agencies Release Annual Asset-Size
Thresholds Under Community Reinvestment Act Regulations (Dec. 16,
2021), https://www.federalreserve.gov/newsevents/pressreleases/bcreg20211216a.htm.
\68\ Nondepository lending is estimated to total approximately
$550 billion out of $1.5 trillion in total lending, excluding $1
trillion in COVID-19 emergency program lending. See part II.D below
(providing a detailed breakdown and methodology of estimates across
lending products).
---------------------------------------------------------------------------
Second, Federal agencies publish summary data at a high level in a
manner that does not facilitate independent analysis by other agencies
or stakeholders. The FFIEC and NCUA Call Reports and the CRA data are
all available at a higher level of aggregation than loan-level,
limiting fair lending and detailed geographic analyses since ethnicity,
race, and sex as well as business location data are rarely disclosed.
Third, the detailed data collected by these Federal sources have
significant limitations as well, preventing any analysis into certain
issues or types of borrowers, even by the regulators possessing these
data. Neither Call Report nor CRA data include applications, which
limits insights into any potential discrimination or discouragement in
application processes as well as into the interaction between credit
supply and demand. The FFIEC Call Report and CRA data separately
identify loans of under $1 million in value and, among loans of under
$1 million in value, CRA data also identify loans to businesses with
annual revenues of $1 million or less (if the lender collects borrower
revenue information).\69\ However, the Call Report definition of
``small business loans'' as those with a loan size of $1 million or
less at origination is both overinclusive, as it counts small loans to
businesses of all sizes, and underinclusive, as it excludes loans over
$1 million made to small businesses. Credit unions report any loans
under $50,000 as consumer loans and not as commercial loans on the NCUA
Call Report,\70\ potentially excluding from measurement an important
source of funding for many small businesses, particularly the smallest
and often most underserved.
---------------------------------------------------------------------------
\69\ Fed. Fin. Insts. Examination Council, Schedule RC-C, Part
II Loans to Small Businesses and Farms (2017), at 1, https://www.fdic.gov/regulations/resources/call/crinst-031-041/2017/2017-03-rc-c2.pdf (detailing the Call Report loan size threshold of $1
million at origination for loans to small businesses); 2015 FFIEC
CRA Guide at 11 (detailing the CRA size thresholds of $1 million
both for loan amount at origination and for revenue of small
business borrowers).
\70\ Call Report Form 5300 Instructions at 44.
---------------------------------------------------------------------------
Finally, the Federal sources of small business lending data are not
[[Page 35158]]
standardized across agencies and cannot be easily compared. For
example, as noted above, the FFIEC Call Report collects small loans to
businesses as a proxy for small business lending, whereas the NCUA Call
Report collects loans to members for commercial purposes above $50,000
but with no upper limit. The loan-level data for the Paycheck
Protection Program offer an unprecedented level of insight into small
business lending, but this dataset is a one-off snapshot into the
market for a specific lending program at an acute moment of crisis and
is also limited in utility by relatively low response levels to
demographic questions concerning borrowers.\71\
---------------------------------------------------------------------------
\71\ Zachary Warmbrodt, Tracking the Money: Bid to Make Business
Rescue More Inclusive Undercut by Lack of Data, Politico (Mar. 2,
2021), https://www.politico.com/news/2021/03/02/businesses-inclusive-coronavirus-relief-money-data-472539 (reporting that 75
percent of Paycheck Protection Program loan recipients did not
report their ethnicity and 58 percent did not reveal their gender);
see also Rachel Atkins et al., Discrimination in Lending? Evidence
from the Paycheck Protection Program, 58 Small Bus. Econ. 843, 844
(Feb. 2022), https://link.springer.com/article/10.1007/s11187-021-00533-1 (finding that borrower business owner race was reported for
only 10 percent of Paycheck Protection Program loans).
---------------------------------------------------------------------------
The Federal government also conducts and releases a variety of
statistics, surveys, and research reports on small business lending
through the member banks for the Federal Reserve System, the FDIC, CDFI
Fund, and the U.S. Census Bureau. These data sources offer insights
into broad trends and specific small business lending issues but are
less useful for detailed fair lending analyses or identification of
specific areas, industries, or demographic groups being underserved.
Periodic changes in survey methodology, sample sizes, and questions can
also limit comparability and the ability to track developments over
time.
There are also a variety of non-governmental data sources, issued
by both private and nonprofit entities, that cover small businesses
and/or the small business financing market. These include datasets and
surveys published by commercial data and analytics firms, credit
reporting agencies, trade associations, community groups, and academic
institutions. Certain of these data sources are publicly available and
track specific topics, such as small business optimism,\72\ small
business employment,\73\ rates of small business credit application
approvals,\74\ and small business lending and delinquency levels.\75\
Other databases have more granularity and provide detailed information
on individual businesses, including revenue, credit utilization,
industry, and location.\76\
---------------------------------------------------------------------------
\72\ Nat'l Fed'n of Indep. Bus., Small Business Optimism Index
(July 2022), https://www.nfib.com/surveys/small-business-economic-trends/.
\73\ ADP Rsch. Inst., Employment Reports, https://adpemploymentreport.com/ (last visited Mar. 20, 2023).
\74\ Biz2Credit, Biz2Credit Small Business Lending Index,
https://www.biz2credit.com/small-business-lending-index (last
visited Mar. 20, 2023).
\75\ PayNet, Small Business Lending Index, https://sbinsights.paynetonline.com/lending-activity/ (last visited Mar. 20,
2023).
\76\ See, e.g., Dun & Bradstreet, https://www.dnb.com/ (data
provider and credit reporter); Data Axle, https://www.data-axle.com/
(data provider); Equifax, https://www.equifax.com/business/product/business-credit-reports-small-business/ (credit reporter); Experian,
https://www.experian.com/small-business/business-credit-reports
(credit reporter).
---------------------------------------------------------------------------
While these non-public sources of data on small businesses may
provide a useful supplement to existing Federal sources of small
business lending data, these private and nonprofit sources often do not
have lending information, may rely in places on unverified self-
reporting or research based on public internet sources, and/or narrowly
limit use cases for parties accessing data. Further, commercial
datasets are generally not free to public users and can be costly as
well as have restrictions on their use, raising equity issues for
stakeholders who cannot afford access or are not permitted to use the
data for their desired purposes.
C. The Landscape of Small Business Finance
Notwithstanding the lack of data on the market, it is clear that
financing plays an important role in enabling small businesses to grow
and contribute to the economy. When it is available, financing not only
provides resources for small businesses to smooth cash flows for
current operations, but also affords business owners the opportunity to
invest in business growth. A study by a small business trade group
found a correlation between small business owners' ability to access
credit and their ability to hire.\77\ This same study found that, while
not the sole cause, the inability to secure financing may have led 16
percent of small businesses to reduce their number of employees and
approximately 10 percent of small businesses to reduce employee
benefits. Lack of access to financing also contributed to a further 10
percent of small businesses being unable to increase store inventory in
order to meet existing demand.\78\
---------------------------------------------------------------------------
\77\ White Paper at 17.
\78\ Id.
---------------------------------------------------------------------------
To support their growth or to make it through harder times, small
businesses look to a variety of funding sources. Especially when
starting out, entrepreneurs often rely on their own savings and help
from family and friends. If a business generates a profit, its owners
may decide to reinvest retained earnings to fund further growth.
However, for many aspiring business owners--and their personal
networks--savings and retained earnings may not be sufficient to fund a
new venture or grow it, leading owners to seek other sources of
funding. This is particularly true for minority households and women-
led households, which on average have less wealth than white households
and male-led households.\79\
---------------------------------------------------------------------------
\79\ Emily Moss et al., The Black-White Wealth Gap Left Black
Households More Vulnerable, Brookings Inst. (Dec. 8, 2020), https://www.brookings.edu/blog/up-front/2020/12/08/the-black-white-wealth-gap-left-black-households-more-vulnerable/ (detailing wealth gaps in
2019 by race and sex that show white male households with more
wealth than white female or Black male or female households at all
age brackets). See also Erin Ruel & Robert Hauser, Explaining the
Gender Wealth Gap, 50 Demography 1155, 1165 (Dec. 2012), https://read.dukeupress.edu/demography/article/50/4/1155/169553/Explaining-the-Gender-Wealth-Gap (finding a gender wealth gap of over $100,000
in a longitudinal study over 50 years of a single age cohort in
Wisconsin); Neil Bhutta et al., Bd. of Governors of the Fed. Rsrv.
Sys., Disparities in Wealth by Race and Ethnicity in the 2019 Survey
of Consumer Finances (Sept. 28, 2020), https://www.federalreserve.gov/econres/notes/feds-notes/disparities-in-wealth-by-race-and-ethnicity-in-the-2019-survey-of-consumer-finances-20200928.htm (finding median white family wealth in 2019 of
$188,200 compared with $24,100 for Black families and $36,100 for
Hispanic families).
---------------------------------------------------------------------------
One such source of funding comes from others besides family and
friends, whether high net worth individuals or ``angel investors,''
venture capital funds, or, in a more recent development usually
facilitated by online platforms, via crowdsourcing from retail
investors. Often, these early investments take the form of equity
funding, which business owners are not obligated to repay to investors.
However, equity funding requires giving up some ownership and control
to investors, which some entrepreneurs may not wish to do. For small
businesses, equity funding also tends to be somewhat more expensive
than debt financing in the long run. This is for a number of reasons,
including that loan interest payments, unlike capital gains, are tax-
deductible.\80\ Finally, equity investments from others besides family
and friends are available to only a small fraction of small businesses.
---------------------------------------------------------------------------
\80\ Jim Woodruff, The Advantages and Disadvantages of Debt and
Equity Financing, CHRON (updated Mar. 4, 2019), https://smallbusiness.chron.com/advantages-disadvantages-debt-equity-financing-55504.html.
---------------------------------------------------------------------------
Many small businesses instead seek debt financing from a wide range
of
[[Page 35159]]
providers. These providers include depository institutions, such as
banks, savings associations, and credit unions,\81\ as well as online
lenders and commercial finance companies, specialized providers of
specific financing products, nonprofits, and a range of government and
government-sponsored enterprises, among others.
---------------------------------------------------------------------------
\81\ For purposes of this document, the Bureau is using the term
depository institution to mean any bank or savings association
defined by section 3(c)(1) of the Federal Deposit Insurance Act, 12
U.S.C. 1813(c)(1), or credit union defined pursuant to the Federal
Credit Union Act, as implemented by 12 CFR 700.2. The Bureau notes
that the Dodd-Frank Act defines a depository institution to mean any
bank or savings association defined by the Federal Deposit Insurance
Act; there, that term does not encompass credit unions. 12 U.S.C.
5301(18)(A), 1813(c)(1). The Bureau is referring to banks and
savings associations together with credit unions as depository
institutions throughout this document, unless otherwise specified,
to facilitate analysis and discussion.
---------------------------------------------------------------------------
In the past, small businesses principally sought credit from banks;
however, as banks have merged and consolidated, particularly in the
wake of the Great Recession, they have provided less financing to small
businesses.\82\ As noted earlier, the number of banks has declined
significantly since a post-Great Depression peak in 1986 of over 18,000
institutions to under 4,800 institutions as of June 30, 2022,\83\ while
13,500 branches closed from 2009 to mid-2020, representing a 14 percent
decrease.\84\ Although nearly half of counties either gained bank
branches or retained the same number between 2012 and 2017, the
majority lost branches over this period.\85\ Out of 44 counties that
were deeply affected by branch closures, defined as having 10 or fewer
branches in 2012 and seeing five or more of those close by 2017, 39
were rural counties.\86\ Of rural counties, just over 40 percent lost
bank branches in that period; the rural counties that experienced
substantial declines in bank branches tend to be lower-income and with
a higher proportion of African American residents relative to other
rural counties,\87\ raising concerns about equal access to credit.
---------------------------------------------------------------------------
\82\ Rebel A. Cole, Off. of Advocacy, Small Bus. Admin., How Did
Bank Lending to Small Business in the United States Fare After the
Financial Crisis?, at 26 (Jan. 2018), https://cdn.advocacy.sba.gov/wp-content/uploads/2019/05/09134658/439-How-Did-Bank-Lending-to-Small-Business-Fare.pdf (showing a decline in bank loans to small
businesses from 2008 to 2015 from $710 billion to $600 billion). The
level of bank lending to small businesses has recovered somewhat
since a trough in 2012-13 that represented the lowest amount of
lending since 2005. Fed. Deposit Ins. Corp., https://www.fdic.gov/analysis/quarterly-banking-profile/qbp/timeseries/small-business-farm-loans.xlsx (last visited Mar. 20, 2023).
\83\ Cong. Rsch. Serv., Small Business Credit Markets and
Selected Policy Issues, at 6 (Aug. 20, 2019), https://fas.org/sgp/crs/misc/R45878.pdf (decline since 1986); Fed. Deposit Ins. Corp.,
Quarterly Banking Profile, at 7 (Aug. 2022), https://www.fdic.gov/analysis/quarterly-banking-profile/qbp/2022jun/qbp.pdf (number of
banks as of June 30, 2022).
\84\ Bruce C. Mitchell et al., Nat'l Cmty. Reinvestment Coal.,
Relationships Matter: Small Business and Bank Branch Locations, at 6
(2020), https://ncrc.org/relationships-matter-small-business-and-bank-branch-locations/ (stating that in 2009 there were 95,596 brick
and mortar full-service branches or retail locations but, as of June
30, 2020, that number had fallen to 82,086).
\85\ Bd. of Governors of the Fed. Rsrv. Sys., Perspectives from
Main Street: Bank Branch Access in Rural Communities, at 1, 3-4, 19
(Nov. 2019), https://www.federalreserve.gov/publications/files/bank-branch-access-in-rural-communities.pdf.
\86\ Id.
\87\ Id.
---------------------------------------------------------------------------
As banks have merged and the number of branches reduced, the share
of banking assets has also become increasingly concentrated in the
largest institutions, with banks of over $10 billion in assets
representing 86 percent of all industry assets in 2021, totaling $20.3
trillion out of $23.7 trillion.\88\ Nevertheless, banks of under $10
billion in assets continue to hold approximately half of all small
business loans (using the FFIEC Call Report definition of loans of
under $1 million), highlighting the importance of smaller banks to the
small business lending market.\89\ Since smaller bank credit approvals
have traditionally been close to 50 percent, while large banks approve
only 25-30 percent of applications, bank consolidation may have
implications for small business credit access.\90\ Since institutions
under $1.384 billion in assets currently are not required to report on
lending under the CRA,\91\ it is difficult to precisely quantify the
negative impact of bank consolidation and shuttered branches on small
business lending and access to credit in local areas.\92\
Qualitatively, community banks typically receive high satisfaction
scores among small business borrowers, reflecting their greater
commitment to relationship banking, a model of banking ``used to serve
families, businesses, and communities as individuals, with an emphasis
on providing customized help, rather than assembly line service.'' \93\
---------------------------------------------------------------------------
\88\ Fed. Deposit Ins. Corp., Bank Data and Statistics, https://www.fdic.gov/bank/statistical/ (last visited Mar. 20, 2023); see
also Cong. Rsch. Serv., Small Business Credit Markets and Selected
Policy Issues, at 6 (Aug. 20, 2019), https://fas.org/sgp/crs/misc/R45878.pdf (stating that banks over $10 billion held 84 percent of
all industry assets in 2018).
\89\ Speech by Board Governor Lael Brainard: Community Banks,
Small Business Credit, and Online Lending (Sept. 30, 2015), https://www.federalreserve.gov/newsevents/speech/brainard20150930a.htm.
Banks with under $10 billion in assets are often referred to as
``community banks.'' Cong. Rsch. Serv., Over the Line: Asset
Thresholds in Bank Regulation, at 2-3 (May 3, 2021), https://fas.org/sgp/crs/misc/R46779.pdf (noting that the Board of Governors
of the Federal Reserve System (Board) and the Office of the
Comptroller of the Currency (OCC) define community banks as having
under $10 billion in assets, although there may be other criteria,
with the FDIC considering also geographic footprint and a relative
emphasis on making loans and taking deposits as opposed to engaging
in securities and derivatives trading).
\90\ Biz2Credit, Biz2Credit Small Business Lending Index,
https://www.biz2credit.com/small-business-lending-index (last
visited Mar. 20, 2023). These historical approval rates are
reflected in pre-pandemic Small Business Lending Index releases by
Biz2Credit. See, e.g., Biz2Credit, Small Business Loan Approval
Rates at Big Banks Remain at Record High in February 2020:
Biz2Credit Small Business Lending Index, https://www.biz2credit.com/small-business-lending-index/february-2020 (last visited Mar. 20,
2023) (showing large bank approvals of 28.3 percent in February 2020
and of 27.2 percent in February 2019 and smaller bank approvals of
50.3 percent in February 2020 and of 48.6 percent in February 2019).
\91\ See part II.B above.
\92\ Bruce C. Mitchell et al., Nat'l Cmty. Reinvestment Coal.,
Relationships Matter: Small Business and Bank Branch Locations (Mar.
2021), https://ncrc.org/relationships-matter-small-business-and-bank-branch-locations/.
\93\ Rohit Chopra, CFPB, Prepared Remarks of CFPB Director Rohit
Chopra in Great Falls, Montana on Relationship Banking and Customer
Service (June 14, 2022), https://www.consumerfinance.gov/about-us/newsroom/prepared-remarks-of-cfpb-director-rohit-chopra-in-great-falls-montana-on-relationship-banking-and-customer-service/; see
also 87 FR 36828, 36829 (June 21, 2022) (stating that relationship
banking is ``an aspirational model of banking that meets its
customers' needs through strong customer service, responsiveness,
and care''); Cong. Rsch. Serv., Over the Line: Asset Thresholds in
Bank Regulation, at 3 (May 3, 2021), https://fas.org/sgp/crs/misc/R46779.pdf (stating that community banks are more likely to engage
in relationship-based lending).
---------------------------------------------------------------------------
In contrast to banks, credit unions increased their small business
lending from $30 billion in 2008 to $71 billion in 2021.\94\ Like
community banks, credit
[[Page 35160]]
unions typically receive high satisfaction scores among small business
borrowers, reflecting more high-contact, relationship-based lending
models.\95\
---------------------------------------------------------------------------
\94\ Rebel A. Cole, Off. of Advocacy, Small Bus. Admin., How Did
Bank Lending to Small Business in the United States Fare After the
Financial Crisis?, at 51 (Jan. 2018), https://cdn.advocacy.sba.gov/wp-content/uploads/2019/05/09134658/439-How-Did-Bank-Lending-to-Small-Business-Fare.pdf ($30 billion in lending in 2008); Calculated
from NCUA Call Report data accessed on October 18, 2022 ($71 billion
in lending in 2021). The Bureau notes that, as discussed in part
II.B above, credit unions only report credit transactions made to
members for commercial purposes with values over $50,000. The Bureau
uses this value as a proxy for small business credit. The Bureau
acknowledges that the true value of small business credit extended
by credit unions may be different than what is presented here. For
example, this proxy may overestimate the value of outstanding small
business credit because some members are taking out loans for large
businesses. Alternatively, this proxy may underestimate the value of
outstanding small business credit if credit unions originate a
substantial number of small business loans with origination values
of under $50,000. For this analysis, the Bureau includes all types
of commercial loans to members except construction and development
loans and multifamily residential property. This includes loans
secured by farmland; loans secured by owner-occupied, non-farm, non-
residential property; loans secured by non-owner occupied, non-farm,
non-residential property; loans to finance agricultural production
and other loans to farmers; commercial and industrial loans;
unsecured commercial loans; and unsecured revolving lines of credit
for commercial purposes.
\95\ Fed. Rsrv. Banks, Small Business Credit Survey, 2021 Report
On Employer Firms, at 28 (2021), https://www.fedsmallbusiness.org/survey/2021/report-on-employer-firms.
---------------------------------------------------------------------------
Certain banks and credit unions choose to be mission-based lenders,
as CDFIs or minority depository institutions.\96\ Mission-based lenders
focus on providing credit to traditionally underserved and low-income
communities and individuals to promote community development and expand
economic opportunity, making them a relatively smaller by dollar value
but essential part of the small business lending market. There were
almost 1,400 CDFIs (over half of which are depository institutions) as
of August 2022 and over 140 minority depository institutions as of
March 2022.\97\
---------------------------------------------------------------------------
\96\ Minority depository institutions are depository
institutions that are majority-owned by socially and economically
disadvantaged individuals or that have a majority-minority board of
directors and serve a predominantly minority community. Fed. Deposit
Ins. Corp., Minority Depository Institutions: Structure,
Performance, and Social Impact, at 1 (2019), https://www.fdic.gov/regulations/resources/minority/2019-mdi-study/full.pdf. Minority
depository institutions focus more than other banks on minority and
low- and moderate-income communities. See id. at 1, 5. CDFI banks
are certified through the U.S. Department of the Treasury by
demonstrating they serve low-income communities. CDFI Fund, CDFI
Certification, https://www.cdfifund.gov/programs-training/certification/cdfi (last visited Mar. 17, 2023).
\97\ CDFI Fund., CDFI Certification, https://www.cdfifund.gov/programs-training/certification/cdfi (last visited Mar. 20, 2023);
Fed. Deposit Ins. Corp., Minority Depository Institutions Program
(last visited Mar. 20, 2023), https://www.fdic.gov/regulations/resources/minority/mdi.html.
---------------------------------------------------------------------------
During a period in which depository institutions have been
providing relatively less funding to small businesses,\98\ some small
businesses have increasingly relied on nondepository institutions for
financing. Since nondepositories typically do not report their small
business financing activities to regulators, there are no authoritative
sources for either the number of such entities or the dollar value of
financing they provide to small businesses.\99\ However, what data are
available make clear that nondepository online lenders are increasing
their share of the small business financing market.\100\
---------------------------------------------------------------------------
\98\ See Rebel A. Cole, Off. of Advocacy, Small Bus. Admin., How
Did Bank Lending to Small Business in the United States Fare After
the Financial Crisis?, at 26 (Jan. 2018), https://cdn.advocacy.sba.gov/wp-content/uploads/2019/05/09134658/439-How-Did-Bank-Lending-to-Small-Business-Fare.pdf (showing a decline in
bank loans to small businesses from 2008-15 from $710 billion to
$600 billion). The level of bank lending to small businesses has
recovered somewhat since a trough in 2012-13 that represented the
lowest amount of lending since 2005. See also Fed. Deposit Ins.
Corp., https://www.fdic.gov/analysis/quarterly-banking-profile/qbp/timeseries/small-business-farm-loans.xlsx (last visited Mar. 20,
2023) (tabulating outstanding balances for credit extended to small-
and non-small business lending by banks and thrifts over time).
\99\ See part II.B above.
\100\ See part II.D below.
---------------------------------------------------------------------------
Whether depository or nondepository, each provider of small
business financing may assess a variety of different criteria to
determine whether and on what terms to grant an extension of credit or
other financing product, including business and financial performance,
the credit history of the business and its owner(s), the time in
business, and the industry, among other factors. Protections such as
guarantees, collateral, and insurance can mitigate perceived risks,
potentially enabling a lender to offer better terms or facilitating an
extension of credit that would otherwise not meet lending limit or
underwriting criteria. Often, government agencies--including the SBA,
Federal Housing Administration, and USDA--guarantee or insure loans to
encourage lenders to provide credit to borrowers that may not otherwise
be able to obtain credit, either on affordable terms and conditions or
at all.\101\ Different lenders also employ diverse methods for
assessing risk, with smaller banks generally relying more on
traditional underwriting methods and typically managing multi-product
relationships. Online lenders increasingly use complex algorithms,
automation, and even artificial intelligence to assess risk and make
underwriting decisions, with originations typically being less
relationship-based in nature.
---------------------------------------------------------------------------
\101\ Cong. Rsch. Serv., Small Business Administration 7(a) Loan
Guaranty Program (updated June 30, 2022), https://fas.org/sgp/crs/misc/R41146.pdf (discussing the SBA's flagship 7(a) loan guarantee
program); U.S. Dep't of Hous. & Urban Dev., Descriptions Of
Multifamily Programs, https://www.hud.gov/program_offices/housing/mfh/progdesc (last visited Mar. 20, 2023) (listing Federal Housing
Administration mortgage insurance programs for 5+ unit residential
developments); Farm Serv. Agency, U.S. Dep't of Agric., Guaranteed
Loan Program Fact Sheet (Mar. 2020), https://www.fsa.usda.gov/Assets/USDA-FSA-Public/usdafiles/FactSheets/guaranteed_loan_program-factsheet.pdf (discussing the USDA's Farm Service Agency guaranteed
loan program).
---------------------------------------------------------------------------
As well as diversity in underwriting methodology and criteria,
there are also considerable differences across small business financing
products and providers with respect to pricing methods and repayment
structures. As a result, it can be challenging to compare the
competitiveness of product pricing and terms. Term loans, lines of
credit, and credit cards typically disclose annualized interest rates;
leases often take into account depreciation; factoring products
discount an invoice's value and add a fee; and merchant cash advances
apply a multiple to the value of the up-front payment.\102\ Moreover,
providers may add additional fees that are not standardized within
industries, much less across them.
---------------------------------------------------------------------------
\102\ See part II.D below for definitions of the different
product categories.
---------------------------------------------------------------------------
D. Estimating the Size and Scope of the Small Business Financing Market
In light of the lack of data and the heterogeneity of products and
providers within the small business financing market, it can be
difficult to get a clear sense of the size and scope of the market. In
this part, the CFPB describes its estimates of the total outstanding
balances of credit in the market, the number of institutions that are
active in the small business financing market, and how the CFPB arrived
at these estimates. Where possible, the CFPB tries to estimate the
state of the small business financing market at the end of 2019 in
order to estimate the state of the market during the year prior to the
onset of the COVID-19 pandemic.
One challenge is that some of the data report the dollar value of
originations and some report outstanding balances. For the purposes of
this exercise and for most, but not all, products, the CFPB assumes
that for every $1 originated in the market in a given year, there is
approximately a corresponding $3 of outstanding balances. This
assumption is based on the ratio of the 2019 FFIEC Call Report data,
which totaled $721 billion in outstanding balances on bank loans to
small businesses and small farms, and the 2019 CRA data, which recorded
$264 billion in bank loan originations to small businesses and small
farms.\103\ This assumption is limited by the extent to which other
small business financing products differ from loans and lines of
credit, which make up the majority of financing products captured by
the FFIEC Call Report data and the CRA data.\104\
---------------------------------------------------------------------------
\103\ FFIEC Call Report data records outstanding balances on
loans with origination amounts less than $1 million across
Commercial & Industrial, Nonfarm Nonresidential, Agricultural, and
Secured by Farmland lending categories. See FDIC Quarterly Banking
Profile Time Series, https://www.fdic.gov/analysis/quarterly-banking-profile/qbp/timeseries/small-business-farm-loans.xlsx (last
visited Mar. 20, 2023).
\104\ FFIEC Call Report data and CRA data on small business
credit products also include business credit card products, but
loans and lines of credit made up $713 billion out of $775 billion
in outstanding balances on bank, savings association, and credit
union loans to small businesses in 2019. One important caveat to
this assumption is that products with materially shorter average
term lengths, for example credit cards, factoring products, and
merchant cash advances, may have an inverse ratio of originations to
outstanding balances. For example, top issuers of general-purpose
credit cards recorded purchase volumes of two to seven times their
outstanding balances in 2020. Nilson Report, Issue 1192, at 6 (Feb.
2021), https://nilsonreport.com/publication_newsletter_archive_issue.php?issue=1192. If business-
purpose credit cards, factoring products, and merchant cash advances
behaved similarly with respect to the ratio of originations to
outstanding balances, then for every $1 originated in the market in
a given year, there could be a corresponding $0.14-0.50 in
outstanding balances for such products ($1 divided by two to seven).
---------------------------------------------------------------------------
[[Page 35161]]
As detailed in this section, the CFPB estimates that the market for
small business financing products totaled $1.4 trillion in outstanding
balances in 2019. The CFPB estimates that small business financing by
depository institutions makes up just over half of small business
financing by private institutions. In 2020 and 2021, COVID-19 emergency
lending programs added a further $1 trillion to this value, bringing
the overall size of the small business financing market up to $2.4
trillion. However, by July 2022, over $740 billion in Paycheck
Protection Program loans had been forgiven, bringing the total market
size back below $1.7 trillion.\105\ Below, the CFPB estimates the
market share for different small business financing products.
---------------------------------------------------------------------------
\105\ Pandemic Response Accountability Comm., Paycheck
Protection Program: Loan Forgiveness by the Numbers (July 2022),
https://www.pandemicoversight.gov/media/file/ppp-loan-forgiveness-fact-sheet-july-2022-updatepdf.
---------------------------------------------------------------------------
Since the available data regarding depository institutions' small
loans to businesses address term loans, lines of credit, and credit
cards together, the respective shares of these three products in the
overall small business financing market are difficult to assess. As
detailed in this part, the CFPB estimates that together, private term
loans and lines of credit constitute the largest small business credit
product by value, totaling approximately $770 billion in outstanding
balances in 2019. As of July 2022, outstanding balances for Economic
Impact Disaster Loan Program and Paycheck Protection Program loans
totaled $260 billion, bringing the total value of all outstanding loans
and lines of credit to around $1 trillion.\106\
---------------------------------------------------------------------------
\106\ Id.
---------------------------------------------------------------------------
Lending by banks, saving associations, and credit unions comprises
the largest part of this total amount for private term loans and lines
of credit. Using FFIEC Call Report data for December 2019, the CFPB
estimates that banks and savings associations accounted for a total of
about $721 billion in outstanding credit to small businesses and small
farms as of December 2019.\107\ Using NCUA Call Report data for
December 2019, the CFPB estimates that credit unions accounted for a
total of about $55 billion in outstanding credit to members for
commercial purposes.\108\ From this value, the CFPB subtracts $62
billion in credit card lending to arrive at $713 billion in outstanding
balances for term loans and lines of credit. From this value, the CFPB
further subtracts $134 billion in SBA guaranteed loans to arrive at
$580 billion in outstanding balances for private term loans and lines
of credit extended by depository institutions (i.e., banks, savings
associations, and credit unions) as of December 2019.
---------------------------------------------------------------------------
\107\ Calculated from FFIEC Call Report data accessed on October
18, 2022. The CFPB notes that, as discussed in part II.B above,
these estimates rely on small loans to businesses as a proxy for
loans to small businesses. As such, the CFPB acknowledges that the
true outstanding value of credit extended to small businesses by
such institutions may be different than what is presented here. For
example, the small loans to businesses proxy would overestimate the
value of outstanding credit if a significant number of small loans
to businesses and farms are to businesses or farms that are actually
large. Alternatively, the proxy would underestimate the value of
outstanding credit to small businesses if a significant number of
businesses and farms that are small under the rule take out loans
that are larger than $1 million or $500,000, for businesses and
farms, respectively.
\108\ Calculated from NCUA Call Report data accessed on October
18, 2022.
---------------------------------------------------------------------------
The remaining $190 billion in outstanding balances for private term
loans and lines of credit was extended by various nondepository
institutions, namely commercial finance companies, online lenders, and
nondepository CDFIs.\109\
---------------------------------------------------------------------------
\109\ There may additionally be lending that is not captured
here by equipment and vehicle dealers originating loans in their own
names.
---------------------------------------------------------------------------
Commercial finance companies specialize in financing equipment and
vehicle purchases. The CFPB estimates that the value of outstanding
balances on credit extended by commercial finance companies totaled
approximately $160 billion. Using data from the Board's Finance Company
Business Receivables data on owned assets as of December 2019, the CFPB
estimates commercial finance companies outstanding credit for
commercial purposes as the value of retail motor vehicle loans plus
equipment loans and other business receivables, which totaled about
$215 billion.\110\ The CFPB further assumes that about 75 percent of
this value, or $162 billion, can be attributed to loans to small
businesses.\111\
---------------------------------------------------------------------------
\110\ Bd. of Governors of the Fed. Rsrv. Sys., Finance
Companies--G.20 (updated Aug. 17, 2022), https://www.federalreserve.gov/releases/g20/hist/fc_hist_b_levels.html. The
Bureau does not include leases, since they are already counted
within the product category of equipment and vehicle leasing, or
wholesale loans, which it assumes are typically made to non-small
businesses.
\111\ This methodology is consistent with the approach taken by
Gopal and Schnabl (2020).
---------------------------------------------------------------------------
Typical ``fintech'' providers are characterized primarily by
providing financial services exclusively in an online environment.\112\
The CFPB estimates that total outstanding loan balances for such
providers reached around $25 billion in 2019. Using this estimate, the
CFPB scales up an estimated $9.3 billion in credit originations by
online platform lenders to small and medium enterprises in 2019 to $25
billion in estimated outstanding balances, under the assumptions
discussed above.\113\ At the beginning of the COVID-19 pandemic and
associated financial crisis, these lenders originated around $22
billion in Paycheck Protection Program loans to small businesses from
March to August 2020 \114\ and likely continued to originate billions
more during the third wave of Paycheck Protection Program loans in
2021, which represents an almost 90 percent increase or more in
outstanding balances since 2019.\115\ This follows already rapid growth
from $1.4 billion in estimated outstanding balances in 2013.\116\
---------------------------------------------------------------------------
\112\ Barkley & Schweitzer, 17 Int'l J. Cent. Banking at 35-36.
\113\ See 2018 US Fintech Market Report at 6. The Bureau notes
that this figure may underestimate the total value of such lending
because it focuses on platform lenders and may overestimate the
value of lending to small businesses because it also includes credit
to medium businesses. Additionally, the Bureau notes that fintechs
often offer products besides loans and lines of credit, and that
there is no clear demarcation between fintech, commercial finance
company, and merchant cash advance provider, limiting the precision
of market size estimates. Finally, fintechs often sell loans once
originated to other entities, securitize their originations, or
purchase loans that banks have originated, which may further present
challenges to the precision of market size estimates for this market
segment.
\114\ Small Bus. Admin., Paycheck Protection Program (PPP)
Report (approvals through 12 p.m. EST Apr. 16, 2020), https://www.sba.gov/sites/default/files/2020-06/PPP%20Deck%20copy-508.pdf;
Small Bus. Admin., Paycheck Protection Program (PPP) Report
(approvals through Aug. 8, 2020), https://www.sba.gov/sites/default/files/2020-08/PPP_Report%20-%202020-08-10-508.pdf.
\115\ Per the program's intent, many Paycheck Protection Program
loans have been forgiven since the program began, which likely means
that outstanding balances on Paycheck Protection Program loans
extended by online lenders have since declined. See Pandemic
Response Accountability Comm., Paycheck Protection Program: Loan
Forgiveness by the Numbers (July 2022), https://www.pandemicoversight.gov/media/file/ppp-loan-forgiveness-fact-sheet-july-2022-updatepdf (reporting that $742 billion in Paycheck
Protection Program loans had been forgiven by July 2022).
\116\ Barkley & Schweitzer, 17 Int'l J. Cent. Banking at 35-36
(citing 2018 US Fintech Market Report at 5). This figure annualizes
$121 million in estimated 2013 quarterly originations to $484
million in annual originations and scales up to estimated
outstanding balances using the ratio between the FFIEC Call Report
and the CRA data discussed above.
---------------------------------------------------------------------------
[[Page 35162]]
The CFPB estimates the value of outstanding balances on credit
extended by nondepository CDFIs to small business borrowers to be
around $1.5 billion. Using reporting by the CDFI Fund for 2019, the
CFPB scales down the outstanding balances for loan funds of $13.8
billion and for venture capital funds of $0.3 billion by the proportion
of all CDFI lending attributable to business borrowers, which totaled
$15.4 billion out of $141.2 billion.\117\
---------------------------------------------------------------------------
\117\ CDFI Fund, CDFI Annual Certification and Data Collection
Report (ACR): A Snapshot for Fiscal Year 2019, at 17, 22 (Oct.
2020), https://www.cdfifund.gov/sites/cdfi/files/2021-01/ACR-Public-Report-Final-10292020-508Compliant.pdf. To the extent that CDFI loan
funds and venture capital funds extend credit to business customers
at different rates than CDFI banks and credit unions, this
calculation may over- or underestimate the value of lending to small
businesses by nondepository CDFIs. This figure also assumes that all
CDFI lending is for small businesses.
---------------------------------------------------------------------------
Categorized here separately so as to distinguish residential from
non-residential loans, the CFPB estimates outstanding balances for
loans on 5+ unit residential dwellings to total over $30 billion.\118\
The CFPB scales up $11 billion in 2019 annual originations on loans of
under $1 million in value at origination for 5+ unit residential
dwellings to $30 billion in estimated outstanding balances, using the
ratio between the FFIEC Call Report and the CRA data discussed
above.\119\
---------------------------------------------------------------------------
\118\ Depository institutions, discussed above, extend a
sizeable proportion of loans for 5+ unit residential dwellings; both
nondepository and depository institutions are included in the total
for 5+ unit outstanding balances.
\119\ See Mortg. Bankers Ass'n, Annual Report on Multi-Family
Lending--2019, at 5 (2020), https://www.mba.org/store/products/research/general/report/2019-annual-report-on-multifamily-lending.
This includes both private loans, estimated at around $18 billion,
and loans extended by Fannie Mae, Freddie Mac, and the Federal
Housing Administration, estimated at around $13 billion. The share
of 5+ unit residential dwelling loans of all sizes extended by
governmental or government-sponsored entities was 41 percent. The
Bureau assumes for the purposes of this exercise that the same share
is reflected in loans of under $1 million in value at origination,
although arguably this share would be higher if government and
government-sponsored entities extended disproportionately smaller
dollar value loans on average. There is also a substantial market
for commercial real estate besides 5+ unit residential dwellings not
captured here due to a lack of data on loans of small size or to
small businesses. See Mortg. Bankers' Ass'n, MBA: Commercial,
Multifamily Mortgage Bankers Originated $683B in 2021; Total Lending
Tally Reaches $891B (Apr. 15, 2022), https://newslink.mba.org/mba-newslinks/2022/april/mba-newslink-friday-apr-15-2022/mba-commercial-multifamily-mortgage-bankers-originated-683b-in-2021-total-lending-tally-reaches-891b/ (estimating the volume of commercial real estate
lending of any size to be $890.6 billion in 2021, of which
multifamily lending accounted for $376 billion).
---------------------------------------------------------------------------
Also categorized separately from depository institution totals so
as to distinguish private from government and government-sponsored
loans, the CFPB estimates that outstanding balances for loans extended
by the SBA and the Farm Credit System totaled around $200 billion in
2019.\120\
---------------------------------------------------------------------------
\120\ The grand total for lending by government and government-
sponsored entities would be approximately $210 billion, including 5+
unit residential dwelling loans extended by Fannie Mae, Freddie Mac,
and the Federal Housing Administration, which are separately
recorded within the 5+ unit residential dwelling loan product
category.
---------------------------------------------------------------------------
The SBA, through its traditional 7(a), 504, and microloan programs
as well as the Economic Impact Disaster Loan Program and funding for
Small Business Investment Companies, is the largest governmental lender
by value, with $143.5 billion in outstanding balances at the end of
fiscal 2019.\121\ As part of the Federal government's response to the
COVID-19 pandemic, during 2020 and 2021 SBA lending increased in size
by over $1 trillion due to the Paycheck Protection Program, which
totaled almost $800 billion, and the Economic Impact Disaster Loan
Program, which totaled $210 billion.\122\ However, as noted above, over
$740 billion in Paycheck Protection Program loans had been forgiven as
of July 2022, bringing SBA outstanding loan balances back down.\123\
---------------------------------------------------------------------------
\121\ Small Bus. Admin., Small Business Administration Loan
Program Performance (effective Mar. 31, 2022), https://www.sba.gov/document/report-small-business-administration-loan-program-performance. SBA guaranteed loans comprised $134 billion out of this
total, which amount has been deducted from the totals for depository
institutions to avoid double counting.
\122\ Small Bus. Admin., Paycheck Protection Program (PPP)
Report (approvals through May 31, 2021), https://www.sba.gov/sites/default/files/2021-06/PPP_Report_Public_210531-508.pdf; Small Bus.
Admin., Disaster Assistance Update--Nationwide COVID EIDL, Targeted
EIDL Advances, Supplemental Targeted Advances (June 3, 2021),
https://www.sba.gov/sites/default/files/2021-06/COVID-19%20EIDL%20TA%20STA_6.3.2021_Public-508.pdf; Small Bus. Admin.,
Disaster Assistance Update--Nationwide EIDL Loans (Nov. 23, 2020),
https://www.sba.gov/sites/default/files/2021-02/EIDL%20COVID-19%20Loan%2011.23.20-508_0.pdf.
\123\ Pandemic Response Accountability Comm., Paycheck
Protection Program: Loan Forgiveness by the Numbers (July 2022),
https://www.pandemicoversight.gov/media/file/ppp-loan-forgiveness-fact-sheet-july-2022-updatepdf.
---------------------------------------------------------------------------
The Farm Credit System is another important government-related part
of the small business credit landscape. The CFPB estimates that Farm
Credit System lenders had around $55 billion in outstanding balances of
credit extended to small farms in 2019. Using the same small loan to
farms proxy as is used in the FFIEC Call Report, the CFPB estimates
credit to farms with an origination value of less than $500,000. Based
on the Farm Credit System's 2019 Annual Information Statement of the
Farm Credit System, the CFPB estimates that outstanding balances of
such small credit to farms totaled $55 billion at the end of 2019.\124\
The CFPB notes that, as with the FFIEC Call Report proxy, this number
may include credit to non-small farms and may exclude larger credit
transactions extended to small farms. Considering credit extended with
an origination value of between $500,000 and $5 million would increase
the market size by $86 billion to $141 billion.\125\
---------------------------------------------------------------------------
\124\ Fed. Farm Credit Banks Funding Corp., Farm Credit 2019
Annual Information Statement of the Farm Credit System, at 54 (Feb.
28, 2020), https://www.farmcreditfunding.com/ffcb_live/investorResources/informationStatements.html.
\125\ Id.
---------------------------------------------------------------------------
Mostly extended by depository institutions, the CFPB estimates that
the market for small business credit cards totaled over $60 billion in
outstanding balances for 2020.\126\ Using data from Y-14 Form
submissions to the Federal Reserve Board, the CFPB estimates the value
of outstanding balances for small business credit card accounts where
the loan is underwritten with the sole proprietor or primary business
owner as an applicant.\127\
---------------------------------------------------------------------------
\126\ See Bd. of Governors of the Fed. Rsrv. Sys., Report Forms
FR Y-14M, https://www.federalreserve.gov/apps/reportingforms/Report/Index/FR_Y-14M (last updated Sept. 12, 2022). The Board's data are
received from bank holding companies over $50 billion in assets,
which represent 70 percent of outstanding balances for consumer
credit cards; the corresponding percent of balances captured for
small business cards is not known, so the total small business-
purpose credit card market could be substantially higher or lower.
See CFPB, The Consumer Credit Card Market, at 18 (Aug. 2019),
https://files.consumerfinance.gov/f/documents/cfpb_consumer-credit-card-market-report_2019.pdf.
\127\ Off. of Mgmt. & Budget, Instructions for the Capital
Assessments and Stress Testing Information Collection (Reporting
Form FR-Y14M), OMB No. 7100-0341, at 148 (Mar. 2020), https://omb.report/icr/202101-7100-006/doc/108187801.
---------------------------------------------------------------------------
Equipment and vehicle leasing, whereby businesses secure the right
to possess and use a piece of equipment or vehicle for a term in return
for consideration, is another important product category that is
estimated to value roughly $160 billion in outstanding balances in
2019. The CFPB estimates the total size of the equipment and vehicle
leasing market for all sized businesses in 2019 to be approximately
$900 billion.\128\ The CFPB further assumes that small businesses
comprise around 18 percent of the total
[[Page 35163]]
equipment and vehicle leasing market.\129\
---------------------------------------------------------------------------
\128\ See Equip. Leasing & Fin. Found., Horizon Report, https://www.leasefoundation.org/industry-resources/horizon-report/ (last
updated Apr. 22, 2021).
\129\ See Karen Mills, Harvard Bus. Sch., State of Small
Business Lending, at 29 (July 2014), https://www.hbs.edu/ris/Supplemental%20Files/15-004%20HBS%20Working%20Paper%20Chart%20Deck_47695.pdf (estimating
equipment leasing outstanding balances for small business borrowers
at approximately $160 billion at Dec. 31, 2013); Monitor Daily, SEFI
Report Finds Strong Performance Despite Challenges (Oct. 21, 2014),
https://www.monitordaily.com/news-posts/sefi-report-finds-strong-performance-despite-challenges/ ($903 billion market in 2014,
commensurate with an 18 percent market share for small business
borrowers at the time of the Karen Mills report).
---------------------------------------------------------------------------
Factoring is a similarly significant product type, estimated at
around $100 billion in market size for 2019.\130\ In a factoring
transaction, factors purchase, at a discount, a legally enforceable
claim for payment (i.e., accounts receivables or invoices) for goods
already supplied or services already rendered by a business for which
payment has not yet been made in full; hence, a factor's risk related
to repayment lies with the business's customer and not the business
itself. In most cases, specific companies, called factors, provide
factoring products.
---------------------------------------------------------------------------
\130\ See Secured Fin. Found., 2019 Secured Finance: Market
Sizing & Impact Study Extract Report, at 7 (June 2019), https://www.sfnet.com/docs/default-source/data-files-and-research-documents/sfnet_market_sizing___impact_study_extract_f.pdf?sfvrsn=72eb7333_2.
This study estimated the total volume of the U.S. factoring market
to be $101 billion. To the extent that factoring volumes differ from
outstanding balances, the value of outstanding balances may be
higher or lower than this estimate. Also, this estimate captures
factoring for business borrowers of all sizes, not just small
business borrowers. The CFPB assumes that most factoring is provided
to small business customers.
---------------------------------------------------------------------------
The market for merchant cash advances continues to develop rapidly
and data are even more scarce than for other segments of the small
business lending market. This limits the reliability of estimates as to
the merchant cash advance market's size. The CFPB estimates the 2019
market size to be around $20 billion.\131\ The merchant cash advance
market is also of particular significance for smaller and traditionally
underserved businesses that may not qualify for other types of
credit.\132\ Merchant cash advances are typically structured to provide
a lump sum payment up front (a cash advance) in exchange for a share of
future revenue until the advance, plus an additional amount, is repaid.
Unlike the majority of other small business financing products,
merchant cash advances typically purport to be for short
durations.\133\ The CFPB understands that merchant cash advances also
tend to be relatively high-cost products.\134\ Several States,
including New York and California, are implementing laws that will
require providers of ``sales-based financing,'' such as merchant cash
advances, as well as other nondepositories to provide disclosures
(including estimated APR in some States) similar to those required
under the Truth in Lending Act (TILA),\135\ which generally only
applies to consumer credit.\136\
---------------------------------------------------------------------------
\131\ Paul Sweeney, Gold Rush: Merchant Cash Advances are Still
Hot, deBanked (Aug. 18, 2019), https://debanked.com/2019/08/gold-rush-merchant-cash-advances-are-still-hot/. BPC estimates appear to
reference origination volumes rather than outstanding balances. See
Nimayi Dixit, S&P Glob. Mkt. Intel., Payment Fintechs Leave Their
Mark On Small Business Lending (Aug. 28, 2018), https://www.spglobal.com/marketintelligence/en/news-insights/research/payment-fintechs-leave-their-mark-on-small-business-lending.
Depending on credit multiplier effects, the value of annual
origination volumes could be smaller or greater than outstanding
balances. Without information on outstanding balances and for the
purposes of calculating a market size for small business financing
in 2019, the CFPB assumes in this paper a 1:1 ratio between annual
origination volumes and outstanding balances for merchant cash
advance products. See above for discussion of credit multiplier
effects.
\132\ Cf. Barbara Lipman & Ann Marie Wiersch, Bd. of Governors
of the Fed. Rsrv. Sys., Uncertain Terms: What Small Business
Borrowers Find When Browsing Online Lender websites, at 3 (Dec.
2019), https://www.federalreserve.gov/publications/files/what-small-business-borrowers-find-when-browsing-online-lender-websites.pdf
(observing that online lenders, including providers of merchant cash
advance products, position themselves as offering financing to
borrowers underserved by traditional lenders).
\133\ See id. (stating that merchant cash advances are generally
repaid in three to 18 months).
\134\ Id. (stating that annual percentage rates on merchant cash
advance products can exceed 80 percent or rise to triple digits).
See also Fed. Trade Comm'n, `Strictly Business' Forum, Staff
Perspective, at 5 (Feb. 2020), https://www.ftc.gov/system/files/documents/reports/staff-perspective-paper-ftcs-strictly-business-forum/strictly_business_forum_staff_perspective.pdf (observing
stakeholder concern about the high-cost of merchant cash advances
that can reach triple digit annual percentage rates).
\135\ 15 U.S.C. 1601 et seq.
\136\ New York State law requires that providers of ``sales-
based financing'' provide disclosures to borrowers that include
calculations of an estimated annual percentage rate in accordance
with the CFPB's Regulation Z, 12 CFR part 1026. See N.Y. S.898,
section 803(c) (signed Jan. 6, 2021) (amending S.5470-B), https://legislation.nysenate.gov/pdf/bills/2021/s898. The New York
Department of Financial Services is currently developing regulations
to implement the law. See N.Y. Dep't of Fin. Servs., Proposed
Financial Services Regulations, https://www.dfs.ny.gov/industry_guidance/regulations/proposed_fsl. Similarly, California's
Department of Financial Protection and Innovation has adopted
regulations to implement a California law requiring disclosures by
commercial financing companies, including those providing sales-
based financing. See 10 Cal. Code Reg. 900(a)(28) (effective Dec. 9,
2022) (defining sales-based financing as ``a commercial financing
transaction that is repaid by a recipient to the financer as a
percentage of sales or income, in which the payment amount increases
and decreases according to the volume of sales made or income
received by the recipient'' and including ``a true[hyphen]up
mechanism''); 10 Cal. Code Reg. 914 and 940 (requiring sales-based
financing providers disclosure estimated annual percentage rate
according to Regulation Z, 12 CFR part 1026). Under these laws,
providers of commercial financing generally will be required to
disclose: (1) the total amount financed, and the amount disbursed if
it is different from the total amount financed; (2) the finance
charge; (3) the APR (or the estimated APR for sales-based financing
and factoring transactions), calculated in accordance with TILA and
Regulation Z; (4) the total repayment amount; (5) the term (or the
estimated term for sales-based financing) of the financing; (6)
periodic payment amounts; (7) prepayment charges; (8) all other fees
and charges not otherwise disclosed; and (9) any collateral
requirements or security interests. See Cal. S.B. 1235 (Sept. 30,
2018), https://leginfo.legislature.ca.gov/faces/billTextClient.xhtml?bill_id=201720180SB1235; N.Y. S.B. S5470B (July
23, 2020), https://legislation.nysenate.gov/pdf/bills/2019/S5470B.
Other States, including Virginia and Utah, have passed commercial
financing disclosure laws that do not require disclosure of the APR.
See Virginia H. 1027 (enacted Apr. 11, 2022), https://lis.virginia.gov/cgi-bin/legp604.exe?221+ful+CHAP0516; Utah S.B. 183
(enacted Mar. 24, 2022), https://le.utah.gov/~2022/bills/static/
SB0183.html.
---------------------------------------------------------------------------
Finally, trade credit is another significant market, which the
Bureau estimates to total $51 billion in outstanding balances in 2019.
The Bureau estimates the trade credit market size by adding the total
accounts payable for businesses under $1 million in annual
revenue.\137\ Considering the total value of accounts payable for
businesses between $1 million and $5 million would increase the market
size by $88 billion.\138\ Trade credit is an often informal, business-
to-business transaction, usually between non-financial firms whereby
suppliers allow their customers to acquire goods and/or services
without requiring immediate payment.
---------------------------------------------------------------------------
\137\ See Fundbox/PYMNTS.com, The Trade Credit Dilemma, at 11
(May 2019), https://www.pymnts.com/wp-content/uploads/2019/05/Trade-Credit-Dilemma-Report.pdf (estimating accounts payable for
businesses with revenue of under $250,000 at $6.7 billion and for
businesses with revenue of $250,000 to $999,000 at $44.6 billion).
\138\ Id. The trade credit market is estimated to total $1.6
trillion across all business sizes in the United States. In the
overall $1.4 trillion market size total for all small business
financing products, the CFPB has included only the trade credit
market for businesses of up to $1 million in revenue for consistency
with its White Paper.
---------------------------------------------------------------------------
The CFPB estimates that there were approximately 8,200 financial
institutions extending small business financing in 2019, almost 80
percent of which were depository institutions.\139\
---------------------------------------------------------------------------
\139\ This number has increased from 8,100 financial
institutions estimated in the NPRM for two reasons related to the
number of nondepository financial institutions participating in the
credit market for 5+ unit residential dwellings in 2019. First, the
CFPB revised its methodology for excluding depository institutions
from the total number of participants active in the credit market
for 5+ unit residential dwellings, as detailed below. Second, the
NPRM total for all financial institutions active in the small
business financing market included only those nondepository
financial institutions participating in the credit market for 5+
unit residential dwellings estimated to be covered by the proposed
rule rather than all those active in the market at all.
---------------------------------------------------------------------------
[[Page 35164]]
Based on FFIEC Call Report data for December 2019, the CFPB
estimates that about 5,100 banks and savings associations were active
in the small business lending market, out of a total of about 5,200
banks and savings associations.\140\ The CFPB assumes that a bank or
savings association is ``active'' in the market if it reports a
positive outstanding balance of small loans, lines of credit, and
credit cards to businesses.
---------------------------------------------------------------------------
\140\ Calculated from FFIEC Call Report data accessed on October
18, 2022. Although 2019 figures are used here for consistency across
types of lenders, consolidation among depository institutions has
continued since 2019. As of June 30, 2022, 4,692 commercial banks or
savings associations and 1,575 credit unions reported a positive
outstanding balance of small loans, lines of credit, and credit
cards to businesses. Calculated from FFIEC Call Report data accessed
on October 14, 2022.
---------------------------------------------------------------------------
Based on the NCUA Call Report data for December 2019, the CFPB
estimates that about 1,200 out of 5,300 total credit unions were active
in the small business lending market.\141\ The CFPB defines a credit
union as ``active'' in the market if it reported a positive number of
originations of loans, lines of credit, and credit cards to members for
commercial purposes in 2019.
---------------------------------------------------------------------------
\141\ Nat'l Credit Union Admin., 2019 Call Report Quarterly
Data, https://www.ncua.gov/analysis/credit-union-corporate-call-report-data/quarterly-data (last updated Mar. 8, 2023). (One hundred
twelve credit unions were not federally insured as of December 2019
but are included here as depository institutions. Calculated from
NCUA Call Report data accessed on June 8, 2021.) Although 2019
figures are used here for consistency across types of lenders,
consolidation among depository institutions has continued since
2019. As of June 30, 2022, 1,120 credit unions reported a positive
number of originations of loans, lines of credit, and credit cards
to members for commercial purposes during the first half of 2022.
This number was calculated from NCUA Call Report data accessed on
October 14, 2022.
---------------------------------------------------------------------------
The CFPB estimates that there were about 1,900 nondepository
institutions active in the small business financing market in
2019,\142\ accounting for around $550 billion in outstanding credit to
small businesses. This total number of nondepository institutions
includes approximately 300 commercial finance companies, 30 or more
online lenders, 340 nondepository CDFIs, 150 nondepository mortgage
lenders in the multifamily market, 100 merchant cash advance providers,
700-900 factors, at least 100 government lenders, and 72 Farm Credit
System institutions.
---------------------------------------------------------------------------
\142\ There may also be cooperative or nonprofit lenders as well
as equipment and vehicle finance dealers originating in their own
name that are not captured by the CFPB in these figures. For
example, by searching Uniform Commercial Code (UCC) filings, Manasa
Gopal and Philipp Schnabl identified 19 cooperative lenders that
originated at least 1,500 loans over the period from 2006 to 2016.
Manasa Gopal & Philipp Schnabl, The Rise of Finance Companies and
FinTech Lenders in Small Business Lending, N.Y.U. Stern Sch. of
Bus., at 18 (May 13, 2020), https://ssrn.com/abstract=3600068.
Additionally, these figures do not include trade creditors, which
are non-companies that extend credit by allowing customers a period
of time in which to pay and which are much greater in number since
the practice is widespread across the economy. This number has
increased from 1,800 financial institutions estimated in the NPRM
for two reasons related to the number of nondepository financial
institutions participating in the credit market for 5+ unit
residential dwellings in 2019. First, the CFPB revised its
methodology for excluding depository institutions from the total
number of participants active in the credit market for 5+ unit
residential dwellings, as detailed below. Second, the Notice of
Proposed Rulemaking total for all nondepository financial
institutions active in the small business financing market included
only those nondepository financial institutions participating in the
credit market for 5+ unit residential dwellings that were estimated
to be covered by the proposed rule rather than all those active in
the market at all.
---------------------------------------------------------------------------
The Bureau estimates that about 300 commercial finance companies
were engaged in small business lending in 2019.\143\ The Bureau also
estimates there to be about 30 or more online lenders that were active
in the small business lending market in 2019, not including merchant
cash advance providers.\144\
---------------------------------------------------------------------------
\143\ See id. By searching UCC filings, Manasa Gopal and Philipp
Schnabl identified almost 300 commercial finance companies,
including both independent and captive finance companies, with at
least 1,500 small business loans between 2006 and 2016. This figure
combines 192 independent finance companies with 95 captive finance
companies. Since this estimate captures only those commercial
finance companies averaging at least 150 loans per year over the
2006 to 2016 period, it may exclude smaller volume lenders and
should be considered conservative.
\144\ Id. Using the same methodology as for commercial finance
companies, Gopal and Schnabl identified 19 fintech companies. The
CFPB conservatively increases this estimate to 30 to account for
rapid growth in the industry from 2016 to 2019. Since this estimate
captures only those fintechs averaging at least 150 loans per year
over the 2006 to 2016 period, it may exclude smaller volume lenders
and should be considered conservative. On the other hand, since
2019, the COVID-19 economic shock may have led to some fintechs
scaling back or exiting the small business financing market. See,
e.g., Ingrid Lunden, Amex Acquires SoftBank-backed Kabbage After
Tough 2020 for the SMB Lender, TechCrunch (Aug. 17, 2020), https://techcrunch.com/2020/08/17/amex-acquires-softbank-backed-kabbage-after-tough-2020-for-the-smb-lender/ (noting that Kabbage
temporarily shut down credit lines to small businesses during April
2020 and then spun off its small business loan portfolio when it was
subsequently acquired by American Express).
---------------------------------------------------------------------------
The Bureau estimates that 340 nondepository CDFIs were engaged in
small business lending in 2019. Both depository and nondepository
institutions can be CDFIs. Depository CDFIs are counted in the numbers
of banks, savings associations, and credit unions engaged in small
business lending. According to the CDFI Fund, 487 nondepository funds
(i.e., loan funds and venture capital funds) reported as CDFIs in
2019.\145\ Of these, 340 institutions reported that business finance or
commercial real estate finance were a primary or secondary line of
business in 2019.\146\
---------------------------------------------------------------------------
\145\ CDFI Fund, CDFI Annual Certification and Data Collection
Report (ACR): A Snapshot for Fiscal Year 2019, at 8 (Oct. 2020),
https://www.cdfifund.gov/sites/cdfi/files/2021-01/ACR-Public-Report-Final-10292020-508Compliant.pdf.
\146\ Id. at 15-16.
---------------------------------------------------------------------------
The Bureau estimates that about 150 nondepository mortgage lenders
participated in the credit market for 5+ unit residential dwellings in
2019.\147\ In its 2019 Multifamily Lending Report, the Mortgage Bankers
Association lists annual multifamily lending volumes by institution,
including a distinction for loans of under $1 million in value at
origination.\148\ Using the same small loan to business proxy as is
used in the FFIEC Call Report, the Bureau estimates the number of
nondepository mortgage lenders by counting the number of institutions
that appear on this list that are not depository institutions and that
extended at least two loans in 2019.\149\
---------------------------------------------------------------------------
\147\ Nondepository lenders providing financing for commercial
real estate transactions besides 5+ unit residential dwellings are
not separately captured here but often overlap with those lenders
providing financing for 5+ unit residential dwellings. See Com.
Prop. Exec., Top 20 Commercial Mortgage Banking and Brokerage Firms
of 2022 (Jan. 3, 2022), https://www.commercialsearch.com/news/top-20-commercial-mortgage-banking-and-brokerage-firms-of-2022/ (listing
top commercial real estate lenders and identifying sectors financed
by lender).
\148\ See Mortg. Bankers Ass'n, Annual Report on Multi-Family
Lending--2019, at 9-66 (2020), https://www.mba.org/store/products/research/general/report/2019-annual-report-on-multifamily-lending.
In the Notice of Proposed Rulemaking, the CFPB had estimated
nondepository financial institutions participating in the credit
market for 5+ unit residential dwellings by excluding financial
institutions included in the above-cited report with the word
``bank'' or ``credit union'' in the institution name and further
manually removing around ten more institutions that appeared to be
depository institutions at first glance. To improve accuracy, for
the Final Rule the CFPB has manually coded all 2,588 institutions in
the above-cited report to exclude any institutions that are banks,
savings associations, credit unions, or farm credit associations but
which do not have the word ``bank'' or ``credit union'' in the
institution name as recorded in the report. As a result, the total
number of nondepository financial institutions active in this market
fell from 270 to 150.
\149\ The CFPB counts institutions extending at least two loans
of any size in order to estimate institutions extending at least one
small loan, based on the assumption that some 50 percent of these
loans may have been for values greater than $1 million.
---------------------------------------------------------------------------
Data from UCC filings indicates that about 100 institutions were
active in the market for providing merchant cash advances to small
businesses in 2021.\150\
---------------------------------------------------------------------------
\150\ deBanked, UCC-1 and UCC-3 Filings by Merchant Cash Advance
Companies & Alternative Business Lenders, https://debanked.com/merchant-cash-advance-resource/merchant-cash-advance-ucc/ (last
visited Mar. 20, 2023).
---------------------------------------------------------------------------
[[Page 35165]]
The Bureau estimates the number of factors in 2019 to be between
700-900 and assumes that most factors were providing financing to small
business.\151\
---------------------------------------------------------------------------
\151\ See Secured Fin. Found., 2019 Secured Finance: Market
Sizing & Impact Study Extract Report, at 15 (June 2019), https://www.sfnet.com/docs/default-source/data-files-and-research-documents/sfnet_market_sizing___impact_study_extract_f.pdf?sfvrsn=72eb7333_2
(estimating the number of factors at between 700 and 900).
---------------------------------------------------------------------------
Finally, many government agencies and government-sponsored
enterprises provide or facilitate a significant proportion of small
business credit. As the flagship government lender, the SBA managed in
2019 a portfolio of over $140 billion in loans to small businesses, to
which it added over $1 trillion in loans extended as part of the COVID-
19 emergency lending programs. (As noted above, over $740 billion in
Paycheck Protection Program loans had been forgiven as of July 2022,
bringing SBA outstanding loan balances back down.\152\) Across Federal,
State, and municipal governments, the Bureau estimates that there are
likely over 100 government small business lending programs.\153\
Additionally, the Farm Credit System reports that, as of December 2019,
the Farm Credit System contained a total of 72 banks and
associations.\154\ All of these Farm Credit System institutions were
engaged in lending to small farms in 2019.\155\
---------------------------------------------------------------------------
\152\ Pandemic Response Accountability Comm., Paycheck
Protection Program: Loan Forgiveness by the Numbers (July 2022),
https://www.pandemicoversight.gov/media/file/ppp-loan-forgiveness-fact-sheet-july-2022-updatepdf.
\153\ In addition to several Federal small business lending
programs, States and major municipalities also often have one or
more programs of their own. One State and one municipal program in
each State would already total 100 government lending programs
across Federal, State, and municipal governments.
\154\ Fed. Farm Credit Banks Funding Corp., Farm Credit 2019
Annual Information Statement of the Farm Credit System, at 7 (Feb.
28, 2020), https://www.farmcreditfunding.com/ffcb_live/serve/public/pressre/finin/report.pdf?assetId=395570. The CFPB notes that Farm
Credit System banks do not report FFIEC Call Reports and are thus
not counted in the number of banks and savings associations
discussed above.
\155\ Calculated from Young, Beginning, and Small Farmer Report
data accessed on June 17, 2022, https://reports.fca.gov/CRS/search-institution.aspx.
---------------------------------------------------------------------------
E. Challenges for Women-Owned, Minority-Owned, and LGBTQI+-Owned Small
Businesses
Within the context of small business financing, women-owned,
minority-owned, and LGBTQI+-owned small businesses often face
relatively challenges than their counterparts to obtain credit. In line
with congressional purpose, information collected about these
businesses may provide opportunities for community development lending,
and the information collected may be particularly important to support
fair lending analysis and enforcement.
Women-owned, minority-owned, and LGBTQI+-owned small businesses
have smaller cash reserves on average, leaving them less able to
weather credit crunches. For example, in February 2021, 39 percent of
women-owned businesses had one month or less in cash reserves, compared
with 29 percent of men-owned firms.\156\ And in around 90 percent of
majority Black and Hispanic communities, most businesses have fewer
than 14 days of cash buffer, while this is true of only 35 percent of
majority white communities.\157\ As a result, many small businesses,
especially those owned by women, minorities, and LGBTQI+ individuals,
may have a greater need for financing in general and particularly
during economic downturns.
---------------------------------------------------------------------------
\156\ Eric Groves, Cash Strapped SMBs, While 75% Of PPP Is Still
Available, Alignable (Feb. 9, 2021), https://www.alignable.com/forum/alignable-road-to-recovery-report-february-2021.
\157\ JPMorgan Chase Inst., Place Matters: Small Business
Financial Health in Urban Communities, at 5 (Sept. 2019), https://www.jpmorganchase.com/content/dam/jpmc/jpmorgan-chase-and-co/institute/pdf/institute-place-matters.pdf. See also Diana Farrell et
al., JP Morgan Chase Inst., Small Business Owner Race, Liquidity,
and Survival, at 5 (July 2020), https://www.jpmorganchase.com/content/dam/jpmc/jpmorgan-chase-and-co/institute/pdf/institute-small-business-owner-race-report.pdf (finding in a sample of firms
founded in 2013 and 2014 that after one year in business white-owned
firms had on average 19 cash buffer days compared to 14 for
Hispanic-owned firms and 12 for Black-owned firms).
---------------------------------------------------------------------------
Policy responses to support small businesses in economic downturns
may struggle to reach small businesses owned by women, minorities, and
LGBTQI+ individuals. For example, although LGBTQI+-owned small
businesses were more likely to apply for Paycheck Protection Program
loans, they were less likely to receive all of the funds that they
applied for, and more likely to have gotten none of the funding they
applied for.\158\
---------------------------------------------------------------------------
\158\ Spencer Watson et al., LGBTQ-Owned Small Businesses in
2021, Ctr. for LGBTQ Econ. Advancement & Rsch. and Movement
Advancement Project, at 8 (July 2022), https://www.lgbtmap.org/file/LGBTQ-Small-Businesses-in-2021.pdf (using data from the Federal
Reserve's Small Business Credit Survey, which began collecting
demographic data on LGBTQ small business ownership in 2021).
---------------------------------------------------------------------------
Established relationships between applicants and lenders were often
critical to approvals in the earliest period of Paycheck Protection
Program underwriting; \159\ many minority-owned \160\ and women-owned
\161\ businesses did not have such relationships. Minority borrowers
with limited English proficiency may also have faced difficulties
overcoming language barriers,\162\ particularly during the first round
of the Paycheck Protection Program in April 2020 when application
materials had not yet been translated from English.\163\ Further, many
minority-owned and women-owned firms are sole proprietorships and
independent contractors, both of which received delayed access to
Paycheck Protection Program loans.\164\
---------------------------------------------------------------------------
\159\ Sara Savat, Who you know matters, even when applying for
PPP loans, The Source, Newsroom, Wash. Univ. in St. Louis (Feb. 15,
2021), https://source.wustl.edu/2021/02/who-you-know-matters-even-when-applying-for-ppp-loans/ (previous lender relationship increased
likelihood of obtaining a Paycheck Protection Program loan by 57
percent). See generally 86 FR 7271, 7280 (Jan. 27, 2021) (noting
that many lenders restricted access to Paycheck Protection Program
loans to existing customers, which may run a risk of violating ECOA
and Regulation B).
\160\ Claire Kramer Mills, Fed. Rsrv. Bank of N.Y., Double
Jeopardy: COVID-19's Concentrated Health and Wealth Effects in Black
Communities, at 6 (Aug. 2020), https://www.newyorkfed.org/medialibrary/media/smallbusiness/DoubleJeopardy_COVID19andBlackOwnedBusinesses (arguing that a lack
of strong banking relationships among Black-owned firms may have led
to relatively lower rates of access to Paycheck Protection Program
loans for such firms); Fed. Rsrv. Banks, Small Business Credit
Survey: 2021 Report on Firms Owned by People of Color, at ii (Apr.
15, 2021), https://www.fedsmallbusiness.org/survey/2021/2021-report-on-firms-owned-by-people-of-color (Small Business Credit Survey of
Firms Owned by People of Color) (finding that ``firms owned by
people of color tend to have weaker banking relationships'').
\161\ Cf. Mariel Padilla, `I feel like I'm drowning': Women
Business Owners Keep Hitting New Barriers to Federal Loan Aid, 19th
(Apr. 23, 2021), https://19thnews.org/2021/04/women-small-businesses-loan/ (stating that historically higher rates of loan
denials for women of color than for white men result in less
established banking relationships and thereby reduced access to
Federal support disbursed through banks).
\162\ See Emily Ryder Perlmeter, Fed. Rsrv. Bank of Dallas, How
PPP Loans Eluded Small Businesses of Color (Nov. 29, 2021), https://www.dallasfed.org/cd/communities/2021/1129 (detailing language
barriers among small business owners of color seeking Paycheck
Protection Program loans, particularly Hispanic and Asian owners who
were not fluent in English).
\163\ See Press Release, Rep. Judy Chu, House Dems Urge SBA to
Translate Resources into 10 Most Common Languages (Apr. 9, 2020),
https://chu.house.gov/media-center/press-releases/house-dems-urge-sba-translate-resources-10-most-common-languages.
\164\ Greg Iacurci, Coronavirus loan program delayed for
independent contractors and self-employed workers, CNBC (Apr. 3,
2020), https://www.cnbc.com/2020/04/03/delays-in-sba-loans-for-independent-contractors-self-employed-workers.html; see also Mariel
Padilla, `I feel like I'm drowning': Women Business Owners Keep
Hitting New Barriers to Federal Loan Aid, 19th (Apr. 23, 2021),
https://19thnews.org/2021/04/women-small-businesses-loan/ (stating
that non-employer businesses affected by restrictions on sole
proprietor and independent contractor access to Paycheck Protection
Program loans are disproportionately owned by women and minorities).
---------------------------------------------------------------------------
[[Page 35166]]
Applicants whose owners belong to protected categories may have
received different program outcomes when applying for Paycheck
Protection Program loans, although limitations in demographic
information for Paycheck Protection Program loans have hindered fair
lending analyses.\165\ Even for such firms that did obtaining Paycheck
Protection Program loans, they may have faced different outcomes with
respect to loan forgiveness.\166\
---------------------------------------------------------------------------
\165\ Rocio Sanchez-Moyano, Fed. Rsrv. Bank of S.F., Paycheck
Protection Program Lending in the Twelfth Federal Reserve District
(Mar. 3, 2021), https://www.frbsf.org/community-development/publications/community-development-research-briefs/2021/february/ppp-lending-12th-district/ (citing matched-pair audit studies that
found discouragement and provision of incomplete information for
minority business owners seeking Paycheck Protection Program loans);
86 FR 7271, 7280 (Jan. 27, 2021) (noting that facially neutral
Paycheck Protection Program policies such as limiting loans to
businesses with pre-existing relationships may run a risk of
violating ECOA and Regulation B due to a disproportionate impact on
a prohibited basis).
\166\ For example, Black-owned firms applied to fintechs for
Paycheck Protection Program loans at a high rate and certain
fintechs or banks that partnered with fintechs have also had a high
rate of unforgiven Paycheck Protection Program loans. See Max Reyes,
Bank Behind Fintech's Rise Reels in Billions in Pandemic's Wake,
Bloomberg (Aug. 22, 2022), https://www.bloomberg.com/news/articles/2022-08-21/bank-behind-fintech-s-rise-reels-in-billions-in-pandemic-s-wake (reporting that, as of July 2021, the share of unforgiven
Paycheck Protection Program loans at Kabbage, a fintech, and at
Cross River, a bank that partnered with fintechs, was 34 percent and
16 percent, respectively); Who Benefited from PPP Loans (showing
that Black-owned firms applied to fintechs at higher rates than
other firms).
---------------------------------------------------------------------------
As demonstrated by the impact of the COVID-19 pandemic on small
businesses, small business lending data are essential to better
understand the small business financing landscape to maintain and
expand support for this key part of the U.S. economy.
F. The Purposes and Impact of Section 1071
The Dodd-Frank Act sets forth the Bureau's purposes and mission. It
provides that a key component of the Bureau's fair lending work is to
ensure fair, equitable, and nondiscriminatory access to credit for both
individuals and their communities.\167\ And in passing section 1071,
Congress articulated two purposes for requiring the Bureau to collect
data on small business credit applications and loans--to ``facilitate
enforcement of fair lending laws'' and to ``enable communities,
governmental entities, and creditors to identify business and community
development needs and opportunities of women-owned, minority-owned, and
small businesses.'' \168\ Although the Dodd-Frank Act does not further
explain or clarify these dual statutory purposes, other Federal laws
shed light on both purposes. That is, a set of existing Federal laws
form the backdrop for the use of small business lending data collected
and reported pursuant to section 1071 to facilitate the enforcement of
fair lending laws, and to identify business and community development
needs and opportunities across the United States.
---------------------------------------------------------------------------
\167\ See 12 U.S.C. 5493(c)(2)(A) (directing the Office of Fair
Lending and Equal Opportunity to provide ``oversight and enforcement
of Federal laws intended to ensure the fair, equitable, and
nondiscriminatory access to credit for both individuals and
communities that are enforced by the Bureau,'' including ECOA and
the Home Mortgage Disclosure Act).
\168\ ECOA section 704B(a).
---------------------------------------------------------------------------
1. Facilitating Enforcement of Fair Lending Laws
Congress intended for section 1071 to ``facilitate enforcement of
fair lending laws,'' \169\ which include ECOA, the Home Mortgage
Disclosure Act of 1975 (HMDA),\170\ the Fair Housing Act,\171\ and
other Federal and State anti-discrimination laws.
---------------------------------------------------------------------------
\169\ Id.
\170\ 12 U.S.C. 2801 et seq.
\171\ 42 U.S.C. 3601 through 3619.
---------------------------------------------------------------------------
i. Equal Credit Opportunity Act (ECOA)
ECOA, which is implemented by Regulation B, applies to all
creditors. Congress first enacted ECOA in 1974 to require financial
institutions and other firms engaged in the extension of credit to
``make credit equally available to all creditworthy customers without
regard to sex or marital status.'' \172\ Two years later, Congress
expanded ECOA's scope to include age, race, color, religion, national
origin, receipt of public assistance benefits, and exercise of rights
under the Federal Consumer Credit Protection Act.\173\
---------------------------------------------------------------------------
\172\ Public Law 93-495, tit. V, section 502, 88 Stat. 1500,
1521 (1974).
\173\ See Equal Credit Opportunity Act Amendments of 1976,
Public Law 94-239, section 701(a), 90 Stat. 251, 251 (1976).
---------------------------------------------------------------------------
ECOA makes it unlawful for any creditor to discriminate against any
applicant with respect to any aspect of a credit transaction (1) on the
basis of race, color, religion, national origin, sex (including sexual
orientation, gender identity, and sex characteristics),\174\ marital
status, or age (provided the applicant has the capacity to contract);
(2) because all or part of the applicant's income derives from any
public assistance program; or (3) because the applicant has in good
faith exercised any right under the Federal Consumer Credit Protection
Act.\175\
---------------------------------------------------------------------------
\174\ In March 2021, the CFPB issued an interpretive rule
clarifying that the scope of ECOA's and Regulation B's prohibition
on credit discrimination on the basis of sex encompasses
discrimination based on sexual orientation and gender identity,
including discrimination based on actual or perceived nonconformity
with sex-based or gender-based stereotypes and discrimination based
on an applicant's associations. 86 FR 14363 (Mar. 16, 2021). See
also Press Release, CFPB, CFPB Clarifies That Discrimination by
Lenders on the Basis of Sexual Orientation and Gender Identity Is
Illegal (Mar. 9, 2021), https://www.consumerfinance.gov/about-us/newsroom/cfpb-clarifies-discrimination-by-lenders-on-basis-of-sexual-orientation-and-gender-identity-is-illegal/. The interpretive
rule states that an example of discriminatory sex-based or gender-
based stereotyping occurs if a small business lender discourages a
small business owner appearing at its office from applying for a
business loan and tells the prospective applicant to go home and
change because, in the view of the creditor, the small business
customer's attire does not accord with the customer's gender. 86 FR
14363, 14365 (Mar. 16, 2021). As discussed further in the section-
by-section analysis of Sec. 1002.102(k) and (l), regarding the
definitions of LGBTQI+ individual and LGBTQI+-owned business,
respectively, the CFPB interprets ECOA's and Regulation B's
prohibitions on the basis of sex to also include sex
characteristics, including intersex traits.
\175\ 15 U.S.C. 1601 et seq.
---------------------------------------------------------------------------
Multiple Federal regulators can enforce ECOA and Regulation B and
apply various penalties for violations. The enforcement provisions and
penalties for those who violate ECOA and Regulation B are set forth in
15 U.S.C. 1691e(b) and 12 CFR 1002.16. Violations may also result in
civil money penalties, which are governed by 12 U.S.C. 5565(c)(3). The
CFPB and multiple other Federal regulators have the statutory authority
to bring actions to enforce the requirements of ECOA.\176\ These
regulators have the authority to engage in research, conduct
investigations, file administrative complaints, hold hearings, and
adjudicate claims through the administrative enforcement process
regarding ECOA. Regulators also have independent litigation authority
and can file cases in Federal court alleging violations of fair lending
laws under their jurisdiction. Like other Federal regulators who are
assigned enforcement authority under section 704 of ECOA, the CFPB is
required to refer matters to the Department of Justice (DOJ) when it
has reason to believe that a creditor has engaged in a pattern or
practice of lending
[[Page 35167]]
discrimination.\177\ Private parties may also bring claims under the
civil enforcement provisions of ECOA, including individual and class
action claims against creditors for actual and punitive damages for any
violation of ECOA.\178\
---------------------------------------------------------------------------
\176\ These regulators include the OCC, the Board, the FDIC, the
NCUA, the Surface Transportation Board, the Civil Aeronautics Board,
the Secretary of Agriculture, the Farm Credit Administration, the
Securities and Exchange Commission, the SBA, the Secretary of
Transportation, the CFPB, and the FTC. See 15 U.S.C. 1691c;
Regulation B Sec. 1002.16(a). Motor vehicle dealers are subject to
the Board's Regulation B (12 CFR part 202); the CFPB's rules,
including this rule to implement section 1071, generally do not
apply to motor vehicle dealers, as defined in section 1029(f)(2) of
the Dodd-Frank Act, that are predominantly engaged in the sale and
servicing of motor vehicles, the leasing and servicing of motor
vehicles, or both. 12 U.S.C. 5519.
\177\ See 15 U.S.C. 1691e(h).
\178\ 15 U.S.C. 1691e(a); Regulation B Sec. 1002.16(b)(1).
---------------------------------------------------------------------------
ii. Home Mortgage Disclosure Act (HMDA)
HMDA, implemented by the CFPB's Regulation C (12 CFR part 1003),
requires lenders who meet certain coverage tests to report detailed
information to their Federal supervisory agencies about mortgage
applications and loans at the transaction level. These reported data
are a valuable resource for regulators, researchers, economists,
industry, and advocates assessing housing needs, public investment, and
possible discrimination as well as studying and analyzing trends in the
mortgage market for a variety of purposes, including general market and
economic monitoring. There is potential overlap between what is
required to be reported under HMDA and what is covered by section 1071
for certain mortgage applications and loans for women-owned, minority-
owned, and small businesses.
A violation of HMDA and Regulation C is subject to administrative
sanctions, including civil money penalties. Compliance is enforced by
the CFPB, the U.S. Department of Housing and Urban Development (HUD),
the FDIC, the Board, the National Credit Union Administration (NCUA),
or the Office of the Comptroller of Currency (OCC). These regulators
have the statutory authority to bring actions to enforce the
requirements of HMDA and to engage in research, conduct investigations,
file administrative complaints, hold hearings, and adjudicate claims
through the administrative enforcement process regarding HMDA.
iii. Fair Housing Act
Title VIII of the Civil Rights Act of 1968, as amended (Fair
Housing Act), prohibits discrimination in the sale, rental, or
financing of dwellings and in other housing-related activities because
of race, color, religion, sex (including sexual orientation and gender
identity),\179\ disability,\180\ familial status, or national
origin.\181\ The Fair Housing Act \182\ and its implementing
regulations specifically prohibit discrimination in the making of
loans,\183\ the purchasing of loans,\184\ and in setting the terms and
conditions for making loans available,\185\ without reference to
consumers, legal entities, or the purpose of the loan being made,
although these prohibitions relate exclusively to dwellings.\186\
---------------------------------------------------------------------------
\179\ See U.S. Dep't of Hous. & Urban Dev., Implementation of
Executive Order 13988 on the Enforcement of the Fair Housing Act
(Feb. 11, 2021), https://www.hud.gov/sites/dfiles/PA/documents/HUD_Memo_EO13988.pdf.
\180\ The CFPB uses the term ``disability'' to refer to what the
Fair Housing Act and its implementing regulations describe as a
``handicap'' because that is the preferred term. See, e.g., Hunt v.
Aimco Props., L.P., 814 F.3d 1213, 1218 n.1 (11th Cir. 2016) (noting
the term disability is generally preferred over handicap).
\181\ 42 U.S.C. 3601 through 3619, 3631.
\182\ 42 U.S.C. 3605(b) (noting that for purposes of 3605(a), a
``residential real estate-related transaction'' includes the making
or purchasing of loans or providing other financial assistance for
purchasing, constructing, improving, repairing, or maintaining a
dwelling, or transactions secured by residential real estate).
\183\ 24 CFR 100.120.
\184\ 24 CFR 100.125.
\185\ 24 CFR 100.130.
\186\ A ``dwelling,'' as defined by the Fair Housing Act, is any
building, structure, or portion thereof which is occupied as, or
designed or intended for occupancy as, a residence by one or more
families, and any vacant land which is offered for sale or lease for
the construction or location thereon of any such building,
structure, or portion thereof. 42 U.S.C. 3602(b).
---------------------------------------------------------------------------
The DOJ and HUD are jointly responsible for enforcing the Fair
Housing Act. The Fair Housing Act authorizes the HUD Secretary to issue
a Charge of Discrimination on behalf of aggrieved persons following an
investigation and a determination that reasonable cause exists to
believe that a discriminatory housing practice has occurred.\187\ The
DOJ may bring lawsuits where there is reason to believe that a person
or entity is engaged in a ``pattern or practice'' of discrimination or
where a denial of rights to a group of persons raises an issue of
general public importance,\188\ or where a housing discrimination
complaint has been investigated by HUD, HUD has issued a Charge of
Discrimination, and one of the parties to the case has ``elected'' to
go to Federal court.\189\ In Fair Housing Act cases, HUD and the DOJ
can obtain injunctive relief, including affirmative requirements for
training and policy changes, monetary damages and, in pattern or
practice cases, civil penalties.\190\
---------------------------------------------------------------------------
\187\ 42 U.S.C. 3610(g)(1) and (2).
\188\ See 42 U.S.C. 3614(a).
\189\ 42 U.S.C. 3612(o)(1).
\190\ See 42 U.S.C. 3612, 3614.
---------------------------------------------------------------------------
Upon receipt of a complaint alleging facts that may constitute a
violation of the Fair Housing Act or upon receipt of information from a
consumer compliance examination or other source suggesting a violation
of the Fair Housing Act, Federal executive agencies forward such facts
or information to HUD and, where such facts or information indicate a
possible pattern or practice of discrimination in violation of the Fair
Housing Act, to the DOJ.\191\ Private parties may also bring claims
under the civil enforcement provisions of the Fair Housing Act.\192\
---------------------------------------------------------------------------
\191\ 59 FR 2939, 2939 (Jan. 17, 1994).
\192\ See 42 U.S.C. 3613.
---------------------------------------------------------------------------
iv. Other Fair Lending Laws
Several other Federal statutes seek to promote fair lending. The
CRA affirmatively encourages institutions to help to meet the credit
needs of the entire community served by each institution covered by the
statute, and CRA ratings take into account lending discrimination by
those institutions.\193\ (See part II.F.2.i below for additional
discussion of the CRA.) The Americans with Disabilities Act of 1990
prohibits discrimination against persons with disabilities in the
provision of goods and services, including credit services.\194\
Sections 1981 \195\ and 1982 \196\ of the Federal Civil Rights Acts are
broad anti-discrimination laws that have been applied to many aspects
of credit transactions.\197\
---------------------------------------------------------------------------
\193\ See 12 U.S.C. 2901 et seq.
\194\ See 42 U.S.C. 12101 et seq.
\195\ 42 U.S.C. 1981(a).
\196\ 42 U.S.C. 1982.
\197\ See, e.g., Juarez v. Soc. Fin., Inc., No. 20-CV-03386-HSG,
2021 WL 1375868, at *7 (N.D. Cal. Apr. 12, 2021) (denying motion to
dismiss section 1981 claim and finding that ``the ECOA was not
intended to limit any of the broad protections afforded by Sec.
1981''); Perez v. Wells Fargo & Co., No. 17-CV-00454-MMC, 2017 WL
3314797, at *3 (N.D. Cal. Aug. 3, 2017) (denying motion to dismiss
for section 1981 claim and rejecting contention that ECOA superseded
section 1981, noting that, although ECOA was a more specific
statute, ECOA did not conflict with the section 1981 claims because
``[a] creditor can comply with Sec. 1981 and the ECOA by not
discriminating on the basis of any of the categories listed in the
two statutes''); Jackson v. Novastar Mortg., Inc., 645 F. Supp. 2d
636 (W.D. Tenn. 2007) (motion to dismiss claim that defendants
violated sections 1981 and 1982 by racial targeting and by offering
credit on less favorable terms on the basis of race denied); Johnson
v. Equicredit Corp., No. 01-CIV-5197, 2002 U.S. Dist. LEXIS 4817
(N.D. Ill. Mar. 22, 2002) (predatory lending/reverse redlining case
brought pursuant to section 1981); Hargraves v. Cap. City Mortg.
Corp., 140 F. Supp. 2d 7 (D.D.C. 2000) (predatory lending/reverse
redlining case brought under both sections 1981 and 1982),
reconsideration granted in part, denied in part, 147 F. Supp. 2d 1
(D.D.C. 2001) (section 1981 claim dismissed for lack of standing,
but not section 1982 claim); Doane v. Nat'l Westminster Bank USA,
938 F. Supp. 149 (E.D.N.Y. 1996) (mortgage redlining case brought
under sections 1981 and 1982); Fairman v. Schaumberg Toyota, Inc.,
No. 94-CIV-5745, 1996 U.S. Dist. LEXIS 9669 (N.D. Ill. July 10,
1996) (section 1981 suit over allegedly predatory credit scheme
targeting African Americans and Hispanics); Steptoe v. Sav. of Am.,
800 F. Supp. 1542 (N.D. Ohio 1992) (mortgage redlining case brought
under sections 1981 and 1982 and the Fair Housing Act); Evans v.
First Fed. Sav. Bank of Ind., 669 F. Supp. 915 (N.D. Ind. 1987)
(section 1982 can be used in mortgage lending discrimination case);
Assocs. Home Equity Servs. v. Troup, 778 A.2d 529 (N.J. 2001)
(predatory lending/reverse redlining case brought pursuant to
section 1981).
---------------------------------------------------------------------------
[[Page 35168]]
Many States and municipalities have also enacted fair lending, fair
housing, and/or civil rights laws (often modeled on their Federal
counterparts) that broadly prohibit credit discrimination, including
protections for business credit.\198\
---------------------------------------------------------------------------
\198\ See, e.g., Cal. Civ. Code 51 and 51.5 and Cal. Gov't Code
12955; Colo. Rev. Stat. 24-34-501(3) and 5-3-210; Conn. Gen. Stat.
46a-81e, 46a-81f, and 46a-98; Del. Code Ann. tit. 6, 4604; D.C. Code
2-1402.21; Haw. Rev. Stat. 515-3 and 515-5; 775 Ill. Comp. Stat. 5/
1-102, 5/1-103, 5/4-102, 5/3-102, and 5/4-103; Iowa Code 216.8A and
216.10; Me. Rev. Stat. tit. 5, 4553(5-C) and (9-C), 4595 to 4598,
and 4581 to 4583; Md. Code Ann. State Gov't 20-705, 20-707, and 20-
1103; Mass. Gen. Laws ch. 151B, 4(3B), (14); Minn. Stat. 363A.03
(Subd. 44), 363A.09(3), 363A.16 (Subds. 1 and 3), and 363A.17; N.H.
Rev. Stat. Ann. 354-A:10; N.J. Stat. Ann. 10:5-12(i); N.M. Stat.
Ann. 28-1-7; N.Y. Civ. Rights Law 40-c(2); N.Y. Exec. Law 296-A; Or.
Rev. Stat. 174.100(7) and 659A.421; R.I. Gen. Laws 34-37-4(a)
through (c), 34-37-4.3, and 34-37-5.4; Va. Code Ann. 6.2-501(B)(1),
15.2-853, and 15.2-965; Vt. Stat. Ann. tit. 8, 10403 and tit. 9,
2362, 2410, and 4503(a)(6); Wash. Rev. Code 49.60.030, 49.60.040
(14), (26), and (27), 49.60.175, and 49.60.222; Wis. Stat. 106.50
and 224.77. There are also a number of municipalities that have
enacted credit discrimination ordinances. See, e.g., Austin City
Code 5-1-1 et seq.; N.Y.C. Admin. Code 8-101 and 8-107 et seq.; S.F.
Police Code 3304(a) et seq.
---------------------------------------------------------------------------
v. Facilitating Enforcement
To achieve the congressionally mandated purpose of facilitating
enforcement of fair lending laws, the Bureau must collect and make
available sufficient data to help the public and regulators identify
potentially discriminatory lending patterns that could constitute
violations of fair lending laws. Financial regulators and enforcement
agencies need a consistent and comprehensive dataset for all financial
institutions subject to reporting in order to also use these data in
their prioritization, peer analysis, redlining reviews, and screening
processes to select institutions for monitoring, examination, or
investigation. Data collected pursuant to section 1071 will facilitate
more efficient fair lending examinations. For example, regulators will
be able to use pricing and other data to prioritize fair lending
examinations--without such data, some financial institutions might face
unnecessary examination burden while others whose practices warrant
closer review may not receive sufficient scrutiny.
Moreover, as discussed in part V below, the Bureau believes
specific aspects of the rule offer particular benefits for the
enforcement of fair lending laws. For example, the inclusion of pricing
data such as interest rate and fees will provide information on
disparities in pricing outcomes, and data such as gross annual revenue,
denial reasons, and time in business will enable a more refined
analysis and understanding of disparities in both underwriting and
pricing outcomes. While these data alone generally will not establish
compliance with fair lending laws, regulators, community groups,
researchers, and financial institutions will be able to use the data to
identify potential disparities in small business lending based on
disaggregated categories of race and ethnicity. Overall, the data
collected and reported under the rule will allow, for the first time,
for comprehensive and market-wide fair lending risk analysis that
enables a better understanding of disparities in both underwriting and
pricing outcomes.
2. Identifying Business and Community Development Needs and
Opportunities
The second congressionally mandated purpose of section 1071 is to
enable communities, governmental entities, and creditors to identify
business and community development needs and opportunities of women-
owned, minority-owned, and small businesses.\199\ While section 1071
does not expressly define the phrase ``business and community
development needs,'' other Federal statutes and regulations, including
the CRA and the Riegle Community Development and Regulatory Improvement
Act of 1994,\200\ reference or define the phrases ``business
development'' and ``community development'' and can help explain what
it means to enable communities, governmental entities, and creditors to
``identify business and community development needs and
opportunities.''
---------------------------------------------------------------------------
\199\ ECOA section 704B(a).
\200\ Public Law 103-325, tit. I, section 102, 108 Stat. 2160,
2163 (1994) (12 U.S.C. 4701 through 4719).
---------------------------------------------------------------------------
The Bureau believes, based on its consideration of these other
Federal statutes and regulations, that its rule implementing section
1071 will provide more data to the public--including communities,
governmental entities, and creditors--for analyzing whether financial
institutions are serving the credit needs of their small business
customers. In addition, with data provided under this rule, the public
will be better able to understand access to and sources of credit in
particular communities or industries, such as a higher concentration of
risky loan products in a given community, and to identify the emergence
of new loan products, participants, or underwriting practices. The data
will not only assist in identifying potentially discriminatory
practices, but will contribute to a better understanding of the
experiences that members within certain communities may share in the
small business financing market.
Increased transparency about application and lending practices
across different communities will improve credit outcomes, and thus
community and business development. Lenders will be able to better
understand small business lending market conditions and determine how
best to provide credit to borrowers, where currently they cannot
conduct very granular or comprehensive analyses because the data on
small business lending are limited. As reduced uncertainty helps
lenders to identify potentially profitable opportunities to extend
responsible and affordable credit, small businesses stand to benefit
from increased credit availability. Transparency will also allow small
business owners to more easily compare credit terms and evaluate credit
alternatives; without these data, small business owners are limited in
their ability to shop for the credit product that best suits their
needs at the best price.
i. Community Reinvestment Act (CRA)
The CRA, a part of the Housing and Community Development Act, was
passed by Congress in 1977, which found that ``regulated financial
institutions have continuing and affirmative obligation to help meet
the credit needs of the local communities in which they are
chartered.'' \201\ As such, one of the statutory purposes of the CRA is
to encourage such institutions to help meet the credit needs of the
local communities in which they are chartered consistent with the safe
and sound operation of such institutions.\202\
---------------------------------------------------------------------------
\201\ 12 U.S.C. 2901(a)(3).
\202\ 12 U.S.C. 2901(b).
---------------------------------------------------------------------------
The legislative history for the CRA suggests that the concerns
motivating its passage included certain practices by banks including
redlining (i.e., declining to extend credit in neighborhoods populated
by ethnic or racial minorities) \203\ and community disinvestment
(i.e., taking deposits from lower-income areas, often populated by
ethnic or racial minorities, without
[[Page 35169]]
extending credit or banking services to residents of those areas).\204\
The CRA requires the ``appropriate Federal financial supervisory
agency'' of a given depository institution to ``prepare a written
evaluation of the institution's record of meeting the credit needs of
its entire community, including low- and moderate-income
neighborhoods.'' \205\ These requirements were first implemented by a
1978 rulemaking,\206\ and were amended in 1995 \207\ and 2005.\208\
These rulemakings, adopted by each of the agencies responsible for
ensuring compliance with the CRA, established specific performance
measures,\209\ requiring banks to disclose information about their
efforts to meet community credit needs via small business, small farm,
and community development lending.\210\
---------------------------------------------------------------------------
\203\ See H.R. Rep. No. 561, 94th Cong., 1st Sess. 4 (1975)
(``[The practice of redlining] increasingly has served to polarize
elements of our society . . . . As polarization intensifies,
neighborhood decline accelerates.''), reprinted in 1975 U.S.C.C.A.N.
2303, 2305-06.
\204\ Robert C. Art, Social Responsibility in Bank Credit
Decisions: The Community Reinvestment Act One Decade Later, 18 Pac.
L.J. 1071, 1076-77 & n.23 (1987) (citing 123 Cong. Rec. S8958 (daily
ed. June 6, 1977), which stated that Sen. Proxmire, the
congressional sponsor of the Act described redlining as ``the fact
that banks and savings and loans will take their deposits from a
community and instead of reinvesting them in that community, they
will invest them elsewhere, and they will actually or figuratively
draw a red line on a map around the areas of their city,'' further
noting that those lines are drawn ``sometimes in the inner city,
sometimes in the older neighborhoods, sometimes ethnic and sometimes
black . . . .'').
\205\ 12 U.S.C. 2906(a)(1).
\206\ 43 FR 47144 (Oct. 12, 1978).
\207\ 60 FR 22156 (May 4, 1995).
\208\ 70 FR 44256 (Aug. 2, 2005).
\209\ 12 CFR 228.11.
\210\ See, e.g., 12 CFR 25.42, 228.11.
---------------------------------------------------------------------------
The agencies tasked with ensuring compliance--including the
OCC,\211\ the Board,\212\ and the FDIC \213\--evaluate each insured
depository institution's record in helping meet the credit needs of its
entire community.\214\ Overall, the CRA and its regulations generate
data that help agencies and the public at large identify instances of
redlining, community disinvestment, and geographical areas that are
``banking deserts.'' \215\ The CRA regulations of the Board and the
FDIC currently have the same definitions of ``community development''
that include banking and credit services that support the following:
(1) affordable housing for low- and moderate-income individuals; \216\
(2) community services for low- and moderate-income individuals; \217\
(3) activities that promote economic development by financing small
business and small farms; \218\ and (4) activities that revitalize or
stabilize low- and moderate-income geographies, disaster areas, and
certain distressed or underserved middle-income areas based on other
factors.\219\
---------------------------------------------------------------------------
\211\ 12 CFR part 25.
\212\ 12 CFR part 228.
\213\ 12 CFR parts 345, 195.
\214\ Most specifically, that record is taken into account in
considering an institution's application for deposit facilities,
including mergers and acquisitions with other financial institutions
and the opening of bank branches.
\215\ OCC regulations define ``CRA desert'' as an area that has
``significant unmet community development or retail lending needs''
and where: (1) Few banks have branches or non-branch deposit-taking
facilities, (2) There is ``less retail or community development
lending than would be expected based on demographic or other
factors,'' or (3) The area ``lacks community development
organizations or infrastructure.'' 12 CFR 25.03.
\216\ 12 CFR 228.12(g)(1), 345.12(g)(1).
\217\ 12 CFR 228.12(g)(2), 345.12(g)(2).
\218\ 12 CFR 228.12(g)(3), 345.12(g)(3).
\219\ 12 CFR 228.12(g)(4), 345.12(g)(4).
---------------------------------------------------------------------------
In May 2022, the Board, FDIC and OCC issued an interagency notice
of proposed rulemaking for amendments to update and expand the existing
CRA regulations (2022 CRA NPRM).\220\ In the 2022 CRA NPRM, these three
agencies proposed a number of revisions to the agencies' CRA rules,
including a number of key changes relating to how the agencies defined
community development and how the agencies intended to measure the
community development activity of depository institutions.\221\
---------------------------------------------------------------------------
\220\ Bd. of Governors of the Fed. Rsrv. Sys.; Fed. Deposit Ins.
Corp.; and Off. of the Comptroller of the Currency, Treasury,
Community Reinvestment Act, Joint Proposed Rule, 87 FR 33884 (June
3, 2022).
\221\ 87 FR 33884, 33885 (June 3, 2022).
---------------------------------------------------------------------------
In the 2022 CRA NPRM, the agencies recognized the value of data to
be collected under the Bureau's small business lending rule for
assessing efforts at addressing community small business and small farm
credit needs, proposing to incorporate aspects of the Bureau's rule
into their CRA rules. First, the agencies proposed to define the terms
``small business'' and ``small farm'' consistent with the Bureau's
proposal under section 1071, i.e., as those having gross annual
revenues of $5 million or less in the preceding fiscal year.\222\
---------------------------------------------------------------------------
\222\ Id. at 33890.
---------------------------------------------------------------------------
Further, the 2022 CRA NPRM proposed to eliminate the current CRA
small business and small farm data collection and reporting
requirements,\223\ to be replaced in the long term by the Bureau's
small business lending data collection and reporting requirements.\224\
The agencies noted that this proposed approach is responsive to various
stakeholders' requests that the agencies coordinate the small business
and small farm definitions across the CRA and section 1071 rulemakings.
The agencies also observed that their proposal would reduce burden
related to data collection and reporting, particularly if institutions
could submit data for CRA purposes under the format of the Bureau's
small business lending rule.\225\ Data collected pursuant to section
1071 would be used to measure individual bank performance in CRA
assessments, and to establish the agencies' benchmarks against which
bank CRA performance would be measured for purposes of the small farm
and small business portions of the retail lending tests.\226\
---------------------------------------------------------------------------
\223\ Id. at 33930.
\224\ Id. at 33997.
\225\ Id. at 33928
\226\ Id. at 33941.
---------------------------------------------------------------------------
Finally, the agencies proposed that if both the CRA and section
1071 rulemakings were finalized, the agencies would make the compliance
date for the CRA amendments that hinge upon the Bureau's section 1071
rulemaking similar to the compliance date for the Bureau's final
rule.\227\
---------------------------------------------------------------------------
\227\ Id. at 33930.
---------------------------------------------------------------------------
ii. Community Development Financial Institution Fund (CDFI Fund)
The Riegle Community Development and Regulatory Improvement Act of
1994 authorized the CDFI Fund.\228\ In passing that statute, Congress
found that many of the Nation's urban, rural, and Native American
communities face ``critical social and economic problems arising in
part from the lack of economic growth, people living in poverty, and
the lack of employment and other opportunities.'' \229\
---------------------------------------------------------------------------
\228\ 12 U.S.C. 4701(b).
\229\ 12 U.S.C. 4701(a)(1).
---------------------------------------------------------------------------
To address these problems, Congress created the CDFI Fund to
``promote economic revitalization and community development'' through
investment in and assistance to CDFIs, including enhancing the
liquidity of CDFIs.\230\
---------------------------------------------------------------------------
\230\ 12 U.S.C. 4701(b).
---------------------------------------------------------------------------
The concept of community development is central to the operation of
the CDFI Fund. While CDFI Fund regulations do not directly define that
term, any entity applying for CDFI certification must have ``promoting
community development'' as its ``primary mission.'' \231\ In making
this determination, the CDFI Fund considers whether the activities of
the entity are purposefully directed toward improving the social and/or
economic conditions of underserved people, which may include low-income
persons or persons who lack adequate access to capital and financial
services and residents of
[[Page 35170]]
economically distressed communities.\232\
---------------------------------------------------------------------------
\231\ 12 CFR 1805.201(b)(1).
\232\ Id.
---------------------------------------------------------------------------
The CDFI Fund collects data from the recipients of its financial
and technical assistance, shedding some light on the extent of
community development in the areas where CDFIs operate.\233\ The CDFI
Fund also publishes the data it receives with appropriate redactions to
protect privacy interests.\234\ However, given that CDFIs comprise a
relatively small share of the overall small business lending market,
1071 data will materially enhance understanding of the broader extent
of community development outside of areas where CDFIs already operate.
These data will also likely augment the data the CDFI Fund already
receives.
---------------------------------------------------------------------------
\233\ 12 CFR 1805.803(e) (requiring recipients of technical and
financial assistance to provide to the CDFI Fund certain information
and documentation).
\234\ 12 CFR 1805.803(e)(4).
---------------------------------------------------------------------------
In May 2020, the CDFI Fund issued a request for comment on several
aspects of its CDFI program, including proposed changes to the
application for certification, as well as proposed changes to the data
collection and reporting processes of the CDFI Fund. The RFI proposed a
number of other revisions to the data collection and reporting regime
in May 2020, including the automation of key elements of existing
reporting and improvements to data quality.\235\
---------------------------------------------------------------------------
\235\ CDFI Fund, Annual Certification and Data Collection Report
Changes (2020), https://www.cdfifund.gov/sites/cdfi/files/documents/annual-certification-report-2020-final.pdf.
---------------------------------------------------------------------------
In October and November 2022, the CDFI Fund announced that based on
public comments, it had revised its proposed changes to the application
for certification, and data collection and reporting requirements,
subject to another round of public comment prior to the anticipated
implementation of changes in April 2023.\236\ The CDFI Fund released a
preview of changes to the application requirements.\237\ One change to
the Primary Mission portion of the application, which asks whether an
applicant is focused on the mission of community development, would be
the addition of bright-line questions related to an organization's
lending and financing practices.\238\ Specifically, an applicant can be
disqualified from CDFI certification if financial products or practices
it offers are harmful to low-income and underserved communities.\239\
The bright-line questions the new certification application would ask
include whether, amongst other things, applicants consider a small
business borrower's ability to repay a loan on its terms,\240\ whether
they have accommodative or concessionary policies or programs for
struggling borrowers, and whether loans priced above 36 percent APR
meet certain safety and consumer protection standards.
---------------------------------------------------------------------------
\236\ The CDFI Fund released a preview of the final
certification application, pending OMB approval. CDFI Fund, CDFI
Certification Application Preview (Oct. 2022), https://www.cdfifund.gov/sites/cdfi/files/2022-10/CDFI_Certification_Application_Preview_Final_10322.pdf.
\237\ CDFI Fund, CDFI Fund Advance Look: Preview the Revisions
to the New CDFI Certification Application (Oct. 4, 2022), https://www.cdfifund.gov/news/487.
\238\ CDFI Fund, Community Development Financial Institution
Certification Application: Overview of Final Revisions and
Modifications (Oct. 5, 2022), https://www.cdfifund.gov/sites/cdfi/files/2022-10/CDFI_Certification_Application_Overview_FINAL.pdf.
\239\ Id. at 23-31.
\240\ Id. at 27.
---------------------------------------------------------------------------
In October 2022, the CDFI Fund also published revisions to the
Target Market requirements of the application for CDFI
certification.\241\ Currently, an applicant must demonstrate that it
serves at least one eligible Target Market (either an Investment Area
or a Targeted Population). The revisions, if finalized, would eliminate
the geographical boundaries and mapping requirements for most Target
Markets, replacing these requirements with customized investment areas.
In late October 2022, the CDFI Fund published a proposed list of pre-
approved methodologies to identify target markets.\242\ These
methodologies include determining whether most recipients of a CDFI
applicant's funds--whether individuals, for-profit entities, or non-
profit entities--are members of certain demographic groups (African
American, Hispanic, Native American, Native Hawaiian, Native Alaskan,
Other Pacific Islanders, people with disabilities, certified CDFIs,
low-income targeted populations).\243\ These data are collected using a
variety of overlapping methods specific to each demographic status,
including self-reporting,\244\ in-person or photo-identification-based
visual observation,\245\ surname analysis,\246\ government-issued or
Tribal-issued identification to demonstrate affiliation,\247\ and/or
income and residence or business location.\248\
---------------------------------------------------------------------------
\241\ CDFIs must service either certain investment areas or
targeted populations.
\242\ CDFI Fund, CDFI Target Market Assessment Methodologies,
Notice and Request for Comment. 87 FR 63852 (Oct. 20, 2022).
Comments were due by December 19, 2022. The notice refers to a
separate document with the target market methodologies. CDFI Fund,
Proposed Pre-Approved Target Market Assessment Methodologies (Oct.
19, 2022), https://www.cdfifund.gov/sites/cdfi/files/2022-10/Proposed_PreApproved_TM_Assessment_Methodologies_FINAL.pdf.
\243\ Id.
\244\ See, e.g., id. at 1 (African American), 3 (Hispanic), 10
(non-Hawaiian Pacific Islander), 12 (disability status).
\245\ See, e.g., id. at 1 (African American), 3 (Hispanic), 12
(disability status).
\246\ See, e.g., id. at 3 (Hispanic); see also List of Hispanic
Surnames for OTP-Hispanic Pre-Approved Assessment Methodology,
https://www.cdfifund.gov/sites/cdfi/files/2022-10/OTP_Hisp_HispanicSurnameList_2010Census.xlsx (list of qualifying
Hispanic surnames).
\247\ See, e.g., CDFI Fund, Proposed Pre-Approved Target Market
Assessment Methodologies, at 1 (Oct. 19, 2022), https://www.cdfifund.gov/sites/cdfi/files/2022-10/Proposed_PreApproved_TM_Assessment_Methodologies_FINAL.pdf
(reporting for African American recipients of funds).
\248\ Id. at 14 (low-income individuals or entities).
---------------------------------------------------------------------------
The most recently published amendments to the application
requirements remain under consideration by the CDFI Fund.\249\
---------------------------------------------------------------------------
\249\ The CDFI Fund paused acceptance of new applications for
CDFI certification in October 2022 and will reopen for new
applications once the revisions to the application for certification
and the transaction-level data collection and reporting regimes are
finalized. While initially anticipating that it would finalize
changes to the application process in April 2023 after receiving
public comments, the CDFI Fund issued a statement in January 2023
that it had received a robust response to the request for comments
on the revised application and reporting tools, and that
consideration of these comments, while not requiring a lengthy
delay, would require postponement of the new application and
associated reporting tools beyond April 2023. CDFI Fund, An Update
on the CDFI Fund's Certification Application Review Process (Jan.
24, 2023), https://www.cdfifund.gov/news/501.
---------------------------------------------------------------------------
3. Impact of Small Business Lending Data Under Section 1071
The Bureau's implementation of section 1071 will provide on an
annual basis application-level data on small business credit, including
certain protected demographic information. This will include
information on applications for credit that are originated, as well as
those that are denied, withdrawn, incomplete, or approved by the
financial institution but not accepted by the applicant. This
information will enable stakeholders of all kinds in the small business
lending market to gain insight into trends in small business lending.
It will also provide insight into the interaction of supply and demand
for small business credit over time.
In terms of facilitating fair lending enforcement, interested
government agencies and other stakeholders will be able to use data
collected and reported under this final rule to identify possible fair
lending risks using statistical methods.
Regarding the identification of business and community development
needs, small business lending data collected and reported under this
final rule will help government entities and
[[Page 35171]]
public and private lenders identify and target sub-segments of the
market that remain underserved, facilitating entrepreneurship and
business development in those communities. By reducing uncertainty
about the conditions of the small business lending market, data
collected under the final rule can help creditors identify potentially
profitable opportunities to extend responsible and affordable credit,
potentially increasing credit availability to small businesses.
Increased transparency, in turn, will also help small business
borrowers to understand what credit is available and on what terms,
thereby improving their ability to access the credit they need and
further serving community and business development goals.
The Bureau believes that small business lending data will come to
play an important role for the small business lending market, as HMDA
data have done for the mortgage market. HMDA data have provided
lenders, community groups, and others the tools to identify and address
fair lending risks and strengthen fair lending oversight and
enforcement. In a similar way, these data will allow diverse
stakeholders to analyze lending patterns that are potentially
discriminatory. By identifying and addressing discriminatory small
business lending practices, the Bureau will help to ensure fair,
equitable, and nondiscriminatory access to credit for both individuals
and their communities.\250\
---------------------------------------------------------------------------
\250\ See 12 U.S.C. 5493(c)(2)(A).
---------------------------------------------------------------------------
HMDA data have also proven effective in creating transparency in
the mortgage market that improves the understanding of credit needs,
where they may remain unmet, and the relationship between mortgage
lending and community development. The Bureau believes that small
business lending data collected and reported under this final rule will
provide the Bureau and other stakeholders with critical insights into
the small business lending market. The COVID-19 pandemic has shown that
transparency is essential at a time of crisis, when small businesses
may be in urgent need of credit in order to recover from economic
shocks.
The advancement of both statutory purposes of section 1071--
facilitating fair lending enforcement and identifying business and
community development needs--in turn will support small businesses
across all sectors of the economy, which are fundamental to the
economic health of the U.S. and which have been hard hit by recent
economic and financial crises. Given the critical importance of small
businesses to economic growth and wealth creation, that will also help
the economy as a whole.
III. Summary of the Rulemaking Process
In the years leading up to the release of the CFPB's NPRM to
implement section 1071 of the Dodd-Frank Act, the CFPB held over 100
outreach meetings regarding the rulemaking with financial institutions,
trade associations, community groups, researchers, governmental
entities, and other stakeholders. The CFPB also took a number of other
steps, beyond individual stakeholder meetings, to solicit feedback more
broadly from the public on a rule to implement section 1071. Most
recently, the CFPB received public comments on its NPRM. Each of these
efforts are discussed in turn below.
A. Pre-Proposal Outreach and Engagement
Request for information, field hearing, and white paper on small
business lending. On May 10, 2017, the CFPB published a request for
information regarding the small business lending market \251\ in which
it sought public comment to understand more about the products that are
offered to small businesses, the financial institutions that offer such
credit, the small business lending data that currently are used and may
be maintained by financial institutions, the potential complexity and
cost of small business data collection and reporting, and privacy
concerns related to the disclosure purposes of section 1071.\252\ On
the same date, the CFPB held a field hearing regarding section 1071 at
which the request for information was announced and then-Director
Richard Cordray noted the importance of a section 1071 rulemaking given
the absence of systematic data on how small businesses are faring and
whether or how much they are being held back by financing
constraints.\253\ Finally, at the same time, the CFPB also published
its White Paper on small business lending,\254\ which reflected the
initial findings of its research providing a preliminary understanding
of the small business lending environment, with a particular emphasis
on lending to women-owned and minority-owned small businesses.
---------------------------------------------------------------------------
\251\ 82 FR 22318 (May 15, 2017).
\252\ In response to the request for information, the CFPB
received over 2,000 comments in total, and over 100 unique comments
offering detailed substantive responses on the topics raised in the
request for information. These comments from the public helped to
inform the CFPB's approach in its SBREFA Outline. See CFPB, Request
for Information Regarding the Small Business Lending Market, Docket
ID CFPB-2017-0011, https://www.regulations.gov/docket/CFPB-2017-0011.
\253\ See CFPB, Prepared Remarks of CFPB Director Richard
Cordray at the Small Business Lending Field Hearing (May 10, 2017),
https://www.consumerfinance.gov/about-us/newsroom/prepared-remarks-cfpb-director-richard-cordray-small-business-lending-field-hearing/.
\254\ CFPB, Key dimensions of the small business lending
landscape (May 2017), https://files.consumerfinance.gov/f/documents/201705_cfpb_Key-Dimensions-Small-Business-Lending-Landscape.pdf
(White Paper).
---------------------------------------------------------------------------
1071 symposium. In November 2019, the CFPB held a symposium on
section 1071 to assist it in its policy development process and to
receive feedback from experts, including academic, think tank, consumer
advocate, industry, and government experts in the small business
lending arena.\255\ The symposium had two panels. The first panel
focused on the evolution in the small business lending marketplace. The
second panel included a discussion surrounding the implementation of
section 1071, including issues raised in response to the CFPB's request
for information.
---------------------------------------------------------------------------
\255\ CFPB, Symposium: Section 1071 of the Dodd-Frank Act (held
Nov. 6, 2019), https://www.consumerfinance.gov/about-us/events/archive-past-events/cfpb-symposium-section-1071-dodd-frank-act/.
---------------------------------------------------------------------------
Small Business Advisory Review Panel. Under the Small Business
Regulatory Enforcement Fairness Act of 1996 (SBREFA),\256\ which
amended the Regulatory Flexibility Act (RFA), the CFPB must convene and
chair a Small Business Advisory Review Panel (Panel) if it is
considering a proposed rule that could have a significant economic
impact on a substantial number of small entities.\257\ The Panel
considers the impact of the proposals under consideration by the CFPB
and obtains feedback from representatives of the small entities that
would likely be subject to the rule. The Panel is comprised of a
representative from the CFPB, the Chief Counsel for Advocacy of the
Small Business Administration (SBA), and a representative from the
Office of Information and Regulatory Affairs (OIRA) in the Office of
Management and Budget (OMB). Representatives from 20 small businesses
were selected as small entity representatives for this SBREFA process.
These individuals represented small businesses that are financial
institutions--including community banks, credit unions, community
development financial institutions (CDFIs), financial technology firms,
and commercial finance companies--that
[[Page 35172]]
would likely be directly affected by a rule implementing section 1071.
---------------------------------------------------------------------------
\256\ Public Law 104-121, 110 Stat. 857 (1996).
\257\ 5 U.S.C. 609(b).
---------------------------------------------------------------------------
On September 15, 2020, the CFPB issued its Outline of Proposals
under Consideration and Alternatives Considered (SBREFA Outline) for
its rulemaking pursuant to section 1071, a detailed document that
discusses (1) the relevant law, (2) the regulatory process, (3) the
rule proposals the CFPB was considering, and (4) an economic analysis
of the potential impacts of those proposals on directly affected small
entities.\258\
---------------------------------------------------------------------------
\258\ CFPB, Small Business Advisory Review Panel for Consumer
Financial Protection Bureau Small Business Lending Data Collection
Rulemaking, Outline of Proposals Under Consideration and
Alternatives Considered (Sept. 15, 2020), https://files.consumerfinance.gov/f/documents/cfpb_1071-sbrefa_outline-of-proposals-under-consideration_2020-09.pdf (SBREFA Outline). See also
CFPB, Consumer Financial Protection Bureau Releases Outline of
Proposals Under Consideration to Implement Small Business Lending
Data Collection Requirements (Sept. 15, 2020), https://www.consumerfinance.gov/about-us/newsroom/cfpb-releases-outline-proposals-implement-small-business-lending-data-collection-requirements/.
---------------------------------------------------------------------------
The CFPB convened the Panel for this proposed rule on October 15,
2020 and held a total of four meetings with small entity
representatives during October 19-22, 2020, conducted online via video
conference (Panel Outreach Meetings). In preparation for the Panel
Outreach Meetings and to facilitate an informed and detailed discussion
of the proposals under consideration, discussion questions for the
small entity representatives were included throughout the SBREFA
Outline.\259\
---------------------------------------------------------------------------
\259\ These questions also appeared in a shorter Discussion
Guide for Small Entity Representatives. See CFPB, Small Business
Advisory Review Panel for Consumer Financial Protection Bureau Small
Business Lending Data Collection Rulemaking, Discussion Guide for
Small Entity Representatives (Sept. 15, 2020), https://files.consumerfinance.gov/f/documents/cfpb_1071-sbrefa_discussion-guide_2020-09.pdf.
---------------------------------------------------------------------------
In advance of the Panel Outreach Meetings, the CFPB, SBA Office of
Advocacy, and OIRA held a series of video conferences with the small
entity representatives to describe the Small Business Review Process,
obtain important background information about each small entity
representative's current business practices, and begin discussions on
selected portions of the proposals under consideration.
All 20 small entity representatives participated in the Panel
Outreach Meetings. Representatives from the CFPB, SBA Office of
Advocacy, and OIRA provided introductory remarks. The meetings were
then organized around discussions led by the CFPB about each aspect of
the proposals under consideration and the potential impact on small
businesses. The CFPB also invited small entity representatives to
submit written feedback by November 9, 2020; most did so.
On December 15, 2020, the CFPB released the Final Report of the
Small Business Review Panel on the CFPB's Proposals Under Consideration
for the Small Business Lending Data Collection Rulemaking (SBREFA Panel
Report).\260\ This report includes a summary of the feedback received
from small entity representatives during the panel process (including
oral feedback received during the pre-Panel video conferences and Panel
Outreach Meetings, as well as timely submitted written feedback) and
findings and recommendations made by the Panel.\261\ As required by the
RFA, the CFPB considered the Panel's findings in its initial regulatory
flexibility analysis, as set out in part VIII of the NPRM.
---------------------------------------------------------------------------
\260\ CFPB, Final Report of the Small Business Review Panel on
the CFPB's Proposals Under Consideration for the Small Business
Lending Data Collection Rulemaking (Dec. 14, 2020), https://files.consumerfinance.gov/f/documents/cfpb_1071-sbrefa-report.pdf
(SBREFA Panel Report). See also CFPB, Consumer Financial Protection
Bureau Releases Report on Implementing the Dodd-Frank Act's Small
Business Lending Data Collection Requirement (Dec. 15, 2020),
https://www.consumerfinance.gov/about-us/newsroom/consumer-financial-protection-bureau-releases-report-on-implementing-the-dodd-frank-acts-small-business-lending-data-collection-requirement/.
The CFPB's SBREFA Outline and related materials, as well as the
CFPB's presentation slides framing the discussion during the Panel
Outreach Meetings, are appended to the SBREFA Panel Report. See
SBREFA Panel Report at app. C through F.
\261\ The written feedback from small entity representatives is
appended to the SBREFA Panel Report. See id. at app. A.
---------------------------------------------------------------------------
The CFPB also invited other stakeholders to submit feedback on the
SBREFA Outline by December 14, 2020. The CFPB received approximately 60
submissions from a variety of other stakeholders, including financial
institutions, trade associations, community groups, a think tank, and a
government agency.\262\
---------------------------------------------------------------------------
\262\ Feedback received from these stakeholders on the SBREFA
Outline is available on the public docket for the NPRM. See https://www.regulations.gov/docket/CFPB-2021-0015/document?documentTypes=Supporting%20%26%20Related%20Material.
---------------------------------------------------------------------------
The CFPB considered the feedback it received from small entity
representatives, the findings and recommendations of the Panel, and the
feedback from other stakeholders in preparing the NPRM. The feedback,
findings, and recommendations were summarized throughout the NPRM where
relevant.
One-Time Cost Survey. On July 22, 2020, the CFPB released a
voluntary survey to measure the one-time costs of compliance with an
eventual small business lending data collection rule.\263\ The
objective of the survey was to solicit, from institutions offering
small business credit products that could potentially be covered by
this rule, information about potential one-time costs to prepare to
collect and report data. The deadline for responses was October 16,
2020. The CFPB received responses from 105 financial institutions.\264\
The results of the survey inform the CFPB's analyses of the potential
impacts of the rule as set out in parts IX and X below.
---------------------------------------------------------------------------
\263\ CFPB, Survey: Small Business Compliance Cost Survey (July
22, 2020), https://files.consumerfinance.gov/f/documents/cfpb_1071-survey_2020-10.pdf.
\264\ See part VI below for additional details regarding this
survey.
---------------------------------------------------------------------------
ECOA request for information. On July 28, 2020, the CFPB issued a
request for information to seek public input on ECOA and Regulation
B.\265\ In this request for information, the CFPB sought public comment
on a number of topics, including small business lending and the ways
that the CFPB, in light of its authority under ECOA and Regulation B,
might support efforts to meet the credit needs of small businesses,
particularly those that are minority-owned and women-owned.\266\
---------------------------------------------------------------------------
\265\ CFPB, Consumer Financial Protection Bureau Requests
Information on Ways to Prevent Credit Discrimination and Build a
More Inclusive Financial System (July 28, 2020), https://www.consumerfinance.gov/about-us/newsroom/cfpb-rfi-prevent-credit-discrimination-build-more-inclusive-financial-system/.
\266\ 85 FR 46600, 46602 (Aug. 3, 2020).
---------------------------------------------------------------------------
B. Ongoing Outreach and Engagement
Ongoing outreach. The CFPB conducts outreach to industry and other
stakeholders to understand their experiences with the small business
finance market, economic conditions, and the collection and reporting
of data regarding that market. A particular near-term priority in the
CFPB's recent outreach has been the impacts of the pandemic and the
effectiveness of the Federal government's response. Findings from
outreach activities inform the CFPB on matters affecting the small
business sector.
Technical outreach. In the months before the publication of the
NPRM, the CFPB began conducting technical outreach with third-party
software providers that serve financial institutions and software and
technology staff from financial institutions that are likely to have to
report small business lending data to the CFPB. With these software
vendors and technical staff, the CFPB has held and, after publication
of this final rule, will continue to hold discussions concerning
[[Page 35173]]
the technical systems and procedures the CFPB will provide for
financial institutions to submit their data. The CFPB intends to
understand the technology solutions currently provided by vendors to
support the small business lending activities of financial
institutions, as well as their experience in providing financial
institutions with technical support for previous data collection
regulations. The CFPB believes this information will be helpful in
informing the CFPB in its design and implementation of a platform for
intake and processing of data to help the platform integrate, to the
extent possible, with existing systems and data collection procedures.
These discussions also serve to raise awareness of technology providers
as to their potential future role in supporting the rule as well as the
lead time that may be necessary for some or all affected financial
institutions to come into compliance with the requirements of this
final rule. This outreach process is ongoing and will continue after
the publication of this final rule.
Sample data collection form usability testing. After the NPRM was
released, the CFPB, after the appropriate notice in the Federal
Register, and a 30-day comment period, sought and received OMB approval
to conduct several rounds of message and user testing research related
to the sample form.\267\ The CFPB conducted qualitative research to
learn about the experience of filling out the sample data collection
form and to explore design options. The CFPB engaged a vendor to
conduct interviews with small business stakeholders and listening
sessions with small business owners to test different versions of the
introductory language on the sample data collection form. The CFPB also
conducted qualitative user interviews with small business owners to
test their reactions to different versions of the sample data
collection form. In addition to comments received in response to the
CFPB's proposed sample data collection form as part of the NPRM, the
feedback gathered as part of these testing efforts was also considered
by the CFPB in finalizing the sample data collection form issued with
this final rule. The CFPB is releasing a report, simultaneously with
the issuance of this final rule, summarizing the findings from all
three rounds of qualitative research testing.\268\
---------------------------------------------------------------------------
\267\ 87 FR 37504 (June 23, 2022).
\268\ CFPB, User testing for sample data collection form for the
small business lending final rule (Mar. 2023), https://www.consumerfinance.gov/data-research/research-reports/user-testing-for-sample-data-collection-form-for-the-small-business-lending-final-rule/.
---------------------------------------------------------------------------
C. Notice of Proposed Rulemaking
On September 1, 2021, the CFPB issued its proposal to implement
section 1071. The NPRM was published in the Federal Register on October
8, 2021,\269\ and the public comment period closed on January 6,
2022.\270\ The CFPB received approximately 2,100 comments on the
proposal during the comment period.\271\ Approximately 650 of these
comments were unique, detailed comment letters representing diverse
interests. These commenters included lenders such as banks and credit
unions, CDFIs, community development companies, Farm Credit System
lenders, online lenders, and others; national and regional industry
trade associations; software vendors; business advocacy groups;
community groups; research, academic, and other advocacy organizations;
members of Congress; Federal and State government offices/agencies;
small businesses; and individuals.
---------------------------------------------------------------------------
\269\ 86 FR 56356 (Oct. 8, 2021).
\270\ The CFPB set the length of the comment period on the
proposal at 90 days from the date on which it was published in the
Federal Register. The CFPB received several written requests to
extend the comment period. The CFPB believes that the 90-day comment
period set forth in the NPRM (along with the 38 days that elapsed
between the CFPB's issuance of the NPRM on September 1, 2021 and its
publication in the Federal Register on October 8, 2021) gave
interested parties sufficient time to consider the CFPB's proposal
and prepare their responses, and thus did not extend the comment
period beyond January 6, 2022.
\271\ See https://www.regulations.gov/docket/CFPB-2021-0015/comments.
---------------------------------------------------------------------------
The remaining comments included some duplicate submissions (i.e.,
letters with the same content from the same commenter submitted through
multiple channels, or letters with the same content submitted by
multiple people on behalf of the same commenting organization) as well
as comments that were part of several comment submission campaigns
organized by industry or community groups. Such comment campaigns
typically advocated for or against particular provisions in the NPRM
and urged additional changes. These comments were considered by the
CFPB along with all other comments received, including any additional
remarks included in otherwise identical comment letters.
In addition, the CFPB also considered comments received after the
comment period closed via approximately 17 ex parte submissions and
meetings.\272\ Materials on the record, including all ex parte
submissions and summaries of ex parte meetings, are available on the
public docket for this rulemaking.\273\
---------------------------------------------------------------------------
\272\ CFPB, Policy on Ex Parte Presentations in Rulemaking
Proceedings, 82 FR 18687 (Apr. 21, 2017).
\273\ See https://www.regulations.gov/docket/CFPB-2021-0015/comments.
---------------------------------------------------------------------------
The CFPB received comments on all aspects of the proposed rule, as
well as on the proposed approach to protecting privacy interests via
modification or deletion of data prior to publication, and on its
analyses of the proposed rule's impacts. Relevant information received
via comment letters, as well as ex parte submissions, is discussed
below in the section-by-section analysis and subsequent parts of this
document, as applicable. The CFPB considered all the comments it
received regarding the proposal, made certain modifications, and is
adopting the final rule as described in part V below. Comments relevant
to the CFPB's approach to privacy are discussed in part VIII and
regarding its impact analyses in parts IX to XI.
IV. Legal Authorities
The Bureau is issuing this final rule pursuant to its authority
under section 1071. Some aspects of this rule are also adopted under
the Bureau's more general rulemaking authorities in ECOA. Congress
enacted ECOA to prohibit discrimination against any applicant,
regarding any aspect of a credit transaction, on the basis of, amongst
other characteristics, race, color, religion, national origin, and
sex.\274\ The Bureau has certain oversight, enforcement, and
supervisory authority over ECOA requirements and has rulemaking
authority under the statute.
---------------------------------------------------------------------------
\274\ 15 U.S.C. 1691(a)(1).
---------------------------------------------------------------------------
ECOA is implemented in Regulation B.\275\ Among other things,
Regulation B generally prohibits creditors from inquiring about an
applicant's race, color, religion, national origin, or sex, with
limited exceptions, including if it is required by law.\276\
---------------------------------------------------------------------------
\275\ 12 CFR part 1002.
\276\ Regulation B Sec. 1002.5(a)(2).
---------------------------------------------------------------------------
As discussed above, in the Dodd-Frank Act Congress amended ECOA by
adding section 1071, which directs the Bureau to adopt regulations
governing the collection and reporting of small business lending data.
Specifically, section 1071 requires financial institutions to collect
and report to the Bureau certain data on applications for credit for
women-owned, minority-owned, and small businesses.\277\ Congress
enacted section 1071 for the purpose of (1) facilitating enforcement of
fair lending laws and (2) enabling communities, governmental entities,
and creditors to identify business and
[[Page 35174]]
community development needs and opportunities of women-owned, minority-
owned, and small businesses.\278\ The Bureau often refers to these as
section 1071's fair lending purpose and its business and community
development purpose, respectively.
---------------------------------------------------------------------------
\277\ ECOA section 704B.
\278\ ECOA section 704B(a).
---------------------------------------------------------------------------
To advance these statutory purposes, section 1071 grants the Bureau
general rulemaking authority for section 1071, providing that the
Bureau shall prescribe such rules and issue such guidance as may be
necessary to carry out, enforce, and compile data pursuant to section
1071.\279\ ECOA section 704B(g)(2) also permits the Bureau to adopt
exceptions to any requirement of section 1071 and to conditionally or
unconditionally exempt any financial institution or class of financial
institutions from the requirements of section 1071, as the Bureau deems
necessary or appropriate to carry out the purposes of section 1071. The
Bureau principally relies on its 704B(g)(1) authority in this proposed
rule and relies on 704B(g)(2) when proposing specific exceptions or
exemptions to section 1071's requirements. Section 704B(g)(3) directs
the Bureau to issue guidance designed to facilitate compliance with the
requirements of section 1071.
---------------------------------------------------------------------------
\279\ ECOA section 704B(g)(1).
---------------------------------------------------------------------------
In addition, section 703(a) of ECOA gives the Bureau broad
authority to prescribe regulations to carry out the purposes of ECOA,
including provisions that in the judgment of the Bureau are necessary
or proper to effectuate the purposes of ECOA, to prevent circumvention
or evasion thereof, or to facilitate or substantiate compliance
therewith. That section also states that the Bureau may provide for
such adjustments and exceptions for any class of transactions, as in
the judgment of the Bureau are necessary or proper to effectuate the
purposes of ECOA, to prevent circumvention or evasion thereof, or to
facilitate or substantiate compliance therewith.
Section 1071 establishes requirements or obligations for financial
institutions that the Bureau is implementing in this final rule. These
provisions include the requirement in ECOA section 704B(b) that a
financial institution shall inquire whether an applicant for credit is
a women-owned, minority-owned, or small business; that a financial
institution must maintain a record of responses to such inquiry,
separate from the application; that an applicant may refuse to provide
any information requested regarding the inquiry under 704B(b); that a
financial institution must limit access of loan underwriters, or other
officers or employees of the financial institution or any affiliate, to
applicant responses to inquiries under 704B(b); and that if a financial
institution determines that a loan underwriter or other officer or
employee should have access to any information provided by the
applicant pursuant to a request under 704B(b) that the financial
institution shall provide notice to the applicant of the access of the
underwriter to such information, along with notice that the financial
institution may not discriminate on the basis of such information.\280\
---------------------------------------------------------------------------
\280\ ECOA section 704B(b)(1) and (2), (c), (d)(1) and (2).
---------------------------------------------------------------------------
ECOA section 704B(e)(1) directs financial institutions to compile
and maintain, in accordance with regulations of the Bureau, records of
the information provided by applicants for credit pursuant to a request
under 704B(b). Section 704B(e)(2) requires that the information
compiled and maintained under 704B(e)(1) be itemized in order to
clearly and conspicuously disclose an enumerated list of data points.
Section 704B(e)(2)(H) requires financial institutions to compile and
maintain any additional data that the Bureau determines would aid in
fulfilling the purposes of section 1071.
Several provisions of section 1071 expressly refer to regulations
to be promulgated by the Bureau to implement certain requirements,
including in ECOA section 704B(e)(1) regarding how financial
institutions must compile and maintain data pursuant to section 1071,
and in 704B(f)(2)(B) and (C) regarding the form of information made
available by financial institutions to the public and the form and
manner in which the Bureau itself should make data available to the
public generally.
Two provisions expressly give the Bureau discretion with respect to
public availability of small business lending data. Specifically, ECOA
section 704B(e)(4) states that the Bureau may, at its discretion,
delete or modify data before making it available to the public if the
Bureau determines that the deletion or modification of the data would
advance a privacy interest. Section 704B(f)(3) gives the Bureau the
discretion to compile and aggregate data for its own use, as well as to
make public such compilations of aggregate data.
V. Section-by-Section Analysis
Overview
In this Overview of part V, the CFPB first provides some background
regarding section 1071, a discussion of the Home Mortgage Disclosure
Act of 1975 (HMDA), and a brief summary of the final rule. Each
regulatory provision of the final rule, along with its rationale and
relevant feedback received through the public comment process, is
discussed in detail in the section-by-section analyses that follow. The
CFPB has made several major, and a number of minor, adjustments to the
rule in response to comments received on the proposal. Major changes
are noted in the summary of the final rule below; all changes are
discussed in detail in the section-by-section analyses that follow.
Next, the CFPB discusses the high-level and general comments
received in response to the NPRM. The CFPB also addresses several
issues for which there is no corresponding regulatory text or
commentary. Finally, the CFPB discusses the conforming amendments it is
making to existing Regulation B.
A. Introduction to Section 1071
As discussed above, section 1071 of the Dodd-Frank Act requires
that financial institutions collect and report to the CFPB certain data
regarding applications for credit for women-owned, minority-owned, and
small businesses. Section 1071's statutory purposes are to (1)
facilitate enforcement of fair lending laws, and (2) to enable
communities, governmental entities, and creditors to identify business
and community development needs and opportunities of women-owned,
minority-owned, and small businesses.
Section 1071 specifies a number of data points that financial
institutions are required to collect and report, and also provides
authority for the CFPB to require any additional data that it
determines would aid in fulfilling section 1071's statutory purposes.
Section 1071 also contains a number of other requirements, including
those that address restricting the access of underwriters and other
persons to certain data and publication of data. In addition, section
1071 permits the CFPB to modify or delete data prior to publication if
it determines that such a deletion or modification would advance a
privacy interest.
Section 1071 directs the CFPB to prescribe such rules, and issue
such guidance as may be necessary to carry out, enforce, and compile
data pursuant to section 1071. It also permits the CFPB to adopt
exceptions to any requirement
[[Page 35175]]
or to exempt financial institutions from the requirements of section
1071 as it deems necessary or appropriate to carry out the purposes of
section 1071. Section 1071 also directs the CFPB to issue guidance
designed to facilitate compliance with the requirements of section
1071. As discussed in part IV above and throughout the section-by-
section analyses in this part V, the CFPB's rule implements these
statutory provisions.
B. Section 1071 and HMDA
HMDA is a data collection and reporting statute that requires
certain depository institutions and for-profit nondepository
institutions to collect, report, and disclose data about originations
and purchases of mortgage loans, as well as mortgage loan applications
that do not result in originations (for example, applications that are
denied or withdrawn).\281\ The CFPB's Regulation C, 12 CFR part 1003,
implements HMDA. In light of certain similarities between section 1071
and HMDA as data collection and reporting statutes with different
markets but similar fair lending enforcement and community development
purposes, the CFPB's section-by-section analyses in this part V
sometimes discusses how similar provisions are addressed in the context
of HMDA. Of course, the markets to which HMDA and section 1071 apply
are also different in significant respects, and those differences are
reflected between the present rule and Regulation C, as discussed
further in the section-by-section analyses in this part V.
---------------------------------------------------------------------------
\281\ 12 U.S.C. 2801 et seq.
---------------------------------------------------------------------------
HMDA and Regulation C's purposes are: (1) to help determine whether
financial institutions are serving their communities' housing needs;
(2) to assist public officials in distributing public investment to
attract private investment; and (3) to assist in identifying potential
discriminatory lending patterns and enforcing antidiscrimination
statutes.
A covered institution for purposes of HMDA reporting is a
depository or nondepository institution that meets the relevant
coverage criteria set forth in the regulation. A covered transaction
under HMDA is generally a loan or line of credit secured (or, for
applications, proposed to be secured) by a lien on a dwelling, that is
not specifically excluded under Regulation C Sec. 1003.3(c). The data
points generally required to be reported about each covered transaction
can be grouped into four broad categories: \282\ information about the
applicants, borrowers, and underwriting process, information about the
property securing the loan or proposed to secure the loan, information
about the features of the loan, certain unique identifiers.
---------------------------------------------------------------------------
\282\ Under the Economic Growth, Regulatory Relief, and Consumer
Protection Act, Public Law 115-174, 132 Stat. 1296 (2018), as
implemented in Regulation C Sec. 1003.3(d), certain HMDA-covered
institutions may be eligible for partial exemptions from some of the
HMDA reporting requirements and only certain covered loans and
applications are covered under partial exemptions. If a covered loan
or application is covered under a partial exemption, the covered
institution is not required to collect, record, and report certain
data points.
---------------------------------------------------------------------------
Covered institutions are required to submit their HMDA data by
March 1 following the calendar year for which data are collected.
Covered institutions with larger volumes of covered loans and
applications are required to submit their HMDA data for each of the
first three quarters of the year in addition to their annual
submission.
Following the calendar year in which HMDA data are collected, a
covered institution's disclosure statement \283\ and modified loan/
application register become publicly available on the FFIEC's HMDA
Platform.\284\ Aggregate reports for each Metropolitan Statistical Area
and Metropolitan Division that show lending patterns by property
location, age of housing stock, and income level, sex, ethnicity, and
race are also publicly available on the same platform, which also
allows users to create custom datasets, reports, and visualizations
from the HMDA data.
---------------------------------------------------------------------------
\283\ A disclosure statement contains aggregated data derived
from loan-level data.
\284\ A HMDA loan/application register contains the record of
information required to be collected and the record submitted
annually or quarterly, as applicable. A modified loan/application
register is a covered institution's loan/application register
modified by the CFPB, on its website, to protect applicant and
borrower privacy. The CFPB interprets HMDA, as amended by the Dodd-
Frank Act, to call for the use of a balancing test to determine
whether and how HMDA data should be modified prior to its disclosure
to the public in order to protect applicant and borrower privacy
while also fulfilling HMDA's public disclosure purposes. See 80 FR
66127, 66133-34 (Oct. 28, 2015). In December 2018, the CFPB issued
final policy guidance describing the modifications the CFPB intends
to apply to the loan-level HMDA data that covered institutions
report before the data are disclosed publicly. See 84 FR 649 (Jan.
31, 2019).
---------------------------------------------------------------------------
HMDA data are the primary source of information for regulators,
researchers, economists, industry, and advocates analyzing the mortgage
market both for HMDA's purposes and for general market monitoring. HMDA
data are used by the Federal supervisory agencies to support a variety
of activities. For example, Federal supervisory agencies use HMDA data
as part of their fair lending \285\ examination process, and also use
HMDA data in conducting CRA \286\ performance evaluations. HMDA data
provide the public with information on the home mortgage lending
activities of particular reporting entities and on activity in their
communities. These data are used by local, State, and Federal officials
to evaluate housing trends and issues and by community organizations to
monitor financial institution lending patterns.
---------------------------------------------------------------------------
\285\ See ECOA (15 U.S.C. 1691 through 1691f), Regulation B (12
CFR part 1002), and the Fair Housing Act (42 U.S.C. 3605, 24 CFR
part 100).
\286\ 12 U.S.C. 2901 through 2908, and 12 CFR parts 25, 195,
228, and 345.
---------------------------------------------------------------------------
C. Summary of the Final Rule
The CFPB is adding a new subpart B to Regulation B to implement the
requirements of section 1071. The CFPB is also making some conforming
amendments to existing Regulation B. The CFPB's final rule is
summarized below, in the order of the section-by-section analyses in
this part V that follow.
1. General Provisions (Sec. Sec. 1002.5(a)(4), 1002.101, and 1002.102)
Changes to existing Regulation B. The CFPB is amending existing
Sec. 1002.5(a)(4) to expressly permit voluntary collection and
reporting of information regarding the ethnicity, race, and sex of
applicants' principal owners, or whether the applicant is a minority-
owned, women-owned, or LGBTQI+-owned business, in certain
circumstances.
The Bureau is also making other nonsubstantive conforming edits in
existing Regulation B to maintain consistency and avoid confusion.
Authority, purpose, and scope (Sec. 1002.101). Section 1002.101
sets forth the authority, purpose, and scope for subpart B. Among other
things, this section states section 1071's two statutory purposes of
facilitating enforcement of fair lending laws and enabling communities,
governmental entities, and creditors to identify business and community
development needs and opportunities of women-owned, minority-owned, and
small businesses.
Definitions (Sec. 1002.102). Section 1002.102 includes a number of
definitions for terms used in subpart B, which generally fall into
several categories. First, some definitions refer to terms defined
elsewhere in subpart B--specifically, terms of particular importance
including business, covered application, covered credit transaction,
covered financial institution, financial institution, and small
business. Second,
[[Page 35176]]
some definitions refer to terms defined elsewhere in existing
Regulation B (i.e., business credit, credit, and State) or other
regulations (i.e., a portion of the definitions of small business and
affiliate reference an SBA regulation). Finally, the remaining terms
are defined in Sec. 1002.102, including applicant, closed-end credit
transaction, LGBTQI+ individual, LGBTQI+-owned business, minority-owned
business, open-end credit transaction, principal owner, small business
lending application register, women-owned business, and a portion of
the definition of affiliate.
2. Coverage (Sec. Sec. 1002.103 Through 1002.106)
Covered applications (Sec. 1002.103). Section 1002.103 defines
what is, and is not, a covered application under subpart B; this
definition triggers data collection and reporting requirements under
subpart B for covered financial institutions. The CFPB is defining a
covered application in Sec. 1002.103(a) as an oral or written request
for a covered credit transaction that is made in accordance with
procedures used by a financial institution for the type of credit
requested. A covered application does not include (1) reevaluation,
extension, or renewal requests on an existing business credit account,
unless the request seeks additional credit amounts; and (2) inquiries
and prequalification requests.
Covered credit transactions and excluded transactions (Sec.
1002.104). The CFPB is requiring that covered financial institutions
collect and report data for all covered applications from small
businesses for transactions that meet the definition of business credit
under existing Regulation B, with certain exceptions. Section
1002.104(a) defines the term covered credit transaction as an extension
of business credit that is not an excluded transaction under Sec.
1002.104(b). Loans, lines of credit, credit cards, and merchant cash
advances (including credit transactions for agricultural purposes) all
fall within the scope of the rule. Section 1002.104(b) excludes from
the requirements of subpart B trade credit, HMDA-reportable
transactions, insurance premium financing, public utilities credit,
securities credit, and incidental credit. Factoring, leases, consumer-
designated credit used for business or agricultural purposes, and
credit transaction purchases, purchases in a pool of credit
transactions, and purchases of a partial interest in a credit
transaction also are not covered credit transactions.
Covered financial institutions and exempt institutions (Sec.
1002.105). The CFPB is defining in Sec. 1002.105(a) the term financial
institution, consistent with the definition in section 1071, as any
partnership, company, corporation, association (incorporated or
unincorporated), trust, estate, cooperative organization, or other
entity that engages in any financial activity. Under this definition,
subpart B's requirements apply to a variety of entities that engage in
small business lending, including depository institutions (i.e., banks,
savings associations, and credit unions), online lenders, platform
lenders, CDFIs, Farm Credit System lenders, lenders involved in
equipment and vehicle financing (captive financing companies and
independent financing companies), commercial finance companies,
governmental lending entities, and nonprofit nondepository lenders.
Subpart B does not cover motor vehicle dealers.\287\ Section
1002.105(b) defines the term covered financial institution as a
financial institution that originated at least 100 covered credit
transactions for small businesses in each of the two preceding calendar
years. Only financial institutions that meet this loan-volume threshold
are required to collect and report small business lending data under
subpart B.
---------------------------------------------------------------------------
\287\ Regulation B does not apply to a person excluded from
coverage by section 1029 of the Consumer Financial Protection Act of
2010, title X of the Dodd-Frank Wall Street Reform and Consumer
Protection Act, Public Law 111-203, 124 Stat. 1376, 2004 (2010).
---------------------------------------------------------------------------
Business and small business definitions (Sec. 1002.106). Section
1002.106 adopts the SBA's definitions of ``business concern or
concern'' and ``small business concern'' as set out in the Small
Business Act and SBA regulations. Notwithstanding the small business
size standards established by SBA regulations, for purposes of subpart
B, a business is a small business if its gross annual revenue is $5
million or less for its preceding fiscal year. The SBA Administrator
has approved the CFPB's use of this alternate small business size
standard pursuant to the Small Business Act. Every five years after
January 1, 2025, the need to adjust the gross annual revenue threshold
for inflation or deflation will be determined using the Consumer Price
Index for all Urban Consumers.
3. Compiling, Maintaining, and Reporting Small Business Lending Data
(Sec. Sec. 1002.107 Through 1002.111)
Compilation of reportable data (Sec. 1002.107). Section 1002.107
addresses several aspects of collecting data on covered applications
from small businesses. Section 1002.107(a) requires financial
institutions to compile and maintain the data points enumerated in
Sec. 1002.107(a)(1) through (20). These data points must be collected
and reported in accordance with the rule and the Filing Instructions
Guide that the CFPB will provide for the appropriate filing year.
Certain of these data points are or could be collected from the
applicant (or otherwise determined based on information from
appropriate third-party sources); other data points are based on
information within the financial institution's control. Appendix E
provides a sample data collection form for requesting protected
demographic information. Although the form reflects a number of legal
requirements applicable to collection, use of the form itself is not
mandatory. It is intended as an available implementation resource for
lenders, who can make use of it if they so choose.
Section 1002.107(c)(1) provides that covered financial institutions
must not discourage an applicant from responding to requests for
applicant-provided data and must otherwise maintain procedures to
collect such data at a time and in a manner that are reasonably
designed to obtain a response. Where data are collected directly from
the applicant, Sec. 1002.107(c)(2) identifies certain minimum
provisions that must be included within financial institutions'
procedures in order for them to be considered ``reasonably designed.''
The rule also addresses what financial institutions should do if,
despite having such procedures in place, they are unable to obtain
certain data from an applicant. Pursuant to Sec. 1002.107(b),
financial institutions are permitted to rely on information from the
applicant or appropriate third-party sources, although for most data
points if the financial institution verifies the information provided
it must report the verified information. Section 1002.107(d) permits
financial institutions to reuse certain previously collected data in
certain circumstances.
Firewall (Sec. 1002.108). Section 1002.108 implements section
1071's requirement that certain data collected pursuant to section 1071
be shielded from certain persons if feasible; the CFPB refers to this
as the ``firewall.'' Pursuant to Sec. 1002.108(b), if an employee or
officer of a covered financial institution or a covered financial
institution's affiliate is involved in making any determination
concerning a covered application from a small business, that employee
or officer is prohibited from accessing the applicant's responses to
regarding
[[Page 35177]]
protected demographic information requested under this final rule.
However, pursuant to Sec. 1002.108(c), this prohibition does not
apply to an employee or officer if the financial institution determines
that employee or officer should have access to the applicant's
responses to the financial institution's inquiries regarding the
applicant's protected demographic information, and the financial
institution provides a notice to the applicant regarding that access.
The notice must be provided to each applicant whose information will be
accessed or, alternatively, the financial institution may also provide
the notice to applicants whose responses will not or might not be
accessed. For example, a financial institution could provide the notice
to all applicants or all applicants for a specific type of product. The
CFPB is providing sample language that a financial institution can, but
is not required to, use for this notice.
Reporting of data to the Bureau (Sec. 1002.109). Section 1002.109
addresses several aspects of covered financial institutions'
obligations to report small business lending data to the CFPB. First,
Sec. 1002.109(a) provides that data must be collected on a calendar
year basis and reported to the CFPB on or before June 1 of the
following year. Section 1002.109(a) also addresses collection and
reporting requirements of subsidiaries of financial institutions and
reporting requirements of financial institutions where multiple
financial institutions are involved in a transaction. Second, the CFPB
lists in Sec. 1002.109(b) the information that financial institutions
are required to provide about themselves when reporting data to the
CFPB, including the financial institution's name, headquarters address,
contact person, Federal prudential regulator, institutional
identifiers, parent entity information, as well as information on the
type of financial institution it is, and whether it is reporting
covered applications voluntarily. Finally, Sec. 1002.109(c) addresses
technical instructions for the submission of data to the CFPB,
including information about the Filing Instructions Guide, which the
CFPB will provide for the appropriate year.
Publication of data and other disclosures (Sec. 1002.110). Section
1002.110 addresses several issues regarding the publication of small
business lending data. Section 1002.110(a) provides that the CFPB will
make available to the public, on an annual basis, the data submitted to
it by financial institutions. These data will be made available subject
to deletions or modifications made by the CFPB, if the CFPB determines
that such deletions or modifications would advance a privacy interest.
Part VIII below discusses the CFPB's preliminary assessment of how best
to determine appropriate pre-publication modifications and deletions,
particularly in light of re-identification risk to small businesses and
their owners. Section 1002.110(b) provides that the CFPB may compile
and aggregate data submitted by financial institutions and may publish
such compilations or aggregations.
Section 1002.110(c) requires a covered financial institution to
publish on its website a statement that its small business lending
data, as modified by the CFPB, are or will be available from the CFPB.
Section 1002.110(d) sets forth when a covered financial institution
shall make this statement available and how long the financial
institution shall maintain the statement on its website. These
requirements satisfy financial institutions' statutory obligation to
make data available to the public upon request.
Finally, Sec. 1002.110(e) prohibits a financial institution or
third party from disclosing protected demographic information, except
in limited circumstances. Section 1002.110(e)(1) prohibits a financial
institution from disclosing or providing to a third party the protected
demographic information it collects pursuant to the rule, except to
further compliance with ECOA or Regulation B or as required by law.
Section 1002.110(e)(2) prohibits a third party that obtains protected
demographic information for the purpose of furthering compliance with
ECOA and Regulation B from any further disclosure of such information,
except to further compliance with ECOA and Regulation B or as required
by law.
Recordkeeping (Sec. 1002.111). Section 1002.111 addresses several
aspects of the recordkeeping requirements for small business lending
data. First, Sec. 1002.111(a) requires a covered financial institution
to retain evidence of compliance with subpart B, which includes a copy
of its small business lending application register, for at least three
years after the register is required to be submitted to the CFPB
pursuant to Sec. 1002.109. Second, Sec. 1002.111(b) requires a
covered financial institution to maintain, separately from the rest of
an application for credit and accompanying information, an applicant's
responses to a financial institution's inquiries regarding the
applicant's protected demographic information. Finally, Sec.
1002.111(c) requires that, in compiling, maintaining, and reporting its
small business lending application register, as well as the separately
maintained protected demographic information pursuant to Sec.
1002.111(b), a financial institution may not include any personally
identifiable information concerning any individual who is, or is
connected with, an applicant.
4. Other Provisions (Sec. Sec. 1002.112 Through 1002.114)
Enforcement (Sec. 1002.112). Section 1002.112 addresses several
issues related to the enforcement of subpart B. First, Sec.
1002.112(a) states that a violation of section 1071 or subpart B is
subject to administrative sanctions and civil liability as provided in
sections 704 and 706 of ECOA. Second, Sec. 1002.112(b) provides that a
bona fide error in compiling, maintaining, or reporting data with
respect to a covered application is an error that was unintentional and
occurred despite the maintenance of procedures reasonably adapted to
avoid such an error. Such an error is presumed not to violate ECOA or
subpart B if the number of such errors do not exceed the thresholds set
forth in appendix F. Third, Sec. 1002.112(c) identifies four safe
harbors under which certain errors--specifically those regarding the
application date, census tract, and NAICS code data point, along with
incorrect determinations of small business status, covered transaction,
and covered application--do not constitute violations of ECOA or
subpart B. Relatedly, in part VII below, the CFPB discusses its
intention to consider, for financial institutions subject to the CFPB's
jurisdiction, good faith efforts to comply with the rule and will not
generally assess penalties for errors in data reporting. The CFPB will
conduct examinations on data during the grace period to assist
institutions in diagnosing compliance weaknesses.
Severability (Sec. 1002.113). Section 1002.113 provides that any
provision of subpart B, or any application of a provision, is stayed or
determined to be invalid, it is the CFPB's intent that the remaining
provisions shall continue in effect.
Effective date, compliance date, and special transitional rules
(Sec. 1002.114). Section 1002.114 addresses several issues related to
the rule's effective date, when covered financial institutions are
required to comply with the rule, and associated transitional rules.
Section 1002.114(a) provides that this final rule will become effective
90 days after publication in the Federal Register. However, pursuant to
Sec. 1002.114(b) compliance with the final rule is based on a tiered
compliance date schedule.
[[Page 35178]]
Compliance with the rule beginning October 1, 2024 is required for
covered financial institutions that originate the most covered credit
transactions for small businesses. However, institutions with a
moderate transaction volume have until April 1, 2025 to begin complying
with the rule, and those with the lowest volume have until January 1,
2026. Next, Sec. 1002.114(c) provides certain transitional provisions
that permit covered financial institutions to begin collecting
protected applicants' demographic information beginning 12 months prior
to their applicable compliance dates. Finally, Sec. 1002.114(c) also
permits financial institutions that do not have ready access to
sufficient information to determine their compliance tier (or whether
they are covered by the rule at all) to use any reasonable method to
estimate their volume of originations to small businesses for this
purpose.
D. High-Level and General Comments
1. High-Level and General Comments on the NPRM
High-level and general comments received on the NPRM are discussed
here, followed by a discussion of comments specifically addressing
implementation issues and comments regarding section 1071's overlap
with other data reporting regimes. Comments received on specific
aspects of the Bureau's proposed rule are discussed in the section-by-
section analyses that follow in this part V. Comments regarding the
privacy analysis are addressed in part VIII below, and regarding the
Bureau's analysis of impacts in parts IX through XI.
Comments Received
Support for section 1071's statutory purposes was nearly universal
amongst commenters, at least at a high level of generality. (See also
the section-by-section analysis of Sec. 1002.101 below.) The vast
majority of industry commenters praised the purposes of the rule, and
the intentions behind section 1071 and ECOA generally, while offering
criticisms of specific provisions of the proposed rule.
Broad support. A number of commenters offered general support for
the rule, including its scope and its purposes. For example, a trade
association stated its appreciation for the comprehensive nature of the
proposed rule, noting that the Bureau conducted extensive outreach and
worked at ensuring proper and effective rulemaking consistent with
legislative intent while allowing for technical improvements and
practical considerations. A community group stated that to achieve the
community development and fair lending purposes of the statute, the
data collected and reported under the rule needs to be comprehensive in
its coverage of lenders and must capture key credit underwriting
factors as controls for analyses of gender and racial disparities in
lending. The commenter also stated that the Bureau recognized that
annual disclosure of lending data by the vast majority of small
business lenders is a prerequisite for adequate oversight, given that
existing data are insufficient. The commenter further explained that
existing data consist of periodic surveys that are not usually lender
specific and that are inconsistent in the amount of detail provided on
key underwriting variables needed for analyses of community needs and
fair lending compliance.
A number of commenters offered more specific support for the rule's
purposes. One trade association noted that its members have been active
in the development of policy supporting section 1071, including
participation as small entity representatives during the SBREFA
process. A number of banks, a credit union, and several trade
associations expressed support for the statutory purposes of section
1071 and the Bureau's proposed rule. One trade association stated that
the NPRM was a key opportunity to explore lending data and expand
responsible small business lending, which was important to the
financial well-being in the communities served by its members, as well
as stability of the overall financial system.
A cross-sector group of lenders, community groups, and small
business advocates stated that it is critical to require lenders to
collect and report applicant data for as many small minority-owned and
small women-owned businesses as possible, to uphold congressional
intent and establish a comprehensive database.
Several commenters focused on the importance of the fair lending
purpose of section 1071. One trade association stated its unequivocal
agreement with the purpose of preventing discrimination on the basis of
ethnicity, race, and sex, and noted that CDFI lenders share the
Bureau's core value of protecting consumers by providing fair and
transparent financial products and services to all customers.
A number of commenters, including community banks, credit unions,
and trade associations, offered their appreciation for the stated
intentions of the rule in the NPRM--to support fair lending and
business and community development--but expressed concern about the
effect of the rule as proposed on lending and compliance costs. A bank
stated that, while it supported the statutory goals of section 1071,
the proposed rule would result in restricted, higher-priced credit for
the groups the proposal is meant to benefit. A trade association for
community banks likewise supported the proposed rule and the
congressional intent behind section 1071, but asserted it was necessary
to fine-tune specific proposed provisions to mitigate costs and ensure
small business lenders remain active, particularly those serving the
most underserved markets. Another trade association supported the goals
of the NPRM, but worried that the proposed would unduly burden credit
unions and would discourage them from offering business credit.
Broad criticisms. Some industry commenters expressed disagreement
with the enactment of section 1071 and therefore opposed the rule in
its entirety. One lender opposed the rule on the grounds that it
already complies with fair lending laws, and that the rule would force
a choice between compliance and market exit. Another argued that the
Dodd-Frank Act may have intended that section 1071 create a HMDA-like
data reporting mechanism, but warned that small business lending is not
``cookie-cutter,'' is not automated, and is highly relationship driven.
Another commenter claimed that it would be impossible to derive any
meaningful or statistically valid conclusions from a comparison of
small business loans.
A credit union stated that the publication of data collected and
reported pursuant to section 1071 would not permit it to better
identify its members' unmet small business lending needs aside from
confirming if there is a significant difference in the number of
business borrowers that are female or of a specific race.
One trade association noted that credit unions may only serve their
members and are limited by Federal statute in their ability to offer
business loans; as a result, data collected from them would not be
comparable to data collected from lenders without similar limitations
in who they may serve.
Other commenters, without specifically opposing the enactment of
section 1071, expressed more general concerns about the NPRM. Trade
associations for online lenders supported the policy goals of the NPRM
and also believed that modifications should be made to support
responsible innovation in banking without unintentionally stifling the
efficiency and innovation that digital lending
[[Page 35179]]
platforms can provide. A bank supported the enforcement of fair lending
laws and appreciated the Bureau's dedication to better supporting small
businesses, but was concerned about aspects of the NPRM. A One
commenter inquired as to why the Bureau, in charge of consumer
financial protection, was concerned with business loans, and claimed
that the Bureau was engaged in overreach.
The role of online lenders. Two trade associations suggested that
online and ``fintech'' lenders were important to expanding access to
financing, particularly for Black- and Hispanic-owned businesses. These
commenters expressed their support for greater transparency and
expanding access to sustainable and fair credit in small business
lending. They also asserted that women-owned and minority-owned small
businesses were disadvantaged in applying for small business lending at
traditional banks, and that nontraditional online lenders play a
crucial role in modernizing financial services and improving access and
outcomes for small businesses. One of the commenters noted that, in
particular, the use of artificial intelligence, machine learning, and
alternative data would expand lending to minority-owned small
businesses.
Uniqueness of small business lending. One bank stated that it was
hard to perform comparative analysis on small business loans because
they are unique and manually unwritten. Further, the commenter stated
that the absence of certain credit criteria or metrics--such as
collateral, loan-to-value, debt-to-income, debt service coverage ratio
and the like--in the data points to be collected by the rule could
cause reviewers of published data, such as consumer groups and agency
examiners, to draw incorrect conclusions on variances in rates and
terms of loans.
Data accuracy. A bank and a trade association asserted that the
Bureau's final rule should focus on ensuring the collection and
reporting of high-quality data that maximizes data accuracy and
reliability. These commenters noted that inaccurate, unreliable, and
poor-quality data could undermine the statutory purposes of section
1071, which the commenters said were to promote access to credit for
minority-owned and women-owned small businesses. They further stated
that poor data quality could also lead to misguided and factually
unsupported fair lending allegations, which could damage the
reputations of responsible lenders and subject them to unnecessary
investigative burdens and lawsuits, all of which could undermine the
Bureau's credibility and waste the Bureau's time and resources. Based
on these premises, the commenters sought the elimination of certain
provisions which they believed would undermine the collection of
accurate, reliable, high-quality data (discussed in the applicable
section-by-section analyses that follows).
Specific uses of small business lending data. Two trade
associations urged the Bureau to explain how it would use the data
collected under this rule, including how it would analyze data
collected by the rule. One claimed that the NPRM did not outline
potential uses for small business lending data, and asserted that the
Bureau should provide notice and comment on potential uses of the rule,
even after the issuance of the final rule. The commenter stated that it
is important for the Bureau to issue guidance on how it plans to
analyze data reported under the rule, including how it will assess
whether lenders appropriately serve relevant markets, which can vary
significantly by lending product.
The other commenter stated that the Bureau should clearly indicate
how implementing the proposed framework will advance fairness and
understanding of small business credit needs, that requirements should
tie to satisfying stated objectives and designed no more broadly than
necessary to reduce unnecessary costs to small business lenders. The
commenter stated its belief that by clearly indicating how it will use
data it collects, including whether and how it will make such
information public, the Bureau will allow stakeholders to assess better
the costs and benefits of the overall framework. Additionally, the
Bureau should carefully consider potential unintended consequences--
especially related to data publication--that could reduce small
business credit access and chill further innovation aimed at better
serving small businesses.
Responses to Comments Received
The Bureau agrees with the general comments made in favor of
keeping the scope of the proposed rule broad. In general, the Bureau
believes that broad coverage of institutions and products as requested
by a number of commenters is consistent with the statutory purposes of
section 1071. The Bureau does not believe that a more limited approach
to scope--including the various limitations on the coverage of certain
types of financial institutions and products--would be consistent with
the statutory purposes of section 1071. The Bureau addresses these
issues directly in the section-by-section analyses of proposed
Sec. Sec. 1002.104 and 1002.105 below.
Broad support. Regarding the comment on the scope of the rule, that
the Bureau should continue to monitor U.S. Census data to ensure that
its definition of small business in this rule continues in the future
to be inclusive enough such that the proportion of non-small minority-
owned businesses do not exceed 1 percent of all businesses, the Bureau
believes that its adoption of an inflation-adjustment for the gross
annual revenue threshold in the definition of small business under
Sec. 1002.106(b) should help ensure that, over time, the proportion of
businesses covered by the rule does not decline. In any case, the
Bureau will monitor data concerning the prevalence of small businesses
in the context of the economy at large.
Broad criticism. Regarding the comment of a lender that it already
complies with fair lending laws, the Bureau notes that continuing
enforcement of fair lending laws, and tools such as this data
collection rule that facilitate such enforcement, remains necessary
because while the commenter may comply with fair lending laws, some
lenders may not and a subset of those may repeatedly violate fair
lending laws. Additionally, enabling identification of business and
community development needs and opportunities is an independent purpose
of the statute. Compliance with fair lending laws does not necessarily
permit creditors, communities, and governmental entities to identify
business and community development needs and opportunities. As to the
assertion that the rule would force a choice between compliance and
market exit, the Bureau's decision to increase the originations
threshold from 25 to 100 transactions will mitigate any risk of such
disruptions, even if slight or speculative. Regarding the comment that
small business lending is more individualized and highly relationship
driven, the Bureau agrees this is true for much small business lending
and the final rule is crafted to acknowledge this, as discussed in the
section-by-section analyses that follow. But that does not prevent
small business lending data from facilitating fair lending enforcement
and identifying business and community development needs and
opportunities.
As to comments that quarrel with the statutory mandate and question
the utility of the data in general terms, the Bureau is bound by the
statute and congressional intent. Additionally, many described
potentially helpful uses of the data.
[[Page 35180]]
Regarding the assertion that the Dodd-Frank Act was only intended
to regulate larger institutions, and that smaller lenders should be
exempted from the rule to avoid harming those the Act was intended to
protect, the Bureau notes that while much of the Dodd-Frank Act
explicitly addresses larger entities, section 1071 does not contain
such limitations. Nonetheless, Bureau has made changes in the final
rule in response to public comment that will have the effect of
reducing compliance burden on small lenders. For example, the Bureau
has raised the coverage threshold from 25 to 100 originations for
purposes of determining which financial institutions must comply with
the rule, provided longer compliance periods for lenders with lower
volumes of small business lending, and provided for a variety of safe
harbors and a good faith error provision which will provide some leeway
to smaller-volume lenders. The Bureau implemented these changes in the
final rule to limit its impact on institutions with lower volumes of
lending to small businesses. The Bureau has also complied with the
Dodd-Frank Act requirements under SBREFA and the RFA to assess and
mitigate any impact on smaller financial institutions.
The Bureau addresses the effect of the rule on lending and
compliance costs, in its impact analyses in parts IX and X below.
Regarding the commenter that stated that the rule would not meet its
purposes and would result in restricted, higher-priced credit to the
very groups the proposal is meant to benefit, the Bureau's analysis
suggests that any changes in the cost of credit would be small and
unlikely to lead to a significant change in the per-unit cost of loans
to individual applicants even from the smallest lenders. The Bureau has
made various changes from the proposal in finalizing this rule intended
to mitigate costs for smaller-volume lenders serving small businesses
in response to comments expressing concern that credit unions and other
financial institutions remain active small business lenders.
Regarding the concern that data from credit unions would not be
comparable to data collected from other kinds of lenders, the Bureau
observes that, under Sec. 1002.109(b), lenders must provide
information on financial institution type. Credit unions thus must
self-identify themselves in submitting data to the Bureau, and the
various limitations on lending by credit unions can be taken into
account in analyses of data collected and reported under this rule.
Regarding the comment that the rule should be modified to support
responsible innovation in banking without unintentionally stifling the
efficiency and innovation that online lenders may provide, the Bureau
agrees that it does not wish to stifle responsible innovation. The
Bureau has endeavored to be responsive to these concerns in the final
rule; to the extent that specific concerns were raised, they are
addressed in other provisions of this preamble. Regarding the comment
that the rule as proposed was too complex even for most forward-
leaning, technologically adept financial institutions, the Bureau
disagrees, noting that while this rule is new, it is not dissimilar to
other similar data collection regulations in complexity, such as those
for HMDA, CRA, and the CDFI Fund. Further, the Bureau has made a number
of changes to this final rule to make compliance easier for smaller-
volume lenders, or to exclude them from reporting requirements
entirely.
Regarding the comment asserting that the Bureau was overreaching by
regulating business loans, the Bureau notes that section 1071
explicitly requires the Bureau promulgate a rule to collect data on
applications for business credit.
The role of online lenders. Regarding assertions made that nonbank
online lenders were important to expanding access to financing for
Black- and Hispanic-owned businesses in particular, that traditional
lenders provided fewer loans to women-owned and minority-owned small
businesses, and that technology improved access and outcomes for small
businesses, the Bureau believes that the broader conclusion to draw
from these assertions is that the data that will be collected under
this rule is needed to assess and further analyze such claims.
Uniqueness of small business lending. Regarding the comment that it
is not possible to perform comparative analysis on small business loans
because they are unique and manually unwritten, the Bureau disagrees.
Other commenters, as set out in the section-by-section analysis of
Sec. 1002.101, stated that the data points proposed in the NPRM are
fulsome and can contribute to sophisticated analysis and comparison of
small business loans. Regarding the comment that the Bureau cannot make
comparisons absent additional credit metrics beyond those it proposed
to collect and that other reviewers of published data could draw
incorrect conclusions, the Bureau does not agree that additional credit
metrics are necessary in order to draw meaningful analyses from the
data. While the Bureau believes, all things equal, that additional data
points would enrich the analysis for users of the data, the Bureau also
believes that certain of these metrics can be derived, at least in
part, from other data points, and it notes that other commenters
varyingly opposed any data points proposed pursuant to ECOA section
704B9(e)(2)(H) or requested that the Bureau collect as few data points
as possible. Industry comments were also contradictory on this point;
while many commenters suggested the Bureau had proposed too many data
points, commenters also asserted that the Bureau was not collecting
enough data to draw proper conclusions. The Bureau believes its final
rule strikes an appropriate balance between comprehensiveness and
minimizing burden and complexity to financial institutions.
Data accuracy. Regarding comments that the final rule should focus
on ensuring the collection and reporting of high-quality data, the
Bureau agrees. To this end, it has adjusted various provisions in the
final rule in response to comments received. In addition, other
changes, while made for other reasons, render moot certain comments on
accuracy concerns. For example, the decision not to finalize the
proposed visual observation and surname requirement, discussed in the
section-by-section analysis of Sec. 1002.107(a)(19)), moots the
relevance of comments about the accuracy of visual observation.
Specific uses of small business lending data. Regarding the comment
that the Bureau should have explained and provided an opportunity for
notice and comment for its intended uses of the data collected under
this rule, the Bureau disagrees, both that it did not explain what the
data would be used for, and that it is obligated to identify specific
uses of the data or to provide the public an opportunity to comment on
proposed specific uses of the data. Initially, section 1071 itself
establishes the intended purposes and uses of the collection and
publication of the data--namely, the facilitation of fair lending
enforcement and the identification of business and community
development needs and opportunities. Next, while section 1071 requires
the Bureau to collect and publish data on small business lending
applications, it does not require the Bureau to identify its intended
uses of the data. Moreover, even if the Bureau articulates specific
uses of the data, as the statute explicitly provides, the Bureau is not
the only intended user of the data. Enforcement of fair lending laws
includes ECOA, which is enforced not only by the Bureau but by many
other Federal
[[Page 35181]]
agencies.\288\ Further, for purposes of identifying business and
community development needs and opportunities, the statute specifically
names communities, governmental entities, and creditors as potential
users of the data collected under this rule. Thus, even if the Bureau
disclosed its intended uses--which could change over time depending on
the data received and the needs identified--other stakeholders could
make different use of the data.
---------------------------------------------------------------------------
\288\ See 15 U.S.C. 1691c (listing Federal agencies with
authority to enforce ECOA), 1691e (providing private attorneys, the
Department of Justice, and the Department of Housing and Urban
Development the authority to bring civil suits to enforce ECOA).
---------------------------------------------------------------------------
Regarding comments about how the Bureau intends to make the data
public, including whether and how it will make such information public,
and that the Bureau should carefully consider potential unintended
consequences especially related to data publication, the Bureau
describes its intended privacy analysis in part VIII below. Regarding
concerns that the Bureau might reduce small business credit access and
chill further innovation aimed at better serving small businesses, the
Bureau has considered various comments concerning access to credit and
innovation, which it addresses throughout the section-by-section
analyses below.
2. Comments Regarding Implementation
Comments Received
Several commenters said that the Bureau should provide additional
implementation or guidance resources about the final rule, specific
parts of the rule, or regarding how the rule applies in specific
situations. Some of these commenters requested specific forms of
guidance or specific resources, such as frequently asked questions,
guides, or templates. One commenter said that the final rule should
have a table of contents. Some commenters said that the Bureau should
provide training on collecting and reporting data or training on how to
comply with the rule generally. One commenter said the Bureau should
develop a data literacy program. Another commenter said that the Bureau
should use all of its available tools to educate and support lenders
and their vendors, including no-action letters, advisory opinions,
webinars, guides, and other materials.
Some commenters requested specific content in implementation and
guidance resources. Many commenters requested additional guidance on
specific requirements or data points, and those comments generally are
addressed in the relevant section-by-section analyses later in this
part V. Additionally, one commenter said that the Bureau should develop
materials showing how to do the research needed to find appropriate
regulation sections and related commentary. The same commenter said
that implementation and guidance resources should provide examples.
Another commenter said that implementation resources should address
matters not typically addressed in supervision guides. A few other
commenters said that implementation materials should be detailed and/or
comprehensive.
A few commenters said that implementation materials and guidance
should be provided at specific points in time. Two commenters requested
that the Filing Instructions Guide be provided at least six months
before data collection is required, and another commenter said that the
Filing Instructions Guide should be provided early in the
implementation process. This commenter also said that the compliance
date should take into account the delayed availability of the Filing
Instructions Guide. A different commenter said that guidance should be
provided before, during, and after the compliance date.
A few commenters said that the Bureau should develop outreach
programs or provide additional access to Bureau staff to address
questions or issues that arise during implementation of the rule. One
commenter said that the Bureau should commit to a formal request for
comments on all facets of implementation and compliance with the rule.
This commenter also said that the Bureau should dedicate staff to
provide definitive answers to industry members that contact the Bureau
and that it should not be possible for community banks to be criticized
or penalized for following the instructions or answers obtained from
Bureau staff. Another commenter said that, during the implementation
period, the Bureau should regularly communicate with vendors and
covered financial institutions and consider reasonable extensions of
the rule's compliance date if issues that could affect industry
preparedness arise.
Another commenter said that the Bureau should create a compliance
liaison office that has the primary goal of supporting industry in
their regulatory submissions and fair lending analyses. This commenter
said that this liaison office would require multiple types of
specialists in order to function properly and would need ties to other
teams so that feedback loops work properly. This commenter further said
that questions on specific data entry topics should be saved and
communicated to the Office of Regulations and others at the Bureau. The
commenter said that Bureau guidance provided to individual industry
members should be converted into frequently asked questions and tagged
for purposes of amending existing regulations. The commenter further
said providing verbal guidance is helpful, but slow, and potentially
inconsistent. This commenter also alleged that the Bureau does not
track data related to questions received and asserted that such lack of
tracking limits the responsiveness of the Bureau in adapting
regulations to properly include current industry practices. A different
commenter said that the Bureau should consider holding a series of
public meetings or hearings to take testimony from small businesses,
lenders, and trade associations regarding the impact that
implementation of the proposed rule will have on each group as well as
on the privacy risks inherent in the proposed data collection and
public reporting by the Bureau.
Finally, there were two comments on supervision and enforcement
related issues. These commenters said that the Bureau should coordinate
with other Federal agencies to develop model examination procedures in
advance of the Bureau publishing a final rule. One of these commenters
further predicted that, absent a clear description of the methodologies
that might be employed to perform fair lending analysis, there would
likely be a period where prudential regulators' examination
expectations are in flux and, perhaps, materially inconsistent.
Responses to Comments Received
The CFPB aims to provide a wide variety of guidance about the
legislative rules it issues pursuant to the Administrative Procedure
Act. Although this guidance may include materials such as advisory
opinions, interpretive rules, and general statements of policy, the
CFPB's guidance more often includes other materials and activities that
generally reiterate requirements or positions that previously have been
announced in a legislative rule or elsewhere (hereinafter
``implementation resources''). These implementation resources include
such documents and materials as rule summaries, compliance guides,
checklists, factsheets, frequently asked questions, institutional and
transactional coverage charts, webinars, and other compliance aids
directed to regulated entities, the general public, or agency staff
(e.g., staff manuals). In recent years, the CFPB has
[[Page 35182]]
developed a process for preparing and releasing these implementation
resources. For rules such as this one, the CFPB generally engages in a
phased approach and attempts to provide various implementation
resources throughout the implementation period and for some period
after the compliance date.
The CFPB has provided, simultaneously with this rule's release, a
Filing Instructions Guide, an executive summary, and other resources to
help financial institutions understand and comply with the final rule.
These materials are available on the CFPB's website.\289\
---------------------------------------------------------------------------
\289\ See https://www.consumerfinance.gov/compliance/compliance-resources/small-business-lending-resources/small-business-lending-collection-and-reporting-requirements.
---------------------------------------------------------------------------
Additionally, the CFPB is planning to release a Small Entity
Compliance Guide. This Small Entity Compliance Guide will provide a
detailed and comprehensive summary of the rule's requirements, will
include examples, and will be separate from and different than any
examination manuals or other supervisory materials. The CFPB also
anticipates providing other written implementation resources to assist
industry, vendors, and others. When providing implementation resources,
the CFPB will consider all of its available tools and select the tool
that it believes is best suited to the content that the CFPB is
addressing in the guidance as well as the timing of the guidance.
Individuals who would like to be notified when the CFPB releases
additional implementation resources or other guidance can sign up to
receive notifications. However, with regard to one commenter's request,
the CFPB does not anticipate developing materials attempting to show
members of industry how to conduct research. The CFPB believes that
such materials are outside the scope of the CFPB's implementation and
guidance function and are regularly provided by other sources.
With regard to the comments addressing outreach, the CFPB notes
that it has and anticipates that it will continue to engage in ongoing
outreach related to this rulemaking. As discussed in part III above,
the CFPB engaged in considerable outreach to industry and other
stakeholders in the years leading up to issuing this final rule, and
intends to continue to engage with industry, along with vendors and
other stakeholders, as they prepare to comply with the rule. With
regard to one commenter's request that the CFPB hold a series of public
meetings or hearings to take testimony from small businesses, lenders,
and trade associations regarding the impact that implementation of the
proposed rule will have on each group prior to issuance of the final
rule, the CFPB did not believe this was needed given the number of
substantive comment letters it received and the opportunity provided to
stakeholders to submit comments on the proposed rule and its potential
impact. Nonetheless, as described in part III.B above, the CFPB has
been conducting technical outreach with third-party software providers
that serve financial institutions and software and technology staff
from financial institutions that are likely to have to report small
business lending data to the CFPB. With these software vendors and
technical staff, the CFPB has held and, after publication of this final
rule, will continue to hold discussions concerning the technical
systems and procedures the CFPB will provide for financial institutions
to submit data. The CFPB expects that its outreach efforts will provide
a channel of communication for industry, vendors, and other parties to
constructively provide feedback on the CFPB's existing implementation
resources as well as provide direction for future implementation
resources.
As set out in more detail above, some commenters said that the CFPB
should provide staff to address questions or issues that arise during
implementation of the rule. One commenter suggested that the CFPB
develop a compliance liaison office. Similar to what it has done with
inquiries about HMDA/Regulation C, the CFPB anticipates that it will
use its regulatory inquiries function to assist individual inquirers
who have specific questions about the rule or how to submit data
pursuant to the rule. This function is designed to provide inquirers
with brief, informal assistance on regulatory or technical issues.
However, in part because of Administrative Procedure Act constraints,
the CFPB cannot provide binding or official interpretations through
this informal function. In addition, there are other limits on the
regulatory inquiries function and on the CFPB's other implementation
resources. For example, the CFPB does not provide legal advice through
the regulatory inquiries function.
In addition, the CFPB already reviews the inquiries it receives and
uses information gleaned from those reviews to help the CFPB prioritize
provision of various other types of guidance. Thus, when the CFPB
receives multiple individual inquiries about the same topic, the CFPB
often prioritizes that topic for webinars and various forms of written
guidance, potentially culminating in revisions to the Official
Interpretations or the regulatory text after a notice-and-comment
process. Thus, as requested by one commenter, the CFPB already tracks
data regarding the inquiries it receives and, as appropriate given the
nature of the inquiries and the CFPB's resources, uses them as a basis
for frequently asked questions, other implementation resources, or
other action. The CFPB anticipates doing the same with inquiries
received about this rule.
With regard to the comments related to supervision, the CFPB notes
that it will coordinate with other Federal agencies to develop
examination procedures in connection with the rule, and anticipates
publishing such procedures in advance of the rule's first compliance
date.
3. Comments Regarding Overlaps With Other Data Reporting Regimes
Comments Received
General comments. Several commenters cast the overlap between this
rule and other Federal data collection rules in a positive light. A
community group and a CDFI lender observed that small business lending
data are collected piecemeal and haphazardly across multiple agencies--
including the Federal bank agencies, the SBA, and the CDFI Fund--and
that this rule could be used to consolidate small business lending data
reporting across agencies to reduce administrative burden by satisfying
requirements across programs for various CRA and fair lending uses.
Two commenters noted that the existence of other data collection
regimes, including Federal reporting requirements and private-sector
reporting (such as HMDA; the SBA 7(a), 504, and Community Advantage
Loan programs; CDFI Fund reporting; the Wells Fargo Diverse Community
Capital Program; and the Paycheck Protection Program) suggested that
compliance with this rule is feasible because these other data
collections make this rule well-understood in conceptual,
technological, and procedural terms. One commenter noted that these
other data collections cover all but three of the data points in the
NPRM (application method, application recipient, and denial reasons).
Several commenters stated their appreciation for the Bureau's
attempts to harmonize this rule with others and avoid duplicative data
reporting. One bank noted that avoiding duplicative reporting was
critical for community banks, for which even slight differences in
reporting rules would be
[[Page 35183]]
burdensome, taking away from time that could be spent with customers.
Many other commenters, including lenders, trade associations, a
business advocacy group, and a group of State banking regulators, noted
the overlap between this rule and other data collection regimes, and
requested that the Bureau harmonize this rule with other similar data
reporting regulations, with which lenders were familiar, to minimize
challenges, complexity, duplication, potential burden on lenders, and
potential errors in the data. These commenters named HMDA/Regulation C,
CRA, FFIEC Call Reports, Regulation B/ECOA, and FinCEN's Beneficial
Ownership Rule as specific examples of other rules that the required
harmonization with this rule and that, in many cases, the Bureau itself
identified as overlapping.
Commenters argued that, by borrowing from existing frameworks or
systems, the Bureau could reduce complexity and facilitate industry
compliance, allowing financial institutions to leverage existing
processes, training and institutional knowledge. For instance, some
commenters suggested that the thresholds in this rule be aligned with
those of HMDA and CRA. Other commenters suggested that the Bureau could
adopt the framework in FinCEN's beneficial ownership rule for this
rule's method of determining minority-owned and women-owned status,
rather than layering on a new definition of ``primary owners,'' which
they suggested would add unneeded complexity to the loan origination
process.
Industry commenters also asserted that by aligning this rule with
existing rules, such as HMDA and CRA, the Bureau could avoid imposing
inconsistent or duplicative reporting requirements to avoid errors from
regulatory confusion and urged the Bureau to avoid requiring lenders to
report different data for the same transaction.
Several other commenters identified other concerns with overlapping
reporting. One bank noted that, while the Bureau tried to harmonize its
requirements with other rules, even slight deviations between rules
cause problems, which may confuse customers and make them more likely
to refuse to provide data. Another bank noted that some HMDA and CRA
data aggregation and submission systems rely upon identifiers to
separate and process these different datasets, which the bank suggested
was another reason to keep loans reportable under this rule separate
from those reportable under HMDA.
A number of industry commenters and a group of State banking
regulators requested that the Bureau not require financial institutions
that already report data to duplicate their work. One stated that banks
already report a significant amount of data to prudential regulators,
and that the Bureau should eliminate duplicative reporting. Other
commenters asked that the Bureau work with Federal agencies to align
this rule with the FFIEC Call Report, and CRA and HMDA regulations to
avoid duplication, reduce compliance burden, and reduce the potential
for data errors. Two banks urged the Bureau to exempt loans reportable
under other data reporting regimes, such as HMDA- and CRA-reportable
loans. Another noted that its staff is trained on the established
requirements of HMDA and CRA, and that removing duplicative or
inconsistent requirements would reduce compliance costs, providing
savings that could be passed on to the borrowers. Two community-
oriented lenders suggested that the Bureau exempt all credit
applications under Federal agency programs, as the data points proposed
in this rule are already collected by that loan program's oversight
agency (i.e., SBA, USDA, etc.).
Two industry commenters suggested that the Bureau should first use
existing small business lending data published by the government and
private sector before collecting additional data, thereby assessing the
small business finance market without negatively impacting providers of
capital to entrepreneurs. One bank asserted that the Bureau itself
admitted it had enough data to analyze the small business lending
market, and that the rule should focus on collecting data from non-
depository institutions, as it would be duplicative to collect data
from depositories, which provide data via the FFIEC and NCUA Call
Reports and already have a history of being regulated.
Some industry commenters generally requested that the Bureau work
out inconsistencies between this rule and other data collection
regimes. Some offered more specific requests for harmonization. One
suggested more alignment in terms of scope, coverage and exemptions
between this rule, HMDA and CRA. Another commenter identified
inconsistencies with existing Regulation B, citing the difference
between its small business definition ($1 million or less in revenue)
and the NPRM's proposed definition ($5 million or less). A CDFI lender
observed that CDFIs report lending activity to the CDFI Fund, SBA, CRA,
Opportunity Finance Network's annual member survey, and credit
reporting agencies, and requested that the Bureau standardize data
formats to match those used in CDFI Fund reporting to streamline data
collection and minimize burden on CDFIs.
HMDA. A number of commenters identified overlap between this rule
and HMDA/Regulation C, and noted that duplicative data would published
in two places. Some industry commenters requested that the Bureau avoid
inconsistent and duplicative reporting by excluding from HMDA reporting
transactions reportable under this rule. Two trade association
suggested a parallel rulemaking to amend Regulation C, timed with the
release of this final rule.
On the other hand, other commenters suggested that HMDA-reportable
loans should be excluded from this rule to avoid duplicative reporting,
undue compliance burden, and regulatory confusion. A business advocacy
group noted that the Bureau itself identified the overlap between HMDA-
reportable loans and loans covered by this rule. A trade association
suggested the Bureau could narrowly tailor an exemption by apply the
rule only to financial institutions that report data under HMDA,
without an exclusion for HMDA-reportable loans by lenders that are not
HMDA reporters, arguing that a narrowly tailored exclusion would serve
the statutory purposes of the rule because commercial mortgage loans
for small businesses would be captured under HMDA or this rule. A bank
believed that duplicative reporting of HMDA-reportable applications did
not serve the statutory purposes of the rule. A large bank disagreed
with the Bureau's assertion that excluding HMDA-reportable transactions
from this rule would add complexity to the analysis of data by
requiring lenders to find and delete HMDA-reportable transactions from
its submission to the Bureau; the bank argued that duplicative
reporting was more complex. One lender stated that farm credit data are
already collected from Farm Credit System lenders subject to HMDA.
A number of commenters identified, generally, inconsistencies
between the proposed requirements for this rule and those of HMDA/
Regulation C. Many industry commenters pointed out that many proposed
data points in the NPRM would be similar to data points in Regulation
C, and expressed concern that any differences in reporting requirements
for these data points would lead to confusion and data errors. Two
trade associations asserted that the overlap in data would create
significant
[[Page 35184]]
and needless complexities for covered lenders, and noted that there
were inconsistencies between the rules despite the Bureau's attempts to
limit them.
Several lenders requested that the Bureau harmonize this rule with
Regulation C to the extent possible if no exemptions were possible. A
large bank asked that the Bureau harmonize several data points--action
taken, application date, and ethnicity, race, and sex of principal
owners--because lenders would be able to collect these data just once
for each small business applicant, increasing efficiency in the
application process and facilitating compliance.
Some commenters addressed overlap between specific data points
proposed in the NPRM and existing data point requirements under
Regulation C. A number of industry commenters noted that for census
tract, HMDA uses the tract where collateral is located while the Bureau
proposed to use a waterfall approach of several addresses. Two lenders
pointed out that HMDA does not have the firewall requirement proposed
for this rule in the NPRM; one of these commenters suggested that the
final rule follow the HMDA approach (no firewall) for HMDA-reportable
loans.
On the reporting of ethnicity, race, and sex of principal owners,
two lenders noted that this rule and HMDA offer different answer
choices. One of the commenters noted that lenders would provide two
separate questionnaires regarding ethnicity, race, and sex for a single
loan application, which could confuse applicants and make them decline
to answer either one.
Several lenders noted that the proposed visual observation and
surname provision, which does not require its use to determine the sex
of a principal owner, was not aligned with the visual observation and
surname requirement under Regulation C, which does require its use to
determine the sex of a mortgage applicant. One stated that this
disparity would cause confusion and errors in data collection. Another
stated that for a loan application covered by both rules, the disparity
would mean complying with one rule and violating the other.
Regarding credit purpose, a bank noted that a loan to a small
business to purchase, improve, or refinance an apartment building would
require different information to be collected and reported under both
rules.
On action taken, one bank noted a disparity between the approaches
of the proposed rule (one option for ``incomplete'' as an action taken)
and of Regulation C (two different incompleteness options--one for a
loan denial and the other for file closure) that it believed would
cause difficulty, despite agreeing with the proposed rule's approach.
Another bank noted that the proposed rule would require collection of
gross annual revenue for the past fiscal year, while Regulation C
requires the income used for the credit decision.
Community Reinvestment Act. A number of commenters noted the
similarities between the small business and small farm data collected
under CRA and this rule and suggested eliminating duplication. One
community group stated that the data for this rule should replace CRA
data, noting that this rule could replace the inconsistent, duplicative
and inefficient collection of small business lending data with a
comprehensive database. The commenter stated that lenders and community
groups both would prefer to consult with one database than to contend
with two or more that are collected annually, and that this rule is
likely to capture more data than the current CRA system. A bank
suggested eliminating CRA reporting requirement as data collected under
this rule would duplicate and surpass the CRA data points, but would
not be interoperable as each rule would require different formatting,
rounding, or coding. A minority business advocacy group and a joint
letter from community and business advocacy groups requested that 1071
data be used for CRA examinations, just as HMDA data are. These
commenters noted that current small business small farm data for CRA
examinations is limited and not a good indication of whether lenders
serve the most vulnerable businesses, and that the more robust dataset
to be collected under this rule would be a better indicator.
One bank asked that the Bureau work with other Federal regulators
to eliminate duplication with CRA data reporting, noting that CRA data
already provides a good picture of lending to small business including
agriculture. Another bank suggested that the Bureau, rather than create
a new data collection requirement, exempt federally insured
depositories and work with other Federal regulators to enrich existing
CRA reporting to include the data the Bureau wants to collect under
section 1071. The commenter noted that insured depositories already
have robust CRA reporting systems, and generally already collect and
report data required by the NPRM to meet CRA obligations. The bank
stated that the use of CRA systems to report 1071 data would result in
the faster delivery of information the Bureau needs at lower cost to
reporters. The bank also suggested that the CFPB should focus this rule
on non-depository institutions that do not now have robust reporting
requirements. The commenter also stated that institutions are already
comfortable with CRA reporting and understand how regulators use such
information, but noted that they did not understand how data collected
pursuant to section 1071 would be used and was concerned the Bureau
would use it to retaliate and micromanage lenders, as it did in the
consumer lending space.
A number of lenders asked that the Bureau work collaboratively with
the prudential regulators to eliminate inconsistencies and duplication
with CRA data reporting. A CDFI lender asserted that successful
implementation of this rule would necessitate coordination of data
requirements and encouraged the Bureau to coordinate with the CRA
agencies to align rules to ensure that lenders covered by CRA continue
to meet credit and community development needs of small businesses,
particularly those owned by women and minorities. One bank noted that
duplicate and inconsistent requirements would increase the compliance
burden on lenders as well as data errors, and that inconsistent data
reporting would require more resources without adding value. A bank
stated that inconsistent definitions could cause community stakeholders
to misinterpret data and draw incorrect conclusions regarding a
lender's performance.
One bank supported a more streamlined approach taking advantage of
existing CRA processes and definitions to reduce costs and burdens
related to this rule, which in turn would ease burdens on lenders and
reduce costs that would ultimately be passed on to the borrower.
Another commenter suggested that the Bureau work closely with the
agencies working on the modernization of CRA rules to reduce
duplication and the friction caused by differences between the rules.
A number of commenters identified specific areas of inconsistency
between the CRA and this rule. Several banks and a trade association
noted that the small business definition proposed in the NPRM,
businesses with gross annual revenue greater than $5 million, was
inconsistent with the CRA definition, which included an asset threshold
and originated loans less than $1 million. One bank stated that this
discrepancy was likely to cause staff confusion and possible data
integrity issues. A trade association requested that the Bureau adopt
the CRA's small business definition using a loan size of $1 million
[[Page 35185]]
and other Federal laws to create alignment for those lenders that
already comply with existing regulations, and that a focus on
businesses with $1 million in revenues would support the Bureau's goal
of promoting small business lending in underserved areas to underserved
small businesses, that are more likely to be closer to $1 million
rather than $5 million in revenue. Two banks stated that banks may
receive more CRA credit for small business loans originated to
businesses with $1 million or less in gross annual revenues.
Several commenters noted that the rule proposed a waterfall
approach to using addresses to determine census tract, while CRA
regulations inquire only about where loan funds are used. One bank
commented that this meant that a single loan could result in the
reporting of different census tracts for purposes of the two rules.
Another bank suggested that a better way to achieve consistency with
CRA was to allow lenders reporting under this rule to choose which of
the three addresses to use and require the institution to report which
address type it used.
Some industry commenters noted that the Bureau reduce its gross
annual revenue threshold for its small business definition under this
rule from $5 million to $1 million to align with CRA. A trade
association noted that the $1 million threshold would align with the
threshold for FFIEC Call Reports and for existing Regulation B, which
requires tracking of loans to businesses with $1 million or less in
revenue for purposes of sending adverse action notices under Sec.
1002.9(a)(3). The commenter also stated that using this threshold would
also mean that other data from this rule could be compared with CRA
data, leading to a better evaluation of a bank's small business lending
performance.
One bank stated that a discrepancy between this rule and CRA on the
revenue threshold could lead to errors, given the many manual processes
still used. Another bank asserted that a $5 million threshold would
capture applications from businesses it did not consider small.
Several trade associations claimed that the proposed rule did not
treat renewals and extensions the way CRA regulations do.
SBA. Several commenters stated that SBA-reportable loans should be
exempt from the rule, including loans under the SBA 7(a) and 504
programs. One commenter stated that the Bureau should work with SBA to
select reportable data elements and then obtain them from the SBA on
loans and application denials to ease the reporting burden of SBA
lenders, and that the majority of applications are already captured by
third-party lending partners in the 504 program.
One bank stated that the Bureau's proposed small business
definition is too broad and may capture entities that are not true
small businesses. The commenter originated many multi-family loans to
entities formed for the sole purpose of investing in real estate, not
to run a small business, and asserted that the proposed definition
would capture entities not consistent with SBA's definition of small
business based on number of employees by industry and would be
consistent with the spirit of section 1071, and that this would skew
data.
FinCEN. One bank stated that data reported under this rule would be
better provided through other means, such as FinCEN's recent business
database and registry.
CDFI Fund. Some commenters, including a number of community-
oriented lenders and community groups, stated that the Bureau should
work with the CDFI Fund to streamline integrating the data from this
rule with that of the CDFI Fund. Several commenters stated that new
requirements from the CDFI Fund will likely expand transaction level
reporting requirements to all certified CDFIs. One CDFI lender noted
that the CDFI Fund's review and improvement to its current annual
reporting process could create an opportunity to harmonize its
definition, types of data collection, and timing of reporting with the
Bureau. Another CDFI lender stated that the Bureau should work with the
CDFI Fund to ensure that reporting requirements are aligned; CDFIs are
currently required by Federal law to collect, maintain, and report
specific demographic data about small businesses and consumers to
ensure they serve their target communities. Several others stated that
the Bureau should work with the CDFI Fund and loan software providers
to streamline the process of integrating new data collection processes
into existing systems. Some commenters noted that certain CDFIs must
report data points such as interest rate, origination, points and fees,
amortization type, loan term, and payment dates to the CDFI Fund.
Several also pointed out that some CDFIs also report on loans to the
SBA, to Federal prudential banking regulators pursuant to the CRA, and
to a non-profit's annual member survey.
One lender stated that CDFIs have long sought guidance from the
Bureau on compliance with overlapping statutory requirements from the
CDFI Fund, ECOA, and Regulation B, and recommended that the Bureau use
this rulemaking process to clarify data collection requirements in
coordination with the CDFI Fund to avoid potential conflicts.
Several commenters said that some CDFIs will have to adjust
processes and systems to comply with this rule, that the CDFI industry
uses several different loan software products, and providers
continually modify systems to comply with the CDFI Fund's reporting
requirements.
One commenter stated that the Bureau should collect credit score,
as CDFI Fund does, because it permits an ``apples-to-apples''
comparison of loans to help determine if small businesses that have
historically struggled to access responsible loans receive credit on
identical terms as white-owned businesses. The commenter also said that
the burden to collect this would be minimal, as many CDFIs already
report it to the CDFI Fund.
Farm Credit. An agricultural lender stated that a lack of
understanding of the Farm Credit System by the Bureau would have
unintended and detrimental consequences for those lenders' customers.
The lender noted that these lenders institutions already report lending
on Young, Beginning and Small lending efforts and volume (12 CFR
614.4165) to the Farm Credit Administration.
Agency cooperation. One bank suggested that the Bureau work with
SBA to create more women-owned and minority-owned business programs,
such as diversity loan programs to help the underserved, noting that
the Dodd-Frank Act was passed as a reaction to the practices of larger
lenders but would affect smaller lenders disproportionately.
A State financial regulator requested that the Bureau work with
State regulators to provide them data. The commenter noted that the
NPRM proposed modifications or deletions to protect privacy interests
but was silent on whether the Bureau would share unredacted data with
State regulators, and urged the Bureau to include in the final rule
express language permitting the Bureau to share data collected under
this rule with State regulators in accordance with information sharing
agreements. The commenter noted that such data will help State
regulators identify fair lending violations and enforce anti-
discrimination laws.
Responses to Comments Received
General comments on overlap. The CFPB acknowledges the general
comments concerning the overlap between this rule and other data
[[Page 35186]]
collection regimes, and general requests that the Bureau harmonize this
rule with other similar data reporting regulations. The CFPB recognizes
the overlap with other rules and in this final rule has made attempts
to minimize the challenges, complexity, and duplication of effort, as
well as potential errors in the data. In some instances, duplicate
reporting will be eliminated--this rule will not require the reporting
of any HMDA-reportable applications, and proposed amendments to CRA
regulations would eliminate reporting on small business and small farm
reporting to be replaced exclusively by data from this rule. In
addition, the CFPB attempted wherever possible (i.e., consistent with
its statutory authorities under this rule) to borrow concepts or
structures from other rules, such as FinCEN's customer due diligence
rule. The CFPB also intends to continue to coordinate with other
agencies to further harmonize this final rule with other similar
regulations.
Regarding the requests that the Bureau not require financial
institutions that already report data to duplicate their work, or that
the Bureau exempt all loan applications under Federal agency programs,
the CFPB has made certain adjustments in the final rule. As noted
above, duplicate reporting will be eliminated for HMDA-reportable loans
and, pursuant to proposed amendments to CRA regulations, under the CRA.
However, other data reporting regulations have purposes sufficiently
different from those of this rule such that the regulations are not
completely overlapping, and that the simple elimination of one of the
two reporting requirements would not advance both regulations. For
instance, data reported via FFIEC Call Reports are not motivated only
by considerations of fair lending and community development. In
addition, such other reporting requirements address only originations,
while section 1071 requires reporting on applications.
Regarding the comment that the Bureau should first use existing
small business lending data generated by the government and private
sector before collecting additional data, Congress disagreed when it
passed section 1071 calling for data on small business lending
applications. Existing data capture only limited application-level data
on lending to small businesses by depository institutions, and hardly
any application-level data on lending to small businesses by non-
depository institutions.
Regarding requests that the CFPB work out inconsistencies between
this rule and other data collection regimes, and that the Bureau
standardize data formats to match those used in other data reporting,
especially for CDFIs, the CFPB has attempted to do so in this final
rule where consistent with section 1071's statutory purposes. In
addition, the CFPB intends to work with agencies and other sources of
small business lending data to explore other possible avenues for
additional standardization.
HMDA. Regarding the identification of overlap between this rule and
HMDA/Regulation C, and the requests to avoid duplicative reporting, the
CFPB is exempting HMDA-reportable transactions from the requirements of
this rule. This new provision would have the effect of eliminating
inconsistencies between the two rules, the duplication of data
collection and reporting, and potential data errors. However, the
Bureau is not adopting a more narrowly tailored exclusion that would
not apply to HMDA-reportable loans by financial institutions that are
not HMDA reporters. For the reasons set out in the section-by-section
analysis of Sec. 1002.104(b)(2), the CFPB has determined that trying
to close all potential data gaps would defeat the purpose of trying to
alleviate concerns from commenters about having to implement and
maintain two separate reporting systems. The CFPB's decision to exempt
HMDA-reportable transactions also renders moot comments concerning
inconsistencies between specific data points in Regulation C and those
proposed for this rule, along with the firewall requirement.
Community Reinvestment Act. Regarding the comments identifying the
similarities between the data required by this rule and the
requirements of the CRA, and the request that the data of this rule
replace the data for the CRA, the CFPB notes that, as stated in part
II.F.2.i above, the CRA agencies have issued a proposed rule that,
amongst other things, would exclusively rely on 1071 data for its
assessment of the small business and small farm lending activities of
banks, replacing the existing CRA data requirements based on Call
Reports and other sources. The CFPB believes that when the final rule
amending the CRA requirements is issued, duplication between the CRA
and this rule will be eliminated, as requested by numerous commenters,
including industry and community groups. As some community groups
suggested, the CRA proposal contemplates using 1071 data for CRA
examinations in the manner that HMDA data are currently used in CRA
examinations. The CFPB agrees with these commenters that 1071 data
would be more robust than the data currently collected under existing
CRA rules.
Regarding the various request that the Bureau work with other
Federal regulators to eliminate duplication, the CFPB observes that the
CRA agencies appear to intend with their proposed rule to eliminate
duplicative reporting by both relying on the Bureau's small business
lending data and eliminating any independent data collection
requirement. The CFPB intends to continue cooperating with the CRA
agencies to ensure coordination between this rule and amendments to the
CRA regulations, especially those concerning potentially duplicative
reporting.
Regarding the comments that the Bureau should exempt lenders that
report under the CRA, the CFPB does not believe such an exemption would
be appropriate. In addition, in light of the CRA's proposal to use data
collected and reported pursuant to section 1071, the result of such an
exemption might be that no small business lending data would be
collected for such institutions.
Regarding the comments that identified specific inconsistencies
between the CRA and this rule, the CFPB does not disagree that the
inconsistencies identified exist but notes that the CRA's proposal that
the CRA agencies rely exclusively on 1071 data for their analysis of
small business and small farm lending would render these
inconsistencies moot because only 1071 data would exist. Regarding the
comment that the Bureau should reduce its gross annual revenue
threshold for its small business definition under this rule from $5
million to $1 million to align with FFIEC Call Reports and for
Regulation B, the CFPB is not doing so for the reasons set out in the
section-by-section analysis of Sec. 1002.106(b). The CFPB believes
that a small business definition with a lower threshold would not
further the statutory purposes of the rule because it would reduce the
amount of data collected concerning lending to many businesses that,
according to other metrics would still be considered small though above
$1 million in revenue. In addition, the Bureau believes that analyses
seeking to match or compare data from this rule that are interoperable
with small business lending data from FFIEC need only screen this
rule's data for gross annual revenue of less than $1 million, which
this rule requires as a data point. For instance, the CRA NPRM proposes
screening the 1071 data for loans to small businesses and small farms
under $1 million revenue for purposes of certain parts of CRA
examinations.
SBA. The CFPB is not exempting SBA-guaranteed loans from reporting
[[Page 35187]]
under this rule. For its 7(a) and 504 programs, the SBA only collects
and publishes a subset of the data required by this rule for
originations. Still, the CFPB intends to coordinate with SBA to try to
reduce duplicative reporting.
FinCEN. Regarding the comment that the data reported under this
rule would be better provided through other means, such as via FinCEN's
recent business database and registry, the CFPB understands that
database is not set up to receive small business lending data.
CDFI Fund. Regarding comments that the Bureau should work with the
CDFI Fund to harmonize reporting under the CDFI Fund's Transaction
Level Report requirements with this rule, the CFPB agrees to coordinate
with the CDFI Fund to determine where it is possible to avoid
duplicative or inconsistent reporting of data and how to resolve any
overlapping statutory requirements. The CFPB observes that it may not
be possible to simply eliminate duplicate reporting, as with HMDA or
CRA reporting, given the differences in purposes and the requirements
of the CDFI Fund compared to those of this rule. Regarding comments
that the Bureau should work with loan software providers, the CFPB
agrees and intends to meet with software providers as it develops the
small business lending data submission platform to determine how
reporting can be streamlined for CDFIs that must report small business
lending data to various agencies, such as the CFPB under this rule, the
SBA, and the CDFI Fund.
Regarding the comment that the Bureau should collect credit score,
as CDFI Fund does, the CFPB notes that, as stated in the section-by-
section analysis of Sec. 1002.107(a), the CFPB believes that this data
point--which the CFPB would also have to collect from other financial
institutions that may have operations quite different from CDFIs--could
be quite complicated and involve complex sub-fields, which could pose
operational difficulties for financial institutions in collecting and
reporting this information.
Farm Credit. Regarding the comments that the Bureau's lack of
understanding of the Farm Credit System would have unintended and
detrimental consequences for FCS customers, and that the FCS lenders
already report data to the Farm Credit Administration, the CFPB has
consulted with FCS lenders, and believes that its approach will result
in consistency across the data collected under this rule, more robust
fair lending analyses and transparency into opportunities for small
farms, and a more even playing field for compliance across all
financial institutions.
Agency cooperation. Regarding the comment that the Bureau work with
SBA to create more women-owned and minority-owned business programs,
the CFPB regularly engages with other Federal regulators on a range of
work that implicates its statutory mission; that includes, as
appropriate, the SBA. Regarding the request that the Bureau provide
small business lending data to State regulators, the CFPB agrees that
doing so would likely be consistent with the statutory purposes of the
rule. The CFPB will engage with State and Federal regulators regarding
their access to small business lending data collected under this final
rule, while ensuring that data security and data privacy are
appropriately protected.
E. Cross-Cutting Interpretive Issues
1. The Bureau's Approach to Non-Small Women-Owned and Minority-Owned
Businesses in This Rulemaking
ECOA section 704B(b) states that ``in the case of any application
to a financial institution for credit for [a] women-owned, minority-
owned, or small business,'' the financial institution must ``inquire
whether the business is a women-owned, minority-owned or small
business. . . .'' As explained below, the Bureau proposed to require
financial institutions to collect and report data regarding
applications for credit for small businesses; the Bureau did not,
however, propose to require financial institutions to collect and
report data with respect to applicants that are not small businesses.
The Bureau believed that section 1071 was ambiguous with respect to
its coverage of applications for credit for non-small women- or
minority-owned businesses, and the Bureau therefore proposed to
interpret this ambiguity pursuant to ECOA section 704B(g)(1). The
Bureau acknowledged that the plain language of 704B(b) could be read to
require financial institutions to collect information from all women-
owned and minority-owned businesses, including those that are not small
businesses. But based on a close consideration of the text, structure,
and purpose of the statute, and the interactions between section 1071
and other provisions of ECOA and Regulation B, the Bureau believed that
the statute's coverage of, and Congress's intent with respect to, data
regarding non-small businesses was ambiguous. The Bureau proposed this
approach as an interpretation of the statute pursuant to its authority
under 704B(g)(1), and, in the alternative, pursuant to both its
authority under 704B(g)(2) to adopt exceptions to any requirement of
section 1071 as the Bureau deems necessary or appropriate to carry out
the purposes of section 1071 and its implied de minimis authority.
The Bureau sought comment on its proposed approach to limiting the
scope of data collection pursuant to subpart B to covered applications
for small businesses, but not women- or minority-owned businesses that
are not small.
Several commenters, including industry and community groups,
supported limiting the scope of data collection as the Bureau proposed.
In particular, a cross-sector group of lenders, community groups, and
small business advocates stated that the Bureau had taken a reasonable
and adequately comprehensive approach in proposing to include only
minority- and women-owned businesses that are ``small,'' as this would
cover 99.9 percent of all minority- and women-owned businesses. The
group further noted that the Bureau should continue to monitor the U.S.
Census Bureau's Annual Business Survey and adjust this requirement if
minority- or women-owned businesses that are not considered ``small''
exceed 1 percent. In contrast, a State financial regulator commented
that data collection on non-small women- or minority-owned businesses
was important for fair lending enforcement purposes and would provide
for better consistency with States pursuing similar information
collection requirements. In response to the latter comment, the Bureau
notes that such data collection would be of limited utility in light of
section 1071's statutory purposes because, as discussed below, the lack
of a control group (i.e., data on non-small businesses that are neither
women-owned nor minority-owned) would limit such data's utility for
fair lending enforcement purposes. For the reasons set forth herein,
the Bureau is finalizing the approach to non-small women-owned and
minority-owned businesses as proposed.
The Bureau interprets ECOA section 704B(b) and (b)(1) to require
that financial institutions first determine whether an applicant is a
small business within the scope of the rule's data collection before
making the required inquiries that would otherwise be prohibited by
existing Regulation B. There is a general prohibition in existing
Regulation B (in Sec. 1002.5(b)) which states that a ``creditor shall
not inquire about the race, color, religion, national origin, or sex of
an applicant or any other person in connection with a credit
transaction, except if expressly permitted to do so by law or
regulation.
[[Page 35188]]
In the introductory language to ECOA section 704B(b), Congress
instructed that section 1071's data collection regime applies only ``in
the case of any application to a financial institution for credit for
women-owned, minority-owned, or small business'' (emphasis added). The
Bureau believes that ``in the case of'' indicates Congress's intent to
limit application of section 1071 to these types of businesses, rather
than requiring financial institutions to make 1071-related inquiries of
all business applicants for credit.\290\ The next paragraph
(704B(b)(1)) does not use the conditional phrase ``in the case of''
used in 704B(b); rather, it instructs a financial institution to
``inquire.'' The Bureau believes that the instruction to ``inquire'' in
704B(b)(1) is intended to provide the necessary exception to Regulation
B's general prohibition against ``inquir[ing]'' as to protected
demographic information in connection with a credit transaction.\291\
Indeed, absent section 1071's lifting of the prohibition, generally, a
financial institution could not determine, or even ask about, an
applicant's women- or minority-owned business status, because doing so
would necessarily constitute ``inquir[ing] about the race, color,
religion, national origin, or sex of an applicant'' in violation of
existing Sec. 1002.5(b). The Bureau believes that Congress likely
intended to ensure that financial institutions could determine whether
section 1071's data collection and reporting requirements apply to an
applicant without risking a violation of other provisions of ECOA and
Regulation B.
---------------------------------------------------------------------------
\290\ Merriam-Webster defines ``case'' as meaning ``a set of
circumstances or conditions,'' ``a situation requiring investigation
or action (as by the police),'' or ``the object of investigation or
consideration,'' https://www.merriam-webster.com/dictionary/case
(last visited Mar. 20, 2023).
\291\ As discussed in greater detail in the next section, the
fact that the language of ECOA section 704B(b)(1) is designed to
expressly permit inquiry into protected demographic information,
which would otherwise be prohibited by existing Sec. 1002.5(b), is
also evidenced by the statute's three provisions creating special
protections for responses to the inquiry: 704B(b)(2) requires that
responses to inquiries about protected demographic information
remain separate from the application and accompanying information;
704B(c) requires that applicants have a right to refuse to answer
the inquiry about protected demographic information; and 704B(d)
requires that certain underwriters or other employees involved in
making determinations on an application not have access to the
responses to inquiries about protected demographic information.
---------------------------------------------------------------------------
However, unlike with women- and minority-owned business status,
there is no legal impediment to a financial institution determining
whether an applicant is a small business, and financial institutions
can make that determination as a threshold matter without risking
running afoul of ECOA and Regulation B. Therefore, the Bureau believes
that the scope of the introductory ``in the case of'' language in ECOA
section 704(b) is ambiguous as to coverage of non-small women- and
minority-owned businesses. To resolve this ambiguity, the Bureau
applies its expertise to interpreting the language and structure of
section 1071 within the context of the general prohibition on inquiring
into protected demographic information in existing Sec. 1002.5(b), and
concludes that ECOA section 704B(b)(1) is best read as only referring
to questions about applicants' protected demographic information (i.e.,
women- and minority-owned business status as well as the ethnicity,
race, and sex of the principal owners of the business). The Bureau
believes 704B(b)'s more general ``in the case of'' language should be
understood to indicate the conditions under which data collection
should take place, and requires financial institutions to make a
threshold determination that an applicant is a small business before
proceeding with an inquiry into the applicant's protected demographic
information.
A requirement to collect and report data on applications for women-
owned and minority-owned businesses that are not small businesses could
affect all aspects of financial institutions' commercial lending
operations while resulting in limited information beyond what would
already be collected and reported about women-owned and minority-owned
small businesses. Indeed, as a cross-sector group of lenders, community
groups, and small business advocates highlighted, approximately 99.9
percent of women- and minority-owned business are small.\292\ In
addition, financing for large businesses can be much more varied and
complex than are the products used for small business lending The
Bureau will continue to observe the market on this issue.
---------------------------------------------------------------------------
\292\ In the U.S. Census Bureau's 2018 Annual Business Survey,
5.7 million firms (99.6 percent of all employer firms) are small, as
defined within that survey as having fewer than 500 employees. That
same definition covers one million minority-owned employer firms
(99.9 percent of all minority-owned firms) and 1.1 million women-
owned employer firms (99.9 percent of all women-owned firms). See
U.S. Census Bureau, 2018 Annual Business Survey (ABS)--Company
Summary (2018), https://www.census.gov/data/tables/2018/econ/abs/2018-abs-company-summary.html.
---------------------------------------------------------------------------
The Bureau also notes that the collection of data on applications
for non-small women- or minority-owned businesses would not carry out
either of section 1071's statutory purposes because the data would be
of only limited usefulness for conducting the relevant analyses of non-
small businesses. Such analyses would necessitate comparing data
regarding non-small women-owned and minority-owned business applicants
to data regarding non-small non-women-owned and non-minority-owned
business applicants, in order to control for lending outcomes that
result from differences in applicant size. But section 1071 does not
require or otherwise address the collection of data for non-small
business applicants that are not women- or minority-owned. Therefore,
the resulting dataset will lack a control group, arguably the most
meaningful comparator for any data on non-small women- or minority-
owned businesses. It is unlikely that Congress intended, and the
statute is reasonably read not to require, the collection of data that
would be of limited utility.\293\
---------------------------------------------------------------------------
\293\ See, e.g., Pub. Citizen v. U.S. Dep't of Just., 491 U.S.
440, 454 (1989) (``Where the literal reading of a statutory term
would `compel an odd result,' Green v. Bock Laundry Machine Co., 490
U.S. 504, 509 (1989), we must search for other evidence of
congressional intent to lend the term its proper scope.'').
---------------------------------------------------------------------------
Finally, the Bureau notes that the title of section 1071 is ``Small
Business Data Collection,'' and section 1071 amends ECOA to add a new
section titled ``Small Business Loan Data Collection.'' In the presence
of ambiguity, these titles provide some additional evidence that
Congress did not intend the statute to authorize the collection of data
on businesses that are not small.\294\
---------------------------------------------------------------------------
\294\ Almendarez-Torres v. United States, 523 U.S. 224, 234
(1998) (`` `[T]he title of a statute and the heading of a section'
are `tools available for the resolution of a doubt' about the
meaning of a statute.'') (quoting Bhd. of R.R. Trainmen v. Balt. &
Ohio R.R., 331 U.S. 519, 529 (1947)).
---------------------------------------------------------------------------
For these reasons, the Bureau interprets ECOA section 704B(b) to
cover the collection only of data with respect to small businesses,
including those that are women- and minority-owned. Likewise, as
discussed immediately below in E.2 of this Overview to part V, the
Bureau is clarifying that the 704B(b)(1) inquiry, when applicable,
pertains to an applicant's minority-owned business status and women-
owned business status, as well as an applicant's LGBTQI+-owned business
status, along with the ethnicity, race, and sex of its principal
owners. For the same reasons, the Bureau believes that not requiring
the collection of data with respect to applications for non-small
businesses would be necessary or appropriate to carry out the purposes
of section 1071; in the alternative, the Bureau exercises its exception
authority in 704B(g)(2) to effectuate this outcome. Finally, because
[[Page 35189]]
the Bureau believes that the collection of data on non-small women- and
minority-owned businesses would ``yield a gain of trivial or no
value,'' in the alternative the Bureau exercises its implied de minimis
authority to create this exception.\295\
---------------------------------------------------------------------------
\295\ Waterkeeper All. v. EPA, 853 F.3d 527, 530 (D.C. Cir.
2017) (quoting Pub. Citizen v. FTC, 869 F.2d 1541, 1556 (D.C. Cir.
1989)); see Alabama Power Co. v. Costle, 636 F.2d 323, 360-61 (D.C.
Cir. 1979).
---------------------------------------------------------------------------
2. The Meaning of ``Information Requested Pursuant to Subsection (b)''
Four different provisions of section 1071 refer to or rely on
``information requested pursuant to subsection (b)'' or similar
language. First, ECOA section 704B(b)(2) provides that financial
institutions must ``maintain a record of the responses to such
inquiry'' and keep those records separate from the application and
information that accompanies it. Second, 704B(c) states that applicants
for credit ``may refuse to provide any information requested pursuant
to subsection (b).'' Third, 704B(d) requires financial institutions to
limit the access of certain employees to ``information provided by the
applicant pursuant to a request under subsection (b),'' with certain
exceptions. Fourth, 704B(e) instructs financial institutions that
``information provided by any loan applicant pursuant to a request
under subsection (b) . . . shall be itemized in order to clearly and
conspicuously disclose'' data including the loan type and purpose,
amount of credit applied for and approved, and gross annual revenue.
In light of these four disparate provisions, the Bureau believes
that section 1071 is ambiguous with respect to the meaning of ``any
information provided by the applicant pursuant to a request under
subsection (b).'' \296\ On the one hand, ECOA section 704B(b)(1)
directs financial institutions to inquire whether a business is ``a
women-owned, minority-owned, or small business,'' so the phrase could
be interpreted as referring only to those three data points. Section
704B(e), however, indicates that the scope of 704B(b) could be much
broader; it suggests that all of the information that financial
institutions are required to compile and maintain--not simply an
applicant's status as a women-owned, minority-owned, or small
business--constitutes information provided by an applicant ``pursuant
to a request under subsection (b).'' But as noted above, information
deemed provided pursuant to subsection (b) is subject to the notable
protections of separate recordkeeping under 704B(b)(2), a right to
refuse under 704B(c), and the firewall under 704B(d). Applying these
special protections to many of the data points in 704B(e), such as
gross annual revenue or amount applied for, would be extremely
difficult to implement, because this information is critical to
financial institutions' ordinary operations in making credit decisions.
Additionally, 704B(e) describes as ``provided by any loan applicant''
under 704B(b) data points that plainly must come from the financial
institution itself, such as application number and action taken,
further suggesting that Congress viewed this term as encompassing more
information than lies within the four corners of 704B(b)(1). Finally,
as noted above, the circular structure of 704B(b) complicates the
question of what constitutes information provided ``pursuant to a
request under subsection (b).'' Read together, the introductory
language in 704B(b) and (b)(1) direct financial institutions, ``in the
case of'' a credit application ``for [1] women-owned, [2] minority-
owned, or [3] small business,'' to ``inquire whether the business is a
[1] women-owned, [2] minority-owned, or [3] small business.'' The
Bureau believes that this circularity further demonstrates the
ambiguity of the phrase ``pursuant to a request under subsection (b).''
---------------------------------------------------------------------------
\296\ The Bureau does not believe that the minor linguistic
variations in these four provisions themselves have significance.
---------------------------------------------------------------------------
The Bureau believes that it is reasonable to resolve these
ambiguities by giving different meanings to the phrase ``any
information provided by the applicant pursuant to a request under
subsection (b)'' (or similar) with respect to ECOA section 704B(e) as
opposed to 704B(b)(2), (c), and (d).\297\ With respect to 704B(e), the
Bureau interprets the phrase to refer to all the data points now
articulated in proposed Sec. 1002.107(a). Section 704B(e) is the
source of financial institutions' obligation to ``compile and
maintain'' data that they must then submit to the Bureau, so it would
be reasonable to interpret this paragraph as referring to the complete
data collection Congress devised in enacting section 1071.
---------------------------------------------------------------------------
\297\ While there is a presumption that a phrase appearing in
multiple parts of a statute has the same meaning in each, ``this is
no more than a presumption. It can be rebutted by evidence that
Congress intended the words to be interpreted differently in each
section, or to leave a gap for the agency to fill.'' Catskill
Mountains Chapter of Trout Unlimited, Inc. v. EPA, 846 F.3d 492, 532
(2d Cir. 2017) (citing Env't Def. v. Duke Energy Corp., 549 U.S.
561, 575 (2007)). Here, the Bureau believes Congress indicated such
an intention by using the same phrase in the substantially different
contexts of providing special protections for protected demographic
information on the one hand and ``itemiz[ing]'' all collected data
on the other.
---------------------------------------------------------------------------
But with respect to the three statutory provisions creating special
protections for certain information--the firewall in ECOA section
704B(d), separate recordkeeping in 704B(b)(2), and the right to refuse
in 704B(c)--the Bureau interprets the phrase to refer to the data
points in Sec. 1002.107(a)(18) (women-owned and minority-owned
business statuses, along with the new LGBTQI+-owned business status),
and (a)(19) (ethnicity, race, and sex of principal owners).\298\ Each
of these data points requests protected demographic information that
has no bearing on the creditworthiness of the applicant, about which
existing Sec. 1002.5(b) would generally prohibit the financial
institution from inquiring absent section 1071's mandate to collect and
report that information, and with respect to which applicants are
protected from discrimination. The Bureau accordingly believes that it
is reasonable to apply section 1071's special-protection provisions
only to this information, regardless of whether the statutory authority
to collect it originates in 704B(b)(1) (women-owned and minority-owned
business statuses), 704B(e)(2)(H) (LGBTQI+-owned business status), or
704B(e)(2)(G) (ethnicity, race, and sex of principal owners). The
Bureau similarly believes that it would have been unreasonable for
Congress to have intended that these special protections would apply to
any of the other data points now proposed in Sec. 1002.107(a), which
the financial institution is permitted to request regardless of
coverage under section 1071 which are not the subject of Federal
antidiscrimination law, and many of which financial institutions
currently use for underwriting and other purposes.
---------------------------------------------------------------------------
\298\ The Bureau's interpretations with respect to a separate
data point for small business status are discussed in the next
section.
---------------------------------------------------------------------------
The Bureau implements these interpretations of ``information
requested pursuant to subsection (b),'' and any relevant comments
received, in several different section-by-section analyses. With
respect to ECOA section 704B(e), the Bureau discusses its
interpretation of the phrase in the section-by-section analysis of
Sec. 1002.107(a). The Bureau's interpretation of 704B(d)'s firewall
requirement is addressed at greater length in the section-by-section
analysis of Sec. 1002.108, and the Bureau's interpretation of the
separate recordkeeping requirement in 704B(b)(2) is addressed in the
section-
[[Page 35190]]
by-section analysis of Sec. 1002.111(b). The right to refuse in
704B(c) is discussed in the section-by-section analyses of the data
points that the Bureau deems subject to the right to refuse: Sec.
1002.107(a)(18) (women-owned, minority-owned, and LGBTQI+-owned
business statuses) and (19) (ethnicity, race, and sex of principal
owners).
3. No Collection of Small Business Status as a Data Point
The Bureau notes that neither of its interpretations of
``information requested pursuant to subsection (b)'' reference a
specific data point for an applicant's status as a small business, nor
did the Bureau otherwise include in proposed Sec. 1002.107(a) that
financial institutions collect, maintain, or submit a data point whose
sole function is to state whether the applicant is or is not a small
business.
The Bureau's definition of small business in final Sec. 1002.106,
which is based on an applicant's gross annual revenue, renders
redundant any requirement that financial institutions collect a
standalone data point whose sole purpose is to state whether an
applicant is a small business. Indeed, under the definition of small
business, when a financial institution asks an applicant its gross
annual revenue, that question is functionally identical to asking,
``are you a small business?'' The Bureau believes that it is a
reasonable interpretation of ECOA section 704B(b)'s query as to small
business status for that question to take the form of, ``what is your
gross annual revenue?'' \299\ Furthermore, as discussed above with
respect to the Bureau's approach to non-small women- and minority-owned
businesses, the Bureau interprets financial institutions' data
collection obligations as attaching only in the case of applications
from small businesses; if a financial institution determines that an
applicant is not a small business, none of the obligations under this
rule would apply. As such, a standalone data point that serves only to
designate whether a business qualifies as small for purposes of the
rule would be redundant with the mere fact that the data collection
occurs at all, as well as with the collection of gross annual revenue.
---------------------------------------------------------------------------
\299\ The financial institution could ask, in order to make an
initial determination as to whether the rule applies, whether the
applicant's gross annual revenue in its last full fiscal year was $5
million or less. If it was, the financial institution would need to
request the specific revenue amount to comply with final Sec.
1002.107(a)(14), along with the other applicant-provided data points
specified in final Sec. 1002.107(a).
---------------------------------------------------------------------------
The Bureau sought comment on whether a standalone data point solely
dedicated to small business status might nonetheless be useful and, if
so, how it might be implemented. The Bureau received no comments on
this issue.
The Bureau acknowledges that the plain language of ECOA section
704B(b) could be read to require financial institutions to ask
applicants subject to the data collection the precise question, ``are
you a small business?'' Upon further analysis, however, the Bureau
believes that Congress's intended treatment of small business status as
a standalone data point is ambiguous. As described in more detail above
with respect to the rulemaking's coverage of women- and minority-owned
businesses that are not small, 704B(b)'s introductory language and
704B(b)(1) appear to require financial institutions to know the answer
to whether an applicant is women-owned, minority-owned, or small before
they make their inquiry; to resolve this ambiguity, the Bureau
interprets 704B(b)'s introductory language and 704B(b)(1) to require
that financial institutions first straightforwardly assess whether an
applicant is a small business before proceeding to inquire into the
applicant's protected demographic information that would otherwise be
prohibited by existing Sec. 1002.5(b).
Pursuant to its authority under ECOA section 704B(g)(1) to
prescribe such rules as may be necessary to carry out, enforce, and
compile data pursuant to section 1071, the Bureau interprets 704B(b)
and (b)(1) to obviate the need for financial institutions to collect a
standalone data point whose sole purpose is to note an applicant's
small business status. For the same reasons, the Bureau believes that
not requiring the collection of a separate data point on small business
status would be necessary or appropriate to carry out the purposes of
section 1071; therefore, in the alternative, the Bureau is exercising
its exception authority in 704B(g)(2) to effectuate this outcome.
Finally, because the Bureau believes that the collection of a
standalone data point on small business status would ``yield a gain of
trivial or no value,'' in the alternative, the Bureau exercises its
implied de minimis authority to create this exception.\300\
---------------------------------------------------------------------------
\300\ Waterkeeper All., 853 F.3d at 530 (quoting Pub. Citizen,
869 F.2d at 1556); see Alabama Power, 636 F.2d at 360-61.
---------------------------------------------------------------------------
F. Conforming Amendments to Existing Regulation B
As discussed above, the Bureau is implementing section 1071 in a
new subpart B of Regulation B. The content of existing Regulation B is
becoming subpart A of Regulation B. This change does not affect the
current section numbering in Regulation B. The Bureau believes it is
appropriate to make this rule a part of Regulation B, as section 1071
is a part of ECOA.
The Bureau sought comment on whether it should instead codify its
rule to implement section 1071 as a free-standing regulation with its
own CFR part and, if so, why. A bank commenter supported the location
of this rule within a new subpart B to Regulation B, noting that
lenders often overlook that Regulation B applies to business as well as
consumer credit. The commenter also noted that the intent of section
1071, to provide all credit applicants fair and equitable treatment and
credit, makes Regulation B the natural place for this rule, rather than
a free-standing regulation, which would generate unnecessary confusion.
As noted above and as discussed in more detail below, the Bureau is
amending existing Sec. 1002.5(a)(4) and commentary for existing Sec.
1002.5(a)(2) and (4) to expressly permit under certain circumstances
voluntary collection of minority-owned, women-owned, and LGBTQI+-owned
business status, and the ethnicity, race, and sex of applicants'
principal owners in accordance with the requirements of subpart B.
In addition, the Bureau is revising certain references to the
entire regulation (which use the terms ``regulation'' or ``part'') in
existing Regulation B to instead refer specifically to subpart A. The
Bureau is likewise adding additional specificity in certain provisions
in existing Regulation B to avoid confusion. The Bureau does not intend
to make any substantive changes with these revisions, but rather
intends to maintain the status quo. The Bureau is making the following
changes:
In Sec. 1002.1(a), regarding authority and scope, the Bureau is
changing two references to ``part'' to instead refer to ``subpart,''
regarding the application of what is now subpart A to creditors.
In Sec. 1002.2, regarding definitions, the introductory text
states that definitions contained therein apply to Regulation B, unless
the context indicates otherwise. The Bureau is adding ``or as otherwise
defined in subpart B'' for clarity.
In Sec. 1002.12(b)(1) introductory text, (b)(2) introductory text,
(b)(3) through (5) and (7), regarding record retention, the Bureau is
adding ``or as otherwise provided in subpart B'' to indicate that
subpart B may provide different record retention requirements than what
is set forth in those paragraphs for business credit. The Bureau is
also changing a reference to ``this rule'' in comment
[[Page 35191]]
12(b)(7)-1 to instead refer to existing Sec. 1002.12(b)(7) regarding
retention of prescreened credit solicitations, to avoid confusion with
subpart B's treatment of solicitations.
Finally, Sec. 1002.13 addresses information for monitoring
purposes for credit secured by an applicant's dwelling. The Bureau is
revising comment 13(b)-5, which addresses applications made through
unaffiliated loan shopping services, to refer to subpart A of
Regulation B instead of the entirety of Regulation B, for clarity. The
existing comment also refers to applications received by creditors
subject to HMDA and associated data collection requirements; the Bureau
is also adding to the end of the comment an additional sentence noting
that creditors that are covered financial institutions under subpart B
of this regulation may also be required to collect, report, and
maintain certain data, as set forth in subpart B of Regulation B.
Subpart A--General
Section 1002.5 Rules Concerning Requests for Information
5(a) General Rules
5(a)(4) Other Permissible Collection of Information
Background
ECOA prohibits creditors from discriminating against applicants,
with respect to any aspect of a credit transaction, on the basis of--
among other characteristics--race, color, religion, national origin,
sex, marital status, or age.\301\ It also states that making an inquiry
under 15 U.S.C. 1691c-2 (that is, section 1071), in accordance with the
requirements of that section, shall not constitute discrimination for
purposes of ECOA.\302\ Regulation B, in existing Sec. 1002.5(b),
generally prohibits a creditor from inquiring about certain protected
demographic information in connection with a credit transaction.
Existing Sec. 1002.5(a)(2), however, expressly permits collection of
such otherwise prohibited information if required by a regulation,
order, or agreement to monitor or enforce compliance with Regulation B,
ECOA, or other Federal or State law or regulation.
---------------------------------------------------------------------------
\301\ 15 U.S.C. 1691(a).
\302\ 15 U.S.C. 1691(b)(5).
---------------------------------------------------------------------------
In 2017, the Bureau amended Regulation B, adding Sec. 1002.5(a)(4)
to expressly permit creditors to collect ethnicity, race, and sex from
mortgage applicants in certain cases where the creditor is not required
to report under HMDA and Regulation C.\303\ For example, existing Sec.
1002.5(a)(4) expressly permits the collection of ethnicity, race, and
sex information for certain transactions for which Regulation C permits
optional reporting. However, nothing in existing Regulation B (or in
ECOA) expressly permits collection and reporting of protected
demographic data for financial institutions that are not required to
report certain data under section 1071.
---------------------------------------------------------------------------
\303\ Equal Credit Opportunity Act (Regulation B) Ethnicity and
Race Information Collection, 82 FR 45680, 45684 (Oct. 2, 2017).
---------------------------------------------------------------------------
During the SBREFA process, some small entity representatives,
primarily small CDFIs and mission-oriented community banks, stated that
they would be inclined to collect and report small business lending
data to the Bureau even if not required to do so, such as if they fell
under loan-volume thresholds. These small entity representatives
expressed an intent to report data even if not required to out of a
belief in the importance and utility of these data.
Proposed Rule
The Bureau proposed to amend existing Sec. 1002.5(a)(4) to add
three provisions (in proposed Sec. 1002.5(a)(4)(vii), (viii), and
(ix)) that would permit certain creditors that are not covered
financial institutions under the rule to collect small business
applicants' protected demographic information under certain
circumstances. The Bureau also proposed to add comment 5(a)(2)-4 and to
revise existing comment 5(a)(4)-1 to provide guidance on these proposed
exemptions.
Proposed Sec. 1002.5(a)(4)(vii) would have permitted a previously
covered financial institution to collect demographic information
pursuant to subpart B for covered applications for up to five years
after it fell below the loan-volume threshold of proposed Sec.
1002.105(b), provided that it does so in accordance with the relevant
requirements of proposed subpart B.
Proposed Sec. 1002.5(a)(4)(viii) would have provided that a
creditor in its first year of exceeding the covered financial
institution loan-threshold in Sec. 1002.105(b) may, in the second year
collect demographic information pursuant to subpart B for covered
applications, provided that it does so in accordance with the relevant
requirements of proposed subpart B.
Proposed Sec. 1002.5(a)(4)(ix) would have permitted a financial
institution not covered by the rule that wishes to voluntarily report
small business lending data to collect applicants' protected
demographic information without violating Regulation B. Unlike
creditors subject to proposed Sec. 1002.5(a)(4)(vii) or (viii), a
creditor seeking to voluntarily collect applicant's protected
demographic information under proposed Sec. 1002.5(a)(4)(ix) would
also be required to report it to the Bureau.
Existing comment 5(a)(4)-1 addresses recordkeeping requirements for
ethnicity, race, and sex information that is voluntarily collected for
HMDA under the existing provisions of Sec. 1002.5(a)(4). The Bureau
proposed revising this comment by adding to it a parallel reference to
proposed subpart B, along with a statement that the information
collected pursuant to proposed subpart B must be retained pursuant to
the requirements set forth in proposed Sec. 1002.111.
Proposed comment 5(a)(2)-4 would have explained that proposed
subpart B of Regulation B generally requires creditors that are covered
financial institutions as defined in proposed Sec. 1002.105(a) to
collect and report information about the ethnicity, race, and sex of
the principal owners of applicants for certain small business credit,
as well as whether the applicant is a minority-owned business or a
women-owned business as defined in proposed Sec. 1002.102(m) and (s),
respectively. The Bureau proposed this comment for parity with existing
comment 5(a)(2)-2, which addresses the requirement to collect and
report information about the ethnicity, race, and sex of applicants
under HMDA. Existing comment 5(a)(2)-3 explains that persons such as
loan brokers and correspondents do not violate ECOA or Regulation B if
they collect information that they are otherwise prohibited from
collecting, where the purpose of collecting the information is to
provide it to a creditor that is subject to HMDA or another Federal or
State statute or regulation requiring data collection.
The Bureau sought comment on its three proposed provisions to be
added to existing Sec. 1002.5(a)(4), and associated commentary,
including whether there were other specific situations to add to the
list of provisions in Sec. 1002.5(a)(4) to permit the collection of
applicants' protected demographic information pursuant to section 1071,
and whether any similar modifications to other provisions were
necessary. In particular, the Bureau sought comment on whether it
should add another provision to Sec. 1002.5(a)(4) relating to proposed
Sec. 1002.114(c)(1), wherein the Bureau proposed to permit financial
institutions to collect, but would not require them
[[Page 35192]]
to report, applicants' protected demographic information prior to the
compliance date.
Comments Received
The Bureau received comments on this provision from several
industry commenters, a business advocacy group, and a community group.
The community group supported the reasoning and approach of the
proposed provisions. The commenter inquired whether the provisions
would allow for voluntary reporting of only the protected demographic
data, or all data points, noting that if the Bureau intended only to
permit voluntary data collection of demographic information that it
would not make sense to permit publication of these data points, and
that the usefulness of such incomplete data would be limited. A
business advocacy group applauded the Bureau for the proposed
provisions and recommended that the Bureau add incentives for voluntary
disclosure of data for those financial institutions, but asked that the
incentives not distort the purposes of the regulation by encouraging
lenders to report inaccurate or untrue data to reap the benefits of the
incentive to report.
A community group commented that the Bureau should permit voluntary
collection not only by financial institutions not covered by the rule,
but also should permit covered financial institutions to collect data
on consumer credit used to fund small businesses.\304\
---------------------------------------------------------------------------
\304\ The Bureau addresses comments regarding the reporting of
non-covered products in the section-by-section analysis of Sec.
1002.104(b), under the heading Voluntary Reporting. While the final
rule does not permit the voluntary reporting of non-covered
products, the Bureau has implemented a safe harbor in Sec.
1002.112(c)(4) for financial institutions that collect data on
applications for products that turn out not to be covered credit
transactions.
---------------------------------------------------------------------------
Two agricultural lenders requested that the Bureau exempt Farm
Credit System (FCS) lenders entirely from coverage under the rule while
also adding a provision to the proposed voluntary reporting provisions
stating that FCS lenders may submit a supplemental voluntary collection
of data that is not otherwise already being provided to the public.
Final Rule
For the reasons set forth herein, the Bureau is finalizing
amendments to existing Sec. 1002.5(a)(4) introductory text and three
provisions (in final Sec. 1002.5(a)(4)(vii), (viii), and (ix)) that
permit certain creditors that are not covered financial institutions
under the rule to collect small business applicants' protected
demographic information under certain circumstances. The Bureau is also
adopting new Sec. 1002.5(a)(4)(x) to similarly address information
collected about multiple co-applicants. The Bureau is finalizing
comment 5(a)(2)-4 along with its revision to existing comment 5(a)(4)-1
providing guidance on these new exemptions. The Bureau is additionally
revising existing comment 5(a)(2)-3, as discussed below. These
provisions contain updated cross-references to other sections in the
final regulatory text and commentary, as well as addition of LGBTQI+-
owned business status to accompany references to women- and minority-
owned business statuses.
Final Sec. 1002.5(a)(4)(vii) provides that a creditor that was
required to report small business lending data pursuant to final Sec.
1002.109 for any of the preceding five calendar years but is not
currently a covered financial institution under final Sec. 1002.105(b)
may collect protected demographic information pursuant to subpart B for
covered applications from small businesses as defined in final
Sec. Sec. 1002.103 and 1002.106(b) if it complies with the
requirements of subpart B as otherwise required for covered financial
institutions pursuant to final Sec. Sec. 1002.107(a)(18) and (19),
1002.108, 1002.111, and 1002.112 for those applications. Final Sec.
1002.5(a)(4)(vii) also states that such a creditor is permitted, but
not required, to report data to the Bureau collected pursuant to
subpart B if it complies with the requirements of subpart B as
otherwise required for covered financial institutions pursuant to
Sec. Sec. 1002.109 and 1002.110.
The Bureau anticipates that some creditors that are no longer
covered financial institutions and thus no longer required to report
data in a given reporting year may prefer to continue to collect
applicants' protected demographic information in the event they become
a covered financial institution again, in order to maintain consistent
compliance standards from year to year. As it did in a similar context
for HMDA reporting, the Bureau believes that permitting such collection
for five years provides an appropriate time frame under which a
financial institution should be permitted to continue collecting the
information without having to change its compliance processes. The
Bureau believes that a five-year period is sufficient to help an
institution discern whether it is likely to have to report small
business lending data in the near future but not so long as to permit
it to collect such information in a period too attenuated from previous
reporting.
Final Sec. 1002.5(a)(4)(viii) provides a creditor that exceeded
the loan-volume threshold in the first year of the two-year threshold
period provided in final Sec. 1002.105(b) may, in the second year,
collect protected demographic information pursuant to subpart B for
covered applications from small businesses as defined in final
Sec. Sec. 1002.103 and 1002.106(b) if it complies with the
requirements of subpart B as otherwise required for covered financial
institutions pursuant to final Sec. Sec. 1002.107(a)(18) and (19),
1002.108, 1002.111, and 1002.112 for that application. Final Sec.
1002.5(a)(4)(viii) also states that such a creditor is permitted, but
not required, to report data to the Bureau collected pursuant to
subpart B if it complies with the requirements of subpart B as
otherwise required for covered financial institutions pursuant to
Sec. Sec. 1002.109 and 1002.110. The Bureau believes that this
provision will benefit creditors when the creditor has not previously
reported small business lending data but expects to be covered in the
following year and wishes to prepare for that future reporting
obligation. For example, where a creditor surpasses the loan-volume
threshold of final Sec. 1002.105(b) for the first time in a given
calendar year, it may wish to begin collecting applicants' protected
demographic information for covered applications received in the next
calendar year (second calendar year) so as to ensure its compliance
systems are fully functional before it is required to collect and
report information pursuant to subpart B in the following calendar year
(third calendar year).
Final Sec. 1002.5(a)(4)(ix) provides that a creditor that is not
currently a covered financial institution under final Sec.
1002.105(b), and is not otherwise a creditor to which final Sec.
1002.5(a)(4)(vii) or (viii) applies, may collect protected demographic
information pursuant to subpart B for covered applications from small
businesses as defined in final Sec. Sec. 1002.103 and 1002.106(b) for
a transaction if it complies with the requirements of subpart B as
otherwise required for covered financial institutions pursuant to final
Sec. Sec. 1002.107 through 1002.112 for that application. Voluntarily
reported data pursuant to final Sec. 1002.5(a)(4)(ix) may add some
information that otherwise would not be collected and reported, and
which would further both the statutory purposes of section 1071 without
requiring reporting from very low-volume financial institutions that
may find it difficult or costly to report data.
The Bureau is finalizing Sec. 1002.5(a)(4)(ix) in response to
feedback from some small entity
[[Page 35193]]
representatives and other stakeholders at SBREFA, as well as several
NPRM commenters, that indicated lenders might want to collect and
report small business lending data even if they were not required to do
so.
New Sec. 1002.5(a)(4)(x) provides that a creditor that is
collecting information pursuant to subpart B or as described in
Sec. Sec. 1002.5(a)(4)(vii) through (ix) for covered applications from
small businesses as defined in Sec. Sec. 1002.103 and 1002.106(b)
regarding whether an applicant for a covered credit transaction is a
minority-owned business, a women-owned business, or an LGBTQI+-owned
business, and the ethnicity, race, and sex of the applicant's principal
owners may also collect that same information for any co-applicants
provided that it also complies with the relevant requirements of
subpart B of this part or as described in paragraphs (a)(4)(vii)
through (ix) of this section with respect to those co-applicants.
The Bureau is adding Sec. 1002.5(a)(4)(x) to permit creditors to
collect information pursuant to subpart B regarding co-applicants for a
covered application for a small business. Existing Sec. 1002.5(a)(4)
does not explicitly address whether creditors have permission to
collect demographic information for co-applicants for a covered
application for a small business, and the Bureau implements new Sec.
1002.5(a)(4)(x) to remove any doubt that creditors that are permitted
to collection information pursuant to subpart B on an applicant for
covered applications for a small business pursuant to Sec. Sec.
1002.5(a)(4)(vii) through (ix) is also permitted to collect such
information for co-applicants as well, even if the financial
institution will only report information regarding a single designated
applicant per new comment 103(a)-10. As described below, final comment
103(a)-10 provides that if a covered financial institution receives a
covered application from multiple businesses that are not affiliates,
it shall compile, maintain, and report data for only a single applicant
that is a small business. The Bureau believes that it may be easier and
more efficient for financial institutions to request the same
information of all co-applicants--new Sec. 1002.5(a)(4)(x) will enable
financial institutions to collect small business lending data from
unreported co-applicants without violating ECOA and Regulation B's
general prohibition against collecting protected demographic
information.
The Bureau believes that it is an appropriate use of its statutory
authority under sections 703(a) and 704B(g)(1) of ECOA to permit
creditors to collect, and for Sec. 1002.5(a)(4)(ix) report, protected
demographic information in the manner set out in Sec.
1002.5(a)(4)(vii) through (x). These provisions will effectuate the
purposes of and facilitate compliance with ECOA and is necessary to
carry out, enforce, and compile data pursuant to section 1071. Section
1002.5(a)(4)(vii) will permit creditors to collect information without
interruption from year to year, thereby facilitating compliance with
the rule's data collection requirements and improving the quality and
reliability of the data collected. Section 1002.5(a)(4)(viii) improves
the quality and reliability of the data collected by financial
institutions that may be transitioning into being required to collect
and report 1071 data, and will provide a creditor assurance of
compliance with existing Sec. 1002.5 regardless of whether it actually
becomes subject to subpart B reporting at the end of the two-year
threshold period. Section 1002.5(a)(4)(ix) will potentially increase
the collection of additional information and amount of data available
for analysis, thereby advancing the purposes of section 1071. Finally,
Sec. 1002.5(a)(4)(x) will permit collection of demographic information
for co-applicants, thereby reducing operational complexity to allow
creditors to focus on data quality and reliability. The Bureau also
believes that these provisions are narrowly tailored and preserves and
respects the general limitations in existing Sec. 1002.5(b) through
(d).
The Bureau is also revising existing comment 5(a)(2)-3, which
explains that persons such as loan brokers and correspondents do not
violate ECOA or Regulation B if they collect information that they are
otherwise prohibited from collecting, where the purpose of collecting
the information is to provide it to a creditor that is subject to HMDA
or another Federal or State statute or regulation requiring data
collection. The Bureau stated its belief in the NPRM that the reference
to ``another Federal statute or regulation'' adequately encompassed
section 1071 and subpart B, and thus did not propose to amend this
existing comment. However, upon further reflection, the Bureau has
determined to revise the provision specifically to reference subpart B
for the sake of further clarity and the avoidance of doubt that loan
brokers and other persons collecting applicants' protected demographic
information on behalf of covered financial institutions pursuant to
this final rule are not violating ECOA or Regulation B by doing so. The
Bureau believes that it is an appropriate use of its general authority
under ECOA sections 703(a) and 704B(g)(1) to permit such persons to
collect protected demographic information on behalf of covered
financial institutions, as such collection will effectuate the purposes
of and facilitate compliance with ECOA and is necessary to carry out,
enforce, and compile data pursuant to section 1071.
The Bureau is finalizing comment 5(a)(2)-4, which defines the
phrase ``information required by subpart B,'' with revisions to add
cross-references to LGBTQI+-owned businesses, as defined in Sec.
1002.102(l). Final comment 5(a)(2)-4 addresses the requirement under
this final rule that creditors that are covered financial institutions
as defined in Sec. 1002.105(a) collect and report information about
the ethnicity, race, and sex of the principal owners of applicants for
certain small business credit, as well as whether the applicant is a
minority-owned business, a women-owned business, or an LGBTQI+-owned
business, as defined in Sec. 1002.102(m), (s), and (l), respectively.
The Bureau is finalizing this comment for parity with existing comment
5(a)(2)-2, which addresses the requirement to collect and report
information about the ethnicity, race, and sex of applicants under
HMDA. The Bureau believes that it is an appropriate use of its general
authority under ECOA sections 703(a) and 704B(g)(1) to specify the
meaning of ``information required by subpart B,'' by adding comment
5(a)(2)-4 and that the clarity and certainty this provision adds will
effectuate the purposes of and facilitates compliance with ECOA and is
necessary to carry out, enforce, and compile data pursuant to section
1071.
Finally, the Bureau is finalizing its revisions to existing comment
5(a)(4)-1 as proposed. The existing comment establishes recordkeeping
requirements for ethnicity, race, and sex information that is
voluntarily collected for HMDA under the existing provisions of Sec.
1002.5(a)(4). The revisions to comment 5(a)(4)-1 likewise provide that
protected demographic information that is not required to be collected
pursuant to subpart B may nevertheless be collected under the
circumstances set forth in Sec. 1002.5(a)(4) without violating
existing Sec. 1002.5(b), and that the information collected pursuant
to this final rule must be retained pursuant to the requirements set
forth in final Sec. 1002.111. The Bureau is revising this comment to
provide for parity between this final rule and existing references to
voluntary collection of data pursuant to HMDA. The Bureau believes that
these
[[Page 35194]]
revisions are an appropriate use of its general authority under ECOA
sections 703(a) and 704B(g)(1) as these revisions provide clarity and
certainty to financial institutions in their voluntary collection of
applicants' protected demographic information. Such clarity and
certainty effectuate the purposes of and facilitates compliance with
ECOA and these revisions are necessary to carry out, enforce, and
compile data pursuant to section 1071.
Regarding a commenter's request to clarify whether these amendments
permit voluntary reporting only as to data points concerning protected
demographic data, the Bureau observes that nothing prohibits creditors
from collecting any of the information set forth in final Sec.
1002.107, other than the protected demographic information in Sec.
1002.107(a)(18) and (19). Creditors that choose to collect protected
demographic information pursuant to final Sec. 1002.5(a)(4)(ix) must
comply with Sec. 1002.109 (along with other specified provisions),
which means that they must collect and report all the required data
specified in final Sec. 1002.107.
The Bureau is not adding incentives for voluntary disclosure of
data for creditors that are not covered financial institutions, as
suggested by one commenter. It appears, based on SBREFA and NPRM
comments, that some creditors already have an incentive to collect and
report small business lending data pursuant to section 1071 even if
they are not covered financial institutions under the rule; it is
unclear what additional incentives the Bureau could offer to encourage
other creditors to do the same. Regarding ensuring that reported data
are not distorted, however, the Bureau notes that voluntary reporters
must identify themselves as such pursuant to final Sec.
1002.109(b)(10) and, a creditor voluntarily collecting and reporting
data pursuant to final Sec. 1002.5(a)(4)(ix) must do so in compliance
with Sec. Sec. 1002.107 through 1002.112 and 1002.114.
Regarding the comment that the visual observation and surname
requirement would cause certain covered institutions to violate the
prohibition in 12 CFR 202.5(b) from inquiring about the race, color,
religion, national origin, or sex of an applicant or any other person
in connection with a credit transaction, the Bureau notes that the
concern is moot because the Bureau is not finalizing its proposed
provisions for collecting principal owners' ethnicity and race via
visual observation or surname in certain circumstances. (See the
section-by-section analysis of Sec. 1002.107(a)(19) for a detailed
discussion of this change.) In any case, a creditor is permitted to
make such inquiries under existing Sec. 1002.5(a)(2), given that the
provision permits the collection of demographic information when
required to do so by another law or regulation (which includes this
rule).
The Bureau addresses potential voluntary collection and reporting
of data regarding non-covered products, including consumer-designated
credit used for small business purposes, in the section-by-section
analysis of Sec. 1002.104(b) below. Based on its determination not to
permit voluntary collection of data for such non-covered products, the
Bureau is not adding an additional provision to Sec. 1002.5(a)(4) to
address such collection.
As discussed in the section-by-section analyses of Sec. Sec.
1002.104(a) and 1002.105(b), the Bureau is not excluding agricultural
lending or FCS lenders from coverage under this final rule. The
commenter's request to permit supplemental voluntary collection and
reporting of data by exempt FCS lenders if such data are not otherwise
already being provided to the public is thus moot. Of course, any FCS
lenders that are not covered financial institutions could nonetheless
voluntarily collect and report data pursuant to final Sec.
1002.5(a)(4)(ix).
Subpart B--Small Business Lending Data Collection
Section 1002.101 Authority, Purpose, and Scope
Proposed Sec. 1002.101 would have set forth the authority,
purpose, and scope for proposed subpart B. The Bureau sought comment on
its proposed approach to this section, including whether any other
information on the rule's authority, purpose, or scope should be
addressed herein.
The Bureau did not receive any comments specifically regarding its
recitation of the authority, purpose, and scope of subpart B. Comments
addressing the authority, purpose, and scope of section 1071 and this
final rule as a general matter are addressed in D.1 in the Overview to
this part V above.
The Bureau is finalizing Sec. 1002.101 as proposed. Final Sec.
1002.101(a) provides that subpart B is issued by the Bureau pursuant to
section 704B of ECOA (15 U.S.C. 1691c-2), and states that, except as
otherwise provided therein, subpart B applies to covered financial
institutions, as defined in Sec. 1002.105(b), other than a person
excluded from coverage of this part by section 1029 of the Dodd-Frank
Act. Final Sec. 1002.101(b) sets out section 1071's two statutory
purposes of facilitating fair lending enforcement and enabling the
identification of business and community development needs and
opportunities for women-owned, minority-owned, and small businesses.
Section 1002.102 Definitions
The Bureau is finalizing a number of definitions for terms used in
subpart B, in Sec. 1002.102.\305\ These definitions generally fall
into several categories. First, some definitions in final Sec.
1002.102 refer to terms defined elsewhere in subpart B--specifically,
the terms business, covered application, covered credit transaction,
covered financial institution, financial institution, and small
business are defined in final Sec. Sec. 1002.106(a), 1002.103,
1002.104, 1002.105(b), 1002.105(a), and 1002.106(b), respectively.
These terms are of particular importance in subpart B, and the Bureau
is defining them in separate sections, rather than in Sec. 1002.102,
for ease of reading.
---------------------------------------------------------------------------
\305\ The Bureau notes that there are certain terms defined in
subpart B outside of final Sec. 1002.102. This occurs where a
definition is relevant only to a particular section. For example,
the firewall provisions in final Sec. 1002.108 use the phrases
``involved in making any determination concerning a covered
application'' and ``should have access.'' Those phrases are defined
in Sec. 1002.108(a). Such definitions are discussed in detail in
the section-by-section analyses of the provisions in which they
appear.
---------------------------------------------------------------------------
Second, some terms in final Sec. 1002.102 are defined by cross-
referencing the definitions of terms defined in existing Regulation B--
specifically, business credit, credit, and State are defined by
reference to existing Sec. 1002.2(g), (j), and (aa), respectively.
Similarly, a portion of the small business and affiliate definitions
refer to the SBA's regulation at 13 CFR 121.103. These terms are each
used in subpart B, and the Bureau believes it is appropriate to
incorporate them into the subpart B definitions in this manner.
Finally, the remaining terms are defined directly in final Sec.
1002.102. These include applicant, closed-end credit transaction,
LGBTQI+ individual, LGBTQI+-owned business, minority-owned business,
open-end credit transaction, principal owner, small business lending
application register, and women-owned business, as well as a portion of
the definition of affiliate. Some of these definitions draw on
definitions in existing Regulation B or elsewhere in Federal laws or
regulations.
The Bureau believes that basing this rule's definitions on
previously defined terms (whether in Regulation B or regulations
promulgated by another agency), to the extent possible, will
[[Page 35195]]
minimize regulatory uncertainty and facilitate compliance, particularly
where the other regulations are likely to apply to the same
transactions. As discussed further below, in certain instances, the
Bureau is deviating from the existing definitions for purposes of this
rule.
These definitions are each discussed in detail below. The Bureau is
finalizing these definitions pursuant to its authority under ECOA
section 704B(g)(1) to prescribe such rules and issue such guidance as
may be necessary to carry out, enforce, and compile data pursuant to
section 1071. In addition, the Bureau is finalizing certain of these
definitions to implement particular definitions in section 1071
including the statutory definitions set out in 704B(h). Any other
authorities that the Bureau is relying on to finalize certain
definitions are discussed in the section-by-section analyses of those
specific definitions.
102(a) Affiliate
Proposed Rule
The Bureau proposed Sec. 1002.102(a) to define ``affiliate'' based
on whether the term is used to refer to a financial institution or to
an applicant.
Proposed Sec. 1002.102(a) would have defined ``affiliate'' with
respect to a financial institution as any company that controls, is
controlled by, or is under common control with, another company, as set
forth in the Bank Holding Company Act of 1956.\306\ Existing Regulation
B does not define affiliate. This proposed definition would have
provided a consistent approach with the Bureau's Regulation C, which
applies the term to financial institutions, as defined in Regulation C,
for certain reporting obligations.\307\
---------------------------------------------------------------------------
\306\ 12 U.S.C. 1841 et seq.
\307\ See Regulation C comment 4(a)(11)-3.
---------------------------------------------------------------------------
Proposed Sec. 1002.102(a) would have defined ``affiliate'' with
respect to a business or an applicant as having the same meaning as
described in 13 CFR 121.103, which is an SBA regulation titled ``How
does SBA determine affiliation?'' The proposed definition would have
provided consistency with the Bureau's proposed approach to what
constitutes a small business for purposes of section 1071 in proposed
Sec. 1002.106(b). Proposed Sec. 1002.107(a)(14) would have permitted,
but not required, a financial institution to report the gross annual
revenue for the applicant in a manner that includes the revenue of
affiliates as well. In proposed Sec. 1002.107(a)(16), workers for
affiliates of the applicant would be counted in certain circumstances
for the number of workers data point.
The Bureau sought comment on its proposed approach to this
definition.
Comments Received
Several industry commenters provided feedback on the Bureau's
proposed definition of ``affiliate.'' A joint letter from several trade
associations asked the Bureau to provide clarification on how the
definition of ``affiliate'' applies in the context of commercial real
estate lending. Two other commenters objected to the Bureau's proposed
reference to the SBA definition to determine affiliate of a small
business because it can be changed by the SBA and the commenters
recommended that the Bureau simplify the definition.
The Bureau did not receive comments on the proposed definition of
``affiliate'' with respect to a financial institution.
Final Rule
For the reasons set forth herein, the Bureau is finalizing Sec.
1002.102(a) as proposed. The Bureau believes it is appropriate to
define ``affiliate'' with respect to financial institutions to be
consistent with the approach in the Bureau's Regulation C, and received
no comments suggesting it should do otherwise. The consistency with an
existing regulatory definition may help provide clarity for financial
institutions when determining their responsibilities under this final
rule.
Regarding commenters' suggestions to simplify the definition of
``affiliate,'' the Bureau does not believe it would be appropriate to
deviate from the SBA's definition for determining who is an affiliate
with respect to a business or an applicant. ECOA section 704B(h)(2)
defines the term ``small business'' as having the same meaning as
``small business concern'' in section 3 of the Small Business Act.\308\
Consistent with the statute, the Bureau's definitions of business and
small business in final Sec. 1002.106 refer to definitions in the
SBA's regulations, of which the SBA's definition of affiliate in 13 CFR
121.103 is a part. The Bureau believes that defining ``affiliate'' in
this manner is appropriate and necessary to maintain consistency with
the SBA's definitions. In addition, the Bureau believes that using a
commonly known existing regulatory definition will facilitate
compliance with reporting obligations under this final rule. Finally,
the Bureau believes the SBA's definition of affiliate is sufficiently
broad to afford financial institutions flexibility in the small
business size determination process, as discussed below in the section-
by-section analysis of Sec. 1002.106(b).
---------------------------------------------------------------------------
\308\ 15 U.S.C. 632.
---------------------------------------------------------------------------
The Bureau addresses the comment regarding how the definition of
``affiliate'' applies in the context of commercial real estate lending
in the section-by-section analysis of Sec. 1002.106(b)(1) below.
102(b) Applicant
Proposed Sec. 1002.102(b) would have defined ``applicant'' to mean
any person who requests or who has received an extension of business
credit from a financial institution. The term ``applicant'' is
undefined in section 1071. Proposed Sec. 1002.102(b) was based on the
definition of applicant in existing Regulation B, though for
consistency with other parts of the proposed rule, it added a
limitation that the credit be business credit and uses the term
financial institution instead of creditor. It also omitted the
references to other persons who are or may become contractually liable
regarding an extension of credit such as guarantors, sureties,
endorsers, and similar parties. The Bureau acknowledged that including
other such persons could exceed the scope of the data collection
anticipated by section 1071. Including them could also make the data
collection more difficult as financial institutions might need to
report data points (such as gross annual revenue, NAICS code, time in
business, and others) regarding multiple persons in connection with a
single application. The Bureau believed that collecting such
information on guarantors, sureties, endorsers, and similar parties
would likely not support section 1071's business and community
development purpose.
The Bureau sought comment on its proposed approach to this
definition and received one comment in response. The commenter
requested that the Bureau clarify that loans jointly made to multiple
borrowers, where one or more of the borrowers may qualify as a small
business under the rule but are not the primary business(es) seeking
the funding, are not subject to the reporting requirements.
For the reasons discussed herein, the Bureau is finalizing Sec.
1002.102(b) as proposed. The Bureau believes it is appropriate to base
the definition of applicant for purposes of new subpart B on the
definition of applicant in existing Regulation B, with the limitation
that the credit be business credit and using the term financial
institution instead of creditor. The Bureau likewise believes that it
is appropriate to limit the definition of applicant in subpart B to
only those persons who request, or have
[[Page 35196]]
received, an extension of business credit from a financial institution.
As such, the definition of applicant in final Sec. 1002.102(b) does
not include other persons who are or may become contractually liable
regarding an extension of business credit such as guarantors, sureties,
endorsers, and similar parties. As stated in final comment 102(b)-1, in
no way are the limitations to the term applicant in Sec. 1002.102(b)
intended to repeal, abrogate, annul, impair, change, or interfere with
the scope of the term applicant in existing Sec. 1002.2(e) as
applicable to existing Regulation B.
In response to the comment regarding loans jointly made to multiple
borrowers, the Bureau does not believe that a modification to the
definition of applicant is necessary. Rather, the Bureau is adding
comment 103(a)-10 to address data collection and reporting if a covered
financial institution receives a covered application from co-applicant
businesses that are not affiliates, as defined in final Sec.
1002.102(a). Final comment 103(a)-10 provides that if a covered
financial institution receives a covered application from multiple
businesses that are not affiliates, as defined by final Sec.
1002.102(a), it shall compile, maintain, and report data pursuant to
final Sec. Sec. 1002.107 through 1002.109 for only a single applicant
that is a small business, as defined in final Sec. 1002.106(b). A
covered financial institution shall establish consistent procedures for
designating a single small business for purposes of collecting and
reporting data under subpart B in situations where there is more than
one small business co-applicant, such as reporting on the first small
business listed on an application form. In addition, the Bureau notes
that--if the applicants are affiliated entities--the rule already
permits consideration of affiliates' revenues in determining whether a
business qualifies as small. See the section-by-section analyses of
Sec. Sec. 1002.106(b) and 1002.107(a)(14) for additional discussion of
affiliate revenue.
102(c) Business
Final Sec. 1002.102(c) refers to Sec. 1002.106(a) for a
definition of the term ``business.'' See the section-by-section
analysis of Sec. 1002.106(a) for a detailed discussion of that
definition.
102(d) Business Credit
Proposed Sec. 1002.102(d) would have referred to existing Sec.
1002.2(g) for a definition of the term ``business credit.'' The term
``credit'' is undefined in section 1071. Section 1071 does not use the
term ``business credit,'' though it does define ``small business loan''
as a loan made to a small business. Existing Sec. 1002.2(g) defines
``business credit'' as ``refer[ring] to extensions of credit primarily
for business or commercial (including agricultural) purposes, but
excluding extensions of credit of the types described in Sec.
1002.3(a)-(d),'' i.e., public utilities credit, securities credit,
incidental credit, and government credit.
The Bureau received two comments specific to its proposed
definition of business credit. These two commenters, both credit union
trade associations, expressed support for the proposed definition,
stating that it was familiar to credit unions and encompasses the most
common business credit products aimed at small business borrowers. The
Bureau also received numerous comments related to its proposed coverage
of agricultural credit, parts of which also touched on the proposed
definition of ``business credit''; these comments are discussed below
in the section-by-section analysis of Sec. 1002.104(a).
The Bureau is finalizing Sec. 1002.102(d) as proposed. Final Sec.
1002.102(d) points to existing Sec. 1002.2(g) in defining the term
``business credit.'' The Bureau believes it is appropriate to define
business credit by reference to the existing definition in Regulation
B, which incorporates by reference the meaning of ``credit,'' as
defined in existing Sec. 1002.2(j). For clarity and completeness, as
discussed below, the Bureau is also adopting existing Regulation B's
definition of credit. The Bureau's final rule uses the term business
credit principally in defining a covered credit transaction in Sec.
1002.104(a).
The Bureau notes that existing Sec. 1002.2(g) excludes public
utilities credit, securities credit, incidental credit, and government
credit (that is, extensions of credit made to governments or
governmental subdivisions, agencies, or instrumentalities--not
extensions of credit made by governments), as defined in existing Sec.
1002.3(a) through (d), from certain aspects of existing Regulation
B.\309\ For the purpose of subpart B, the Bureau is both incorporating
existing Sec. 1002.2(g)--which already includes partial carveouts for
public utilities credit, securities credit, and incidental credit--and
also finalizing complete exclusions for these types of credit from the
definition of a covered credit transaction in Sec. 1002.104(b). For
clarity, the Bureau is separately defining these terms in Sec.
1002.104(b) and explains the rationales for excluding each of them in
the section-by-section analysis of Sec. 1002.104(b) below. The Bureau
is not adopting an exclusion for extensions of credit made to
governments or governmental subdivisions, agencies, or
instrumentalities, because governmental entities do not constitute
small businesses under the final rule.\310\
---------------------------------------------------------------------------
\309\ As explained in existing comment 3-1, under Sec. 1002.3,
procedural requirements of Regulation B do not apply to certain
types of credit. The comment further states that all classes of
transactions remain subject to Sec. 1002.4(a) (the general rule
barring discrimination on a prohibited basis) and to any other
provision not specifically excepted.
\310\ Government entities are not ``organized for profit'' and
thus are not a ``business concern'' under final Sec. 1002.106(a).
---------------------------------------------------------------------------
102(e) Closed-End Credit Transaction
Proposed Sec. 1002.102(e) would have stated that a closed-end
credit transaction means an extension of credit that is not an open-end
credit transaction under proposed Sec. 1002.102(n). The term ``closed-
end credit transaction'' is undefined in section 1071. The Bureau's
proposal would have specified different requirements for collecting and
reporting certain data points based on whether the application is for a
closed-end credit transaction or an open-end credit transaction. The
definition of open-end credit transaction was addressed in proposed
Sec. 1002.102(n).
The Bureau sought comment on its proposed approach to the
definition of a closed-end credit transaction. The Bureau received no
comments and is finalizing Sec. 1002.102(e) with one revision for
clarity. The Bureau is revising the definition of a closed-end credit
transaction to mean an extension of business credit that is not an
open-end credit transaction under Sec. 1002.102(n). The Bureau
believes this definition is reasonable as it aligns with the definition
of ``open-end credit transaction'' in final Sec. 1002.102(o), and that
such alignment will minimize confusion and facilitate compliance.
102(f) Covered Application
Final Sec. 1002.102(f) refers to Sec. 1002.103 for a definition
of the term ``covered application.'' See the section-by-section
analysis of Sec. 1002.103 for a detailed discussion of that
definition.
102(g) Covered Credit Transaction
Final Sec. 1002.102(g) refers to Sec. 1002.104 for a definition
of the term ``covered credit transaction.'' See the section-by-section
analysis of Sec. 1002.104 for a detailed discussion of that
definition.
[[Page 35197]]
102(h) Covered Financial Institution
Final Sec. 1002.102(h) refers to Sec. 1002.105(b) for a
definition of the term ``covered financial institution.'' See the
section-by-section analysis of Sec. 1002.105(b) for a detailed
discussion of that definition.
102(i) Credit
Proposed Sec. 1002.102(i) would have referred to existing Sec.
1002.2(j) for a definition of the term ``credit.'' The term ``credit''
is undefined in section 1071. Existing Sec. 1002.2(j), which largely
follows the definition of credit in ECOA,\311\ defines ``credit'' to
mean the right granted by a creditor to an applicant to defer payment
of a debt, incur debt and defer its payment, or purchase property or
services and defer payment therefor. The Bureau sought comment on its
proposed approach to this definition.
---------------------------------------------------------------------------
\311\ See 15 U.S.C. 1691a. Existing Regulation B uses the term
``applicant'' instead of ``debtor.''
---------------------------------------------------------------------------
The Bureau received several comments regarding its proposed
definition of ``credit.'' A few community groups expressed general
support for a broad definition of credit. To ensure adequate coverage
for future products, one commenter suggested defining credit to also
cover situations where money is transmitted to a recipient but the
money still effectively belongs to the transmitter and is to be repaid
according to certain terms. Another commenter advocated for a credit
definition that included as many lenders (and financing companies that
are not technically lenders) as possible within the scope of this
rulemaking, even when such companies are providing financing in a
format that, according to the commenter, is not technically credit (the
commenter offered cash advance and factoring companies as examples).
For the reasons set forth herein, the Bureau is finalizing Sec.
1002.102(i) as proposed. Section 1002.102(i) refers to existing Sec.
1002.2(j) for a definition of the term ``credit.'' The Bureau believes
that aligning to the implemented definition of credit in ECOA \312\ for
purposes of subpart B will help to foster consistency with existing
Regulation B. The term credit in subpart B is used in the context of
what constitutes a covered credit transaction--that is, whether the
application is reportable under this final rule. See the section-by-
section analysis of Sec. 1002.104 below for a detailed discussion of
what does, and does not, constitute a covered credit transaction for
purposes of this final rule.
---------------------------------------------------------------------------
\312\ See id. Existing Regulation B closely aligns with the
definition of credit in ECOA, with some technical revisions and use
of the term ``applicant'' instead of ``debtor.''
---------------------------------------------------------------------------
102(j) Financial Institution
Final Sec. 1002.102(j) refers to Sec. 1002.105(a) for a
definition of the term ``financial institution.'' See the section-by-
section analysis of Sec. 1002.105(a) for a detailed discussion of that
definition.
102(k) LGBTQI+ Individual and 102(l) LGBTQI+-Owned Business
Proposed Rule
ECOA section 704B(e)(2)(H) authorizes the Bureau to require
financial institutions to compile and maintain ``any additional data
that the Bureau determines would aid in fulfilling the purposes of this
section.'' In the NPRM, the Bureau sought comment on whether it should
adopt a data point to collect an applicant's lesbian, gay, bisexual,
transgender, or queer plus (LGBTQ+)-owned business status, similar to
its proposal for collecting minority-owned business status and women-
owned business status under proposed Sec. 1002.107(a)(18) and (19).
The Bureau also sought comment on whether including this question,
along with others, would improve data collection or otherwise further
section 1071's purposes, as well as whether it would pose any
particular burdens or challenges for industry.\313\
---------------------------------------------------------------------------
\313\ 86 FR 56356, 56482 (Oct. 8, 2021).
---------------------------------------------------------------------------
This section-by-section analysis of Sec. 1002.102(k) and (l)
discusses the Bureau's definition of LGBTQI+ individual and the related
definition of LGBTQI+-owned business, respectively. Collection of
LGBTQI+-owned business status is addressed in the section-by-section
analysis of Sec. 1002.107(a)(18).
Comments Received
The Bureau received comments from several lenders, individual
commenters, and community and advocacy groups as to whether the Bureau
should adopt a data point to collect an applicant's ``LGBTQ+-owned
business'' status.\314\ As explained further in the section-by-section
analysis of Sec. 1002.107(a)(18), some of these commenters did not
support including such a data point in the final rule (and thus did not
make any suggestions for how an LGBTQ+-owned business should be
defined). One commenter opposed collecting LGBTQ+ data without a
corresponding proposal to modify the definition of minority-owned
business.
---------------------------------------------------------------------------
\314\ The terms ``LGBT,'' ``LGBTQ,'' ``LGBTQ+,'' and
``LGBTQIA+'' are used in this preamble to reflect the specific terms
used by commenters, the conditions or titles of any cited research,
or (particularly for ``LGBTQ+'') the Bureau's request for comment in
the NPRM.
---------------------------------------------------------------------------
In contrast, other commenters supported requiring the collection
and reporting of applicants' LGBTQ+-owned business status information.
As discussed further in the section-by-section analysis of Sec.
1002.107(a)(18), commenters generally explained that collecting such
data would enhance fair lending enforcement and identify credit needs
for these small businesses.
Most of these commenters generally echoed the Bureau's use of the
term ``LGBTQ+-owned business'' status in expressing their support for
the data point. Several recommended that the Bureau require financial
institutions' inquiries about such status to include a definition of
the status and give applicants response options specifically indicating
that they are or are not such a business, similar to the Bureau's
proposed approach for requesting information about applicants'
minority-owned and women-owned business status.
One commenter suggested that the Bureau use the phrase ``LGBTQI+-
owned business'' and include a definition in the final rule. The
commenter recommended that the Bureau define the term as a business
where (1) more than 50 percent of the ownership or control of which is
held by one or more individuals self-identifying as lesbian, gay,
bisexual, transgender, queer, or intersex and (2) more than 50 percent
of the net profit or loss accrues to one or more individuals self-
identifying as lesbian, gay, bisexual, transgender, queer, or intersex.
The commenter stated that this definition is similar to the definitions
of minority-owned and women-owned businesses and consistent with other
Federal government and expert practice and recommendations as well as
the definition of ``LGBTQ-owned business'' in Federal legislation that
was pending at that time.\315\
---------------------------------------------------------------------------
\315\ The commenter cited the LGBTQ Business Equal Credit
Enforcement and Investment Act, H.R. 1443, 117th Cong. (2021),
https://www.congress.gov/bill/117th-congress/house-bill/1443/text
(which would have amended ECOA section 704B to, among other things,
require financial institutions to inquire whether a business is a
``LGBTQ-owned'' business).
---------------------------------------------------------------------------
Final Rule
As discussed further in part II above and the section-by-section
analysis of Sec. 1002.107(a)(18) below, the Bureau believes that the
collection of an applicant's LGBTQI+-owned business status will aid in
fulfilling the purposes of section 1071, by facilitating evaluations of
potential discriminatory
[[Page 35198]]
lending practices on the basis of sex in violation of fair lending laws
and helping communities, governmental entities, and creditors identify
needs and opportunities of small businesses. Thus, the Bureau is
adopting Sec. 1002.102(k) and (l) pursuant to its authority under ECOA
section 704B(e)(2)(H) to require financial institutions to compile and
maintain any additional data that the Bureau determines would aid in
fulfilling the purposes of section 1071 and its authority under ECOA
section 704B(g)(1) to prescribe such rules and issue such guidance as
may be necessary to carry out, enforce, and compile data pursuant to
the statute. The Bureau is not, as suggested by one commenter,
including LGBTQI+ status in the definition of minority-owned business,
but is, as requested by multiple commenters, adopting a definition of
LGBTQI+ owned business that largely parallels the definition of a
minority-owned business.
For the reasons set forth herein, the Bureau is defining ``LGBTQI+
individual'' in final Sec. 1002.102(k) as including an individual who
identifies as lesbian, gay, bisexual, transgender, queer, or intersex.
The Bureau is defining the term ``LGBTQI+-owned business'' in final
Sec. 1002.102(l) as ``a business for which one or more LGBTQI+
individuals hold more than 50 percent of its ownership or control, and
for which more than 50 percent of the net profits or losses accrue to
one or more such individuals.'' Both definitions are being included to
facilitate the requirement in final Sec. 1002.107(a)(18) that
financial institutions collect an applicant's minority-owned, women-
owned, and LGBTQI+-owned business statuses.
The Bureau agrees with a commenter's suggestion to use the term
``LGBTQI+-owned business''--including an ``I'' to capture intersex
individuals--instead of ``LGBTQ+-owned business.'' \316\ The Bureau
believes that the term ``LGBTQI+-owned business'' better reflects the
Bureau's intent to be broadly inclusive.
---------------------------------------------------------------------------
\316\ Explicit inclusion of intersex individuals within the
scope of the definitions for LGBTQI+ individual and LGBTQI+-owned
business is consistent with the prohibitions against discrimination
on the basis of ``sex'' under ECOA and Regulation B. Sex
characteristics including intersex traits are ``inextricably bound
up with'' sex,'' Bostock v. Clayton Cty., 140 S. Ct. 1731, 1742
(2020), and ``cannot be stated without referencing sex,'' Grimm v.
Gloucester Cty. Sch. Bd., 972 F.3d 586, 608 (4th Cir. 2020) (quoting
Whitaker v. Kenosha Unified Sch. Dist. No. 1 Bd. of Educ., 858 F.3d
1034, 1051 (7th Cir. 2017)).
---------------------------------------------------------------------------
The Bureau notes that in user testing it conducted to assist its
understanding of small business applicants' potential experience using
the sample data collection form in the summer and fall of 2022, a few
users were confused by the term ``LGBTQI+-owned business.'' \317\
Therefore, and consistent with commenters' suggestions, final comments
102(l)-2 and 107(a)(18)-2 explain that a financial institution must
provide the definition of LGBTQI+-owned business when inquiring as to
the applicant's business ownership status pursuant to final Sec.
1002.107(a)(18). A financial institution may use the definition as set
forth on the sample data collection form at appendix E. Final comment
102(l)-2 also clarifies that a financial institution must provide the
definition of LGBTQI+ individual under final Sec. 1002.102(k) if asked
by the applicant, but does not need to do so unless asked.
---------------------------------------------------------------------------
\317\ CFPB, User testing for sample data collection form for the
small business lending final rule at app. C, at 3, 8 (Mar. 2023),
https://www.consumerfinance.gov/data-research/research-reports/user-testing-for-sample-data-collection-form-for-the-small-business-lending-final-rule/.
---------------------------------------------------------------------------
Final comment 102(l)-2 clarifies that the definition of LGBTQI+-
owned business is used only when an applicant determines if it is such
a business for purposes of final Sec. 1002.107(a)(18). The financial
institution is not permitted or required to make its own determination
as to whether an applicant is a LGBTQI+-owned business.
In line with commenters' suggestions, the definition for LGBTQI+-
owned business in final Sec. 1002.102(l) parallels concepts in the
Bureau's definitions for minority-owned business and women-owned
business in final Sec. 1002.102(m) and (s), respectively. The final
rule's LGBTQI+-owned business definition incorporates the same two-
prong approach as the other business status definitions, with more than
50 percent ownership or control as the first prong and more than 50
percent of net profits or losses as the second prong.
The commentary for final Sec. 1002.102(l) generally mirrors the
commentary for the minority-owned business and women-owned business
definitions in the final rule.\318\ Final comment 102(l)-1 explains
that a business must satisfy both prongs of the definition to be a
LGBTQI+-owned business--that is, (A) more than 50 percent of the
ownership or control is held by one or more LGBTQI+ individuals, and
(B) more than 50 percent of the net profits or losses accrue to one or
more LGBTQI+ individuals. Final comment 102(l)-1 clarifies that the
first prong of the definition can be met through either the control or
ownership requirements (as do final comments 102(m)-1 and 102(s)-1).
---------------------------------------------------------------------------
\318\ For discussion of comments as to the concepts of ownership
and control in the LGBTQI+-owned business definition, the Bureau
refers to discussion of these concepts in the section-by-section
analyses of Sec. 1002.102(m) and (s) regarding the definitions for
minority-owned business and women-owned business.
---------------------------------------------------------------------------
Final comments 102(l)-3 through -6 mirror the corresponding
commentary for the definitions of minority-owned business and women-
owned business and provide clarifications of terms used and the
concepts of ownership, control, and accrual of net profits or losses.
102(m) Minority-Owned Business
Proposed Rule
As discussed further herein, the final rule combines proposed Sec.
1002.102(l) (minority individual) into final Sec. 1002.102(m) to
streamline the rule and facilitate compliance.
ECOA section 704B(b)(1) requires financial institutions to inquire
whether applicants for credit are minority-owned businesses. For
purposes of the financial institution's inquiry under 704B(b),
704B(h)(5) defines a business as a minority-owned business if (A) more
than 50 percent of the ownership or control is held by one or more
minority individuals, and (B) more than 50 percent of the net profit or
loss accrues to one or more minority individuals. Section 1071 does not
expressly define the related terms of ``ownership'' or ``control,'' nor
does it describe what it means for net profits or losses to accrue to
an individual. Section 704B(h)(4) defines the term ``minority'' as
having the same meaning as in section 1204(c)(3) of the Financial
Institutions Reform, Recovery, and Enforcement Act of 1989
(FIRREA).\319\ That statute defines ``minority'' to mean any Black
American, Native American, Hispanic American, or Asian American.\320\
While section 1071 uses the term ``minority individual'' in 704B(h)(5),
it does not define that term.
---------------------------------------------------------------------------
\319\ Public Law 101-73, section 1204(c)(3), 103 Stat. 183, 521
(1989) (12 U.S.C. 1811 note).
\320\ Id.
---------------------------------------------------------------------------
Proposed Sec. 1002.102(l)--definition of minority individual.
Proposed Sec. 1002.102(l) would have clarified that the term
``minority individual'' means a natural person who is American Indian
or Alaska Native, Asian, Black or African American, Native Hawaiian or
Other Pacific Islander, and/or Hispanic or Latino. As explained in the
NPRM, the Bureau believed that these categories represent contemporary,
more specific delineations of the categories described in section
1204(c)(3) of FIRREA. Proposed comment 102(1)-2
[[Page 35199]]
would have clarified that a multi-racial or multi-ethnic person is a
minority individual. Proposed comment 102(1)-1 would have clarified
that this definition would be used only when an applicant determines
whether it is a minority-owned business pursuant to proposed Sec. Sec.
1002.102(m) (definition of minority-owned business) and 1002.107(a)(18)
(data point for minority-owned business status). Proposed comment
102(1)-3 would have clarified the relationship of the definition of
minority individual to the disaggregated subcategories used to
determine a principal owner's ethnicity and race.
The Bureau sought comment on its proposed approach to this
definition, including its proposed clarification of the definition of
minority individual, and requested comment on whether additional
clarification was needed. The Bureau also sought comment on whether the
definition of minority individual should include a natural person who
is Middle Eastern or North African, and whether doing so should be
dependent on whether Middle Eastern or North African is added as an
aggregate category for purposes of proposed Sec. 1002.107(a)(20).\321\
---------------------------------------------------------------------------
\321\ The Bureau received a number of comments regarding whether
Middle Eastern or North African should be added as an aggregate
category. Those comments are discussed in the section-by-section
analysis of Sec. 1002.107(a)(19).
---------------------------------------------------------------------------
Proposed Sec. 1002.102(m)--definition of minority-owned business.
Proposed Sec. 1002.102(m) would have defined a minority-owned business
as a business for which more than 50 percent of its ownership or
control is held by one or more minority individuals, and more than 50
percent of its net profits or losses accrue to one or more minority
individuals. Proposed comment 102(m)-1 would have explained that a
business must satisfy both prongs of the definition to be a minority-
owned business--that is, (A) more than 50 percent of the ownership or
control is held by one or more minority individuals, and (B) more than
50 percent of the net profits or losses accrue to one or more minority
individuals.
Proposed comment 102(m)-2 would have clarified that the definition
of minority-owned business is used only when an applicant determines if
it is a minority-owned business for purposes of proposed Sec.
1002.107(a)(18). A financial institution would provide the definition
of minority-owned business when asking the applicant to provide
minority-owned business status pursuant to proposed Sec.
1002.107(a)(18), but a financial institution would not be permitted or
required to make its own determination regarding whether an applicant
is a minority-owned business for this purpose.
Proposed comment 102(m)-3 would have further noted that a financial
institution would be permitted to assist an applicant when determining
whether it is a minority-owned business but would not be required to do
so, and could provide the applicant with the definitions of ownership,
control, and accrual of net profits or losses set forth in proposed
comments 102(m)-4 through -6. Additionally, for purposes of reporting
an applicant's minority-owned business status, a financial institution
would rely on the applicant's determinations of its ownership, control,
and accrual of net profits and losses.
The Bureau proposed to clarify ``ownership'' and ``control'' using
concepts from the beneficial ownership requirements in FinCEN's
customer due diligence rule.\322\ Proposed comment 102(m)-4 would have
clarified that a natural person owns a business if that natural person
directly or indirectly, through any contract, arrangement,
understanding, relationship or otherwise, has an equity interest in the
business. Proposed comment 102(m)-4 would have also provided examples
of ownership and clarified that, where applicable, ownership would need
to be traced or followed through corporate or other indirect ownership
structures for purposes of proposed Sec. Sec. 1002.102(m) and
1002.107(a)(18). Proposed comment 102(m)-5 would have clarified that a
natural person controls a business if that natural person has
significant responsibility to manage or direct the business, and would
have provided examples of natural persons who control a business.
Proposed comment 102(m)-6 would have clarified that a business's net
profits and losses accrue to a natural person if that natural person
receives the net profits or losses, is legally entitled or required to
receive the net profits or losses, or is legally entitled or required
to recognize the net profits or losses for tax purposes.
---------------------------------------------------------------------------
\322\ See 31 CFR 1010.230 (describing the beneficial ownership
requirements for legal entity customers). The Department of the
Treasury's Financial Crimes Enforcement Unit (FinCEN) recently
issued a final rule to implement requirements regarding reporting of
beneficial ownership information pursuant to the Corporate
Transparency Act, 31 U.S.C. 5336. See 87 FR 59498 (Sept. 30, 2022).
While FinCEN's final rule does not include changes to the current
customer due diligence rule, FinCEN has indicated its intent to
revise the customer due diligence rule in a future rulemaking. See
id. at 59507. FinCEN's final rule includes definitions for
beneficial owner that will be different from what currently exists
in the customer due diligence rule, as to both control and
ownership, when the rule goes into effect on January 1, 2024. See
id. at 59594. However, the final rule does not change the 25 percent
threshold for determining ownership. See id.
---------------------------------------------------------------------------
The Bureau sought comment on the proposed definition of minority-
owned business and possible alternatives that may clarify the term in
order to help ensure that small business applicants can determine
whether they are minority-owned businesses for purposes of data
collection pursuant to section 1071.
Comments Received
Proposed Sec. 1002.102(l)--definition of minority individual. The
Bureau received comments regarding the definition of minority
individual from several industry commenters and community groups.
One community group stated that the Bureau's proposal to mirror
HMDA with respect to the definition of minority individual is desirable
because HMDA's racial and ethnic categories are reasonably
comprehensive, and using the same categories eases reporting
requirements and creates consistency for applicants. A group of trade
associations and a bank supported the Bureau's proposal to define a
minority individual using only aggregate ethnicity and race categories,
stating that doing so will help lessen confusion. Another bank
requested clarification on who is considered multi-racial or multi-
ethnic for purposes of the rule.
Proposed Sec. 1002.102(m)--definition of minority-owned business.
The Bureau received comments regarding the definition of minority-owned
business from lenders, trade associations, and community groups.
One community group stated that the collection of data on minority-
owned businesses, along with the collection of data on women-owned
businesses, will help illustrate the experience of firms owned by women
of color who likely face even higher barriers to accessing small
business credit than those firms not owned by women of color. The
commenter noted that these firms comprise a significant portion of
small businesses and there are a greater proportion of women of color
who own businesses than the share of white-owned businesses owned by
women. Another requested that the Bureau add an ``I don't know''
response to the list of possible responses, as there may be applicants
who cannot make a legal conclusion as to whether the small business is
minority-owned. A trade association asserted that inquiring about the
ethnicity (or gender) of business owners is contrary to the
expectations of financial institutions and applicants alike.
[[Page 35200]]
Regarding the proposed requirement that in order to be considered a
minority-owned business, one or more minority individuals must hold
more than 50 percent of the ownership or control of the business, the
Bureau received comments from several community groups and lenders in
support. Conversely, a trade association and a bank urged the Bureau to
revise the requirement such that one or more minority individuals must
hold ``50 percent or more'' of the ownership or control because the
statutory definition may result in underreporting for equal
partnerships with mixed race partners and this would, they said, slant
the statistical picture.
Regarding the proposed requirement that in order to be considered a
minority-owned business, more than 50 percent of the net profit or loss
must accrue to one or more minority individuals, a community group
stated that the definition is appropriate to prevent illusory
``ownership'' by a minority individual. Several other commenters also
supported the definition.
Several industry commenters requested that the Bureau not include
the requirement that more than 50 percent of the net profits or losses
must accrue to one or more minority individuals. Some of these
commenters stated that the initial prong of the definition requiring
more than 50 percent of ownership or control by a minority individual
is sufficient for determining ownership and would reduce complexity for
borrowers. A CDFI lender stated that defining ownership based on a
profit and loss calculation may not fully serve the objectives of the
statute, and asked the Bureau to consider the CDFI Fund definition of
minority-owned business.\323\ Several commenters also argued that the
net profits or losses prong complicates the definition, could result in
inaccurate data collection, implicates the limited understanding of
many small business owners regarding the meaning of net profits and
losses as well as the sensitive nature of these issues, and concluded
that many small business owners will not understand the definition as
provided and will, as a result, decline to answer the question.
---------------------------------------------------------------------------
\323\ The community group cited to the September 2021 CDFI
Transactional Level Report Data Point Guidance, which provides
guidance on providing transactional level report data. Under
``Minority Owned or Controlled,'' the guidance states to ``[r]eport
whether the investee/borrower is more than 50% owned or controlled
by one or more minorities. If the business is a for-profit entity,
report whether more than 50% of the owners are minorities. If the
business is a nonprofit entity, report whether more than 50% of its
Board of Directors are minorities.'' CDFI Fund, CDFI Transactional
Level Report Data Point Guidance, at 33 (Sept. 2021), https://www.cdfifund.gov/sites/cdfi/files/2021-08/CDFITLRGuidance_Final_Sept2021.pdf.
---------------------------------------------------------------------------
A bank asked for clarification whether data (specifically
demographic data) collected in prior years could be reused, and what to
do if there are multiple collections. Specifically, the commenter gave
an example of an applicant that provides demographic information for
one application, and then chooses not to provide information for a
subsequent application, and asking which collection should be
reported.\324\ A trade association stated that it is possible in
certain states for a third party non-owner to act as trustee of a
trust, and that the Bureau should change a comment example to clarify
whether it is the Bureau's intent to presume that the trustee of a
trust is the owner. Another bank also asserted that requiring banks to
collect such information is costly to banks, customers, and
communities. A group of trade associations asserted that the commentary
should be revised to explicitly state that a financial institution must
provide an applicant with the applicable definition.
---------------------------------------------------------------------------
\324\ See the section-by-section analysis of Sec. 1002.107(d)
regarding the use of previously collected data.
---------------------------------------------------------------------------
Several industry commenters supported the proposal to rely solely
on the data provided by the applicant and that financial institutions
should not be required to verify any such information provided by the
applicant. With respect to self-certification of minority-owned
business status, two trade associations supported permitting credit
applicants to self-certify that 50 percent or more of the net profit or
loss accrues to one or more minority individuals, rather than lenders
needing to verify this information. Another trade association asserted
that the applicant should solely determine whether the individual
owners are multi-ethnic or multi-racial individuals and the financial
institution should not be required to otherwise verify or report any
information other than that supplied by the applicant.
Final Rule
For the reasons set forth herein, the Bureau is finalizing Sec.
1002.102(m) with a number of revisions to the regulatory text and
commentary to incorporate the definition of minority individual. The
Bureau has made these changes to streamline the rule and facilitate
compliance. The Bureau is otherwise finalizing the associated
commentary with a minor adjustment for clarity.
Final Sec. 1002.102(m) defines a minority-owned business as a
business for which one or more American Indian or Alaska Native, Asian,
Black or African American, Native Hawaiian or Other Pacific Islander,
or Hispanic or Latino individuals hold more than 50 percent of its
ownership or control and for which more than 50 percent of the net
profits or losses accrue to one or more such individuals. Final comment
102(m)-1 explains that a business must satisfy both prongs of the
definition to be a minority-owned business--that is, (A) more than 50
percent of the ownership or control is held by one or more such
individuals, and (B) more than 50 percent of the net profits or losses
accrue to one or more such individuals. Final comment 102(m)-1 includes
an additional sentence to clarify that a business that is controlled by
an individual with the characteristics listed in the regulatory text
satisfies this prong of the definition even if none of the individuals
with ownership in the business satisfies those characteristics.
Final comment 102(m)-2 clarifies that the definition of minority-
owned business is used only when an applicant determines if it is a
minority-owned business for purposes of final Sec. 1002.107(a)(18),
and is finalized with an adjustment made for clarity. Final comment
102(m)-3 is finalized as proposed and notes that a financial
institution is permitted to assist an applicant when determining
whether it is a minority-owned business but is not required to do so,
may provide the applicant with the definitions of ownership, control,
and accrual of net profits or losses set forth in final comments
102(m)-4 through -6, and that, for purposes of reporting an applicant's
minority-owned business status, a financial institution relies on the
applicant's determinations of its ownership, control, and accrual of
net profits and losses.
Final comment 102(m)-4, finalized with minor edits for consistency
and clarity, provides examples of ownership and clarifies that, where
applicable, ownership needs to be traced through corporate or other
indirect ownership structures. With regard to a commenter's assertion
that, in certain states, a trustee could act as a third party non-owner
trustee of a trust, the Bureau believes the trustee would be considered
an owner for purposes of this definition. Final comment 102(m)-4 also
clarifies (as it did in the Bureau's proposal) that a trustee is
considered the owner of a trust.
Final comment 102(m)-5 clarifies that an individual controls a
business if that individual has significant responsibility
[[Page 35201]]
to manage or direct the business, while final comment 102(m)-6
clarifies that a business's net profits and losses accrue to an
individual if that individual receives the net profits, is legally
entitled or required to receive the net profits or losses, or is
legally entitled or required to recognize the net profits or losses for
tax purposes. Both comments are finalized with minor edits for
consistency and clarity.
Final comments 102(m)-7 and -8 are adopted from the commentary to
proposed Sec. 1002.102(l) (respectively, proposed comments 102(l)-2
and -3). Final comment 102(m)-7 clarifies that an individual who is
multi-racial or multi-ethnic constitutes an individual for which the
definition of minority-owned business may apply, depending on whether
the individual meets the other requirements of the definition. Final
comment 102(m)-8 clarifies that the relationship of the ethnicity and
race categories used in this section are aggregate ethnicity and race
categories and are the same aggregate categories (along with Not
Hispanic or Latino for ethnicity, and White for race) to collect an
applicant's principal owners' ethnicity and race pursuant to final
Sec. 1002.107(a)(19). Final comment 102(m)-8 is revised from proposed
comment 102(l)-3 to more clearly state the relationship of the
ethnicity and race disaggregated subcategories in this comment to those
used in final Sec. 1002.107(a)(19). Proposed comment 102(l)-1 was not
finalized because it was no longer relevant once the definition of
minority individual was incorporated into the minority-owned business
definition.
With respect to the categories of persons that constitute
minorities for purposes of determining minority-owned business status,
the Bureau believes its clarified terminology in final Sec.
1002.102(m), which uses the aggregate ethnicity and race categories set
forth in existing Sec. 1002.13(a)(1)(i) and appendix B to Regulation
C, will avoid the potentially confusing situation where an applicant is
presented one set of aggregate ethnicity and race categories when
answering questions about the principal owners' ethnicity and race
pursuant to final Sec. 1002.107(a)(19) (which also uses the same
aggregate ethnicity and race categories) \325\ but is asked to use a
different set of aggregate categories when indicating whether the
business is a minority-owned business. It also avoids creating a
situation where a financial institution is required to use different
aggregate ethnicity and race categories when complying with different
portions of Regulation B and, if applicable, Regulation C. This
consistency across ethnicity and race data collection regimes will also
allow for better coordination among data users when reviewing
data.\326\ Further, the Bureau believes that these categories represent
contemporary, more specific delineations of the categories described in
section 1204(c)(3) of FIRREA.\327\
---------------------------------------------------------------------------
\325\ The Bureau notes that while the aggregate ethnicity and
race categories are the same among final Sec. 1002.107(a)(19),
existing Sec. 1002.13(a)(1)(i), and appendix B to Regulation C, the
disaggregated race subcategories that an applicant may use to
respond to a financial institution's inquiry as to its principal
owners' race under final Sec. 1002.107(a)(19) differ (i.e., due to
the addition of disaggregated Black or African American race
subcategories) from the disaggregated race subcategories in existing
Sec. 1002.13(a)(1)(i), and appendix B to Regulation C. See the
section-by-section analysis of Sec. 1002.107(a)(19).
\326\ For example, OMB uses these same categories for the
classification of Federal data on race and ethnicity. See Off. of
Mgmt. & Budget, Revisions to the Standards for the Classification of
Federal Data on Race and Ethnicity, 62 FR 58785 (Oct. 30, 1996).
\327\ See, e.g., 80 FR 36356 (June 24, 2015) (NCUA interpretive
ruling and policy statement implementing an identical FIRREA
definition of minority using this same modern technology).
---------------------------------------------------------------------------
The Bureau does not believe it would be appropriate to deviate from
the statutory definition of a minority-owned business in the various
ways some commenters suggested, and the Bureau's authority to deviate
from the statutory language is limited. The Bureau also believes that
many small business applicants already respond to questions about who
owns and who controls a business entity when completing customer due
diligence forms or otherwise responding to questions related to that
rule and thus will be familiar with these concepts. Although the
customer due diligence rule does not address the second prong of the
definition regarding accrual of net profits or losses, final comment
102(m)-6 provides a comprehensive explanation of this prong of the
definition.
With regard to comments urging the Bureau to remove the prong
requiring that more than 50 percent of its net profits or losses accrue
to one or more minority individuals in order to be considered a
minority-owned business, aside from the Bureau's limited authority to
deviate from the statutory language, the Bureau finds that this prong
is necessary to prevent illusory ``ownership'' claims by ``straw''
owners.
Finally, with regard to commenters' requests for further
clarification, in accordance with ECOA section 704B(g)(3), the Bureau
may release material, as part of its regulatory implementation
strategy, to assist both financial institutions with complying with the
requirements of Sec. 1002.102(m) and small businesses in understanding
this definition.
102(n) Open-End Credit Transaction
Proposed Sec. 1002.102(n) would have stated that an open-end
credit transaction means an open-end credit plan as defined in
Regulation Z Sec. 1026.2(a)(20), but without regard to whether the
credit is consumer credit, as defined in Sec. 1026.2(a)(12), is
extended by a creditor, as defined in Sec. 1026.2(a)(17), or is
extended to a consumer, as defined in Sec. 1026.2(a)(11). The term
``open-end credit transaction'' is undefined in section 1071. The
Bureau's proposal would have specified different rules for collecting
and reporting certain data points based on whether the application is
for a closed-end credit transaction or an open-end credit transaction.
The Bureau sought comment on its proposed approach to this
definition. The Bureau received no comments and is finalizing Sec.
1002.102(n) as proposed. The Bureau believes this definition is
reasonable because it aligns with the definition of ``open-end credit
transaction'' in Regulation Z Sec. 1026.2(a)(20), and that such
alignment will minimize confusion and facilitate compliance.
102(o) Principal Owner
Proposed Rule
ECOA section 704B(e) requires financial institutions to compile and
maintain the ethnicity, race, and sex of an applicant's principal
owners. However, section 1071 does not expressly define who is a
principal owner of a business. Proposed Sec. 1002.102(o) would have
defined principal owner in a manner that is, in part, consistent with
the beneficial ownership requirements in FinCEN's customer due
diligence rule.\328\ Specifically, a natural person would be a
principal owner if the natural person directly owns 25 percent or more
of the equity interests of the business. Further, as noted in proposed
comment 102(o)-1, a natural person would need to directly own an equity
share of 25 percent or more in the business in order to be a principal
owner. The Bureau also
[[Page 35202]]
proposed that entities not be considered principal owners and indirect
ownership by individuals likewise not be considered when determining if
someone is a principal owner for purposes of collecting and reporting
principal owners' ethnicity, race, and sex or the number of principal
owners. Thus, when determining who is a principal owner, ownership
would not be traced through multiple corporate structures to determine
if a natural person owns 25 percent or more of the applicant's equity
interests. Additionally, because only a natural person would be a
principal owner for purposes of the rule, entities such as trusts,
partnerships, limited liability companies, and corporations, would not
be principal owners.
---------------------------------------------------------------------------
\328\ See 31 CFR 1010.230 (describing the beneficial ownership
requirements for legal entity customers). As noted above, FinCEN
recently issued a final rule to implement requirements regarding
reporting of beneficial ownership information pursuant to the
Corporate Transparency Act. See 87 FR 59498 (Sept. 30, 2022). That
final rule does not amend the current customer due diligence rule
(although FinCEN has indicated that it will be revised at a later
point). See 87 FR 59498, 59507. Notably, however, FinCEN's final
rule did not change the 25 percent threshold for determining
ownership. See id. at 59594.
---------------------------------------------------------------------------
Proposed comment 102(o)-2 would have clarified that a financial
institution would provide an applicant with the definition of principal
owner when asking the applicant to provide the number of its principal
owners pursuant to proposed Sec. 1002.107(a)(20) and the ethnicity,
race, and sex of its principal owners pursuant to proposed Sec.
1002.107(a)(19). Proposed comment 102(o)-2 would have also explained
that if a financial institution meets in person with a natural person
about a covered application, the financial institution may be required
to determine if the natural person with whom it meets is a principal
owner in order to collect and report the principal owner's ethnicity
and race based on visual observation and/or surname. Additionally,
proposed comment 102(o)-2 would have noted that if an applicant does
not provide the number of its principal owners in response to the
financial institution's request pursuant to proposed Sec.
1002.107(a)(21), the financial institution may need to determine the
number of the applicant's principal owners and report that information
based on other documents or information.
The Bureau explained that aligning the proposed definition of
principal owner with the 25 percent ownership definition in the
customer due diligence rule would likely be familiar to most financial
institutions and applicants. The customer due diligence rule is broadly
in use and banks, credit unions, and certain other financial
institutions must comply with that rule. Further, the Bureau believed
that applicants, as a general matter, would be more likely to be
familiar with customer due diligence requirements than SBA or CDFI Fund
requirements because they have to complete customer due diligence forms
before opening an initial account (i.e., loan or deposit account) at a
bank or at certain other institutions. However, unlike the customer due
diligence rule, due to potential complications with collecting
ethnicity, race, and sex information for principal owners, the Bureau
proposed that individuals that only indirectly own 25 percent or more
of an applicant's equity interests, as well as entities and trusts,
would not be considered principal owners for purposes of the rule. The
Bureau sought comment on its proposed definition, including its
proposal to not include individuals that only indirectly own 25 percent
or more of an applicant's equity interests as principal owners.
Comments Received
The Bureau received comments on this aspect of the proposal from a
number of banks, trade associations, community groups, and a business
advocacy group. Some of the industry commenters and a community group
supported the Bureau's proposed definition for principal owner. A group
of trade associations agreed with the Bureau's proposal to align, in
part, the definition with the customer due diligence rule, stating that
financial institutions are already familiar with ownership concepts
through that rule. Trade association commenters also supported the
Bureau's proposal not to include entities and indirect ownership by
natural persons, with one stating that the concepts of ownership by
entities and indirect ownership would add unnecessary complexity to the
Bureau's final rule and another noting that its members found them
difficult concepts to explain and determine. The community group
supporting the Bureau's proposed definition for principal owner stated
that the proposed definition made intuitive sense, as 25 percent is a
significant amount of ownership.
Several other industry commenters did not support the Bureau's
proposed definition. Specifically, these commenters requested that the
Bureau look to and align with all the concepts of the customer due
diligence rule. The commenters stated that because financial
institutions and customers are familiar with the customer due diligence
rule and financial institutions already identify principal owners
thereunder, consistency between the two regulatory regimes would reduce
complexity and facilitate compliance. A business advocacy group stated
that aligning the rules completely would allow financial institutions
to leverage existing processes and training and focus on customer needs
rather than regulatory interpretation. Another commenter argued that a
new definition for principal owner under the rule would add unnecessary
complexity to the loan origination process. A lender specifically
suggested that financial institutions be required to identify and
verify the identity of each individual who owns 25 percent or more of
the entity, and one individual who controls the entity, as is required
under the customer due diligence rule. Another commenter similarly
argued for replicating this requirement for the rule, arguing that
financial institutions would not find it challenging to trace indirect
ownership because they already do so under the customer due diligence
rule, that the approach would be familiar to small business applicants
structured as legal entities, and that small businesses that are not
legal entities (e.g., sole proprietorships) likely would not have
complicated equity structures.
Two industry commenters that supported aligning principal owner
definition in the Bureau's rule more closely with the customer due
diligence rule than proposed by the Bureau also expressed concern that
differences in the definition between the regulatory regimes would lead
to customer confusion. One of these commenters argued that confusion
would likely result for applicants who will be asked to provide
information about principal owners under both rules at the same point
of the origination process. The other asserted that confusion as a
result of different definitions would increase the possibility that
customers would refuse to provide information.
A bank commented that the Bureau's proposal did not provide enough
guidance or procedures for how financial institutions should handle
reporting for small business applicants whose principal owner(s) are a
separate corporate entity or trust.
Another bank stated that financial institutions should not be
required to determine the ownership of small businesses, which it said
the proposed rule would require.
A trade association, which requested an exclusion for applications
from trusts from coverage under the final rule, raised a question about
who should be considered a principal owner of a trust for data
collection purposes, such as whether they should be the settlors,
beneficiaries, trustees, or some combination thereof.
Final Rule
For the reasons set forth herein, the Bureau is finalizing its
definition of principal owner in Sec. 1002.102(o) and associated
commentary with certain adjustments. The Bureau believes it is
appropriate to align, in part, its
[[Page 35203]]
definition of principal owner with the 25 percent ownership concept in
FinCEN's customer due diligence rule given financial institutions' and
applicants' likely familiarity with that rule's requirements.\329\ The
Bureau does not believe, however, that its definition must completely
match the ownership and control requirements in the customer due
diligence rule as urged by some commenters. While differences between
similar concepts in different regulatory regimes may lead to some
initial confusion, particularly as financial institutions (as well as
small business applicants) already familiar with the customer due
diligence rule implement this final rule's requirements, the Bureau
believes that adding the concepts of indirect ownership by natural
persons, as well as ownership by entities or trusts, to the definition
of principal owner would add unnecessary complexity to this final rule.
---------------------------------------------------------------------------
\329\ 86 FR 56356, 56395 (Oct. 8, 2021).
---------------------------------------------------------------------------
Generally, FinCEN's customer due diligence rule defines a
beneficial owner as not just any individual who directly owns 25
percent or more of a legal entity, but also includes individuals who
indirectly have that amount of ownership in the entity, such as through
multiple corporate structures.\330\ If a trust directly or indirectly
owns 25 percent or more of the entity, the trustee is considered to be
a beneficial owner.\331\ In addition to ownership, the customer due
diligence rule also looks to control. A beneficial owner also includes
the single individual with significant responsibility to control,
manage, or direct the entity.\332\
---------------------------------------------------------------------------
\330\ 31 CFR 1010.230(d)(1). See also Fin. Crimes Enf't Network,
U.S. Dep't of Treas., FinCEN Guidance FIN-2018-G001: Frequently
Asked Questions Regarding Customer Due Diligence Requirements for
Financial Institutions 3 (Apr. 3, 2018), https://www.fincen.gov/sites/default/files/2018-04/FinCEN_Guidance_CDD_FAQ_FINAL_508_2.pdf.
Certain legal entities are exempted from the rule. 31 CFR
1010.230(e)(2).
\331\ 31 CFR 1010.230(d)(3).
\332\ 31 CFR 1010.230(d)(2).
---------------------------------------------------------------------------
The Bureau does not believe that it would be appropriate for the
rule's definition of principal owner to incorporate indirect ownership
and control, as suggested by some commenters. This final rule requires
covered financial institutions to collect and report the ethnicity,
race, and sex of small business applicants' principal owners and
includes the definition of principal owner at Sec. 1002.102(o) for the
purpose of facilitating financial institutions' and applicants' ability
to provide such information. The Bureau believes that a simpler
definition for principal owner that aligns with the customer due
diligence rule's general 25 percent or more ownership concept, but
which only applies to individuals (not entities or trusts) with direct
ownership, will encourage applicants to provide their principal owners'
ethnicity, race, and sex and facilitate more accurate reporting. With
the simpler definition for principal owner, applicants do not need to
first make potentially difficult determinations about which individuals
indirectly own or control the small business before providing such
individuals' ethnicity, race, and sex information.
The Bureau does not believe differences between the customer due
diligence beneficial owner definition and the principal owner
definition in this rule will lead applicants to refuse to provide their
principal owners' ethnicity, race, and/or sex information, as suggested
by one commenter. In contrast, the Bureau believes that its principal
owner definition is less complicated and easier to understand and is
more likely to facilitate applicants' willingness to provide their
principal owners' information.
With respect to a commenter's assertion that the NPRM did not
provide enough guidance or procedures for how financial institutions
should handle reporting for small business applicants whose principal
owner(s) are a separate corporate entity or trust, under the final rule
(as generally in the proposal), only individuals are considered
principal owners. Thus, entities, such as trusts, partnerships, limited
liability companies, and corporations, are not principal owners. Final
comment 107(a)(19)-10 clarifies that if an applicant has fewer than
four principal owners (e.g., because only one individual owns 25
percent or more of the equity interests of the small business), the
financial institution reports ethnicity, race, and sex information for
the number of principal owners that the applicant has identified and
reports that the ethnicity, race, and sex fields for additional
principal owners are ``not applicable.'' (In the NPRM, this
clarification generally appeared in proposed appendix G, instruction
25.)
Relatedly, as discussed in the section-by-section analysis of Sec.
1002.106(a), a trust may also be a small business applicant (as opposed
to a trust that is an owner of small business applicant) under the
final rule. In this case, as was noted by a trade association
commenter, it is unclear who should be considered a principal owner for
the purpose of principal owners' ethnicity, race, and sex information.
The Bureau has added new comment 102(o)-2 clarifying that if a trust is
an applicant for a covered credit transaction, a trustee is considered
an owner of the trust, to align with commentary accompanying the
definitions for LGBTQI+-owned business, minority-owned business, and
women-owned business.
As to a commenter's concern that the rule would require financial
institutions to determine the ownership of a business, it is unclear as
to the specific aspect of the Bureau's proposal to which the commenter
was referring. Under the Bureau's proposal (as in the final rule), a
financial institution would collect and report the following
information related to the ownership of an applicant: the applicant's
status as a minority-owned and/or women-owned small business (as well
as LGBTQI+-owned business status), the number of principal owners, and
the ethnicity, race, and sex of those principal owners. A financial
institution can rely (and, in fact, for the protected demographic
information, must rely) upon an applicant's self-reported information.
This aspect of those data points has been substantially finalized as
proposed. Final comment 107(a)(18)-9, regarding the collection and
reporting of women-owned, minority-owned, and LGBTQI+-owned business
status information clarifies that a financial institution must only
report an applicant's responses, even if it verifies or otherwise
obtains such information. Final comment 107(a)(20)-2, regarding the
collection and reporting of the number of an applicant's principal
owners, also provides that a financial institution may rely upon an
applicant's statements or information to report such information. It
further provides that the financial institution is not required to
verify the number of an applicant's principal owners, but if it does
so, then it must report the verified information. Thus, a financial
institution is not required to make its own determinations about the
ownership of a business under the final rule.\333\
---------------------------------------------------------------------------
\333\ The Bureau notes, however, that as part of its proposal
requiring financial institutions to collect principal owners'
ethnicity and race via visual observation or surname in certain
circumstances, a financial institution would have needed to
determine if a representative of the applicant with whom it was
meeting in person was a principal owner. As discussed in the
section-by-section analysis of Sec. 1002.107(a)(19) below, the
Bureau is not finalizing this requirement. Thus, to the extent the
comment was referring to this aspect of the proposal, the
commenter's concern has been rendered moot.
---------------------------------------------------------------------------
In light of the foregoing, the text of final Sec. 1002.102(o) and
final comment 102(o)-1 generally remain unchanged from the proposal,
though upon further consideration the Bureau has changed the reference
to ``natural person'' in the
[[Page 35204]]
proposed definition and related comment to ``individual'' in the final
rule. In user testing conducted on versions of the Bureau's proposed
sample data collection form at appendix E, users expressed confusion
about the term ``natural person.'' \334\ The Bureau does not believe
that there is a meaningful difference between the terms ``individual''
and ``natural person'' and as a result has decided to use the term
``individual'' in the definition for comprehensibility.
---------------------------------------------------------------------------
\334\ CFPB, User testing for sample data collection form for the
small business lending final rule at app. B, at 12, 15 (Mar. 2023),
https://www.consumerfinance.gov/data-research/research-reports/user-testing-for-sample-data-collection-form-for-the-small-business-lending-final-rule/.
---------------------------------------------------------------------------
The Bureau is finalizing proposed comment 102(o)-2, renumbered as
final comment 102(o)-3, to explain the purpose of the definition of
principal owner; the Bureau has revised this comment to reflect other
changes in the rule.
102(p) Small Business
Final Sec. 1002.102(p) refers to Sec. 1002.106(b) for a
definition of the term ``small business.'' See the section-by-section
analysis of Sec. 1002.106(b) for a detailed discussion of that
definition.
102(q) Small Business Lending Application Register
Proposed Sec. 1002.102(q) would have defined the term ``small
business lending application register'' or ``register'' as the data
reported, or required to be reported, annually pursuant to proposed
Sec. 1002.109. This definition referred only to the data that is
reported, or required to be reported, annually; it did not refer to the
data required to be collected and maintained (prior to reporting).\335\
The Bureau sought comment on its proposed definition of ``small
business lending application register'' or ``register'' in proposed
Sec. 1002.102(q). The Bureau received no comments on this definition,
and therefore is finalizing Sec. 1002.102(q) as proposed.
---------------------------------------------------------------------------
\335\ In contrast, the term ``Loan/Application Register'' in
Regulation C Sec. 1003.2(k) refers to both the record of
information required to be collected pursuant to Sec. 1003.4 as
well as the record submitted annually or quarterly, as applicable,
pursuant to Sec. 1003.5(a).
---------------------------------------------------------------------------
102(r) State
Proposed Sec. 1002.102(r) would have referred to existing Sec.
1002.2(aa) for a definition of the term ``State.'' Existing Sec.
1002.2(aa) defines the term as any State, the District of Columbia, the
Commonwealth of Puerto Rico, or any territory or possession of the
United States. The Bureau requested comment on its proposed approach to
this definition, but did not receive any feedback. The Bureau is
finalizing Sec. 1002.102(r) as proposed. The Bureau believes that,
being consistent with existing Regulation B, this definition will be
familiar to financial institutions.
102(s) Women-Owned Business
Proposed Rule
ECOA section 704B(b)(1) requires financial institutions to inquire
whether applicants for credit are women-owned businesses. For purposes
of the financial institution's inquiry under 704B(b), 704B(h)(6)
defines a business as a women-owned business if (A) more than 50
percent of the ownership or control is held by one or more women, and
(B) more than 50 percent of the net profit or loss accrues to one or
more women. Section 1071 does not expressly define the related terms of
``ownership'' or ``control,'' nor does it describe what it means for
net profits or losses to accrue to an individual.
Proposed Sec. 1002.102(s) would have defined a women-owned
business as a business for which more than 50 percent of its ownership
or control is held by one or more women, and more than 50 percent of
its net profits or losses accrue to one or more women. Proposed comment
102(s)-1 would have explained that a business must satisfy both prongs
of the definition to be a women-owned business--that is, (A) more than
50 percent of the ownership or control is held by one or more women,
and (B) more than 50 percent of the net profits or losses accrue to one
or more women.
Proposed comment 102(s)-2 would have clarified that the definition
of women-owned business is used only when an applicant determines if it
is a women-owned business for purposes of proposed Sec.
1002.107(a)(19). A financial institution would have provided the
definition of women-owned business when asking the applicant to provide
women-owned business status pursuant to proposed Sec. 1002.107(a)(19),
but a financial institution would not have been permitted or required
to make its own determination regarding whether an applicant is a
women-owned business for this purpose.
Proposed comment 102(s)-3 would have further noted that a financial
institution would be permitted to assist an applicant when determining
whether it is a women-owned business but would not be required to do
so, and could provide the applicant with the definitions of ownership,
control, and accrual of net profits or losses set forth in proposed
comments 102(s)-4 through -6. Additionally, for purposes of reporting
an applicant's women-owned business status, a financial institution
would rely on the applicant's determinations of its ownership, control,
and accrual of net profits and losses.
The Bureau proposed to clarify ``ownership'' and ``control'' using
concepts from FinCEN's customer due diligence rule. Proposed comment
102(s)-4 would have clarified that a natural person owns a business if
that natural person directly or indirectly, through any contract,
arrangement, understanding, relationship or otherwise, has an equity
interest in the business. Proposed comment 102(s)-4 would have also
provided examples of ownership and clarified that, where applicable,
ownership would need to be traced or followed through corporate or
other indirect ownership structures for purposes of proposed Sec. Sec.
1002.102(s) and 1002.107(a)(19). Proposed comment 102(s)-5 would have
clarified that a natural person controls a business if that natural
person has significant responsibility to manage or direct the business
and would provide examples of natural persons who control a business.
Proposed comment 102(s)-6 would have clarified that a business's net
profits and losses accrue to a natural person if that natural person
receives the net profits, is legally entitled or required to receive
the net profits or losses, or is legally entitled or required to
recognize the net profits or losses for tax purposes.
The Bureau sought comment on the proposed definition of women-owned
business and possible alternatives that may clarify the term in order
to help ensure that small business applicants can determine whether
they are women-owned businesses for purposes of data collection
pursuant to section 1071.
Comments Received
The Bureau received comments regarding the definition of a women-
owned business from a number of banks, trade associations, and
community groups.
One community group requested that the Bureau add an ``I don't
know'' response to the list of possible responses, as there may be
applicants who cannot make a legal conclusion as to whether the small
business is women-owned.
Regarding the proposed requirement that to be considered a women-
owned business, one or more women must hold ``more than 50 percent'' of
the ownership or control, the Bureau received several comments from
community groups and a CDFI lender
[[Page 35205]]
supporting this requirement. A trade association stated that the Bureau
should revise the requirement to state that one or more women must hold
``50 percent or more'' of the ownership or control because the
statutory definition may result in underreporting for equal
partnerships with mixed gender partners.
Regarding the proposed requirement that to be considered a women-
owned business, more than 50 percent of the net profit or loss must
accrue to one or more women, one community group stated that the
statutory definition is appropriate to prevent illusory ``ownership''
by one or more women. Another commenter supported the definition.
Some commenters stated that the Bureau should not include the
statutory definition requirement that more than 50 percent of the net
profit or loss must accrue to one or more women. A number of commenters
stated that the initial prong of the definition requiring more than 50
percent of ownership or control by a woman is sufficient for
determining ownership and would reduce complexity for borrowers. A CDFI
lender stated that defining ownership on a profit and loss calculation
may not fully serve the objectives of the statute, and asked the Bureau
to consider the CDFI Fund definition of women-owned business.\336\
Several industry commenters asserted that the net profits or losses
prong complicates the definition, can result in inaccurate data
collection (for example, in spousal relationships where each partner
equally owns and controls a small business), implicates the limited
understanding of many small business owners regarding the meaning of
net profits and losses as well as the sensitive nature of these issues,
and that many small business owners will not understand the definition
as provided and will, as a result, decline to answer the question.
---------------------------------------------------------------------------
\336\ The community group cited to the September 2021 CDFI
Transactional Level Report Data Point Guidance, which provides
guidance on providing transactional level report data. Under ``Women
Owned or Controlled,'' the guidance states to ``[r]eport whether the
investee/borrower is more than 50% owned or controlled by one or
more women. If the business is a for-profit entity, report whether
more than 50% of the owners are women. If the business is a
nonprofit entity, report whether more than 50% of its Board of
Directors are women.'' CDFI Fund, CDFI Transactional Level Report
Data Point Guidance, at 33 (Sept. 2021), https://www.cdfifund.gov/sites/cdfi/files/2021-08/CDFITLRGuidance_Final_Sept2021.pdf.
---------------------------------------------------------------------------
A bank asked for clarification whether data (specifically
demographic data) collected in prior years could be reused, and what to
do if there are multiple collections. Specifically, the commenter gave
an example of an applicant that provides demographic information for
one application, and then chooses not to provide information for a
subsequent application, and asking which collection should be
reported.\337\ A trade association stated that it is possible in
certain States for a third party non-owner to act as trustee of a
trust, and that the Bureau should change a comment example to clarify
whether it is the Bureau's intent to presume that the trustee of a
trust is the owner. Another bank also asserted that requiring banks to
collect such information is costly to banks, customers, and
communities. A group of trade associations asserted that the commentary
should be revised to explicitly state that a financial institution must
provide an applicant with the applicable definition.
---------------------------------------------------------------------------
\337\ See the section-by-section analysis of Sec. 1002.107(d)
for a discussion on the use of previously collected data.
---------------------------------------------------------------------------
Final Rule
For the reasons set forth herein, the Bureau is finalizing Sec.
1002.102(s) with one addition and one minor adjustment for clarity,
along with several non-substantive technical revisions to update
citations to other provisions.
Final Sec. 1002.102(s) defines a women-owned business as a
business for which more than 50 percent of its ownership or control is
held by one or more women, and more than 50 percent of its net profits
or losses accrue to one or more women. Final comment 102(s)-1 explains
that a business must satisfy both prongs of the definition to be a
women-owned business and includes an additional sentence to clarify
that a business that is controlled by a woman or by women satisfies
this prong of the definition even if none of the individuals with
ownership in the business are women.
Final comment 102(s)-2 clarifies that the definition of women-owned
business is used only when an applicant determines if it is a women-
owned business for purposes of final Sec. 1002.107(a)(18), and is
finalized as proposed with the exception of one small adjustment for
clarity.
Final comment 102(s)-3 is finalized as proposed and notes that a
financial institution is permitted to assist an applicant when
determining whether it is a women-owned business but is not required to
do so, may provide the applicant with the definitions of ownership,
control, and accrual of net profits or losses set forth in final
comments 102(s)-4 through -6, and that, for purposes of reporting an
applicant's women-owned business status, a financial institution relies
on the applicant's determinations of its ownership, control, and
accrual of net profits and losses.
Final comment 102(s)-4 is finalized with an updated cross-reference
and minor edits for consistency and clarity. It provides examples of
ownership and clarifies that, where applicable, ownership needs to be
traced or followed through corporate or other indirect ownership
structures. With regard to a commenter's assertion that, in certain
states, a trustee could act as a third party non-owner trustee of a
trust, the Bureau believes that in such circumstances, the trustee
would be considered an owner for purposes of this definition. Final
comment 102(s)-4 also clarifies (as it did in the Bureau's proposal)
that a trustee is considered the owner of a trust.
Final comment 102(s)-5 clarifies that an individual controls a
business if that individual has significant responsibility to manage or
direct the business, while final comment 102(s)-6 clarifies that a
business's net profits and losses accrue to an individual if that
individual receives the net profits or losses, is legally entitled or
required to receive the net profits or losses, or is legally entitled
or required to recognize the net profits or losses for tax purposes.
Both comments are finalized with minor edits for consistency and
clarity.
The Bureau does not believe that it would be appropriate to deviate
from the statutory definition of women-owned business, as suggested by
some commenters, and notes that the Bureau's authority to deviate from
the statutory language is limited. The Bureau also believes that many
small business applicants already respond to questions about who owns
and who controls a business entity when completing customer due
diligence forms or otherwise responding to questions related to that
rule and thus will be familiar with the concepts therein. Although the
customer due diligence rule does not address the second prong of the
definition regarding accrual of net profits or losses, final comment
102(s)-6 provides a comprehensive explanation of this prong of the
definition.
With regard to comments urging the Bureau to remove the prong
requiring that more than 50 percent of its net profits or losses accrue
to one or more women in order to be considered a women-owned business,
the Bureau finds that this prong is necessary to prevent illusory
``ownership'' claims by ``straw'' owners.
Finally, in accordance with ECOA section 704B(g)(3), the Bureau may
[[Page 35206]]
release material, as part of its regulatory implementation strategy, to
assist both financial institutions in complying with the requirements
of Sec. 1002.102(s) and small businesses in understanding this
definition.
Proposed Definition of Dwelling
Proposed Sec. 1002.102(j) would have referred to Regulation C
Sec. 1003.2(f) for a definition of the term ``dwelling.'' That
provision defines dwelling to mean a residential structure, whether or
not attached to real property. The term includes but is not limited to
a detached home, an individual condominium or cooperative unit, a
manufactured home or other factory-built home, or a multifamily
residential structure or community. Proposed comment 102(j)-1 would
have provided that Bureau interpretations that appear in supplement I
to part 1003 containing official commentary in connection with Sec.
1003.2(f) are generally applicable to the definition of a dwelling in
proposed Sec. 1002.102(j). Proposed comment 102(j)-2 would have
clarified that the definition of dwelling under existing Sec.
1002.14(b)(2) applies to relevant provisions under existing Regulation
B, and proposed Sec. 1002.102(j) is not intended to repeal, abrogate,
annul, impair, or interfere with any existing interpretations, orders,
agreements, ordinances, rules, or regulations adopted or issued
pursuant to existing Sec. 1002.14(b)(2). The Bureau did not receive
any comments on this aspect of the proposal.
The Bureau is not finalizing its proposed definition of
``dwelling.'' The need for the Bureau to adopt its own definition of
``dwelling'' in this rulemaking is obviated by the Bureau's decision in
this final rule to not require reporting of transactions that would
constitute ``covered loans'' under Regulation C. That decision is
discussed in detail in the section-by-section analysis of Sec.
1002.104 below. The Bureau understands that there may be limited
instances where a dwelling is used as collateral for a covered credit
transaction that does not fall under the definition of a Regulation C
covered loan because it does not involve the purchase, improvement, or
refinance of a dwelling--for example, where a small business seeks to
use their primary dwelling as collateral to obtain working capital such
as inventory. In this example, the transaction would only be reported
under the final rule, not under Regulation C, with a credit purpose of
working capital (includes inventory or floor planning) per final
comment 107(a)(6)-1. Taking into account these limited circumstances,
the Bureau believes that adopting the Regulation C definition of
dwelling is no longer necessary to minimize the compliance risks that
would have arisen from having to report a transaction under both
Regulation C and this final rule.
Section 1002.103 Covered Applications
ECOA section 704B(b) requires that financial institutions collect,
maintain, and report to the Bureau certain information regarding ``any
application to a financial institution for credit.'' For covered
financial institutions, the definition of ``application'' will trigger
data collection and reporting obligations with respect to covered
credit transactions. However, section 1071 does not expressly define
``application.''
The Bureau is finalizing Sec. 1002.103 and associated commentary
with minor revisions for clarity and consistency, to define what is,
and is not, a covered application for purposes of subpart B pursuant to
its authority in ECOA section 704B(g)(1) to prescribe such rules and
issue such guidance as may be necessary to carry out, enforce, and
compile data pursuant to section 1071. Final Sec. 1002.103(a) provides
a general definition of the term ``covered application,'' followed by a
list of the circumstances that are not covered applications in final
Sec. 1002.103(b). For the reasons discussed below, the Bureau believes
that its determinations as to what does and does not constitute a
covered application for purposes of this rulemaking constitute
reasonable interpretations of an ``application'' as used in section
1071.
103(a) Covered Application
Proposed Rule
The Bureau proposed to define a covered application in Sec.
1002.103(a) as an oral or written request for a covered credit
transaction that is made in accordance with procedures used by a
financial institution for the type of credit requested. As noted above,
the term ``application'' is undefined in section 1071. The Bureau
believed its proposed definition of the term was reasonable,
particularly as it would align with the similar definition of
``application'' in existing Sec. 1002.2(f). The Bureau also proposed
commentary to accompany this definition.
In considering the proposed definition of a ``covered
application,'' the Bureau believed that incomplete and withdrawn
applications--which would have generally been captured under proposed
Sec. 1002.103(a)--would be essential to the purposes of section 1071
as a tool to identify potential discrimination and to better understand
the credit market. The definition of ``covered application'' in
proposed Sec. 1002.103(a), which was similar to the definition of
``application'' in existing Sec. 1002.2(f), would have also been
familiar to creditors and would have provided flexibility to
accommodate different application processes.
The Bureau recognized that the proposed definition of ``covered
application'' in Sec. 1002.103(a), while flexible, would have meant
that data collection and reporting may be triggered at different times
for different financial institutions and different types of covered
credit transactions. While the proposed definition of ``covered
application'' would not have provided a bright-line rule, the Bureau
believed the proposed definition would have been familiar to financial
institutions and would have provided consistency with similar
definitions found in existing Regulation B and Regulation C.
As discussed in the NPRM, the Bureau also considered proposing
several other options for defining a ``covered application.'' First,
the Bureau considered triggering collection and reporting based on a
``completed application,'' which is defined in existing Sec. 1002.2(f)
as an application in which the creditor has received ``all the
information that the creditor regularly obtains and considers'' in
evaluating similar products. As noted in the NPRM, the Bureau did not
propose to use the definition of ``completed application'' in existing
Sec. 1002.2(f) for its definition of covered application in subpart B,
as doing so would have excluded incomplete applications and many
withdrawn applications that may reflect demand for credit or potential
discrimination during the application process. The Bureau also
considered proposing to define ``covered application'' as a set of
specific data points that, if collected, would trigger a duty to
collect and report small business lending data. As noted in the NPRM,
the Bureau did not propose this approach for several reasons, including
that it would have introduced a new regulatory definition of
``application,'' would have led to operational changes and complexities
for financial institutions, and could have led to increased evasion.
Proposed comments 103(a)-1 through -3 would have provided
additional guidance on identifying what is a ``covered application.''
Proposed comments 103(a)-4 through -6 would have addressed how a
financial institution reports multiple covered credit transaction
requests at one time or a request for a credit transaction that results
in the origination of multiple
[[Page 35207]]
covered credit transactions. Proposed comment 103(a)-7 would have
addressed how a financial institution would report applications where
there is a change in whether the applicant is requesting a covered
credit transaction.
The Bureau sought comment on its proposed definition of a covered
application in Sec. 1002.103(a) and associated commentary. The Bureau
also sought comment on the advantages and disadvantages of collecting
data on incomplete or withdrawn applications, as well as how collection
would or would not further the purposes of section 1071. In addition,
the Bureau sought comment on reporting of multiple lines of credit on a
single credit account, including how financial institutions internally
consider multiple lines of a credit on a single account and the
Bureau's approach in proposed comment 103(a)-6.
Comments Received
The Bureau received comments on its proposed approach to defining a
covered application from a wide range of lenders, trade associations,
community groups, and a business advocacy group. The overwhelming
majority of commenters to address the issue, including most industry
commenters and some community groups, generally supported the Bureau's
proposal to define a ``covered application'' largely consistent with
the existing Regulation B definition. Several of these commenters
stated that lenders are familiar with the existing Regulation B
definition and so implementing it within this rule would minimize the
need for additional training or new procedures. Commenters also stated
that the proposed definition is a flexible one that can accommodate the
variety of small business lenders, products, and processes that exist
in the marketplace, and thus avoids a one-size-fits-all approach that
would be unworkable in small business lending. Several lenders and
trade associations urged the Bureau to finalize proposed comment
103(a)-1, which would have provided that a financial institution has
latitude to establish its own application process or procedures,
including designating the type and amount of information it will
require from applicants. Some of these commenters also stated that the
proposed comment is consistent with longstanding interpretation of
existing Regulation B and that the flexibility is critical given the
unique nature of commercial credit applications. A community bank
stated that defining an application based on a set of specific data
points would be inappropriate for commercial lending, which is less
standardized than consumer mortgage lending. The bank further noted
that defining an application based on a standardized set of data points
would be unnecessary so long as each data point has a ``not
applicable'' or ``not received'' choice for incomplete applications,
which the commenter emphasized would be important to capture.
Some community groups and community-oriented lenders expressed
support for the Bureau's proposed definition because it would capture
applicants that do not make it to a completed application, and
therefore potentially help identify barriers to credit early in the
application process. These commenters argued that the proposed
definition would further the purposes of section 1071, including by
identifying potential bias, discouragement, or other discrimination.
Similarly, some community-oriented lenders stated that the proposed
definition would strike the right balance of triggering data collection
and reporting requirements only after there is an actual request for
credit, but still early enough in the process to capture most
incomplete, withdrawn, and denied applications.
One community group expressed concern about the lack of
standardization under the proposed definition, but ultimately concluded
that the proposed definition makes sense and any concerns could be
allayed through monitoring. The commenter expressed understanding for
the desire to follow current lender procedures for defining an
application based on existing Regulation B, though noted that how a
lender defines an application should have enough standardization to
generate consistent data and be early enough in the process to capture
incomplete and withdrawn applications, which are necessary to identify
discouragement. The commenter also expressed support for the idea that
peer comparisons may be a reasonable way to check a financial
institution's method of defining an application; for example, by
analyzing whether a financial institution has abnormally high rates of
approval or low rates of incomplete applications.
A number of industry commenters, including community banks, credit
unions, and trade associations, described the small business
application process as informal and consultive. These commenters
explained that the application process often does not involve a written
application or a ``formal'' application, can be months-long, and often
involves extensive back-and-forth communications between the lender and
the small business, including in-person meetings, phone calls, texts,
and emails. One commenter noted that many loans are funded without any
``application,'' but rather based on the business's existing
relationship with the institution and financial information on file.
Some commenters described how the application process can start
informally from a conversation, a general inquiry, or as an offshoot to
deposit activity. Commenters explained that a business will bring in
financial statements, tax returns, business plans, and other documents,
which will be reviewed by the financial institution in order to analyze
and generate the most appropriate package to fit the credit needs of
the business. Several banks stated that business customers will often
``shop around'' with multiple financial institutions to get the best
terms. Several commenters stated that small business lending often
involves a lot of ``hand holding'' and lender involvement to reach a
point where a formal application or a particular product and terms can
be considered. Industry commenters also stated that commercial business
customers are unique and each requires an individualized approach based
on the characteristics of the business and the products of interest.
Several commenters also noted that the small business lending process
differs from mortgage lending, which is highly regimented and uniform.
A number of community banks and other industry commenters expressed
concern that the Bureau's rule implementing section 1071 would
standardize and formalize the small business application process
(which, they asserted, would be to its detriment); they predicted that
business customers would be unhappy with the more rigid lending
structure, and may avoid seeking credit altogether. These commenters
expressed concern that small business lending would become impersonal
and ``form centric,'' and that it would change the fundamental
relationship between lender and borrower, including the personalized
attention and advice currently provided by lenders. Many of these
commenters stated the view that the rule's data collection and
reporting requirements would cause them to lose flexibility and adopt
``check-the-box'' criteria that is at odds with how community banks
conduct business. Several commenters were concerned that at the start
of an inquiry, a lender would need to implement a written application
or other formalized method to collect the required data and that by
doing so, conversations will turn into implied commitments. Commenters
also stated
[[Page 35208]]
the belief that lenders would implement a more rigid application
process in order to avoid triggering data collection and reporting
requirements under the Bureau's rule. Several other commenters argued
that data collection and reporting obligations would require lenders to
rebuild their loan application process and incur additional training
and other costs, would reduce the availability of credit, and would
give large banks an unfair advantage because such entities will have an
easier time implementing the requirements of the Bureau's rule for
online applications.
Most of these commenters' concerns were directed at small business
lending data collection and reporting generally, and not specifically
at the proposed definition of a covered application. However, a few
commenters urged the Bureau to finalize a more concrete definition of
covered application due to the concern that a subjective definition
would be difficult for financial institutions' employees to implement.
One commenter was also concerned about how its practices would be
reviewed by the subjective judgment of examiners. Another commenter
cautioned against reporting of oral applications, noting that it could
lead to inaccurate data if an answer is misheard or mistyped.
Some industry commenters, including trade associations for
community banks, credit unions, and online lenders, requested the
Bureau define a covered application consistent with existing Regulation
B's ``completed application'' definition in existing Sec. 1002.2(f),
which would require reporting only when the lender has received all the
information that the creditor regularly obtains and considers in
evaluating applications for the amount and type of credit requested
(i.e., enough information to make a credit decision). These commenters
argued that triggering data collection and reporting off an ``oral or
written request'' would be unrealistic, unworkable, and too open-ended.
One commenter stated that a mere request is not something a lender can
act or report on because there is insufficient information at that
point to make the required reporting. Another commenter said that
lenders need clear guidance on what events trigger data collection and
the completed application definition would provide the most uniformity
across products and financial institutions. Another commenter stated
that using the completed application definition would avoid collecting
data on incomplete applications, which often come from ``unengaged''
applicants. This commenter also noted that collecting 1071 data could
lead to applicant confusion as to why personal information is being
collected, which could lead to more incomplete applications. The
commenter further argued that completed applications are the most
essential data to capture in small business lending, that there is no
indication Congress intended section 1071 to mirror HMDA or existing
Regulation B, and that discouragement can be investigated using other
1071 data and existing examination authorities. Similarly, two industry
commenters opposed requiring reporting on incomplete or withdrawn
applications, arguing that reporting such transactions would not serve
the purposes of section 1071, would create additional operational and
regulatory burden, and that the focus of the Bureau's rule should be on
declined and originated applications. Another urged the Bureau to avoid
triggering collection based on when a credit check is pulled, noting
that financial institutions may often conduct a soft pull credit check
outside the application process.
In contrast, some community group commenters argued that the
proposed definition of covered application would be too narrow, and
requested that a covered application include all communications where a
business inquires about credit and seeks a credit decision. In support,
the commenters pointed to research identifying discrimination in the
pre-application stage. As noted above, other community group commenters
supported the Bureau's proposed definition of a covered application,
stressing the need to capture applications that do not make it to a
completed application.
The Bureau received several comments on certain aspects of its
proposed commentary to Sec. 1002.103(a). A community bank and a
community group supported proposed comment 103(a)-4, which would have
provided that if an applicant makes a request for two or more covered
credit transactions at one time, the financial institution reports each
request for a covered credit transaction as a separate covered
application. The bank stated that while the proposed approach would
result in more work for the financial institution, it would lead to
more accurate reporting (since each request would generate different
reported data) and the approach would be similar to how data are
reported under Regulation C. The community group commenter stated that
it would be a reasonable approach and would accurately reflect the
varied credit needs of applicants. A group of community group
commenters supported the Bureau's proposed approach to require
reporting of separate applications where an applicant seeks two or more
products at one time, but requested that where the applicant only seeks
one product, but is not sure about the type of product, it should only
be reported as a single covered application. These commenters also
noted a concern that the language in proposed comment 107(a)(5)-2
requiring lenders to maintain reasonable procedures designed to collect
data, including regarding the credit product requested, would require
the lender to identify each product that would be acceptable to the
applicant, and if multiple, report them as separate covered
applications.
In response to the Bureau's request for comments as to how a
financial institution should report applications where there is a
change in whether the request for credit involves a covered credit
transaction, which was addressed in proposed comment 103(a)-7, the
Bureau received feedback from trade associations and a business
advocacy group. These commenters opposed reporting on a transaction in
which the product ultimately pursued is not a covered credit
transaction. They argued that financial institutions should not be
required to report on non-covered credit transactions, collecting
partial data on a product that is not a covered transaction would
affect data quality and be of low value, and doing so would not advance
the purposes of section 1071. Two of the commenters sought
clarification or a safe harbor providing that if a financial
institution collects data on an application that the financial
institution anticipates will be covered by the Bureau's rule
implementing section 1071 at the time of collection, but ultimately is
not covered, the initial collection does not violate existing
Regulation B. Otherwise, the Bureau did not receive any additional
comments directly discussing proposed comment 103(a)-7 and limited
reporting of non-covered credit products, despite seeking comment on
the advantages and disadvantages of requiring full or limited reporting
where an applicant initially seeks a product that is a covered credit
transaction, but ultimately is offered and accepts a product that is
not reportable.
Although the Bureau did not seek comment on the issue, a couple
commenters asked how to report on an application made jointly by
multiple business co-applicants. An agricultural lender requested that,
if an application is submitted by more than one business, the financial
institution be permitted to treat all co-applicants as one applicant
when determining whether a borrower is a ``small business.'' The
commenter
[[Page 35209]]
also asked the Bureau to clarify how to identify whether the
application is from a minority-owned or women-owned business where one,
but not all, co-applicants are minority- and women-owned businesses.
Another commenter requested that the Bureau clarify that loans jointly
made to multiple businesses, where one or more of the co-applicants may
qualify as a small business under the rule, but are not the primary
business seeking the funding, are not subject to data collection and
reporting requirements.
Several commenters asked the Bureau to clarify certain scenarios
related to a covered application, including clarifying that certain
scenarios are not covered applications. Several industry commenters
were concerned that language in the NPRM's preamble--noting that ECOA
section 704B(b)(1) provides that an ``application'' triggering data
collection and reporting obligations occurs without regard to whether
such application is received in person, by mail, by telephone, by
electronic mail or other form of electronic transmission, or by any
other means--may be interpreted to require a financial institution to
accept an application through all of these channels. One commenter
asked for clarification whether a covered application includes an
incomplete application where the information provided is insufficient
to render a credit decision by the lender. A trade association
representing online lenders asked the Bureau to expressly exclude from
the definition of a covered application the circumstance where a
business populates certain information on a web page, but does not
follow through with submitting the form to the financial institution.
The commenter argued that it would be very burdensome for the financial
institution to capture such circumstances as reportable transactions
and that attempting to do so would result in misleading, erroneous, and
unhelpful data. A couple commenters requested certain additional
exclusions from the definition of covered application, including for
HMDA reporters, co-branded and private label credit cards, and
purchased loans.
Final Rule
For the reasons set forth herein, the Bureau is finalizing Sec.
1002.103(a) as proposed to define a ``covered application'' as an oral
or written request for a covered credit transaction that is made in
accordance with procedures used by a financial institution for the type
of credit requested. As described above, the overwhelming majority of
commenters, including industry and community group commenters,
supported this definition. As noted by some commenters, the definition
will be familiar to creditors, provides flexibility to accommodate
different application procedures and lending models (including written
and oral applications), and will capture incomplete and withdrawn
applications, which are essential data for identifying potential
barriers to credit, including potential discrimination. Final Sec.
1002.103(a) will also align with the similar definition of
``application'' in existing Sec. 1002.2(f), which is reasonable given
the term ``application'' is otherwise undefined in ECOA and section
1071. Finally, the Bureau believes this approach strikes an appropriate
balance by triggering data collection and reporting requirements only
after there is a request for credit (using procedures defined by the
financial institution), but still early enough in the process to
capture most incomplete, withdrawn, and denied applications, which are
essential data to the purposes of section 1071.
A number of industry commenters, particularly smaller institutions
that engage in relationship lending, described the application process
as informal, high-touch, and involving extensive back-and-forth. The
Bureau believes the final definition of covered application can work
well within the heterogeneous and sometimes iterative context of small
business lending. Indeed, final Sec. 1002.103(a) defines covered
application in a manner that provides financial institutions
flexibility to define an application based on its own unique business
model. Thus, while a financial institution must have some type of
trigger or tipping point within its process when an applicant has made
a request for credit in accordance with its procedures, therefore
triggering a ``covered application,'' financial institutions have
leeway on how precisely to define that tipping point, provided it
occurs in the early stages of the process before a financial
institution has begun meaningfully evaluating or underwriting the
request.\338\ Moreover, as noted above, creditors complying with
existing Regulation B should be familiar with this definition, and have
already incorporated it in some manner into their processes.\339\ In
response to industry commenters' concern that data collection and
reporting under this final rule will standardize and formalize small
business lending, the Bureau notes that most of this feedback was not
directed at the proposed definition of a ``covered application,'' but
rather at the overall data collection and reporting regime. Indeed,
some of the commenters raising these concerns also expressly supported
the proposed definition of a covered application. Moreover, in response
to commenters' general concerns that data collection and reporting
under this rule will standardize and formalize small business lending,
the Bureau does not believe that collection of certain data points will
necessitate that lenders to fundamentally alter how they conduct
business. Moreover, section 1071 is a congressional mandate; the Bureau
has sought to implement it in a manner that furthers the purposes of
the statute while reducing unnecessary burden.
---------------------------------------------------------------------------
\338\ The Bureau recognizes that the flexibility provided in
final Sec. 1002.103(a), which defines a covered application, may
result in data collection and reporting obligations being triggered
at different times for different financial institutions and
different types of covered credit transactions. For example, for a
financial institution that defines an application under its
procedures as the submission of a standard form either online or in-
person, a ``covered application'' will be triggered when an
applicant submits the form. In contrast, another financial
institution may not use a standard form and instead define an
application as a request for credit only when the applicant
authorizes the creditor to pull a credit check on the business and
principal owners to allow the creditor to determine whether the
business, in particular, qualifies for a particular product. In that
circumstance, a ``covered application'' will not be triggered until
that process was satisfied. Using the same example, if the financial
institution orally collects certain information from a prospective
applicant (such as gross annual revenue and business location) and
discusses with the prospective applicant potential credit product
options offered by the financial institution, no ``covered
application'' will be triggered until the prospective applicant
indicates that it wants to proceed to apply for credit and
authorizes the financial institution to pull a credit check.
Similarly, if a prospective applicant merely expresses interest in
knowing the types of products that the creditor offers--not yet
focusing on any particular type of covered credit transaction and
not yet interested in submitting a ``covered application''--the
interaction also will not be reportable under this example.
\339\ The Bureau believes that business creditors should be
familiar with operationalizing this definition based on their
experience providing adverse action notices under existing
Regulation B, which can be triggered in relation to an incomplete
application. See Sec. 1002.9(a)(1) and (c) (requiring notice within
30 days after taking adverse action on an incomplete application or
30 days after receiving an incomplete application). The Bureau
believes that financial institutions may also be familiar with
Regulation C's definition of ``application,'' which generally aligns
with existing Sec. 1002.2(f)'s definition of the term. See Sec.
1003.2(b) (generally defining an ``application'' as ``an oral or
written request for a covered loan that is made in accordance with
procedures used by a financial institution for the type of credit
requested''); see also Regulation C comment 2(b)-1 (noting that
Bureau interpretations that appear in the official commentary to
Regulation B are generally applicable to the definition of
application under Regulation C).
---------------------------------------------------------------------------
[[Page 35210]]
Several commenters had specific suggestions or concerns regarding
the definition of a covered application. Regarding several commenters'
concern that the definition is too subjective, the Bureau notes that a
bright-line definition would likely impose a more rigid process on
financial institutions that would be difficult to implement given the
heterogenous nature of small business lending. Moreover, as noted
above, the definition used in final Sec. 1002.103(a) should be
familiar to financial institutions and will provide consistency with
existing Regulation B and Regulation C. The Bureau is also not adopting
existing Regulation B's definition of a ``completed application,'' as
urged by some commenters. Although the Bureau agrees that a ``completed
application'' definition would provide greater uniformity, the
definition would exclude incomplete applications and most withdrawn
applications. The Bureau believes including such applications is
essential to the purposes of section 1071, as it may reflect demand for
credit and potential discrimination early in the application process.
As to the commenters who took issue with the proposed covered
application definition precisely because it includes incomplete and
withdrawn applications, the Bureau believes collecting data on such
applications is likewise essential for the purposes of section 1071 and
may reveal important trends or information on why small businesses
initially seek credit, but ultimately do not complete the application
process.
On the other hand, the Bureau does not believe it would be
appropriate to expand the definition of ``covered application'' to
include all communications where a business inquires about credit and
seeks a decision. Although discrimination may occur in the pre-
application phase, the Bureau believes that it could be very difficult
as an operational matter for financial institutions to collect 1071
data whenever a business expresses any interest in credit, no matter
how preliminary or informal the request, and that could require
reporting of transactions with missing, unavailable, or erroneous data.
As discussed below in the section-by-section analysis of Sec.
1002.103(b), the Bureau is excluding inquiries and prequalification
requests from the definition of a covered application; many of the
reasons for those exclusions are relevant here as well and thus the
Bureau is not broadening the general definition of a covered
application. In response to a commenter's concern about reporting of
oral applications, the Bureau notes that it is the responsibility of
the financial institution to ensure that it accurately collects and
reports required data pursuant to final Sec. 1002.107, no matter the
method of application. Commenter requests for certain additional
exclusions from the definition of covered application, including for
HMDA reporters, co-branded and private label credit cards, and
purchased loans, are addressed in more detail in the section-by-section
analysis of Sec. 1002.104 below.
Several commenters asked the Bureau to clarify certain scenarios
related to a covered application. First, in response to several
industry commenters' concerns that the language in the NPRM's preamble
discussing ECOA section 704B(b)(1) could be interpreted to require a
financial institution to accept an application through all of these
channels, the Bureau notes that this was not the intent and that it
does not interpret ECOA section 704B(b)(1) in that manner. Rather, the
Bureau interprets the statutory language to mean that data collection
and reporting requirements apply regardless of a financial
institution's method of accepting applications. Thus, whatever the
means used by a financial institution to accept applications (e.g., in
person, by telephone, by electronic transmission, etc.), once a covered
application is triggered, the financial institution has a duty to
collect and report on the application.
Next, a commenter asked whether a covered application includes an
incomplete application where the information provided is insufficient
to render a credit decision by the lender. Assuming the business has
requested a covered credit transaction in accordance with procedures
used by a financial institution for the type of credit requested, the
financial institution would be required to collect and report data,
even if there is insufficient information to render a credit
decision.\340\ Indeed, as noted above, the Bureau believes capturing
incomplete or withdrawn applications is essential to the purposes of
section 1071.
---------------------------------------------------------------------------
\340\ Generally, a ``covered application'' may align with the
information necessary to make a credit decision or it may be
possible to have a ``covered application'' before having information
necessary to make a credit decision--it depends on each financial
institution's own procedures. For example, suppose a financial
institution defines an application under its procedures as the point
when an applicant, or someone on the applicant's behalf, requests
credit by filling out certain key pieces of information on an
application form. If nothing else is required to qualify for credit
and the financial institution's process is to immediately transmit
the application to underwriting for a decision once the form is
submitted, under the proposed definition of ``covered application,''
data collection and reporting obligations would likely be triggered
at the same time there is sufficient information to make a credit
decision. On the other hand, if the financial institution requires
additional verification of information and the institution commonly
makes follow-up requests after the applicant has requested credit
and before submitting the loan file to underwriting, the financial
institution would likely have a ``covered application'' before it
has sufficient information to make a credit decision.
---------------------------------------------------------------------------
In response to a trade association's request to expressly exclude
from the definition of a covered application the circumstance where a
business populates certain information on a web page, but does not
follow through with submitting the form to the financial institution,
the Bureau notes that reporting of such circumstances depends on the
procedures used by a financial institution for the type of credit
requested. For example, if a financial institution's procedures require
an applicant to submit a paper or digital form to the financial
institution in order to be considered for the credit product requested,
then there is no covered application that is reportable until the
business submits the form to the financial institution. If, on the
other hand, the financial institution regularly begins evaluating
information about the applicant even if the form is not ``officially''
submitted to the financial institution, then there is likely a
reportable covered application, even if the applicant has not
``submitted'' the form. In other words, if a financial institution
offering online applications does not track or begin to evaluate
applications until the business presses a ``submit'' button, the
financial institution would not be required to begin tracking partial
information inputted online for purposes of this final rule.
One commenter was concerned that the proposed definition lacked
standardization, and emphasized the need for monitoring to ensure that
financial institutions define an application under their own procedures
in a manner that generates consistent data and is early enough in the
process to capture incomplete and withdrawn applications. The Bureau
agrees that review of data, including peer analysis, is important and
may indicate whether a financial institution collects data in a manner
that appropriately captures incomplete and withdrawn applications. For
example, instances of unusually high approval rates or unusually low
rates of incomplete and withdrawn applications can preliminarily
indicate financial institutions that may be seeking to define an
``application'' in its written
[[Page 35211]]
policies as occurring later in the process than actually occurs in
practice; if a financial institution has a very high approval rate
because all ``applications'' have been vetted earlier in the process,
the financial institution's stated definition of an application likely
does not reflect its actual practices. Similarly, where a financial
institution has very few incomplete or withdrawn applications this
may--depending on the financial institution's product offering and
business model--be a sign that the financial institution is collecting
data or defining an application as occurring after an applicant has
requested credit. While a financial institution has flexibility to
identify its own procedures for what constitutes a request for credit,
thereby triggering data collection and reporting obligations under this
final rule, the Bureau anticipates that in most cases a covered
application will typically occur before the financial institution
underwrites or evaluates the request for credit.
The Bureau is finalizing comment 103(a)-1 with minor revisions for
clarity. Final comment 103(a)-1 underscores that a financial
institution has latitude to establish its own application procedure and
to decide the type and amount of information it will require from
applicants. The Bureau removed the word ``process'' (from the phrase
``process and procedures'') in proposed comment 103(a)-1 to align with
the term ``procedures'' in final Sec. 1002.103(a) and in final comment
103(a)-2; the rewording is not intended to indicate a substantive
change. The Bureau is also finalizing as proposed comments 103(a)-2 and
-3. Final comment 103(a)-2 explains that the term ``procedures'' refers
to the actual practices followed by a financial institution as well as
its stated application procedures, and provides an example. Final
comment 103(a)-3 provides that the commentary accompanying existing
Sec. Sec. 1002.2(f) and 1002.9 is generally applicable to the
definition of ``covered application,'' except as provided otherwise in
final Sec. 1002.103(b).
In response to certain commenter questions about the scope of a
covered application, the Bureau is adding new comment 103(a)-4 to
clarify that the term covered application does not include
solicitations, firm offers of credit, and other evaluations or offers
initiated by the financial institution because in these situations, the
business has not made a request for credit, and provides illustrative
examples. New comment 103(a)-4, including a summary of comments
received relating to the change, is discussed in the section-by-section
analysis of Sec. 1002.103(b).
The Bureau is finalizing comment 103(a)-5 (proposed as comment
103(a)-4) to provide that if an applicant makes a request for two or
more covered credit transactions at one time, the financial institution
reports each request as a separate covered application. The Bureau
believes this approach furthers the purposes of section 1071 by better
capturing demand for credit, including demand for different covered
credit transactions at the same time. The Bureau also believes this
method of reporting will lead to higher data accuracy, as argued by one
commenter, due to the simplicity of the approach. Finally, the Bureau
believes that concerns about duplicative information requests will be
mitigated by permitting financial institutions to reuse certain
previously collected data, as set forth in final Sec. 1002.107(d). In
response to a commenter request, the Bureau is revising final comment
103(a)-5 to clarify that if an applicant is only requesting a single
covered credit transaction, but has not decided on which particular
product, the financial institution reports the request as a single
covered application. This clarification resolves a commenter's concern
that a financial institution will need to report multiple covered
applications if more than one credit product is acceptable to the
applicant. Final comment 103(a)-5 also provides illustrative examples.
The Bureau is finalizing comments 103(a)-6 and -7 (proposed as
comments 103(a)-5 and -6) with minor adjustments for clarity and
consistency. Final comment 103(a)-6 addresses the circumstance where an
initial request for a single covered credit transaction would result in
the origination of multiple covered credit transactions. Similarly,
final comment 103(a)-7 addresses requests for multiple lines of credit
at one time, providing that such requests are reported based on the
procedures used by the financial institution for the type of credit
account.
The Bureau is adopting new comment 103(a)-8 to address reporting of
duplicate covered applications. Under new comment 103(a)-8, a financial
institution may treat two or more duplicate covered applications as a
single covered application for purposes of subpart B, so long as for
purposes of determining whether to extend credit, the financial
institution would also treat one or more of the applications as a
duplicate under its procedures. The Bureau is adding this comment to
respond to commenters' general concerns about duplicative reporting and
because the Bureau does not believe reporting of true duplicates would
further the purposes of section 1071. As set forth in new comment
103(a)-8, however, the provision only applies if the applications are
duplicates that a financial institution would otherwise treat as such
under its own procedures.
The Bureau is finalizing comment 103(a)-9 (proposed as comment
103(a)-7) with revisions for clarity. Final comment 103(a)-9 addresses
how a financial institution reports applications where there is a
change in whether the applicant is requesting a covered credit
transaction. Final comment 103(a)-9 provides that if an applicant
initially requests a product that is not a covered credit transaction,
but prior to final action taken decides to seek instead a product that
is a covered credit transaction, the application is a covered
application and must be reported pursuant to final Sec. 1002.109.
However, if an applicant initially requests a product that is a covered
credit transaction, but prior to final action taken decides instead to
seek a product that is not a covered credit transaction, the
application is not a covered application and thus is not reported. The
Bureau agrees with commenters' concerns that requiring reporting on
applications where the applicant ultimately does not seek a covered
credit transaction could lead to data quality issues, for example, if
only partial data are captured. Although the Bureau sought comment on
whether to require full or limited reporting in order to address
concerns about potential steering in these cases, the Bureau did not
receive any specific comments advocating for either full or limited
reporting. In response to commenter requests for clarification that a
financial institution does not violate existing Regulation B if it
collects otherwise prohibited information on a transaction that
ultimately is not a covered application, the Bureau has revised final
Sec. 1002.112(c)(4) to provide a safe harbor for incorrect
determination of a covered credit transaction if, at the time of
collection, the financial institution had a reasonable basis for
believing that the application was a covered application. The Bureau
has also revised final comment 103(a)-9 to clarify that once a
financial institution determines there is a covered application, it
shall endeavor to compile, maintain, and report the data required under
Sec. 1002.107(a) in a manner that is reasonable under the
circumstances. Final comment 103(a)-9 also discusses reporting if a
financial institution makes a counteroffer for a product that is not a
covered credit
[[Page 35212]]
transaction. Finally, the Bureau revised the language ``during the
application process'' to ``prior to final action taken'' in final
comment 103(a)-9 to provide greater clarity on the applicable
timeframe.
The Bureau is adding new comment 103(a)-10 to address reporting in
situations where a covered financial institution receives a covered
application from multiple businesses that are not affiliates, as
defined in final Sec. 1002.102(a). The Bureau is adding this
commentary in response to commenters' questions about how to report
certain data if there is more than one co-applicant. Final comment
103(a)-10 provides that if a covered financial institution receives a
covered application from multiple businesses who are not affiliates, as
defined by final Sec. 1002.102(a), it shall compile, maintain, and
report data pursuant to final Sec. Sec. 1002.107 through 1002.109 for
only a single applicant that is a small business, as defined in final
Sec. 1002.106(b). A covered financial institution shall establish
consistent procedures for designating a single small business for
purposes of collecting and reporting data under subpart B in situations
where there is more than one small business co-applicant, such as
reporting on the first small business listed on an application form.
The Bureau considered requiring reporting data of all co-applicant
small businesses, but doing so could potentially add significant
complexity and may result in data quality issues. For example,
reporting co-applicants as separate applications would likely result in
duplicative reporting or special rules to address how to modify the
reported data to avoid duplication. Similarly, requiring additional
fields to accommodate reporting of all co-applicants' information would
result in a significant expansion of the total data fields reported,
adding considerable complexity and potentially leading to data quality
issues. Given that only two commenters raised the issue of co-
applicants, the Bureau believes that financial institutions likely do
not frequently encounter applications involving more than one small
business applicant.
On the other hand, the Bureau is not requiring reporting of a small
business co-applicant only if it is the primary business seeking
funding, as suggested by one commenter. The Bureau believes it may not
always be clear who is the ``primary'' applicant if there are multiple
co-applicants; such a rule could be used to evade reporting altogether
in these situations. The Bureau therefore believes that it is
reasonable to require data collection and reporting for a single small
business if there are multiple co-applicants. Final comment 103(a)-10
provides several illustrative examples. In addition, new Sec.
1002.5(a)(4)(x) permits a creditor to collect certain demographic
information concerning a co-applicant without violating existing
Regulation B. See also the section-by-section analysis of Sec.
1002.106(b) for a discussion of calculating gross annual revenue for
purposes of determining small business status under final Sec.
1002.106(b) if there are multiple co-applicants.
Lastly, the Bureau is adding new comment 103(a)-11 to clarify that
refinances and requests for additional credit amounts on an existing
account are covered applications, as further discussed in the section-
by-section analysis of Sec. 1002.103(b).
103(b) Circumstances That Are Not Covered Applications
Proposed Rule
Proposed Sec. 1002.103(b) would have identified certain
circumstances that are not covered applications--even if they may
otherwise be considered an application under existing Sec. 1002.2(f).
Specifically, the Bureau proposed that a covered application would not
include (1) reevaluation, extension, or renewal requests on an existing
business credit account, unless the request seeks additional credit
amounts; and (2) inquiries and prequalification requests. Solicitations
and firm offers of credit would also not have been ``covered
applications'' under the proposed definition. Proposed comments 103(b)-
1 through -5 would have provided additional guidance and examples of
circumstances that do and do not trigger data collection and reporting
for covered applications.
The Bureau sought comment on proposed Sec. 1002.103(b) and
associated commentary concerning circumstances that would not be a
covered application. Solicitations for comment on specific issues are
noted throughout the discussion below.
Reevaluation, extension, or renewal requests on an existing
business credit account, unless the request seeks additional credit
amounts. The Bureau proposed to exclude from the definition of a
``covered application'' requests by borrowers to modify the terms or
duration of an existing extension of credit, other than requests for
additional credit amounts. The Bureau believed that requests to modify
the terms or duration of an existing extension of credit, which occur
with high frequency in the small business lending space, would have
added complexity and burden for financial institutions, while
potentially providing limited additional information relevant to the
purposes of section 1071.
However, the Bureau proposed that reporting would have been
required for requests for additional credit amounts (such as line
increases or new money on existing facilities). The Bureau believed
that capturing requests for additional credit amounts would further the
purposes of section 1071, particularly the community development
purpose, as it would have more accurately captured demand for credit.
Inquiries and prequalification requests. The Bureau proposed to
exclude inquiries and prequalification requests from what constitutes a
``covered application.'' The Bureau believed that requiring data
collection for all inquiries and prequalification requests could create
operational challenges and pose data accuracy issues, including raising
the risk of missing, unavailable, erroneous, or duplicative data.
The Bureau also considered whether to only require reporting of
inquiries and prequalification requests in situations that would
otherwise be treated as an ``application'' under existing Regulation
B--i.e., when the financial institution evaluates information about the
business, decides to decline the request, and communicates this to the
business. Ultimately, the logistics of reporting an inquiry or
prequalification request only in these circumstances (where an inquiry
or prequalification request becomes an ``application'' under existing
Sec. 1002.2(f)) could be operationally challenging for financial
institutions, could lead to data distortion as only denials would be
captured, and could cause unintended market effects.
On the other hand, potential discrimination may occur in these
early interactions with a financial institution. In particular, the
Bureau was concerned about excluding data on inquiries and
prequalification requests when the financial institution evaluates
information about a business and declines the request, as such data may
be useful for identifying potential discouragement of or discrimination
against applicants or prospective applicants.
Ultimately, however, the Bureau believed it was appropriate to
interpret ``application'' as used in section 1071 to exclude inquiries
and prequalification requests given the considerations identified
above, including the timing and often informal nature of such
[[Page 35213]]
interactions, the operational challenges of implementing such a
definition, and related concerns about the reliability of the data.
The Bureau sought comment on a number of issues in connection with
the reporting of inquiries and prequalification requests. For example,
the Bureau sought comment on whether instead to define a ``covered
application,'' consistent with existing Regulation B, to include
inquiries or prequalification requests where the financial institution
evaluates information about the business, decides to decline the
request, and communicates this to the business. Related to this
alternative approach, the Bureau further sought comment on whether
additional data fields would be necessary in order to distinguish
prequalification requests and inquiries from other reported
applications. In addition, if the Bureau were to require reporting of
declined inquiries or prequalification requests, the Bureau sought
comment on whether financial institutions would want the option to
report all prequalification requests and inquiries, to allow for a
comparison with denials.
Solicitations, firm offers of credit, and other evaluations or
offers initiated by the financial institution. Proposed comment 103(b)-
4 would have clarified that the term covered application does not
include solicitations and firm offers of credit. The Bureau explained
that like other reviews or evaluations initiated by the financial
institution, these communications do not involve an applicant
requesting credit, and so would not be ``covered applications.''
Excluding solicitations and firm offers of credit would also be
consistent with the language of ECOA section 704B(b)(1), which
expressly contemplates that an application could arise in response to a
solicitation by a financial institution, though the text is silent on
solicitations without any applicant response. Thus, consistent with the
statutory language, the Bureau proposed that a solicitation or firm
offer of credit could become a ``covered application'' under the
proposed definition if an applicant responds to the solicitation or
offer by requesting a covered credit transaction.
Comments Received
The Bureau received comments on its proposal to identify certain
circumstances that are not covered applications, even if they otherwise
would have been considered an application under existing Sec.
1002.2(f), from a wide range of lenders, trade associations, community
groups, and a business advocacy group.
Some commenters, including several lenders and trade associations,
expressly supported all the clarifications of circumstances that are
not reportable in proposed Sec. 1002.103(b). One noted that the
proposed exclusions would avoid duplicative steps and keep the data
collection focused on its core purposes. Other commenters stated that
the proposed exclusions were appropriate because they would not provide
useful data and that the proposal would help ease financial
institutions' transition to data collection. Comments on particular
aspects of proposed Sec. 1002.103(b) are discussed below.
Reevaluation, extension, or renewal requests on an existing
business credit account, unless the request seeks additional credit
amounts. Many industry commenters supported the Bureau's proposed
exclusion of reevaluations, extensions, or renewal requests on an
existing business credit account. However, industry commenters largely
urged the Bureau to exclude requests for additional credit amounts on
existing accounts. These commenters argued that reporting line
increases would add unnecessary complexity and time to an otherwise
streamlined process that occurs with high frequency, in response to
rapid changes to business conditions, and is typically automated, which
they said further lowers any risk of discrimination. These commenters
argued that data collection for line increases would hurt small
businesses by introducing hurdles in transactions where time is of the
essence, and might discourage businesses from seeking line increases or
creditors from offering them. Commenters also noted differences in how
credit line increases are underwritten compared to other business
credit: the process typically does not involve an application or other
documentation, may involve limited underwriting, and any analysis
performed is usually focused on the business's past performance and
relationship with the financial institution. In addition, commenters
expressed concern that including line increases would distort the data
(for example, by ``double reporting'' accounts or because of the unique
nature of credit line increases) or would provide data of limited
value. A couple commenters emphasized the potential compliance
difficulties for financial institutions, noting that excluding line
increases would be simpler and avoid the need for financial
institutions to determine who initiated a line increase. A trade
association raised the additional concern that reporting of credit line
increases and other requests for additional credit amounts will inflate
the number of originations counted for purposes of determining whether
an institution is a covered financial institution. In support of
excluding modifications more generally, one commenter stated that
modifications are not explicitly covered by other consumer financial
laws and regulations, such as HMDA, the Real Estate Settlement
Procedures Act of 1974 (RESPA), and Regulation Z.
Although opposed to the reporting of line increases, several
commenters urged that, to the extent such transactions are reportable,
the Bureau should mitigate the burden on financial institutions by (1)
exempting any existing account from data collection under the Bureau's
rule; and (2) permitting lenders to rely on prior responses regardless
of when provided, unless there is a reason to believe the data are
inaccurate. In support of the first proposal, these commenters argued
that existing accounts may need challenging technology build-outs to
integrate the rule's data collection requirements and existing clients
may not be used to the collection process.
Most community groups to comment on this issue generally requested
that all such circumstances (reevaluations, extensions, renewals), as
well as refinances, be treated as reportable applications. These
commenters argued that there should be a reportable application
whenever a business communicates an interest in obtaining credit and
has requested lender action, or if the lender takes action on the
request, such as pulling a credit report, the business's tax
information, or obtaining other data that can be used for
underwriting--particularly if the financial institution's actions might
negatively affect the business (for example, by lowering their credit
score). A few commenters specifically focused on renewals and
extensions, urging the Bureau to require reporting of these
transactions, and to separate such transactions in the data from new
originations. These commenters argued that renewals and extensions are
an important source of credit for businesses and not reporting such
circumstances would create a disconnect with Community Reinvestment Act
(CRA) reporting. One commenter urged the Bureau to collect verbal and
written agricultural loan modification or restructuring requests made
to the Farm Service Agency, arguing that such requests constitute
applications under existing Regulation B, highlighting concerns about
discrimination in loan
[[Page 35214]]
servicing and the detrimental effects on businesses when servicing
applications are not granted, including default, acceleration, and
foreclosures. Some commenters further argued that lender-initiated
renewals should also be captured, given the detrimental effect they may
have on a business that is ``denied'' credit or experiences a reduction
in access to credit.
Several commenters requested clarification on aspects of the
Bureau's proposed approach to reevaluation, extension, or renewal
requests. A community bank was uncertain what dates to report under
Sec. 1002.107(a)(2) and (9) (application date and action taken date)
for requests for additional credit on existing accounts, and was
concerned that if the dates changed from the initial origination, it
could be construed as a data misrepresentation. Several other
commenters inquired whether a transaction is a reportable covered
application if a new note is executed as part of a request to
consolidate existing credit amounts under the same terms or as part of
a periodic review extending the credit under the same terms. A sales-
based financing company explained that its customers often request
funding over time, and asserted that each new request for credit should
be reportable.
Inquiries and prequalification requests. The industry commenters to
weigh in on inquiries and prequalification requests, including several
banks, a CDFI lender, trade associations, and a business advocacy
group, overwhelmingly supported the Bureau's proposal to exclude
inquiries and prequalification requests. Commenters argued that
including inquiries and prequalification requests would be
operationally difficult given the high volume of such requests and
because the interactions typically occur before the financial
institution has the infrastructure in place to track requests for
credit. They also argued that including such interactions could be
misleading and lead to data accuracy issues, given the informal nature
of such requests and because many such inquiries are subsequently
abandoned or otherwise left incomplete. A business advocacy group also
noted concerns about duplicative reporting of inquiries and
prequalification requests if the business ultimately submits a credit
application. A group of trade associations for insurance premium
finance lenders argued that including inquiries and prequalification
requests would be unworkable for their lenders, who are often not aware
of a prospective applicant's interest in credit until they receive an
agreement from the applicable insurance agent or broker; as a result,
such financial institutions would be unaware of any inquiries or
prequalification requests. Another commenter argued that reporting such
transactions would effectively punish borrowers for inquiring about
qualification requirements, products, and rates. Finally, one commenter
stated that each financial institution should be permitted to define
what constitutes an application, including any exclusions. Although
industry commenters were generally in favor of the exclusion, a number
of industry commenters stated that the line between inquiries or
prequalification requests and covered applications should be
sufficiently clear to avoid uncertainty during implementation, and
asked the Bureau provide examples, in commentary to the rule, to
differentiate these scenarios.
Conversely, a number of commenters, including a lender and
community groups, urged the Bureau to require reporting on all or some
inquiries and prequalification requests. Citing a study identifying the
prevalence of discrimination in the pre-application phase,\341\
commenters argued that the definition of covered application must be
broad enough to capture pre-application phase discrimination. Several
commenters requested that all communications where a business inquires
about credit and seeks a credit decision should be reportable; another
commenter urged reporting whenever the financial institution pulls a
credit report or takes other action to begin underwriting. Several
other commenters suggested that the Bureau align with existing
Regulation B's treatment of prequalifications by treating denied
inquiries and prequalifications as reportable applications.\342\ One
community group emphasized the importance of having online applications
reported, including online prequalification requests in particular. The
commenter argued that the absence of such data has been detrimental in
the HMDA context, it creates an imbalance between online and
traditional lenders, and the burden of reporting would be low as
lenders are already required to capture such transactions for purposes
of providing adverse action notices.
---------------------------------------------------------------------------
\341\ Nat'l Cmty. Reinvestment Coal., Disinvestment,
Discouragement and Inequity in Small Business Lending (Sept. 2019),
https://ncrc.org/wp-content/uploads/2019/09/NCRC-Small-Business-Research-FINAL.pdf.
\342\ Existing comment 2(f)-3 provides that a creditor treats an
inquiry or a prequalification request as an application if it
evaluates information about the consumer, decides to decline the
request, and communicates this to the consumer.
---------------------------------------------------------------------------
Although the Bureau sought comment on whether, alternatively, to
define a ``covered application'' consistent with Regulation C--which
does not require a financial institution to report prequalification
requests and does not address reporting of inquiries more generally--
the Bureau did not receive any comments directly on this point.
Similarly, the Bureau did not receive any comments directly responding
to its request for comment on the frequency with which financial
institutions accept prequalification requests and what data are
collected in connection with such prequalification requests, as well as
potential effects on the market if some or all prequalification
requests were reportable under section 1071. In addition, the Bureau
did not receive any comments in response to its request for feedback on
whether assumptions \343\ are used in the small business lending
context and whether reporting of assumptions for small business lending
would further the purposes of section 1071.
---------------------------------------------------------------------------
\343\ Regulation C requires the reporting of assumptions for
HMDA. See Regulation C comment 2(j)-5 (discussing when assumptions
should be reported as home purchase loans).
---------------------------------------------------------------------------
Solicitations, firm offers of credit, and other evaluations or
offers initiated by the financial institution. A number of industry
commenters urged the Bureau to exclude ``preapprovals,'' which the
commenters described as credit offered or originated by the financial
institution without an initiating application from the business
(including offers for a different product or offers to extend
additional credit amounts). One of the commenters was particularly
concerned about lender-initiated offers based on data collected or
acquired by the financial institution about the small business; for
example, a financial institution that uses deposit account data to
evaluate a business for credit card offers. The commenter argued that
in these circumstances, the business has not been ``denied'' credit
because it never applied for credit; similarly, the commenter argued,
accepted offers also should not be reported because there is no
initiating application from the business. The commenter further argued
that reporting of originated offers initiated by the financial
institution would skew the data, as it would only reflect approvals.
Reporting of ``denied'' offers, argued the commenter, would be
infeasible, create confusion for the customer, and likely lead lenders
to discontinue extending such offers altogether. Several other industry
commenters similarly urged the Bureau to exclude ``preapprovals,''
though they
[[Page 35215]]
did not explain what precisely they meant by the term. One commenter
argued that while preapprovals are clearly articulated in Regulation C,
``preapprovals'' do not exist in the small business lending space.
Final Rule
For the reasons set forth herein, the Bureau is finalizing Sec.
1002.103(b) as proposed to identify certain circumstances that are not
covered applications, even if they otherwise would have been considered
an application under existing Sec. 1002.2(f). Specifically, final
Sec. 1002.103(b) provides that a covered application does not include
(1) reevaluation, extension, or renewal requests on an existing
business credit account, unless the request seeks additional credit
amounts; and (2) inquiries and prequalification requests. The Bureau is
finalizing comments 103(b)-1 through -4 with minor revisions for
clarity and consistency, to provide additional guidance and examples of
circumstances that do and do not trigger data collection and reporting
under the definition of a covered application. The Bureau is finalizing
comment 103(b)-5, which discusses inquiries and prequalification
requests, to provide additional discussion and examples distinguishing
a covered application from an inquiry or prequalification request. As
discussed in the section-by-section analysis of Sec. 1002.103(a)
above, the Bureau is also adding new comment 103(a)-4 to clarify that
solicitations, firm offers of credit, or other evaluations initiated by
the financial institution are not a covered application; however, if
the business seeks to obtain the credit offered, the business's request
constitutes a covered application.
Reevaluation, extension, or renewal requests on an existing
business credit account, unless the request seeks additional credit
amounts. Pursuant to final Sec. 1002.103(b)(1), the Bureau is
excluding reevaluation, extension, or renewal requests on an existing
business credit account, unless the request seeks additional credit
amounts, from the definition of a covered application. The Bureau
believes that requests to modify the terms or duration of an existing
extension of credit--such as extensions on the duration of a credit
line or changes to a guarantor requirement--occur with high frequency
in the small business lending space. If the Bureau were to require
reporting of such circumstances, the Bureau believes it would add
complexity for reporting financial institutions while, as some
commenters have noted, potentially providing limited additional
information relevant to the purposes of section 1071. Moreover, the
Bureau believes that broadly including requests to modify the terms or
duration of existing extensions of credit might affect data quality
absent additional flags to distinguish the transactions from new
originations, as well as to identify the particular nature of the
changes. The Bureau further notes that Regulation C takes a similar
approach by excluding reporting of loan modifications.\344\
---------------------------------------------------------------------------
\344\ See Regulation C comment 2(d)-2. Although CRA regulations
currently require the reporting of renewals, the recent proposed
revisions to the CRA rule would instead use 1071 data once available
to satisfy small business loan and small farm loan data collection
and reporting requirements. 87 FR 33884, 33997-98 (June 3, 2022).
---------------------------------------------------------------------------
Although some commenters argued that such transactions should be
reported because they would provide a better understanding on the
availability of credit, the Bureau believes such benefits would be
modest, particularly absent additional data concerning how the modified
credit request differs from the original request, which would require
the collection of a number of additional data points. Similarly,
although one commenter urged the Bureau to collect verbal and written
agricultural loan modification or restructuring requests made to the
Farm Service Agency, as discussed directly above, the Bureau believes
expanding data collection and reporting requirements to all
modification requests (except requests for additional credit amounts)
would add significant complexity for lenders, could be duplicative, and
may provide limited benefits without knowing the precise terms changed
in the modification request. Nor does the Bureau believe that the
definition of covered application should be expanded to encompass any
expression of interest from a business to obtain credit or action by
the financial institution towards underwriting; as noted above in the
section-by-section analysis of Sec. 1002.103(a) above, triggering data
collection and reporting obligations too early could add significant
complexity and affect data quality.
The Bureau believes that requiring reporting of requests for
additional credit amounts (such as line increases or new money on
existing facilities) is appropriate. Capturing requests for additional
credit amounts directly furthers the purposes of section 1071,
particularly the business and community development purpose, as it will
more accurately capture demand for credit. Although industry commenters
opposed reporting on new credit amounts due to what they described as
the streamlined, fast-paced nature of such reviews, the Bureau believes
those factors do not outweigh the benefits of having these data
collected and reported. Moreover, the Bureau does not believe that
collecting data on such transactions will be so time consuming or
difficult that it will dissuade small businesses from seeking the
additional credit they need, particularly in light of final Sec.
1002.107(d), which permits financial institutions to reuse applicant-
provided data in certain circumstances. Collecting data on requests for
additional credit amounts will assist in fair lending testing and
provide additional insight into small business credit trends and
availability, furthering the purposes of section 1071, even if--as some
commenters suggested--line increases are often underwritten differently
than new requests for credit.
Regarding commenters' concerns about duplicative reporting, the
Bureau notes that pursuant to final Sec. 1002.107(a)(7) and (8), the
financial institution only reports the additional credit amount sought
(and approved or originated, as applicable)--not the entire credit
amount extended--therefore avoiding duplicative reporting. Moreover,
the fact that a request is for a line increase will be reflected in the
reporting of credit purpose pursuant to final Sec. 1002.107(a)(6).
Thus, unlike renewals or modifications more generally, which may occur
for a variety of reasons, requests for additional credit amounts and
the amounts requested will be clearly identifiable in the data. The
Bureau also believes that commenters' concerns about the time and
difficulty associated with collecting data are further mitigated by
final Sec. 1002.107(d), which permits a financial institution to reuse
certain data points under certain circumstances. In response to a
commenter's concern that reporting of credit line increases and other
requests for additional credit amounts will inflate the number of
originations counted for purposes of determining whether an institution
is a covered financial institution, the Bureau notes that new comment
105(b)-4 clarifies that requests of additional credit amounts on an
existing account are not counted as originations for the purpose of
determining whether a financial institution is a covered financial
institution pursuant to Sec. 1002.105(b).
The Bureau is also providing specialized rules for the reporting of
line increases, as suggested by several commenters. One suggested
strategy--exempting accounts that are in place before this final rule
goes into effect--
[[Page 35216]]
could significantly reduce reportable transactions, potentially for
years into the future.\345\ Moreover, under the tiered implementation
period set forth in final Sec. 1002.114(b), the Bureau believes that
financial institutions (and their customers) will have adequate time to
adjust to reporting. Similarly, in response to a different commenter's
question about reporting requests for additional credit amounts, the
Bureau notes that if there is an application for an additional credit
amount on a covered credit transaction, a financial institution must
collect data pursuant to this final rule even if the existing account
was opened prior to the applicable compliance date.
---------------------------------------------------------------------------
\345\ Although information on average business credit card
account age is not publicly available, credit card accounts
typically have no expiration date and so may remain open
indefinitely. Thus, exempting such accounts could create blind spots
in the data for potentially years, or even decades, into the future.
---------------------------------------------------------------------------
The Bureau is also not adopting the commenters' second suggestion--
to indefinitely allow financial institutions to rely on prior applicant
responses--as the commenters provide no reason why reused data are more
trustworthy in the context of requests for additional credit amounts,
compared to other existing customers' requests for new credit. However,
pursuant to final Sec. 1002.107(d), financial institutions may reuse
most applicant-provided data, so long as there is no reason to believe
the data are inaccurate, for up to 36 months. Although not specific to
requests for additional credit amounts, this provision may ease some of
the commenters' concerns.
In response to comments, mainly from community groups, regarding
the importance of having refinance transactions reported, the Bureau is
revising comment 103(b)-2 to make clear that an applicant's request to
refinance, which occurs when an existing obligation is satisfied and
replaced by a new obligation undertaken by the same borrower, is
reportable. The Bureau agrees with commenters that refinance
transactions should be covered applications; they legally constitute a
new credit obligation, and so are typically included within regulatory
schemes governing originations.\346\ Indeed, as one commenter correctly
noted, the Bureau's inclusion of refinancing categories for the credit
purpose data point (in proposed comment 107(a)(6)-1) in the proposed
rule shows that the Bureau intended for refinances to be reportable
transactions.
---------------------------------------------------------------------------
\346\ See, e.g., Fed. Fin. Insts. Examination Council, A guide
to CRA Data Collection and Reporting, at 12 (2015), https://www.ffiec.gov/cra/pdf/2015_CRA_Guide.pdf (stating that an
institution should collect information about small business and
small farm loans that it refinances or renews as loan originations).
Regulation C Sec. 1003.4(a)(3) (requiring reporting of whether the
covered loan is a refinance); Regulation Z Sec. 1026.20(a) (``A
refinancing occurs when an existing obligation that was subject to
this subpart is satisfied and replaced by a new obligation
undertaken by the same consumer. A refinancing is a new transaction
requiring new disclosures to the consumer. . . .'').
---------------------------------------------------------------------------
Several other commenters also requested clarification on aspects of
the Bureau's proposed approach to reevaluation, extension, or renewal
requests. In response to a community bank's questions regarding what
dates to report under Sec. 1002.107(a)(2) and (9) (application date
and action taken date) for requests for additional credit on existing
accounts, the Bureau notes the dates should be based on the new request
for credit. Because a request for additional credit amounts is
considered a separate covered application pursuant to final Sec.
1002.103(a), all data reported, including applicable dates, should be
in reference to the new request for credit, and not the initial
origination. Several other commenters inquired whether a transaction is
a reportable covered application if a new note is executed as part of a
request to consolidate existing credit amounts under the same terms or
as part of a periodic review extending the credit under the same terms.
If an existing obligation is satisfied by a new credit obligation, as
determined by contract and State law, it would generally be reportable
as a covered application (assuming the other conditions of a covered
application are met). Although in certain circumstances this may
require reporting of credit amounts previously outstanding under a
different credit obligation with the same borrower and with similar or
identical terms, the Bureau believes that seeking to exempt these fact-
specific circumstances would add considerable complexity to the rule
and could undermine data quality. The Bureau generally agrees with the
assertion that each new request for credit that is separately evaluated
should be reportable (excluding counteroffers, pursuant to final
comment 107(a)(9)-2). If a financial institution evaluates each new
request for credit, then each of those instances should be reported as
separate covered applications for the amount advanced. For example, if
a small business makes several requests for advances from a merchant
cash advance provider, each of which is evaluated by the provider, each
of those requests will typically constitute a separate covered
application. In contrast, if a financial institution extends a line of
credit up to a specified amount, then any request drawn against the
line within that established limit is authorized and would not be a
separate covered application. See also existing Sec. 1002.2(q), which
defines the term to ``extend credit'' or ``extension of credit.''
Inquiries and prequalification requests. As the Bureau explained in
the NPRM, existing Regulation B recognizes that before a consumer or
business requests credit in accordance with the procedures used by a
creditor for the type of credit requested, a creditor may provide a
prospective applicant with information about credit terms. Generally,
an inquiry occurs when a prospective applicant consumer or business
requests information about credit terms offered by a creditor; a
prequalification request generally refers to a request by a consumer or
business for a preliminary determination on whether the prospective
applicant would likely qualify for credit under a creditor's standards
or for what amount.\347\ Under existing Regulation B comments 2(f)-3
and 9-5, an inquiry or prequalification request may become an
``application'' if the creditor evaluates information about the
consumer or business, decides to decline the request, and communicates
this to the consumer or business; otherwise, such inquiries and
prequalification requests are generally not considered applications
under existing Regulation B. As explained in existing comment 2(f)-3,
whether the inquiry or prequalification request becomes an application
depends on how the creditor responds to the consumer or business, not
on what the consumer or business says or asks. Finally, Regulation C
excludes all prequalification requests from HMDA reporting, even if the
prequalification request constitutes an application under existing
Regulation B.\348\
---------------------------------------------------------------------------
\347\ See Regulation C comment 2(b)-2 (describing
prequalification requests).
\348\ See id.
---------------------------------------------------------------------------
Pursuant to final Sec. 1002.103(b)(2), a ``covered application''
does not include inquiries and prequalification requests, even in
circumstances where the inquiry or prequalification request may
constitute an ``application'' under existing Sec. 1002.2(f). The
Bureau agrees with commenters who stated that reporting inquiries or
prequalification requests would be extremely operationally difficult
given the volume of such requests and because such requests typically
occur very early in the process, making it difficult to obtain or track
applicant-provided data. There could be data quality issues given the
sometimes-informal nature of such
[[Page 35217]]
requests, which could raise the risk of missing, unavailable, or
erroneous data. As noted by one commenter, reporting inquiries and
prequalification requests could also be duplicative if the applicant
subsequently applies for credit in accordance with the procedures
designated by the financial institution; the Bureau would potentially
need to create a separate data field or flag to distinguish such
requests. Requiring reporting of such interactions could also lead
financial institutions to pull back on offering prequalification
reviews or engaging with prospective applicants, which could inhibit
prospective applicants from shopping around for the best terms. As
discussed in the section-by-section analysis of Sec. 1002.103(a)
above, small depository institutions have expressed concern that this
rule will overly formalize small business lending and inhibit
relationship lending. Given these concerns, the Bureau is not expanding
the definition of a covered application to include pre-application
conduct, such as every time a business inquires about credit or if a
financial institution pulls information about the business, as urged by
some community groups.
The Bureau also is not requiring, as suggested by some commenters,
reporting of inquiries and prequalification requests only in situations
that would otherwise be treated as an ``application'' under existing
Regulation B--i.e., when the financial institution evaluates
information about the business, decides to decline the request, and
communicates this to the business. The logistics of reporting an
inquiry or prequalification request only in these circumstances could
be operationally challenging for financial institutions and could lead
to data distortion in a manner inconsistent with the statutory purposes
of section 1071, as only denials would be captured. In this case, a
financial institution may prefer to report all inquiries and
prequalification requests, which could lead to some of the challenges
identified above. Moreover, a financial institution will not know ex
ante whether a prequalification will result in the financial
institution notifying the business it is unlikely to qualify, and so
the financial institution would likely need to collect 1071 data at the
beginning of the interaction regardless. Although the Bureau sought
comment about its concerns related to the reporting of only denials, no
commenters specifically addressed this issue.
As noted above, one commenter emphasized the importance of having
online applications reported, including online prequalification
requests in particular, arguing that the absence of reporting would
lead to a lack of data and an imbalance among lenders. The Bureau
notes, however, that the final rule does not exclude online
applications (nor did the proposal). While prequalification requests
are excluded for the reasons discussed above, that exclusion is not
limited to a particular channel. However, to the extent an online
questionnaire is truly a voluntary tool for businesses to shop around
for potential terms, and not an application under the procedures
established by the financial institution, the Bureau believes such
inquiries should be excluded for the reasons described above.
Of course, requests for credit that meet the definition of
``covered application'' are reportable, even if the application was
preceded by an inquiry or prequalification request. For example, if a
business initially seeks information about potential credit offerings,
the financial institution responds, and then the business submits an
application for a covered credit transaction, the application is
reportable. If, on the other hand, the business asks about potential
credit offerings, but then chooses not to request credit, there is no
covered application.
In response to commenters' request to provide further examples, in
commentary to the rule, to differentiate inquiries or prequalification
requests and covered applications, the Bureau has added to comment
103(b)-5 additional illustrative examples.
The Bureau has also made minor revisions to comment 103(b)-4 for
clarity and consistency.
In sum, the Bureau believes it is appropriate to interpret
``application'' as used in section 1071 to exclude inquiries and
prequalification requests given the considerations identified above,
including the timing and often informal nature of such interactions,
the operational challenges of implementing such a definition, and
related concerns about the reliability of the data. However, the Bureau
does share commenters' concerns about discrimination that may occur in
the pre-application phase. As discussed above, the Bureau believes it
is important for regulators and other enforcers to review data
collected and reported pursuant to section 1071 to preliminarily
identify where financial institutions might not be appropriately
defining an application, and for financial institutions to self-monitor
for the same. For example, as discussed above, very high approval rates
or very low rates of incomplete or withdrawn applications may be a
preliminary indication that the financial institution is evading its
obligations, for example, by collecting 1071 data late in the
application process. Similarly, such rates may also suggest that the
financial institution has a regular practice of decisioning requests
for credit through ``inquiries'' or ``prequalification requests''; if
such reviews are regularly conducted and effectively function as a
prescreening tool for the financial institution, they should be
reported as a ``covered application.'' \349\
---------------------------------------------------------------------------
\349\ See also final comment 103(b)-5.
---------------------------------------------------------------------------
The Bureau believes it is important for regulators and other
enforcers to also carefully review the data for indicia of potential
illegal discouragement in the pre-application stage, and for financial
institutions to self-monitor for the same. For example, analyzing the
rates of applications from small businesses within majority-minority
neighborhoods, as compared to a financial institution's peers, may be
useful to identify potential discrimination. Finally, the Bureau notes
that inquiries and prequalification requests where the institution
evaluates information about the consumer or business, declines the
request, and communicates it to the business or consumer, are
``applications'' under existing Regulation B, and are thus subject to
its requirements regarding ``applications,'' including its adverse
action notification requirements and nondiscrimination provisions. As
stated in final comment 103(b)-1, in no way are the exclusions in final
Sec. 1002.103(b) intended to repeal, abrogate, annul, impair, change,
or interfere with the scope of the term application in existing Sec.
1002.2(f) as applicable to existing Regulation B.
Solicitations, firm offers of credit, and other evaluations or
offers initiated by the financial institution. The Bureau is adding new
comment 103(a)-4 to clarify that the term covered application does not
include solicitations, firm offers of credit, and other evaluations or
offers initiated by the financial institution because the business has
not made a request for credit, and to provide illustrative examples.
The Bureau is adding this comment in response to comments from industry
urging the Bureau to exclude ``preapprovals,'' which the commenters
described as credit offered by the financial institution without an
initiating application from the business. The
[[Page 35218]]
Bureau agrees with commenters who urged that solicitations, reviews, or
evaluations initiated by the financial institution should not, on their
own, be considered ``covered applications'' because the communications
do not involve an applicant requesting credit. Excluding solicitations
and firm offers of credit is also consistent with the language of ECOA
section 704B(b)(1), which expressly contemplates that an application in
response to a solicitation by a financial institution could be an
application under section 1071, but the text is silent on solicitations
without any applicant response.
The Bureau does not agree, however, that such offers or evaluations
should not be reported even where the applicant responds to such a
request and seeks the credit offered, as suggested by one commenter.
Once the applicant responds affirmatively to the solicitation
indicating that it wishes to proceed, there is a request for credit
from the applicant; there is no requirement in the final definition of
a covered application that the applicant be the initiating entity, only
that the applicant make an oral or written request for a covered credit
transaction in accordance with procedures used by a financial
institution for the type of credit requested. Capturing such requests
would also implement the language of ECOA section 704B(b)(1), which
provides that data collection and reporting is required ``whether or
not such application is in response to a solicitation by the financial
institution.'' The commenter also argued that reporting on accepted
solicitations or offers would skew the data as it would only include
accepted offers. The Bureau understands that this may result in some
data skew, but believes this outcome is preferrable to having no data
at all on applicant requests for credit in response to a solicitation.
Thus, solicitations, firm offers of credit, or other evaluations or
offers initiated by the financial institution for a covered credit
transaction may become a ``covered application'' if an applicant
responds to the solicitation or offer by requesting the offered credit.
However, if a financial institution unilaterally--with no request from
the business--increases a credit line or provides some other type of
credit to the business, it would not be considered a covered
application because, similar to a mere solicitation, the transaction
does not involve a request for credit.
Several commenters also asked the Bureau to provide that
``preapprovals'' are not covered applications. As noted above, to the
extent the commenters are referring to evaluations or offers initiated
by the financial institution alone, such events are not covered
applications unless the applicant affirmatively responds, wishing to
proceed. However, a preapproval as described in existing comment 2(f)-
5.i is an example of a covered application. Under that comment, a
preapproval occurs when a creditor reviews a request under a program in
which the creditor, after a comprehensive analysis of an applicant's
creditworthiness, issues a written commitment valid for a designated
period of time to extend a loan up to a specified amount. If a
creditor's program does not provide for giving written commitments,
requests for preapprovals are treated as prequalification requests.
Section 1002.104 Covered Credit Transactions and Excluded Transactions
104(a) Covered Credit Transaction
ECOA section 704B(b) requires financial institutions to collect and
report information regarding any application for ``credit'' made by
women-owned, minority-owned, or small businesses. Although the term
``credit'' is not specifically defined in section 1071, ECOA defines
``credit'' as ``the right granted by a creditor to a debtor to defer
payment of debt or to incur debts and defer its payment or to purchase
property or services and defer payment therefor.'' \350\ As noted above
in the section-by-section analysis of Sec. 1002.102(d), existing
Regulation B further defines ``business credit'' as ``extensions of
credit primarily for business or commercial (including agricultural)
purposes,'' with some exclusions.\351\ As discussed in detail below,
the Bureau is finalizing its proposal that covered financial
institutions report data for all applications for transactions that
meet the definition of business credit unless otherwise excluded.
---------------------------------------------------------------------------
\350\ 15 U.S.C. 1691a(d); see also Sec. 1002.2(j).
\351\ 12 CFR 1002.2(g).
---------------------------------------------------------------------------
Proposed Sec. 1002.104(a) would have defined the term ``covered
credit transaction'' as an extension of business credit that is not an
excluded transaction under proposed Sec. 1002.104(b). Proposed comment
104(a)-1 would have reiterated that the term ``covered credit
transaction'' includes all business credit (including loans, lines of
credit, credit cards, and merchant cash advances) unless otherwise
excluded under Sec. 1002.104(b). The Bureau explained that such credit
transactions for agricultural purposes and HMDA-reportable transactions
would have fallen within the scope of the proposed rule. The Bureau
noted that this was not an exhaustive list of covered credit
transactions; other types of business credit would have constituted
covered credit transactions unless excluded by proposed Sec.
1002.104(b). With respect to excluded transactions, proposed Sec.
1002.104(b) would have stated that the requirements of subpart B do not
apply to trade credit, public utilities credit, securities credit, and
incidental credit. Proposed commentary would have made clear that the
term ``covered credit transaction'' also did not cover factoring,
leases, consumer-designated credit used for business purposes, or
credit secured by certain investment properties.
The Bureau received comments on transaction coverage from many
lenders, trade associations, business advocacy groups, nonbank online
lenders, the offices of two State attorneys general, and community
groups. The Bureau received a few comments from industry expressing
general support for the proposed definition of covered credit
transaction. Many community groups, as well as several community-
oriented lenders and a cross-sector group of lenders, community groups,
and small business advocates, requested expansive and broad product
coverage; some commenters argued that such coverage was needed to
prevent evasion, for comprehensive data analysis, and/or to fulfill
section 1071's statutory purposes. Some commenters suggested the Bureau
monitor the market to ensure that new products are covered by, and
reported under, the rule. A business advocacy group and a joint letter
from community groups, community-oriented lenders, and business
advocacy groups urged the Bureau to subject ``all forms of credit''--
including merchant cash advances, factoring, and leases, in addition to
term loans, credit cards, and other forms of credit--to fair lending
and credit need analysis. They asserted that each of these products
occupies a substantial portion of the ``credit market'' for small
businesses and excluding any of them would allow potentially
detrimental lending practices to proliferate.
For the reasons set forth herein, the Bureau is finalizing its
definition of ``covered credit transaction'' in Sec. 1002.104(a) as
proposed. Final Sec. 1002.104(a) defines the term ``covered credit
transaction'' as an extension of business credit that is not an
excluded transaction under Sec. 1002.104(b). Final comment 104(a)-1
reiterates that the term ``covered credit transaction'' includes all
business credit (including loans, lines of credit, credit cards, and
[[Page 35219]]
merchant cash advances) unless otherwise excluded under final Sec.
1002.104(b). Loans, lines of credit, credit cards, merchant cash
advances, and credit products used for agricultural purposes fall
within the scope of this final rule, which covers the majority of
products that small businesses use to obtain financing.\352\ As
discussed in greater detail below, the Bureau believes that covering
these products in this rule is important to fulfilling the purposes of
section 1071. The Bureau stresses that the products discussed herein do
not constitute an exhaustive list of covered credit transactions; other
types of business credit not specifically described in the rule and its
associated commentary nevertheless constitute covered credit
transactions unless excluded by final Sec. 1002.104(b). In line with
this approach, the Bureau thus is not expressly listing other products
(such as credit extensions incident to factoring arrangements discussed
below) as covered credit transactions.
---------------------------------------------------------------------------
\352\ See White Paper at 21-22.
---------------------------------------------------------------------------
Final Sec. 1002.104(b), in turn, states that the requirements of
subpart B do not apply to trade credit, HMDA-reportable transactions,
insurance premium financing, public utilities credit, securities
credit, and incidental credit. Associated commentary makes clear that
the term ``covered credit transaction'' also does not cover factoring,
leases, consumer-designated credit that is used for business or
agricultural purposes, or credit transaction purchases, purchases of an
interest in a pool of credit transactions, and purchases of a partial
interest in a credit transaction. In response to comments received, the
Bureau is now excluding HMDA-reportable transactions and insurance
premium financing from the scope of this final rule. As a result, the
Bureau believes that proposed commentary that would have made clear
that the term ``covered credit transaction'' does not cover credit
secured by certain investment properties is not necessary.
The Bureau agrees that broad product coverage is important to
fulfill section 1071's statutory purposes, though the Bureau is not
extending coverage to all forms of small business financing as
requested by some commenters. The Bureau believes the exclusions from
the definition of covered credit transaction that it proposed in Sec.
1002.104(b) are appropriate and has added two additional exclusions
(HMDA-reportable transactions and insurance premium financing) in
response to comments received. For the reasons set forth herein, the
Bureau is finalizing Sec. 1002.104 pursuant to its authority under
ECOA section 704B(g)(1) to prescribe such rules and issue such guidance
as may be necessary to carry out, enforce, and compile data under
section 1071.
Comments received on specific types of transactions that are
reportable or not reportable under this rule are discussed in turn
below.
Loans, Lines of Credit, and Credit Cards
Proposed Rule
Proposed Sec. 1002.104(a) would have defined the term ``covered
credit transaction'' as an extension of business credit that is not an
excluded transaction under proposed Sec. 1002.104(b). Proposed comment
104(a)-1 would have reiterated that the term ``covered credit
transaction'' includes all business credit (including loans, lines of
credit, credit cards, and merchant cash advances) unless otherwise
excluded under Sec. 1002.104(b). The Bureau did not propose
definitions for loans, lines of credit, and credit cards because the
Bureau believed these products are generally and adequately covered by
the definition of ``credit'' in proposed Sec. 1002.102(i), which, as
noted above, references existing Sec. 1002.2(j). The Bureau sought
comment on its proposed approach to covered credit transactions and
particularly on whether it should define loans, lines of credit, and
credit cards, and, if so, how.
Comments Received
A few commenters expressed general support for the explicit
coverage of loans, lines of credit, and credit cards. One bank
commenter opined that the Bureau's rule does not need to define loans,
lines of credit, and credit cards because those definitions would add
unnecessary complexities. One community group expressed approval for
the Bureau's proposed coverage of lines of credit, stating that such
products meet important credit needs to help businesses weather
fluctuations in revenues and their coverage will help inform
stakeholders whether minority- and/or women-owned businesses are able
to access this important credit type or whether they experience a
disproportionate amount of denials.
The Bureau received mixed feedback regarding its proposed coverage
of credit cards. A few community groups supported credit card coverage,
with one noting that credit cards are widely used by small businesses,
often with smaller principal balances and higher interest rates than
term loans. This commenter stressed the importance of assessing whether
Hispanic- and African American-owned businesses are more likely to rely
upon credit cards than other businesses and whether the smallest
businesses, and women- and minority-owned businesses, have equitable
access to term loans or are served disproportionately by credit card
loans or other credit products.
By contrast, a few credit union trade associations urged the Bureau
to exclude credit cards from the rule to reduce burden and reporting
volumes. One commenter argued that every credit union that offers even
a single small business credit card product will ultimately become a
covered financial institution unless the Bureau either establishes a de
minimis threshold or expressly excludes small business credit cards.
Another urged the Bureau to exclude credit cards from the rule on the
basis that these products are already covered by the Credit Card
Accountability Responsibility and Disclosure (CARD) Act and the
exclusion would reduce compliance burden without weakening the quality
of resulting data and would relieve lenders of the responsibility to
sort out and isolate business credit card data from consumer credit
card data, which are often both run by the same platform independently
of other commercial lending activities.
Final Rule
For the reasons set forth herein, the Bureau is finalizing its
coverage of loan, lines of credit, and credit cards as proposed. These
products are commonly offered to small business applicants (making up
almost 60 percent of the aggregate dollar volume of various financial
products used by small businesses).\353\ According to a recent Federal
Reserve Banks' survey of employer firms, loans and lines of credit were
the most common forms of financing sought by applicants, with credit
cards in second place.\354\ The Bureau believes that covering these
products is important for advancing both of section 1071's statutory
purposes.
---------------------------------------------------------------------------
\353\ See id. at 21 fig. 2.
\354\ 2022 Report on Employer Firms at 25, https://www.fedsmallbusiness.org/survey/2022/report-on-employer-firms.
---------------------------------------------------------------------------
The Bureau does not believe that it would be appropriate to exclude
credit cards from coverage, as requested by several commenters. The
Federal Reserve Banks found that almost one third of employer firm
applicants sought credit cards \355\ and credit card usage among
minority-owned small businesses is higher than among white-
[[Page 35220]]
owned small businesses.\356\ The Bureau believes that excluding this
popular source of small business financing, particularly among the
smallest businesses and start-ups, would not be consistent with section
1071's statutory purposes. The Bureau has considered the concerns
regarding reporting volumes among credit unions and notes that its
higher originations threshold in final Sec. 1002.105(b) for coverage
under the rule should help alleviate these concerns. The Bureau does
not believe that CARD Act reporting is a sufficient substitute for data
collected under section 1071 because it does not cover business-purpose
credit cards and does not include protected demographic information,
both of which are central to section 1071's statutory purposes.
---------------------------------------------------------------------------
\355\ Id.
\356\ See, e.g., Fed. Rsrv. Bank of N.Y. et al., Latino-Owned
Businesses: Shining a Light on National Trends (Nov. 2018), https://www.newyorkfed.org/medialibrary/media/smallbusiness/2017/Report-on-Latino-Owned-Small-Businesses.pdf (finding that Latino business
owners are more likely than non-Latino white business owners to use
credit cards).
---------------------------------------------------------------------------
The Bureau is finalizing Sec. 1002.104(a) and comment 104(a)-1 as
proposed. The Bureau is not adopting definitions for loans, lines of
credit, and credit cards because it believes these products are
generally and adequately covered by the definition of ``credit'' in
Sec. 1002.102(i).\357\
---------------------------------------------------------------------------
\357\ As noted in the section-by-section analysis of Sec.
1002.107(a)(5) below, the Bureau distinguishes between secured and
unsecured loans and lines of credit when financial institutions
report the type of credit product being applied for. The Bureau does
not believe that this distinction has relevance to whether these
products constitute ``credit.''
---------------------------------------------------------------------------
Merchant Cash Advances
Background and Proposed Rule
As discussed above, proposed Sec. 1002.104(a) would have defined
the term ``covered credit transaction'' as an extension of business
credit that is not an excluded transaction under proposed Sec.
1002.104(b), and proposed comment 104(a)-1 would have reiterated that
the term ``covered credit transaction'' includes all business credit
(including loans, lines of credit, credit cards, and merchant cash
advances) unless otherwise excluded under Sec. 1002.104(b). The Bureau
sought comment on its proposed approach to covered credit transactions,
and in particular, on whether it should define merchant cash advances
and/or other sales-based financing transactions, and if so, how.
As the Bureau explained in the NPRM, merchant cash advances are a
form of financing for small businesses that purport to be structured as
a sale of potential future income. Merchant cash advances vary in form
and substance, but under a typical merchant cash advance, a merchant
receives a cash advance and promises to repay it plus some additional
amount or multiple of the amount advanced (e.g., 1.2 or 1.5, the
``payback'' or ``factor'' ``rate''). The merchant promises to repay by
either pledging a percentage of its future revenue, such as its daily
credit and debit card receipts (the ``holdback percentage''), or
agreeing to pay a fixed daily withdrawal amount to the merchant cash
advance provider until the agreed upon payment amount is satisfied.
Merchant cash advance contracts often provide for repayment directly
through the merchant's card processor and/or via Automated Clearing
House withdrawals from the merchant's bank account.\358\ Merchant cash
advances constitute the primary product under an umbrella term often
referred to as ``sales-based financing;'' generally, transactions
wherein a financial institution extends funds to a business and
repayment is based on the business's anticipated sales, revenue, or
invoices.\359\
---------------------------------------------------------------------------
\358\ This description is based on the Bureau's review of a
sample of merchant cash advance contracts that the Bureau believes
fairly represent typical merchant cash advance contracts in the
market. The Bureau's review comports with observations made by
industry and community groups regarding merchant cash advances.
\359\ As stated below, the Bureau is not specifically defining
sales-based financing in the rule because the Bureau believes these
products are covered by the definition of ``credit'' in final Sec.
1002.102(i). New York and California laws have recently sought to
define sales-based financing. New York law, for example, defines
``sales-based financing'' as ``a transaction that is repaid by the
recipient to the provider, over time, as a percentage of sales or
revenue, in which the payment amount may increase or decrease
according to the volume of sales made or revenue received by the
recipient.'' N.Y. Fin. Serv. 801(j). New York's definition of sales-
based financing also encompasses a true-up mechanism where the
financing is repaid as a fixed payment but provides for a
reconciliation process that adjusts the payment to an amount that is
a percentage of sales or revenue. Id. California law uses a similar
definition. See 10 Cal. Code Reg. 2057(a)(22) (defining sales-based
financing as ``a commercial financing transaction that is repaid by
a recipient to the financer as a percentage of sales or income, in
which the payment amount increases and decreases according to the
volume of sales made or income received by the recipient'' and
including ``a true[hyphen]up mechanism'').
---------------------------------------------------------------------------
The Bureau understands that the merchant cash advance market is
generally dominated by nondepository institutions not subject to
Federal safety and soundness supervision or reporting requirements. The
Bureau also understands that merchant cash advance providers may not be
required to obtain State lending licenses. As a result, information on
merchant cash advance lending volume and practices is limited. The
Bureau notes, however, that a few states have enacted laws that would
impose disclosure requirements upon certain commercial financing
providers, including merchant cash advance providers.\360\
---------------------------------------------------------------------------
\360\ See, e.g., Cal. S.B. 1235 (Sept. 30, 2018), https://leginfo.legislature.ca.gov/faces/billTextClient.xhtml?bill_id=201720180SB1235; N.Y. S.B. S5470B (Dec.
23, 2020), https://legislation.nysenate.gov/pdf/bills/2019/S5470B.
The California law does not go so far as to amend the California
Financing Law to require factors or merchant cash advance providers
to be licensed, but it does impose first-in-the-nation disclosure
requirements in connection with these products similar to those
imposed under TILA. The California law is implemented through
regulations that took effect on December 9, 2022. See State of Cal.
Dep't of Bus. Oversight, PRO 01-18 Commercial Financing Disclosures
SB 1235 (June 9, 2022), https://dfpi.ca.gov/wp-content/uploads/sites/337/2022/06/PRO-01-18-Commercial-Financing-Disclosure-Regulation-Final-Text.pdf. The New York law is also implemented
through regulations, which have not been finalized yet. See N.Y.
Dep't of Fin. Servs., Revised Proposed New 23 NYCRR 600 (Sept. 14,
2022), https://www.dfs.ny.gov/system/files/documents/2022/09/rp_23nycrr600_text_20220914.pdf.
---------------------------------------------------------------------------
Although the Bureau's 2017 White Paper estimated the merchant cash
advance market constituted less than 1 percent of the aggregate dollar
volume of various financial products used by small businesses in the
U.S. in 2014,\361\ the Bureau notes that more recent evidence suggests
the industry may now be much larger. For example, the 2021 Federal
Reserve Banks' survey of firms with 1-499 employees (``employer
firms'') found that 8 percent of such businesses applied for and
regularly used merchant cash advances.\362\ Moreover, on August 18,
2019, the trade website deBanked reported that according to an
investment bank's projections, ``the [merchant cash advance] industry
will have more than doubled its small business funding to $19.2 billion
by year-end 2019, up from $8.6 billion in 2014.'' \363\
---------------------------------------------------------------------------
\361\ See White Paper at 21 fig. 2, 22 fig. 3.
\362\ Fed. Rsrv. Banks, Small Business Credit Survey--2022
Report on Employer Firms, at 19 (Feb. 22, 2022), https://www.fedsmallbusiness.org/survey/2022/report-on-employer-firms (2022
Small Business Credit Survey). Starting in 2017, the Federal Reserve
Banks began to gather specific data on merchant cash advances for
its annual reports on small business financing for employer firms--
in the 2017 report, the survey found that 7 percent of such
businesses applied for and regularly used merchant cash advances.
Fed. Rsrv. Banks, Small Business Credit Survey--2017 Report on
Employer Firms, at 9 (Apr. 11, 2017), https://www.fedsmallbusiness.org/survey/2017/report-on-employer-firms (2017
Small Business Credit Survey).
\363\ Paul Sweeney, Gold Rush: Merchant Cash Advances Are Still
Hot, deBanked (Aug. 18, 2019), https://debanked.com/2019/08/gold-rush-merchant-cash-advances-are-still-hot/.
---------------------------------------------------------------------------
The Bureau understands that merchant cash advances are often used
by merchants due to the speed and ease with which they can be
obtained,\364\
[[Page 35221]]
particularly for merchants unable to obtain financing from more
traditional sources.\365\ According to the 2021 Federal Reserve Banks'
report regarding firms owned by people of color (both small employer
firms and non-employer firms), Black-owned firms, Hispanic-owned firms,
and Asian-owned firms were more likely to have applied for merchant
cash advances (14 percent, 10 percent, and 10 percent, respectively)
than white-owned firms (7 percent).\366\
---------------------------------------------------------------------------
\364\ See Fed. Rsrv. Banks, Small Business Credit Survey--2021
Report on Employer Firms, at 26 (Feb. 3, 2021), https://www.fedsmallbusiness.org/survey/2021/report-on-employer-firms (2021
Small Business Credit Survey) (reporting that 84 percent of surveyed
credit applicants were approved for a merchant cash advance, as
compared to a 43 percent approval rate for personal loans).
\365\ See 2022 Small Business Credit Survey (noting that only 8
percent of ``high credit risk'' applicants obtained all the
financing sought).
\366\ See Fed. Rsrv. Banks, Small Business Credit Survey--2021
Report on Firms Owned by People of Color, at 30 (Apr. 15, 2021),
https://www.fedsmallbusiness.org/survey/2021/2021-report-on-firms-owned-by-people-of-color (Small Business Credit Survey of Firms
Owned by People of Color).
---------------------------------------------------------------------------
The Bureau believes that the higher frequency of merchant cash
advance use among minority-owned businesses coupled with reports of
problematic provider practices lends credence to claims that merchant
cash advances may raise fair lending concerns. The Federal Trade
Commission (FTC) released a Staff Perspective in February 2020
discussing its concerns with the merchant cash advance industry \367\
and noting the industry's tendency to ``cater to higher-risk businesses
or owners with low credit scores--typically offering them higher-cost
products.'' \368\ The FTC has also filed enforcement actions against
merchant cash advance providers and their principals, in one case
alleging that they misrepresented the terms of merchant cash advances
that they provided, and then used ``unfair collection practices,
including sometimes threatening physical violence, to compel consumers
to pay.'' \369\ In April 2021, the FTC obtained a settlement that
required a merchant cash advance provider to pay more than $9.8 million
to settle charges that it took money from businesses' bank accounts
without permission and deceived business owners about the amount of
financing they would receive and about other features of its financing
products.\370\ More recently, the FTC obtained a court order that
permanently bans a merchant cash advance company and its owner from the
merchant cash advance industry for deceiving and threatening small
businesses and their owners.\371\
---------------------------------------------------------------------------
\367\ Fed. Trade Comm'n, `Strictly Business' Forum, Staff
Perspective, at 6-8 (Feb. 2020), https://www.ftc.gov/system/files/documents/reports/staff-perspective-paper-ftcs-strictly-business-forum/strictly_business_forum_staff_perspective.pdf.
\368\ See id. at 2.
\369\ Press Release, Fed. Trade Comm'n, New York-Based Finance
Companies Deceived Small Businesses, Non-Profits and Seized Their
Personal and Business Assets (June 10, 2020), https://www.ftc.gov/news-events/press-releases/2020/06/new-york-based-finance-companies-deceived-small-businesses. See also Press Release, Fed. Trade
Comm'n, FTC Alleges Merchant Cash Advance Provider Overcharged Small
Businesses Millions (Aug. 3, 2020), https://www.ftc.gov/news-events/press-releases/2020/08/ftc-alleges-merchant-cash-advance-provider-overcharged-small.
\370\ Press Release, Fed. Trade Comm'n, Cash Advance Firm to Pay
$9.8M to Settle FTC Complaint It Overcharged Small Businesses (Apr.
22, 2021), https://www.ftc.gov/news-events/press-releases/2021/04/cash-advance-firm-pay-98m-settle-ftc-complaint-it-overcharged.
\371\ Press Release, Fed. Trade Comm'n, FTC Action Results in
Ban for Richmond Capital and Owner From Merchant Cash Advance and
Debt Collection Industries and Return of More Than $2.7M to
Consumers (June 6, 2022), https://www.ftc.gov/news-events/news/press-releases/2022/06/ftc-action-results-ban-richmond-capital-owner-merchant-cash-advance-debt-collection-industries.
---------------------------------------------------------------------------
Moreover, the Bureau understands that the delinquency/default rate
amongst small businesses that use merchant cash advances is relatively
high--6 to 20 percent according to one estimate \372\ and 10 percent
according to an SEC analysis of one merchant cash advance provider
\373\ (compared with a charge off rate between 0 to 3.59 percent on SBA
loans \374\ and just over 1 percent on certain commercial and
industrial loans \375\). The Bureau believes this high default rate may
be explained by the fact that the typical merchant cash advance
holdback percentage--10 to 20 percent of gross receipts or revenues--
may be onerous for already cash-strapped small businesses.\376\ The
Bureau also understands that it is not uncommon for small businesses
that use merchant cash advances to obtain new merchant cash advances
from other merchant cash advance providers (more than a quarter of such
businesses, by one account); \377\ they also may use one merchant cash
advance to pay off another. Firms that take on added debt loads in this
way (a process known as ``stacking'') ``may not fully recognize the
costs involved, which could potentially jeopardize the financial health
of their businesses.'' \378\
---------------------------------------------------------------------------
\372\ See Bryant Park Capital, Merchant Cash Advance/Small
Business Financing Industry Report, at 28 (Jan. 2016), https://bryantparkcapital.com/wp-content/uploads/2018/06/BPC-MCA-SMB-Financing-Industry-Report.pdf.
\373\ SEC Complaint (Jan. 2020), https://www.sec.gov/litigation/complaints/2020/comp24860.pdf.
\374\ Small Bus. Admin., Table 9--Charge Off Rates as a Percent
of Unpaid Principal Balance (UPB) Amount by Program (Mar. 31, 2022),
https://www.sba.gov/document/report-small-business-administration-loan-program-performance.
\375\ Bd. of Governors of the Fed. Rsrv. Sys., Charge-Off and
Delinquency Rates on Loans and Leases at Commercial Banks (Aug. 22,
2022), https://www.federalreserve.gov/releases/chargeoff/delallsa.htm.
\376\ See Bd. of Governors of the Fed. Rsrv. Sys., Browsing to
Borrow: ``Mom & Pop'' Small Business Perspectives on Online Lenders,
at 9 (June 2018), https://www.federalreserve.gov/publications/files/2018-small-business-lending.pdf (Board Small Business Perspectives)
(noting that when asked ``about the toughest part of running their
businesses, most participants cited the challenges of managing their
cash flow''); id. at 5 (noting that ``[s]ome observers have argued
that the owner's loss of control over cash flow puts some small
businesses at risk''). The Bureau also notes that many merchant cash
advance providers believe that they are not subject to State usury
laws.
\377\ See Opportunity Fund, Unaffordable and Unsustainable: The
New Business Lending, at 3 (May 2016), https://www.leg.state.nv.us/App/InterimCommittee/REL/Document/13129 (stating that ``[m]ore than
a quarter of the businesses in our dataset had loans outstanding
with multiple alternative lenders'').
\378\ Board Small Business Perspectives at 6.
---------------------------------------------------------------------------
As small businesses struggled with the COVID-19 pandemic, reports
of merchant cash advance providers employing aggressive collection
practices continued, such as ``pursuing legal claims against owners
that freeze their bank accounts and . . . pressing their family
members, neighbors, insurers, distributors--even their customers.''
\379\ Given the fact that 84 percent of the credit applicants surveyed
by the Federal Reserve Banks were approved for a merchant cash advance
\380\ and the fact that it appears to have been significantly more
difficult to obtain credit as a ``high credit risk'' applicant during
the COVID-19 pandemic,\381\ the Bureau believes that many vulnerable
small businesses sought merchant cash advances to support their
pandemic recovery.
---------------------------------------------------------------------------
\379\ Gretchen Morgenson, FTC official: Legal `loan sharks' may
be exploiting coronavirus to squeeze small businesses, NBC News
(Apr. 3 2020), https://www.nbcnews.com/business/economy/ftc-official-legal-loan-sharks-may-be-exploiting-coronavirus-squeeze-n1173346.
\380\ See 2021 Small Business Credit Survey at 26.
\381\ Compare id. at 22 (noting that only 7 percent of ``high
credit risk'' applicants obtained all the financing sought), with
Fed. Rsrv. Banks, Small Business Credit Survey--2020 Report on
Employer Firms, at 12 (Apr. 7, 2020), https://www.fedsmallbusiness.org/survey/2020/report-on-employer-firms
(reporting that 23 percent of ``high credit risk'' applicants
obtained all the financing sought) (2020 Small Business Credit
Survey).
---------------------------------------------------------------------------
Comments Received
The Bureau received comments on this aspect of the proposal from a
wide range of lenders, trade associations, business advocacy groups,
community groups, individuals, the offices of two State attorneys
general, and others. The Bureau observes that, throughout the
development of the rule to implement section 1071, merchant cash
advances have been the focus of significant attention and a unique
source of near-consensus among a diverse array of stakeholders--almost
all of whom
[[Page 35222]]
advocated for covering merchant cash advances in the rule.\382\
Comments received in response to the NPRM were no different in that,
with the exception of a sole credit union trade association, the only
commenters that supported the exclusion of merchant cash advances from
the rule were merchant cash advance providers or trade associations
representing merchant cash advance providers (the Bureau is not aware
of any credit unions that offer merchant cash advances as that term is
used herein). Most of these commenters argued that merchant cash
advances do not meet the definition of credit under ECOA or State law
and should instead be treated like traditional factoring arrangements
(described in detail below), which are generally understood not to be
credit. A few of these commenters also asserted that covering merchant
cash advances is contrary to public policy because doing so will
negatively impact access to financing and because they benefit
businesses. Two commenters asserted that the Bureau failed to engage
adequately in cost/benefit analysis as required by section
1022(b)(2)(a) of the Dodd-Frank Act, claiming that some smaller funders
would exit the market due to increased regulatory burdens and costs.
One commenter explained that because the merchant cash advance industry
has never had to track the demographic status of a small business
owner, implementing the Bureau's rule would require costly programming
upgrades, adjustments to merchant cash advance funder systems, and
additional employees to handle the reporting and auditing of these
functions. This commenter also argued the rule would result in a less
competitive market dominated by larger players and would put merchant
cash advances at an unfair disadvantage compared to factoring.
---------------------------------------------------------------------------
\382\ For instance, of the substantive responses to the 2017
request for information, comments authored or co-authored by dozens
of stakeholders (including community and business groups, industry,
and trade associations) expressed explicit support for requiring the
reporting of merchant cash advances (and additional letters
expressed support for covering ``fintech'' or ``alternative online''
products more generally).
---------------------------------------------------------------------------
The Bureau received many comments, primarily from community groups
and community-oriented lenders, expressing broad support for covering
merchant cash advances. A few of these commenters pointed to the fact
that State regulators have started cracking down on the merchant cash
advance industry due to its lack of transparency and potentially
predatory practices. A community group and a cross-sector group of
lenders, community groups, and small business advocates noted that
merchant cash advances are an important and growing part of small
business financing, with the community group relaying one merchant cash
advance provider's announcement that the COVID-19 pandemic created new
demand for its products, in part because the kinds of smaller firms
that it primarily serves encountered greater-than-normal challenges to
accessing capital through traditional bank financing during the
pandemic. The cross-sector group and another community group stressed a
need for transparency and noted that there is insufficient data on
merchant cash advances. The community group acknowledged that reporting
on merchant cash advances may be more complex due to their different
terms but argued that these features make transparency into this
lending channel critical. This commenter also opined that excluding
merchant cash advances from scrutiny would encourage lenders to
``double down'' on their use rather than offer more consumer-friendly
products.
Several supporters of merchant cash advance coverage, including the
offices of two State attorneys general, maintained that merchant cash
advances are clearly credit and they incur repayment liability. A joint
letter from community and business advocacy groups explained that
merchant cash advances are distinct from factoring in that a genuine
factoring transaction creates a completed sale of receivables owed to
the seller as a result of goods delivered or services provided by the
seller to a third party. A few commenters asserted that coverage of
merchant cash advances meets section 1071's statutory purposes. One
online lender noted that merchant cash advances are not regulated. Many
commenters expressed strong concerns about high costs and predatory
practices often associated with merchant cash advances, with the
majority of these commenters expressing particular concern about use of
merchant cash advances among minority business owners. A CDFI lender
explained that it had analyzed several merchant cash advance and
balance sheet lender agreements provided by its clients and discovered
that the average product carried an annual percentage rate of 94
percent, with one product reaching 358 percent. This commenter also
found that, among the Hispanic borrowers in its sample, the average
monthly payment was more than 400 percent of their take-home pay. An
online lender characterized the lack of transparency in pricing
merchant cash advances as a significant market failure that harms small
business owners. A community group expressed strong concerns about the
increasingly common practice of using confessions of judgments (where a
borrower must agree to allow the lender to obtain a legal judgment
without going to court) within merchant cash advance lending, citing an
investigation that found that the number of merchant cash advance cases
ending with a confession in favor of a merchant cash advance provider
in New York State rose from 14 cases in 2014 to over 3,500 cases in
2018.\383\ The commenter noted that the study further found that these
confession of judgment cases won the merchant cash advance industry an
estimated $500 million in 2017.\384\
---------------------------------------------------------------------------
\383\ Zachary R. Mider & Zeke Faux, Sign Here to Lose Everything
Part 1: ``I Hereby Confess Judgment'' (Nov. 20, 2018), https://www.bloomberg.com/graphics/2018-confessions-of-judgment.
\384\ Zachary R. Mider & Zeke Faux, Sign Here to Lose Everything
Part 2: The $1.7 Million Man (Nov. 27, 2018), https://www.bloomberg.com/graphics/2018-confessions-of-judgment-millionaire-
marshal/.
---------------------------------------------------------------------------
Potential coverage of merchant cash advances under the final rule
has also drawn the attention of government entities seeking to regulate
the industry. For example, in response to the SBREFA Outline, the
California Department of Financial Protection and Innovation submitted
a comment letter stating that ``nearly all the data points would be
just as easy for a merchant cash advance company to report as any other
financial institution.'' In addition, FTC staff submitted a comment
letter in response to the Bureau's Request for Information on the Equal
Credit Opportunity Act and Regulation B \385\ noting that the FTC has
brought many actions protecting small businesses but that detecting
illegal conduct in this space can be challenging, particularly with
regard to merchant cash advances. The FTC comment letter urged the
Bureau to remind small business lenders that whether a particular law
applies depends on actual facts and circumstances and not solely on how
one party chooses to characterize the transaction. FTC staff also
recommended that the Bureau help small businesses through data
collection, collecting complaints, and education.\386\
---------------------------------------------------------------------------
\385\ Comment No. CFPB-2020-0026-0117 (Dec. 1, 2020), https://www.regulations.gov/comment/CFPB-2020-0026-0117.
\386\ Id.
---------------------------------------------------------------------------
In response to the NPRM, the offices of two State attorneys general
submitted a comment stating that merchant cash advance transactions
fall within the definition of credit and that the
[[Page 35223]]
inclusion of merchant cash advance transactions is crucial given the
rapid expansion of the merchant cash advance market in the past decade
and limited publicly available data on market size or standard industry
practices. Having brought enforcement actions against multiple merchant
cash advance providers, they also asserted that the unregulated nature
of the merchant cash advance market makes it ripe for the type of
problematic practices that they have directly observed through their
investigations into the industry. They expressed strong support for the
inclusion of merchant cash advance transactions within the scope of the
Bureau's rule, stating their belief that the rule will promote
fairness, transparency, and enhanced data collection in the area of
small business financing, including the rapidly growing merchant cash
advance market that is targeting small businesses.
The Bureau also received a few comments about other aspects of its
proposal to cover merchant cash advances. One commenter advised against
defining merchant cash advances in the rule, arguing that such a
definition could be inconsistent with some State laws and thus may
create additional complexity in complying with the final rule. Another
commenter urged the Bureau to clarify the application of the rule to
merchant cash advances, including by clearly defining merchant cash
advances and explaining how the rule will apply to the particular
features of merchant cash advance products. Two commenters expressed
more general support for coverage of sales-based financing.
Final Rule
For the reasons set forth herein, the Bureau is finalizing its
definition of ``covered credit transaction'' as proposed. Final Sec.
1002.104(a) defines the term ``covered credit transaction'' as an
extension of business credit that is not an excluded transaction under
Sec. 1002.104(b). Final comment 104(a)-1 reiterates that the term
``covered credit transaction'' includes merchant cash advances.
The Bureau believes that the statutory term ``credit'' in ECOA is
intentionally broad so as to include a wide variety of products without
specifically identifying any particular product by name. As noted
above, ECOA defines ``credit'' to mean ``the right granted by a
creditor to a debtor to defer payment of debt or to incur debts and
defer its payment or to purchase property or services and defer payment
therefor.'' As a result, the definition does not explicitly state that
it applies to any type of credit, whether it be installment loans,
credit cards, or merchant cash advances. To the extent there is any
ambiguity about whether a particular product constitutes ``credit,''
Congress appears to have intended for the Bureau (or previously, the
Board) to fill that gap, but neither the Bureau nor the Board have had
occasion to provide further clarity with respect to coverage of sales-
based financing products like merchant cash advances except to note in
commentary that factoring, as ``a purchase of accounts receivable,''
\387\ is not covered by ECOA or Regulation B. However, based on its
review of typical merchant cash advance arrangements and its expertise
with respect to the nature of credit transactions, the Bureau believes
the term ``credit'' encompasses merchant cash advances and other types
of sales-based financing. As a result, the Bureau believes that
merchant cash advances and other sales-based financing are covered by
the definition of ``credit'' in final Sec. 1002.102(i). The Bureau
does not believe it is necessary to specifically define merchant cash
advances or sales-based financing because the broad definition of
``credit'' in ECOA and Regulation B--includes credit products covered
by the rule unless the Bureau specifically excludes them.
---------------------------------------------------------------------------
\387\ Existing comment 9(a)(3)-3.
---------------------------------------------------------------------------
Nor does the Bureau believe that merchant cash advances should be
excluded from the rule as a species of factoring because merchant cash
advances do not constitute factoring within the meaning of the existing
commentary to Regulation B or the definition in final comment 104(b)-1.
In factoring transactions, entities receiving financing sell their
legal right to payment from a third party for goods supplied or
services rendered, and that right exists at the time of the transaction
itself; the provider of funds seeks payment directly from the third
party, and the transaction between the recipient and the provider of
funds is complete at the time of the sale. In other words, the
recipient of the financing has no remaining payment obligation, meaning
that no payment is deferred. In contrast, at the time of the advance in
a merchant cash advance, the recipient of the financing has no existing
rights to payment that it can transfer. The transaction thus
constitutes only a promise by the recipient to transfer funds to the
provider once they materialize at a later date. The Bureau believes
that the ECOA definition of credit, by referring to the right to
``defer'' payments, necessarily invokes this temporal consideration.
The Bureau does not agree with arguments raised by other commenters
that merchant cash advances are not ``credit'' under ECOA.
Specifically, the Bureau does not agree that the purchase of the right
to a specific portion of a merchant's future proceeds, up to an agreed-
upon limit, constitutes a substantially contemporaneous exchange of
value between a merchant cash advance provider and a merchant. The
Bureau notes that a merchant's proceeds from future sales of goods and
services, by definition, do not exist in the present and thus there can
be no contemporaneous exchange of value, substantial or otherwise,
where there is no present right to payment. The Bureau believes
merchant cash advances are clearly distinguishable from back-dated
checks, service contracts with staggered payment schedules, and true
leases (discussed below). Merchant cash advances are typically repaid
over a period of three to 12 months and the merchant has no existing
rights to payment that it can transfer to the merchant cash advance
provider until they materialize at a later date, usually at least a
month later. The Bureau also notes that under Regulation B, a
transaction is ``credit'' if there is a right to defer payment of a
debt--regardless of the number of installments required for repayment
or whether the transaction is subject to a finance charge.\388\
---------------------------------------------------------------------------
\388\ Existing comment 2(j)-1.
---------------------------------------------------------------------------
Furthermore, the Bureau interprets ECOA's definition of credit as
making dispositive whether one party has granted another the right to
repay at some time subsequent to the initial transaction, without
consideration of factors such as the absence of recourse or analysis of
who bears the risk of loss. Merchant cash advance providers grant such
a right: they advance funds to small businesses and grant them the
right to defer repayment by allowing them to repay over time.
Additionally, as a practical matter, the Bureau understands that
merchant cash advances are underwritten and function like a typical
loan (i.e., underwriting of the recipient of the funds; repayment that
functionally comes from the recipient's own accounts rather than from a
third party; repayment of the advance itself plus additional amounts
akin to interest; and, at least for some subset of merchant cash
advances, repayment in regular intervals over a predictable period of
time).
Finally, the Bureau believes that the inclusion of merchant cash
advances in the Bureau's rule is important to fulfilling both the fair
lending and the
[[Page 35224]]
business and community development purposes of section 1071.\389\
Commenters have warned of high costs and predatory practices in this
area, and the Bureau is particularly focused on their increasingly
prevalent use among minority business owners.\390\ The Bureau also
believes that including merchant cash advances will create a more level
playing field across financial institutions that provide cash flow
financing to small businesses by shedding light on such credit
transactions as well as create a dataset that better reflects demand
for such financing by the smallest and most vulnerable businesses.
---------------------------------------------------------------------------
\389\ ECOA section 704B(a).
\390\ See, e.g., Fed. Rsrv. Bank of N.Y. et al., Latino-Owned
Businesses: Shining a Light on National Trends (Nov. 2018) (stating
``Latino business owners are more likely than non-Latino White
business owners to use credit cards, factoring, and merchant cash
advances--products that require less collateral and are associated
with higher average interest rates'').
---------------------------------------------------------------------------
Agricultural-Purpose Credit
Background
As reported by the 2017 Census of Agriculture,\391\ there are about
3.4 million farmers and ranchers (``producers'') working on 2 million
farming and ranching operations (``farms'') in the United States. The
U.S. Department of Agriculture (USDA) Economic Research Service found
that family farms (where the majority of the business is owned by the
operator and individuals related to the operator) of various types
together accounted for nearly 98 percent of U.S. farms in 2020.\392\
Small family farms (less than $350,000 in gross cash farm income)
accounted for 90 percent of all U.S. farms and large-scale family farms
($1 million or more in gross cash farm income) make up about 3 percent
of farms but 44 percent of the value of production.\393\
---------------------------------------------------------------------------
\391\ The Census of Agriculture is conducted by the USDA every
five years and provides a detailed picture of farms and the people
who operate them. See generally U.S. Dep't of Agric., 2017 Census of
Agriculture (Apr. 2019), https://www.nass.usda.gov/Publications/AgCensus/2017/Full_Report/Volume_1,_Chapter_1_US/usv1.pdf.
\392\ Econ. Rsch. Serv., U.S. Dep't of Agric., Farming and Farm
Income (updated Sept. 1, 2022), https://www.ers.usda.gov/data-products/ag-and-food-statistics-charting-the-essentials/farming-and-farm-income/.
\393\ Id.
---------------------------------------------------------------------------
According to the 2020 Annual Report of the Farm Credit
Administration, most agricultural lending (approximately 83 percent) is
done by either commercial banks or the Farm Credit System (FCS), a
network of government-sponsored enterprises regulated by the Farm
Credit Administration, an independent government agency.\394\ The
USDA's Farm Service Agency accounts for a small share (3 percent) of
agricultural credit through direct loans and guarantees of loans made
by private lenders.\395\
---------------------------------------------------------------------------
\394\ Farm Credit Admin., 2020 Annual Report of the Farm Credit
Administration, at 20 (2020), https://www.fca.gov/template-fca/about/2020AnnualReport.pdf.
\395\ Id.
---------------------------------------------------------------------------
In a July 2019 report, the U.S. Government Accountability Office
(GAO) discussed its finding that information on the amount and types of
agricultural credit to socially disadvantaged farmers and ranchers is
limited,\396\ and suggested that this rulemaking may be a way to engage
in ``additional data collection and reporting for nonmortgage loans.''
\397\ The GAO found that, using 2015-2017 USDA survey data, socially
disadvantaged farmers and ranchers represented an estimated 17 percent
of primary producers in the survey, but accounted for only an estimated
8 percent of total outstanding agricultural debt.\398\ Loans to
purchase agricultural real estate accounted for most of socially
disadvantaged farmers and ranchers' outstanding debt (67 percent).\399\
Farms with minority or women primary producers \400\ are, on average,
smaller and bring in less revenue than farms with a non-socially
disadvantaged primary producer (i.e., a white male)--while socially
disadvantaged farmers and ranchers represented 30 percent of all farms,
they operated 21 percent of total farmland and accounted for 13 percent
of the market value of agricultural products sold in 2017.\401\
---------------------------------------------------------------------------
\396\ See Gov't Accountability Off., Agricultural Lending:
Information on Credit and Outreach to Socially Disadvantaged Farmers
and Ranchers is Limited (2019), https://www.gao.gov/assets/gao-19-539.pdf (GAO Report).
\397\ Id. at 12.
\398\ Id. at 16. ``The primary producer is the individual on a
farm who is responsible for the most decisions. Each farm has only
one primary producer.'' Id. at 5.
\399\ Id. at introductory highlights.
\400\ ``Producers'' are individuals involved in farm decision-
making. A single farm may have more than one producer.
\401\ See GAO Report at 7.
---------------------------------------------------------------------------
The share of minority representation in farming, particularly that
of Black farmers, has declined sharply over the last 100 years.\402\
(The number of female producers has increased significantly over the
last 100 years but remains relatively small compared to male farm
producers.\403\) Based on the disposition of numerous lawsuits alleging
discrimination against minority farmers,\404\ the Bureau believes that
credit discrimination may play a role in this decline. The GAO cites
advocacy groups for socially disadvantaged farmers and ranchers, which
have said some socially disadvantaged farmers and ranchers face actual
or perceived unfair treatment in lending or may be dissuaded from
applying for credit because of past instances of alleged
discrimination.\405\ In addition, the GAO cites advocacy groups,
lending industry representatives, and Federal officials in stating that
socially disadvantaged farmers and ranchers are more likely to operate
smaller, lower-revenue farms, have weaker credit histories, or lack
clear title to their agricultural land, which can make it difficult for
them to qualify for loans.\406\ The Bureau understands that determining
the ``creditworthiness'' of a farmer is often a judgmental process in
which lending decisions are de-centralized and involve weighing many
discretionary factors, and believes that there are heightened fair
lending risks in agricultural lending.
---------------------------------------------------------------------------
\402\ In 1910, approximately 893,370 Black farmers operated
approximately 41.1 million acres of farmland, representing
approximately 14 percent of farmers. U.S. Census Bureau, 1910
Census: Volume 5 (Agriculture), Statistics of Farms, Classified by
Race, Nativity, and Sex of Farmers, at 298 (1910), https://www2.census.gov/library/publications/decennial/1920/volume-5/06229676v5ch04.pdf. In 2017, of the country's 3.4 million total
producers, only 45,508 of them (1.3 percent) are Black and they farm
on only 4.1 million acres (0.5 percent of total farmland); by
comparison, 95 percent of U.S. producers are white and own 94
percent of farmland. U.S. Dep't of Agric., 2017 Census of
Agriculture, at 62, 72 (Apr. 2019), https://www.nass.usda.gov/Publications/AgCensus/2017/Full_Report/Volume_1,_Chapter_1_US/usv1.pdf.
\403\ In 1910, women farmers represented approximately 4 percent
of farm workers. See U.S. Census Bureau, 1910 Census: Volume 5
(Agriculture), Statistics of Farms, Classified by Race, Nativity,
and Sex of Farmers, at 340 (1910), https://www2.census.gov/library/publications/decennial/1920/volume-5/06229676v5ch04.pdf. As of 2017,
women account for approximately 36 percent of farmers. See U.S.
Dep't of Agric., 2017 Census of Agriculture, at 62 (Apr. 2019),
https://www.nass.usda.gov/Publications/AgCensus/2017/Full_Report/Volume_1,_Chapter_1_US/usv1.pdf.
\404\ See, e.g., Order, In re Black Farmers Discrimination
Litig., No. 08-mc-0511 (D.D.C. filed Aug. 8, 2008), https://blackfarmercase.com/Documents/2008.08.08%20-%20PLF%20Consolidation%20Order_0.pdf; Pigford v. Glickman, 206 F.3d
1212 (D.C. Cir. 2000). See also Garcia v. Vilsack, 563 F.3d 519
(D.C. Cir. 2009); Love v. Connor, 525 F. Supp. 2d 155 (D.D.C. 2007);
Keepseagle v. Veneman, No. 99-CIV-03119, 2001 U.S. Dist. LEXIS 25220
(D.D.C. Dec. 12, 2001).
\405\ GAO Report at introductory highlights. Additionally, the
GAO cited these sources as noting that some socially disadvantaged
farmers and ranchers may not be fully aware of credit options and
lending requirements, especially if they are recent immigrants or
new to agriculture. Id.
\406\ Id.
---------------------------------------------------------------------------
Proposed Rule
In its proposal, the Bureau noted that credit used for agricultural
purposes is generally covered by the broad definition of credit under
ECOA and
[[Page 35225]]
agricultural businesses are included in section 1071's definition of
small business. Taking into account the information above, the Bureau
stated that covering agricultural credit in this rulemaking was
important for advancing both of section 1071's statutory purposes and
did not propose defining covered credit in a way that would exclude
agricultural credit from coverage. The Bureau sought comment on the
potential costs and complexities associated with covering such credit.
Comments Received
The Bureau received comments on this aspect of the proposal from
many agricultural lenders, banks, trade associations, and community
groups. Several community-oriented lenders and many community groups
voiced support for the Bureau's proposed coverage of agricultural-
purpose credit. A joint letter from community groups, community
oriented lenders, and business advocacy groups asserted that covering
agricultural credit will be helpful in advancing the goals of section
1071 because the vast majority of farms are small and family run, and
farmers are an important part of the community development landscape,
and because the litigation regarding discrimination against Black
farmers shows the risk of discrimination and unequal access is
significant in the agricultural context. A rural community group argued
that the Bureau's legislative mandate is clear on this issue because
agricultural lending falls under ECOA's definition of credit and
farming operations are correctly included in the proposed rule's
definition of small business. Several commenters asserted that covering
agricultural credit serves section 1071's community development and
fair lending statutory purposes. Another community group expressed its
belief that 1071 data will allow for promotion of adaptive and
sustainable agriculture among smaller farmers as opposed to relying on
large agricultural businesses.
Some commenters discussed their belief that including agricultural
credit within the scope of this rule was needed to address historical
and/or continuing discrimination. A rural community group described the
challenges relating to justifying claims in the discrimination
settlements against USDA due specifically to the lack of any other form
of data to quantify the results of disparities in treatment with access
to loans. This commenter also relayed minority farmers' experiences of
being more at risk of foreclosure due to not being told about or not
being given fair access to many farm programs that benefit white
farmers and due to receiving unfavorable loans originated with the
specific intent of pushing these farmers into acceleration and
foreclosure to remove them from their land. This commenter also
detailed how the rule would illuminate a host of factors leading to
disparate treatment of minority farmers, citing conflicts of interest
among staff of local Farm Service Agency offices, disclosure of loan
terms, imposition of collateral requirements, and changes in valuations
of assets in appraisals. This commenter described discouragement of
minority farmers from making loan applications or requesting loss
mitigation and asserted that data collection is a proven way to
document and address such discouragement. The commenter alleged that
agricultural lenders, notably Farm Credit System lenders, lack the data
or any system to comply with ECOA.
One community group maintained that constrained access to capital
has contributed to the staggering loss of Black-owned farmland in the
Deep South, while another said that the Bureau's rule will highlight
the racially disparate impact of facially neutral policies that
disproportionately result in adverse outcomes for Black farmers,
including underwriting decisions based on the types of farm, the
business structure, and land appraisals. A CDFI lender relayed examples
of issues faced by Black farmers, including: (1) lack of access to
fair, affordable credit as a barrier for new farmers; (2) lenders and
local USDA offices that seek to frustrate Black farmers by making
things more complicated and causing lengthy delays that white farmers
do not encounter; (3) lack of relationships with banks resulting in
their being less willing to work with the farmers and provide
assistance during the loan application process; (4) agricultural loan
underwriting criteria that favor beef, cattle, and grain production,
which are often the enterprises of large-scale white farmers; (5)
alternative financing from a private lender not being an adequate
substitute for having fair access to government lending programs with 1
percent interest and 40 year terms; and (6) Black farmers often being
unable to secure financing and thus being left with no choice but to
sell their land to white farmers.
Several commenters stressed the need for transparency due to lack
of sufficient data on agricultural lending markets. One such commenter
noted that the USDA has not made its limited data--which includes only
numbers of loans applied for, made, and denied, at the county level--
easily available to the public. This commenter also argued that
comprehensive data are particularly important to increase equity and
uniformity in loan modifications and restructurings and to assist with
decisions related to pandemic relief programs and the grant of
specialized loan servicing. Another commenter suggested that 1071 data
would help the USDA, the SBA, and other relevant government agencies
better understand the needs of small agricultural businesses and noted
that agricultural credit extends beyond acquisition of inventory
farmland to include operational loans, agricultural machinery and
building loans, and loans to develop local markets for selling
agricultural products. A community group dismissed concerns that
agricultural lending data would be too complex to collect and report,
because it is already reported under CRA.
Some commenters suggested changes and clarifications related to
applying the Bureau's rule to agricultural credit. One community group
suggested the Bureau modify or clarify data collection to identify
forms of disparate treatment unique in small-scale farm operations that
may differ from other small businesses. This commenter also suggested
that the Bureau clarify that the rule covers the Farm Service Agency,
the Farm Credit System, all lenders making Farm Service Agency
guaranteed loans, and the full range of other entities that provide
credit to small farm businesses. A number of Farm Credit System lenders
expressed support for a trade association letter that discussed how
agricultural lending is fundamentally different from small commercial
lending and requested a different small business definition to account
for how they would be disproportionately covered by the rule. These
comments are discussed in more detail in the section-by-section
analysis of Sec. 1002.106(b). One agricultural community group
suggested that base acre payment transactions (transactions that take
into account certain government payments, which are in turn based on a
farm's historic crop yield) should be considered covered credit
transactions because of concerns that base program acres may not
benefit Native American farmers and because base acre payments are
often used to prove or deny a farmer's request for loan origination or
modification.
Some industry commenters requested an exclusion for agricultural
credit from the Bureau's rule. One credit union association argued that
agricultural lending should be exempted because many agricultural
borrowers are serviced by small local community financial institutions,
including credit
[[Page 35226]]
unions whose members are agriculturally based and whose members and
borrowers are represented on the credit unions' board of directors. A
few other commenters asserted that agricultural credit is not
comparable to other types of small business lending and urged the
Bureau to exempt it on those grounds; one stated that it does not make
sense to compare a 200-acre farm with a gas station. A trade
association pointed to different treatment under CRA and HMDA as
evidence that it was unlikely that section 1071 was enacted to cover
agricultural lending because their underwriting criteria are distinct
and different from small business loans. A bank also suggested
exempting agricultural lending, maintaining that its numbers would not
be useful for fair lending purposes because unlike small business loans
that are more on a one loan to one borrower or two-to-one basis, its
agricultural portfolio included multiple loans to the same borrower. A
few commenters argued that covering agricultural credit under the rule
would have an outsized impact on farmers by increasing this cost of
credit and reducing its availability. A trade association asserted that
the burden of section 1071 compliance may force small lenders to reduce
their lending below the exemption threshold, which in turn may limit
the access to agricultural credit because large banks often do not
engage in significant agricultural lending.
Final Rule
For the reasons set forth herein, the Bureau is not defining a
``covered credit transaction'' in final Sec. 1002.104 in a way that
would exclude agricultural credit from the final rule. Credit used for
agricultural purposes is generally covered by the broad definition of
credit under ECOA. First, ECOA's definition of ``credit'' is not
limited to a particular use or purpose and Regulation B expressly
covers agricultural-purpose credit. Further, ECOA does not provide an
exception for agricultural credit, and it assigns enforcement authority
to regulators of agricultural lending such as the Secretary of
Agriculture and the Farm Credit Administration.\407\ Moreover,
agricultural businesses are included in section 1071's statutory
definition of small business.\408\ The Bureau believes that covering
agricultural credit in this rulemaking is important for advancing both
of section 1071's statutory purposes and is not excluding agricultural
credit from the final rule. The Bureau notes that most of the comments
received on this aspect of the proposal were in favor of the rule
covering agricultural lending. Even the many comments that the Bureau
received from Farm Credit System lenders and related associations
generally focused on urging the Bureau to adopt a separate small farm
definition rather than a wholesale exclusion of agricultural credit.
---------------------------------------------------------------------------
\407\ See 15 U.S.C. 1691c; Regulation B Sec. 1002.16(a).
\408\ ECOA section 704B(h)(2) (defining a small business as
having the same meaning as the term ``small business concern'' in
section 3 of the Small Business Act (15 U.S.C. 632)). Section
704B(h)(2) defines small business by reference to the Small Business
Act definition of a small business concern, which includes
independently owned and operated ``enterprises that are engaged in
the business of production of food and fiber, ranching and raising
of livestock, aquaculture, and all other farming and agricultural
related industries.'' 15 U.S.C. 632(a)(1).
---------------------------------------------------------------------------
As noted above, the products discussed in this rule do not
constitute an exhaustive list of covered credit transactions; other
types of business credit not specifically described in the rule and its
associated commentary nevertheless constitute covered credit
transactions unless excluded by final Sec. 1002.104(b). In line with
this approach, the Bureau thus is not delineating certain products
(such as base acre payment transactions) as covered credit
transactions.
The Bureau does not believe it would appropriate to exclude
agricultural credit from the rule, as requested by some commenters.
With regard to the concern that agricultural lending should be exempted
because of the impact on small local community financial institutions,
such as credit unions, the Bureau notes that it is increasing its
institutional coverage threshold, as discussed in the section-by-
section analysis of Sec. 1002.105 below, to limit any risk of impact
on smaller financial institutions or of market disruption in the small
business lending sector. By declining to draw a potentially blurry line
between business-purpose credit and agricultural-purpose credit, the
Bureau also believes that its finalized inclusive approach will better
enable it to ensure that financial institutions that are offering
business credit are complying with the final rule.
With respect to comments asserting that agricultural credit is
unique and not comparable to other types of small business lending, the
Bureau acknowledges that every small business industry has its own
unique characteristics. In order to fulfill section 1071's business and
community development purpose and to address the particularities of
certain lending models, the Bureau is providing clarification regarding
how reporting rules apply to certain covered credit transactions and is
also not covering certain transactions. For the reasons described
herein, however, the Bureau is not categorically exempting agricultural
credit from the rule.
Moreover, the Bureau believes that data on agricultural credit will
be useful for fair lending purposes. As discussed above, there is some
evidence that minority-owned farms may obtain, or may be offered,
higher interest rates and less favorable terms on agricultural credit.
Data collected and reported under this final rule will allow the
Bureau, other government agencies, and other data users to have insight
into the existing market, observe the market for potentially troubling
trends, and conduct fair lending analyses.
The Bureau has considered the comments arguing that covering
agricultural credit under the rule would have an outsized impact on
farmers by increasing this cost of credit and reducing its
availability. The Bureau has also considered the claim that small
lenders will reduce their lending below the exemption threshold, which
in turn may limit the access to agricultural credit because large banks
often do not engage in significant agricultural lending. The Bureau
does not believe that there is a significant risk that lenders will
reduce their agricultural lending as a result of this rule such that
there will be a marked impact on the availability of agricultural
credit. Moreover, as noted in the section-by-section analysis of Sec.
1002.105 below, the Bureau is increasing its institutional coverage
threshold for the final rule to reduce the impact on financial
institutions with the lowest volume of small business lending,
including agricultural lenders.
Based on its review of the GAO Report,\409\ the decline of minority
representation in farming over the last 100 years,\410\ the disposition
of numerous lawsuits alleging discrimination against minority
[[Page 35227]]
farmers,\411\ and comments discussing how the inclusion of agricultural
credit in the rule is needed to address historical and/or continuing
discrimination, the Bureau finds that covering agricultural credit is
crucial to serving section 1071's purpose of facilitating enforcement
of fair lending laws.
---------------------------------------------------------------------------
\409\ See, e.g., GAO Report at 16.
\410\ In 1910, approximately 893,370 Black farmers operated
approximately 41.1 million acres of farmland, representing
approximately 14 percent of farmers. U.S. Census Bureau, 1910
Census: Volume 5 (Agriculture), Statistics of Farms, Classified by
Race, Nativity, and Sex of Farmers, at 298 (1910), https://www2.census.gov/library/publications/decennial/1920/volume-5/06229676v5ch04.pdf. In 2017, of the country's 3.4 million total
producers, only 45,508 of them (1.3 percent) are Black and they farm
on only 4.1 million acres (0.5 percent of total farmland); by
comparison, 95 percent of U.S. producers are white and own 94
percent of farmland. U.S. Dep't of Agric., 2017 Census of
Agriculture, at 62, 72 (Apr. 2019), https://www.nass.usda.gov/Publications/AgCensus/2017/Full_Report/Volume_1,_Chapter_1_US/usv1.pdf.
\411\ See, e.g., Order, In re Black Farmers Discrimination
Litig., No. 08-mc-0511 (D.D.C. filed Aug. 8, 2008), https://blackfarmercase.com/Documents/2008.08.08%20-%20PLF%20Consoli-dation%20Order_0.pdf; Pigford v. Glickman, 206 F.3d 1212 (D.C. Cir.
2000). See also Garcia v. Vilsack, 563 F.3d 519 (D.C. Cir. 2009);
Love v. Connor, 525 F. Supp. 2d 155 (D.D.C. 2007); Keepseagle v.
Veneman, No. 99-CIV-03119, 2001 U.S. Dist. LEXIS 25220 (D.D.C. Dec.
12, 2001).
---------------------------------------------------------------------------
The Bureau furthers finds that covering agricultural credit is
vital to enable communities, governmental entities, and creditors to
identify business and community development needs and opportunities of
small businesses, including small farms. The Bureau agrees with
commenters that stressed the need for transparency due to lack of
sufficient data on agricultural lending markets. The Bureau believes
that the transparency afforded by data collected and reported under
this final rule will empower rural communities to better address the
challenges they face, particularly with regard to equitable credit
access. Representatives of these communities appear to agree--in a
recent letter addressed to the House and Senate Agriculture and
Financial Services and Banking committees characterizing the proposed
rule as ``pro-farmer,'' multiple community groups noted that ``[s]mall
farmers have consistently demanded more transparent and fair markets,
and our members know that having an accurate and up-to-date picture of
agricultural lending will help farmers and consumers, not hurt them.''
\412\ Relatedly, in a recent report, the Bureau found that rural
communities face unique challenges in accessing and using consumer
financial products and that further research is required to better
understand the needs of rural households and how the Bureau can best
ensure that rural residents have equitable access to financial
markets.\413\
---------------------------------------------------------------------------
\412\ HEAL (Health, Environment, Agriculture, Labor) Food All.,
Rural Coal., Nat'l Young Farmers Coal., Ctr. for Responsible Lending
et al., RE: Support for Proposed Section 1071 rule and Opposition to
H.R.7768--Farm Credit Administration Independent Authority Act (R.
Davis) (Sept. 14, 2022), https://www.ushcc.com/advocacy-letters.html.
\413\ CFPB, Data Spotlight: Challenges in Rural Banking Access
(Apr. 2022), https://files.consumerfinance.gov/f/documents/cfpb_data-spotlight_challenges-in-rural-banking_2022-04.pdf.
---------------------------------------------------------------------------
The Bureau notes that many agricultural lenders have already been
collecting and reporting some form of data by HMDA, the CRA, and/or the
Farm Credit Administration and so should be able to adapt to the data
collection requirements mandated by Congress. Additionally, to the
extent that commenters were concerned about the impact on the smallest
agricultural lenders, many of those concerns are addressed by the
Bureau's decision, as discussed in the section-by-section analysis of
Sec. 1002.105(b) below, to require data collection and reporting only
by financial institutions that meet a 100-loan threshold. In short, as
further discussed in part IX below, the Bureau does not anticipate any
material adverse effect on credit access in the long or short term to
rural small businesses.
104(b) Excluded Transactions
Proposed Sec. 1002.104(b) would have provided that the
requirements of subpart B do not apply to trade credit, public
utilities credit, securities credit, and incidental credit. Proposed
comments 104(b)-1 and -2 would have made clear that the term covered
credit transaction also does not cover factoring and leases. Proposed
comments 104(b)-3 and -4 would have clarified that the term covered
credit transaction does not include consumer-designated credit or
credit secured by certain investment properties because such
transactions are not business credit. In the NPRM, the Bureau also
discussed its proposed treatment of extensions of credit made to
governments or governmental subdivisions, agencies, or
instrumentalities and certain purchases of covered credit transactions.
The Bureau received comments on its overall approach to Sec.
1002.104(b) from several banks, trade associations, individuals, and
members of Congress. Two industry commenters supported the exclusions
as proposed, with another commenter expressing support but also
suggesting expansion. Two commenters suggested listing all exclusions
in the regulatory text with any clarifications of those exclusions set
out in the commentary. A bank trade association urged the Bureau to
extend section 1071 requirements to all nontraditional lenders and
nontraditional products to avoid leaving open the opportunity for the
abuse or dissatisfaction of small business borrowers to go undetected
or disadvantaging highly regulated institutions such as community
banks. A joint letter from several members of Congress asked the Bureau
reconsider its proposed exclusions on the grounds that such exclusions
would lead to a gap in understanding of the small business lending
marketplace and whether entities are in compliance with fair lending
laws. Comments received regarding specific exclusions, including
additional exclusions sought by commenters, are discussed in greater
detail below.
For the reasons set forth herein, the Bureau is finalizing Sec.
1002.104(b) to provide that the requirements of subpart B do not apply
to trade credit, HMDA-reportable transactions, insurance premium
financing, public utilities credit, securities credit, and incidental
credit. In response to comments received, the Bureau is excluding HMDA-
reportable transactions from coverage under the final rule. As a
result, the Bureau believes that proposed comment 104(b)-4 that would
have made clear that the term ``covered credit transaction'' does not
cover credit secured by certain investment properties is not necessary.
Final comments 104(b)-1 and -2 make clear that the term covered credit
transaction also does not cover factoring and leases. Final comment
104(b)-3 clarifies that the term covered credit transaction does not
include consumer-designated credit because such transactions are not
business credit. New comment 104(b)-4 provides clarification regarding
certain purchases of covered credit transactions, including pooled
loans, and partial interests. All of these provisions are discussed in
detail below.
The Bureau has considered comments suggesting that all exclusions
be listed in the regulatory text. The Bureau appreciates the need for
clarity in articulating which products must be reported under this
final rule but believes that it can provide sufficient clarity through
its regulatory text and commentary. The Bureau's approach
differentiates between products that meet the definition of both
``credit'' and ``business credit'' under Regulation B, and between
those products that the Bureau is excluding (for reasons discussed
below) pursuant to its exception authority under ECOA section
704B(g)(2). Products excepted under section 704B(g)(2) are enumerated
in the regulatory text. Such specific exclusion is not necessary for
products the Bureau considers not to be ``business credit'' in the
first place; however, the Bureau believes that identifying and
describing some such products in the commentary--which it has done--
will provide clarity and facilitate compliance.
[[Page 35228]]
104(b)(1) Trade Credit
Background
Under existing Regulation B, trade credit refers to a ``financing
arrangement that involves a buyer and a seller--such as a supplier who
finances the sale of equipment, supplies, or inventory; it does not
apply to an extension of credit by a bank or other financial
institution for the financing of such items.'' \414\ Thus, trade credit
typically involves a transaction in which a seller allows a business to
purchase its own goods or services without requiring immediate payment
in full, and the seller is not otherwise involved in financial services
and does not otherwise provide credit that could be used for purposes
other than the purchase of its own goods or services.\415\ Businesses
offering trade credit generally do so as a means to facilitate the sale
of their own goods and not as a stand-alone financing product or a more
general credit product offered alongside the sale of their own goods or
services.
---------------------------------------------------------------------------
\414\ Comment 9(a)(3)-2.
\415\ See comment 9(a)(3)-2.
---------------------------------------------------------------------------
Although ECOA and Regulation B generally may apply to trade credit,
most of the specific notification requirements of existing Regulation B
do not apply to trade credit transactions.\416\ The Bureau's White
Paper estimated that trade credit represents approximately 21 percent
of the aggregate dollar volume of various financial products used by
small businesses.\417\ The Bureau understands that there are tens of
thousands of merchants and wholesalers that extend credit to small
businesses solely in connection with the sale of their goods and
services.
---------------------------------------------------------------------------
\416\ See Sec. 1002.9(a)(3)(ii).
\417\ White Paper at 21 fig. 2.
---------------------------------------------------------------------------
Proposed Rule
The Bureau proposed to not cover trade credit in the section 1071
final rule. Proposed Sec. 1002.104(b)(1) would have defined trade
credit as a financing arrangement wherein a business acquires goods or
services from another business without making immediate payment to the
business providing the goods or services. Proposed comment 104(b)(1)-1
would have provided that an example of trade credit is one that
involves a supplier that finances the sale of equipment, supplies, or
inventory. Proposed comment 104(b)(1)-1 would have provided that an
extension of business credit by a financial institution other than the
supplier for the financing of such items is not trade credit. Proposed
comment 104(b)(1)-2 would have clarified that the definition of trade
credit under existing comment 9(a)(3)-2 applies to relevant provisions
under existing Regulation B, and that proposed Sec. 1002.104(b)(1) is
not intended to repeal, abrogate, annul, impair, or interfere with any
existing interpretations, orders, agreements, ordinances, rules, or
regulations adopted or issued pursuant to existing comment 9(a)(3)-2.
The Bureau sought comment on its proposal to exclude trade credit from
the rule and on its proposed definition of trade credit.
Comments Received
The Bureau received comments on this aspect of the proposal from a
range of commenters, including banks, trade associations, and a
business advocacy group. Several industry commenters expressed general
support for the proposal to exclude trade credit. However, some of
these commenters advocated expanding the exclusion. For instance, one
commenter suggested that all asset-based financing should be excluded
as trade credit, arguing that if the rule should not apply to sellers
to facilitate their sales of goods, the rule also should not apply to
their ``behind the scenes'' non-recourse factors and asset-based
lenders who facilitate those sales. Two commenters urged broadening the
proposed exclusion to include captive finance companies when they are
financing equipment manufactured by their parent companies because
these companies exist solely to facilitate the acquisition of the
original equipment manufacturers' products. A few comments more broadly
asked that the Bureau not limit the exclusion to ``in-house'' trade
credit, suggesting that trade credit offered by financial institutions
allows more suppliers to offer trade credit programs, and as a result
provides more opportunities for credit access to small businesses.
These commenters additionally argued that such expansion is needed to
prevent uneven regulatory treatment, to promote competition in the
market for trade credit, to avoid pushing more business transactions
into a less regulated environment, and to obtain more fulsome data
collection and reporting on trade credit. A trade association asked the
Bureau to clarify that the trade credit exclusion encompasses auctions
where a buyer may pay for acquired property at a later date.
A few other industry commenters urged the Bureau to cover trade
credit in the final rule. Two of these commenters argued that providers
of trade credit, especially in the agricultural sector, are competitors
to traditional lenders, and should be covered. One commenter asked the
Bureau to provide several specific transaction examples so that covered
financial institutions can readily identify those transactions that
they must report on, and those that are exempted. Another commenter
asked the Bureau to clarify whether floor plan financing, which
generally allows merchants to stock inventory available for sale
without advance payment to the manufacturer or distributor, would fall
within the proposed trade credit exclusion. This commenter noted that
floor plan finance companies support merchants by allowing them to
maintain some level of inventory with frequent adjustments to the
financing and payment terms, and they may be affiliated with the
manufacturer or distributor.
Several commenters urged the Bureau to expand its trade credit
exclusion to private label or cobranded credit. These commenters
primarily argued that such transactions need to be quickly completed,
often at a point-of-sale, and that asking for protected demographic
information and other required data may reduce the supply and demand
for such credit. A few commenters suggested that if the Bureau were to
include private label and co-branded transactions in the final rule, it
should only require the collection and reporting of such transactions
over $50,000 to mitigate the impact of their inclusion.
Final Rule
For the reasons set forth herein, the Bureau is finalizing largely
as proposed its exclusion for trade credit in this final rule. Final
Sec. 1002.104(b)(1) defines trade credit as a financing arrangement
wherein a business acquires goods or services from another business
without making immediate payment in full to the business providing the
goods or services. The Bureau has added the words ``in full'' to the
proposed definition to account for the fact that trade credit may
include an immediate partial payment or down payment to the businesses
providing the goods or services. Final comment 104(b)(1)-1 provides
that an example of trade credit is one that involves a supplier that
finances the sale of equipment, supplies, or inventory. Final comment
104(b)(1)-1 provides that an extension of business credit by a
financial institution other than the supplier for the financing of such
items is not trade credit, and it also provides that credit extended by
a business providing goods or services to another business is not trade
credit for the purposes of subpart B where the supplying business
intends
[[Page 35229]]
to sell or transfer its rights as a creditor to a third party, such as
a financial institution. Final comment 104(b)(1)-2 clarifies that the
definition of trade credit under existing comment 9(a)(3)-2 applies to
relevant provisions under existing Regulation B, and that Sec.
1002.104(b)(1) is not intended to repeal, abrogate, annul, impair, or
interfere with any existing interpretations, orders, agreements,
ordinances, rules, or regulations adopted or issued pursuant to
existing comment 9(a)(3)-2.
The Bureau is adopting a definition of ``covered credit
transaction'' that excludes trade credit pursuant to its authority
under ECOA section 704B(g)(1) to prescribe such rules and issue such
guidance as may be necessary to carry out, enforce, and compile data
under section 1071, as well as its authority under ECOA 704B(g)(2) to
adopt exceptions to any requirement of section 1071 and to
conditionally or unconditionally exempt any financial institution or
class of financial institutions from the statute's requirements, as the
Bureau deems necessary or appropriate to carry out the purposes of
section 1071. While trade credit constitutes ``credit'' within the
meaning of Sec. 1002.102(i) and may constitute ``business credit''
within the meaning of Sec. 1002.102(d), depending on its purpose, and
therefore generally covered by ECOA, the Bureau believes that trade
credit is different from products like loans, lines of credit, credit
cards, and merchant cash advances and that there are several reasons to
exclude it from coverage. The Bureau does not believe it would be
appropriate to include trade credit in the scope of this final rule,
despite some commenters' assertions that providers of trade credit in
the agricultural sector would have a competitive advantage over other
lenders.
Trade credit is not a general-use business lending product--that
is, trade creditors generally extend credit as a means to facilitate
the sale of their own goods or services, rather than offering credit as
a stand-alone financial product or as more general credit product
offered alongside the sale of their own goods or services. The Bureau
believes that while trade creditors might meet the definition of a
financial institution under Sec. 1002.105(a), they are not primarily
financial services providers, nor do they have the infrastructure
needed to manage compliance with regulatory requirements associated
with making extensions of credit. The Bureau understands that trade
credit can be offered by entities that are themselves very small
businesses; these entities, in particular, may incur large costs
relative to their size to collect and report small business lending
data in an accurate and consistent manner.\418\ Taken together,
requiring trade credit to be reported under subpart B could lead to
significant data quality issues. The Bureau also wants to avoid the
risk that the fixed costs of coming into compliance with the rule could
lead these businesses to limit offering trade credit to their small
business customers, which may run contrary to the business and
community development purpose of section 1071. These concerns are
distinct from coverage generally under ECOA and Regulation B, which as
noted above may still apply to trade credit.
---------------------------------------------------------------------------
\418\ See Leora Klapper et al., Trade Credit Contracts, 25
Review of Fin. Studies 838-67 (2012), https://academic.oup.com/rfs/article/25/3/838/1616515, and Justin Murfin & Ken Njoroge, The
Implicit Costs of Trade Credit Borrowing by Large Firms, 28 Review
of Fin. Studies 112-45 (2015), https://academic.oup.com/rfs/article/28/1/112/1681329.
---------------------------------------------------------------------------
The Bureau does not believe that the trade credit exclusion should
be expanded to include all asset-based financing, captive finance
companies, or trade credit offered by financial institutions that are
not suppliers of goods or services, as requested by some commenters.
The Bureau believes that, unlike trade creditors themselves, such
providers offer stand-alone credit products in the same way as other
financial institutions and are not retailers or merchants with limited
regulatory compliance experience. As such, the Bureau does not have the
same concerns about data quality or reduced small business lending by
affiliates and facilitators that it does about trade creditors
themselves. Thus, the Bureau is finalizing its definition of trade
credit in Sec. 1002.104(b)(1) to focus on the business providing the
goods or services being financed. The trade credit exclusion does not
extend to affiliates and facilitators of trade creditors that provide
financing, even if only for the trade creditor's products and not for
competing or unrelated products. Thus, provided that they otherwise
meet the definition of a covered financial institution in Sec.
1002.105(b), such affiliates and facilitators must collect and report
data under the rule.
The Bureau also is not making further revisions to the regulatory
text or commentary. With respect to the suggestion that the Bureau
clarify that the trade credit exclusion encompasses auctions, the
Bureau notes that because auction houses generally do not supply
equipment, supplies, or inventory but rather facilitate sales for
others, they do not offer trade credit under final Sec.
1002.104(b)(1). However, other exclusions, such as the exclusion for
incidental credit discussed below, may apply to such transactions. The
Bureau is not adding further transaction examples, as only one comment
requesting such additions and it otherwise appears that commenters
understood that the proposed exclusion was intended to narrowly cover
credit directly extended by the supplier of goods and services.
Regarding floor plan financing, the Bureau notes that under final Sec.
1002.104(b)(1), the trade credit exclusion applies where the
manufacturer or distributor is financing its own inventory, but not
where a financial institution is providing the financing and receiving
payment.
The Bureau is also not expanding the trade credit exclusion to
cover private label or cobranded credit transactions, which are credit
transactions (typically, credit cards, but also revolving lines of
credit and installment loans) that are originated at or facilitated by
financial institutions through retailers either in-store or through a
website. Moreover, as explained in the section-by-section analysis of
Sec. 1002.107(a)(5), the Bureau believes it is important to capture
these products as a separate credit type. As that section explains, a
private-label credit card account is a credit card account that can
only be used to acquire goods or services provided by one business (for
example, a specific merchant, retailer, independent dealer, or
manufacturer) or a small group of related businesses. A co-branded or
other card that can also be used for purchases at unrelated businesses
is not a private-label credit card.
The Bureau believes that covering private label or cobranded credit
transactions supports section 1071's statutory purposes. For instance,
the Bureau believes that having robust data on this important source of
financing will help to better understand small business needs. In
researching the consumer credit card market, for example, the Bureau
learned that while private label card account holding has declined
relative to general purpose cards,\419\ late fees comprised the
[[Page 35230]]
overwhelming majority--91 percent--of all consumer fees and 25 percent
of total interest and fees for private label cards (compared to 45
percent and 7 percent, respectively, for general purpose credit
cards).\420\ Additionally, since private label and cobranded credit
accounts are typically offered and serviced by financial institutions,
with applications typically submitted directly to the financial
institution via a website, the Bureau does not have the same concerns
related to data quality or regulatory compliance as it does with trade
credit offered by a supplier of goods and services who is not in the
business of providing financial services. The Bureau also is not
placing a $50,000 minimum threshold on such transactions, as suggested
by a few commenters, because doing so would exclude significant
portions of small business lending. The Bureau does not believe that
such an approach would further the purposes of section 1071.
---------------------------------------------------------------------------
\419\ The Bureau estimates that around 90 million consumers hold
at least one general purpose and at least one private label card.
Some 79 million hold only general-purpose cards. Just under 9
million hold only private label cards. General purpose cards remain
prevalent, while private label cardholding has become relatively
less common. By year-end 2020, there were 485 million open general
purpose card accounts and 214 million open private label accounts.
General purpose cardholding is just as common today as it was prior
to the Great Recession, though that share is down from 63 percent on
the eve of the pandemic. In contrast, 36 percent of adults held at
least one private label card in 2020, compared to 52 percent in
2005. Consumers in all credit score tiers have seen declines in
private label card account holding. Most general purpose and private
label cards are held by consumers with superprime scores. CFPB, The
Consumer Credit Card Market, at 25-26 (Sept. 2021), https://files.consumerfinance.gov/f/documents/cfpb_consumer-credit-card-market-report_2021.pdf.
\420\ See CFPB, Credit card late fees, at 13 (Mar. 2022),
https://files.consumerfinance.gov/f/documents/cfpb_credit-card-late-fees_report_2022-03.pdf.
---------------------------------------------------------------------------
104(b)(2) HMDA-Reportable Transactions
Proposed Rule
The potential for overlap exists between section 1071 and HMDA
because HMDA reporting requirements apply to mortgages regardless of
whether they are consumer-purpose or business-purpose, so long as they
are secured by residential real property. Section 1071 applies to all
small business credit, regardless of what the credit is to be used for.
For example, a mortgage intended to finance the purchase of an
investment property would be covered by HMDA, assuming relevant
institutional thresholds and other coverage criteria were otherwise
met. If the mortgage applicant is a natural person, their ethnicity,
race, and sex would be captured and reported under HMDA. However, if
the mortgage applicant were a non-natural person (e.g., a limited
liability company or a corporation), then the lender would not collect
demographic data under HMDA. That is, the lender would still need to
report the application under HMDA, but they would report ethnicity,
race, and sex as ``not applicable.'' But under the Bureau's proposed
rule, the lender would have captured the applicant's principal owners'
ethnicity, race, and sex.
In its NPRM, the Bureau stated that by proposing to adopt
Regulation C's definition of dwelling and its commentary regarding
investment properties, the Bureau sought to ensure consistency and
minimize compliance burdens for financial institutions that must also
report credit transactions covered by HMDA (that is, HMDA-reportable
transactions). Using the 2019 HMDA data, the Bureau had found that
close to 2,000 lenders and around 530,000 applications indicated a
``business or commercial purpose'' and around 500,000 applications were
used for an ``investment'' (as defined by the occupancy code) purpose.
Of those applications, around 50,000 were for 5+ unit properties. The
overall number of applications the Bureau expected to be reported
annually under the proposed rule would have been around 26 million.
Thus, the Bureau had anticipated a relatively small but not
insignificant overlap regarding real estate investment loans between
HMDA and section 1071.
Also in its proposal, the Bureau stated that it had considered
excluding all transactions that were also reportable under HMDA but
believed such an exclusion would have added complexity to data
analysis. The Bureau understood that requiring lenders to find and
delete from databases that supply their small business lending data
submission only those transactions that also appear in HMDA may require
a separate scrub of the data and create additional compliance burden,
as well as compliance risk, if HMDA-reportable transactions are not
deleted from a small business lending data submission. For example, if
a small business wants to purchase a 5+ dwelling unit property (that
is, HMDA reportable), the financial institution would have to make sure
it is not collecting protected demographic information on principal
owners, even though that information must be collected for every other
type of loan that same business might apply for. The Bureau also
believed that it may not be possible to identify loans in the HMDA data
that, but for this exclusion, would be reported under the Bureau's rule
implementing section 1071 because the financial institution would need
to know which HMDA applications are for small businesses versus large
businesses. Moreover, excluding HMDA-reportable applications could mean
that a financial institution that is below the HMDA reporting threshold
would not report these loans at all.
Further, in addition to not being able to distinguish which
applications are from small and not large businesses, the Bureau noted
in its proposal its concerns that excluding all transactions that were
also reportable under HMDA may be at odds with the statutory purposes
of section 1071. The Bureau explained that the following proposed data
points would not be collected for applications only reported under
HMDA: (1) the principal owner's ethnicity, race, and sex where the
applicant is an entity not an individual; (2) minority-owned and women-
owned business status; (3) gross annual revenue; and (4) other data
points such as pricing, NAICS code, and number of workers.
For applications that, under the proposal, would have been reported
under both HMDA and section 1071 (generally, business credit secured by
dwellings, with the exception of credit secured by 1-4 individual
dwelling units that the applicant or one or more of the applicant's
principal owners does not, or will not, occupy), the Bureau sought
comment on whether it should require such applications to be flagged as
such when reported under subpart B. The Bureau noted its belief that
for data integrity and analysis purposes, it may be helpful to know if
a loan is in both datasets and a dual reporting flag may help ensure
any data analysis is not double-counting certain applications.
Comments Received
The Bureau received comments on this aspect of the proposal from a
range of commenters, including lenders, trade associations, community
groups, and a business advocacy group. Only one commenter, a community
group, expressly supported dual reporting. The Bureau received a
general suggestion to connect a loan to a HMDA record and then capture,
under HMDA, demographic data on corporate entities, and expand its
coverage to include more lenders, such as government entities and
CDFIs. Two commenters suggested the Bureau provide a section 1071/HMDA
sample form to aid dual reporting compliance. Some industry commenters
generally stressed the need for consistency among reporting regimes and
asked the Bureau to reconcile any differences.
Numerous comments, echoing those made by a trade association, urged
the CFPB to avoid duplicative and inconsistent reporting of HMDA and
CRA data in order to reduce compliance burden and the potential for
inaccurate data reporting. An agricultural lender suggested the Bureau
might be able to obtain 1071 data using the existing
[[Page 35231]]
definitions and collection process currently in place for covered
institutions under HMDA. A few credit union trade associations
maintained that reporting of HMDA-reportable transactions should be
voluntary. A bank recommended the Bureau remove and avoid data
collection requirements that are duplicative and/or inconsistent,
providing the example of misaligned action taken categories or
alternatively, eliminate all business-purpose loans from the HMDA
reporting requirement. A credit union argued that the benefit of dual
reporting does not justify the increased burdens.
A few industry commenters stated that if dual reporting is required
under the final rule, a dual reporting flag would be useful. Another
commenter opposed adoption of a dual reporting flag, arguing that
flagging entries will be a manual process that will increase the time
it takes to file both reports and increase the possibility of making an
error.
Almost all the comments on this aspect of the proposal argued
against the proposal to report HMDA-reportable transactions under this
rule. Some opponents to dual reporting urged the Bureau to exclude all
HMDA-reportable transactions from this rule, while others recommended
excluding transactions covered by this rule (such as business purpose
loans) from Regulation C. A few other commenters did not express a
preference and asked that the Bureau exempt HMDA-reportable
applications from section 1071 reporting, or vice versa. Many
commenters asserted burden and stated that reported data would be
duplicative and/or inconsistent. Several commenters pointed to
differences in census tract reporting requirements as a source of
potential confusion and data errors. And as discussed in the section-
by-section analysis of Sec. 1002.107(a)(19), another urged the Bureau
to consider difficulties caused by the differences in collection and
reporting of the ethnicity, race, and sex fields and the variations in
data specifications for such information.
One bank commenter suggested that avoiding dual reporting may also
avoid materially misrepresenting a lender's total loan application
activity. A few industry commenters argued that reporting under HMDA
alone meets 1071 purposes, with two of these commenters pointing to the
Bureau's website, which states that HMDA ``data help show whether
lenders are serving the housing needs of their communities; they give
public officials information that helps them make decisions and
policies; and they shed light on lending patterns that could be
discriminatory.'' \421\ Two commenters that argued against dual
reporting explained that mortgage lending is fundamentally different
from small business lending. Responding to concerns about data gaps,
two other commenters suggested that if the Bureau tailored the
exception to applications that are reported under HMDA, not
applications that could be reported under HMDA, institutions not
subject to the HMDA reporting regime would still have to report HMDA-
eligible applications under section 1071 because they would not
actually report such applications under HMDA. A bank recommended
separating HMDA and section 1071 reporting such that only after a
transaction was assessed for HMDA-reportability would a financial
institution determine whether the transaction needed to be reported
under section 1071.
---------------------------------------------------------------------------
\421\ CFPB, Mortgage Data (HMDA), About HMDA, https://www.consumerfinance.gov/data-research/hmda/ (last visited Mar. 20,
2023).
---------------------------------------------------------------------------
Final Rule
For the reasons set forth herein, the Bureau is adding new Sec.
1002.104(b)(2) to exclude a covered loan as defined by Regulation C, 12
CFR 1003.2(e), pursuant to its authority under ECOA section 704B(g)(2)
to adopt exceptions to any requirement of section 1071, as the Bureau
deems necessary or appropriate to carry out section 1071's purposes.
Under this approach, for all applications with potential HMDA and
section 1071 overlap, the Bureau would not require reporting under
section 1071 (transactions would only be reportable under HMDA, and the
recordkeeping and demographic data collection obligations of HMDA will
apply). In 2021, there were 61,789 ``business or commercial purpose''
applications (excluding purchased loans), reported under HMDA with the
``investment'' occupancy code, for 5+ unit properties. Of those, 54,436
were from ``non-natural person'' applicants so demographic data under
HMDA was not collected (thus, such data would have been requested for
only for 7,353 of the 61,789 applications in 2021). The Bureau
recognizes that there would continue to be no demographic data
information collected and reported for the ~55,000 HMDA applications
with non-natural person owners. The Bureau is finalizing this exclusion
of HMDA-reportable transactions in order to alleviate concerns from a
broad range of industry commenters about the difficulties associated
with dual reporting, particularly in light of potential inconsistences
related to demographic data collection and recordkeeping. In addition,
this approach resembles the effort by the CRA agencies to eliminate
dual reporting under section 1071 and the eventual CRA rule.
While the Bureau agrees that dual reporting of such transactions
could be useful, the Bureau is mindful of commenters' concerns
regarding burden and that reported data would be somewhat duplicative
and/or potentially inconsistent for data points such as census tract,
and principal owners' ethnicity, race, and sex. The Bureau believes
that excluding all HMDA-reportable transactions would further the
purposes of section 1071 because such an exclusion would limit this
potential inconsistency that could result in poor data quality.
Further, the Bureau is excluding all HMDA-reportable transactions from
this final rule because excluding section 1071 transactions from
Regulation C of HMDA would require a separate rulemaking and would
disrupt ongoing and planning HMDA data collection efforts that have
been in place for years.
The Bureau also agrees that reporting under HMDA alone would meet
section 1071's purposes. Regulation C, which implements HMDA, provides
that its public loan data can be used: (i) to help determine whether
financial institutions are serving the housing needs of their
communities; (ii) to assist public officials in distributing public-
sector investment so as to attract private investment to areas where it
is needed; and (iii) to assist in identifying possible discriminatory
lending patterns and enforcing antidiscrimination statutes.\422\ These
purposes are entirely consistent with section 1071's purposes to
facilitate enforcement of fair lending laws and enable communities,
governmental entities, and creditors to identify business and community
development needs and opportunities of women-owned, minority-owned, and
small businesses.\423\ As the Bureau has previously stated, it believes
that ``HMDA's scope is broad enough to cover all dwelling-secured
commercial-purpose transactions and that collecting information about
all such transactions would serve HMDA's purposes.'' \424\ The Bureau
has also noted that collecting data about dwelling-secured commercial-
purpose transactions serves HMDA's purposes by showing not only the
availability and condition of multifamily housing units, but also the
full extent of leverage on single-family homes, particularly in
communities that
[[Page 35232]]
may rely heavily on dwelling-secured loans to finance small-business
expenditures.\425\
---------------------------------------------------------------------------
\422\ Regulation C Sec. 1003.1(b)(1).
\423\ ECOA section 704(a).
\424\ 80 FR 66127, 66171 (Oct. 28, 2015).
\425\ Id.
---------------------------------------------------------------------------
The Bureau recognizes its finalized approach will result in some
data gaps. Most notably, some section 1071 information will not be
collected for applications reported under HMDA, including the principal
owner's ethnicity, race, and sex where the applicant is not an
individual but an entity (i.e., not a natural person); minority-owned,
women-owned, and LGBTQI+-owned business statuses; gross annual revenue;
pricing; NAICS code; and number of workers. Moreover, at this time, the
Bureau is not tailoring its exception to applications that are actually
reported under HMDA, as opposed to those that could be reported under
HMDA. New Sec. 1002.104(b)(2) excludes all transactions meeting the
definition of a Regulation C ``covered loan,'' which means that
institutions not subject to the HMDA reporting regime (because, for
example, of institutional coverage thresholds) do not have to report
HMDA-eligible applications under section 1071 even though they would
not actually report such applications under HMDA. Additionally, the
Bureau does not believe it would be feasible to connect, as suggested,
an application reported under this final rule to a HMDA record and then
capture, under HMDA, demographic data on corporate entities, and expand
its coverage to include more lenders, such as government entities and
CDFIs.
After considering the comments, the Bureau has concluded that
trying to close all potential data gaps would defeat the purpose of
trying to reduce complexity and alleviate concerns from commenters
about having to implement and maintain two separate reporting systems.
Given the fact that the Bureau expects around 25 million applications
to be reported annually under the final rule, it believes that its
exclusion of HMDA-reportable transactions will result in a relatively
small loss of data and that these data might have been inconsistent
with other 1071 data in ways that could impede analysis, frustrating
the purposes of section 1071. The Bureau also notes that even in its
proposal, and as discussed below, it did not seek to requiring
reporting of all HMDA-reportable transactions under section 1071--only
those ``business or commercial purpose'' applications (excluding
purchased loans), reported under HMDA with the ``investment'' occupancy
code, for 5+ unit properties would have also been reported under 1071.
As a result, the Bureau notes that for 7,353 of the 61,789 such
applications in 2021, there would continue to be no demographic data
information collected and reported for only ~55,000 HMDA applications
with non-natural person owners. The Bureau believes that this is an
acceptable number given how small it is compared to the total number of
reported transactions and given the strong concerns expressed about the
difficulties with compliant dual reporting that could result in poor
data quality and thereby undermine the section 1071 statutory purposes.
As for the number of ``covered loan'' applications that are ultimately
not reported under HMDA, the Bureau believes that these applications
can be excluded for the same reasons explained below in the section-by-
section analysis of Sec. 1002.105(b); financial institutions with the
lowest volume of small business lending might limit small business
lending activity because of the fixed costs of coming into compliance
with the reporting requirements, creating risk of market disruption
which would run contrary to the business and community development
purpose of section 1071. Additionally, as the Bureau explained in HMDA,
the Bureau ``sought to exclude financial institutions whose data are of
limited value in the HMDA dataset, thus ensuring that the institutional
coverage criteria do not impair HMDA's ability to achieve its purposes,
while also minimizing the burden for financial institutions.'' \426\
The Bureau similarly believes that these data would have limited value
in the 1071 dataset--the Bureau will be able to fulfill section 1071's
purposes without it, while reducing burden and complexity for financial
institutions that are not HMDA reporters.
---------------------------------------------------------------------------
\426\ Id. at 66278.
---------------------------------------------------------------------------
Finally, the Bureau notes that section 1071 will capture business
credit transactions that are secured by real estate but are not
presently captured under HMDA. For example, section 1071 will capture
transactions secured by non-dwellings as well as business loans secured
by an applicant's primary residence or residential investment property
as collateral for inventory financing or working capital (such loans
would not be captured under HMDA because they do not involve a home
purchase, home improvement, or refinancing). The small business lending
rule will also capture transactions that are secured by dwellings
located on real property used primarily for agricultural purposes.
Credit Secured by Certain Investment Properties
Based on feedback received during the SBREFA process as well as its
general knowledge regarding both consumer and commercial real estate
lending, the Bureau understands that many financial institutions use
their consumer mortgage lending channels to process credit applications
secured by 1-4 individual dwelling units and used for investment
purposes, while applications for credit secured by 5+ unit multifamily
properties or rental portfolio loans secured by more than four 1-4 unit
residential properties are generally processed through commercial
mortgage lending channels. The Bureau also understands that loans made
through consumer mortgage lending channels are often made pursuant to
the guidelines of Fannie Mae, Freddie Mac, the Federal Housing
Administration, and the Department of Veterans Affairs, and are likely
already reported under HMDA.
In line with the SBREFA Panel's recommendation, the Bureau proposed
that the rule not cover credit secured by certain investment
properties, because such credit may not always be primarily for
business or commercial purposes. Specifically, proposed comment 104(b)-
4 would have explained that a covered credit transaction does not
include an extension of credit that is secured by 1-4 individual
dwelling units that the applicant or one or more of the applicant's
principal owners does not, or will not, occupy. The Bureau did not
propose to exclude credit secured by owner-occupied dwellings; for
example, those secured by a dwelling occupied by a business's sole
proprietor/principal owner. The Bureau proposed to exclude real estate
investment loans only in certain limited circumstances (such as when
credit is secured by non-owner occupied 1-4 dwelling units and not 5+
dwelling units). The Bureau proposed to define ``dwelling'' to have the
same meaning as Regulation C Sec. 1003.2(f). Similarly, proposed
comment 104(b)-4, which would address what does and does not constitute
an investment property, was modeled on Regulation C's comment 4(a)(6)-
4.
In its proposal, the Bureau noted its belief that its exclusion of
credit secured by certain investment properties will better capture
lending to true small businesses (as opposed to consumers seeking to
diversify their investments) and will also better align with financial
institution lending practices. The Bureau stated that it understands
that it may not always be easy for financial institutions to
distinguish between
[[Page 35233]]
business-purpose real estate investment loans and consumer-purpose real
estate investment loans; however, covering all such loans would likely
include some percentage of consumer-purpose loans, which could be
contrary to section 1071's business and community development purpose.
The Bureau sought comment on its proposed approach for credit
secured by certain investment properties, including whether it is
appropriate to consider credit not to be business credit when it is
secured by 1-4 individual dwelling units that the applicant or one or
more of the applicant's principal owners does not, or will not, occupy;
and, if not, whether a different number of dwelling units in the
property securing the credit would be an appropriate way to make a
distinction between business and consumer-purpose credit. The Bureau
also sought comment on whether to permit financial institutions to
voluntarily report real estate investment loan transactions that are
secured by non-owner occupied 1-4 dwelling units.
The Bureau received comments on this aspect of the proposal from
lenders, trade associations, and a community group. Several commenters
supported the exclusion of credit secured by certain investment
properties. A community group stated that the exclusion was appropriate
because the purpose of such credit is investment and not operating a
business of renting out units.
A few comments urged expansion of the proposed exclusion to other
real estate secured lending. A joint letter from several trade
associations representing the commercial real estate industry advocated
for expanding the proposed exclusion to impose a clear boundary between
small business lending and all investment property lending to ensure
that the information gathered under section 1071 reflects true small
business lending. In line with this suggestion, this commenter also
recommended rule text revisions. Another trade association suggested
expanding the exclusion to all non-owner occupied commercial and
multifamily real estate lending, arguing that the credit is
underwritten on the cash flow of the property and the value of the
property itself, rather than the operating revenue of a business, like
other investment properties. Another commenter suggested the Bureau
specifically exempt commercial real estate loans secured by non-owner-
occupied investment real estate to borrowing entities with NAICS codes
5311XX, the industry code for lessors of real estate.
Some comments reflected requests for clarifications and confusion
regarding the proposal. A bank suggested removing occupancy status from
covered credit transaction considerations because occupancy does not
fairly or materially delineate small business lending from consumer
lending and creates complexity in how financial institutions would need
to design processes, systems, and training. Community groups suggested
the Bureau require financial institutions to ask whether the credit
will be used primarily for business purposes, such as to secure rental
income. A bank suggested the Bureau focus on borrower type (natural
person versus entity) instead of property type. A trade association
urged the Bureau to remove the proposed exclusion for credit secured by
certain investment properties and replace it with an exclusion of all
credit subject to Regulation Z. Another bank commenter sought
clarification of the proposed exclusion, noting situations where a
borrower or a related party occupies a dwelling unit but still
considers it to be an investment property and not a business. A trade
association asked the Bureau how to determine owner occupancy for non-
dwelling real estate, such as where a business owns an office building
with multiple rental office spaces, and rents out all of these spaces
except for one space occupied by the business itself. One bank appeared
to believe that credit secured by 1-4 dwelling unit investment
properties would be reportable for both HMDA and section 1071 with
varying reporting requirements.
For the reasons stated herein and in the section above regarding
HMDA-reportable transactions, the Bureau is adding new Sec.
1002.104(b)(2) to exclude a covered loan as defined by Regulation C, 12
CFR 1003.2(e). This new exclusion renders moot the Bureau's
consideration of proposed comment 104(b)-4 by encompassing virtually
all credit that is secured by 1-4 individual dwelling units that the
applicant or one or more of the applicant's principal owners does not,
or will not, occupy. The Bureau's decision also renders moot comments
regarding requests for clarifications and confusion regarding the
proposal.
A ``covered loan'' as defined by Regulation C, 12 CFR 1003.2(e),
means a closed-end mortgage loan or an open-end line of credit that is
not an excluded transaction under Sec. 1003.3(c). A transaction is not
a ``covered loan'' if it is excluded by purpose. For example,
Regulation C excludes agricultural-purpose transactions and
transactions that are secured by a dwelling, as defined by Sec.
1003.2(f), that is located on real property that is used primarily for
agricultural purposes.\427\ The regulation also excludes transactions
otherwise made primarily for a business or commercial purpose \428\
unless the transaction is also: a home improvement loan; \429\ a home
purchase loan; \430\ or a refinancing (including cash-out
refinancing).\431\ Transactions are only covered under HMDA as covered
loans if they are secured by a lien on dwelling. In addition to
principal residences, a dwelling includes, but is not limited to,
manufactured homes, multifamily apartment buildings, and properties for
long-term housing and related services (such as assisted living for
senior citizens or supportive housing for people with disabilities).
Thus, a transaction may need to be reported under section 1071 if it is
secured by a lien on a non-dwelling; for example, a recreational
vehicle, houseboat, a hotel, dormitory, or properties for long-term
housing and medical care if the primary use is not residential. For a
full list of exclusions, please refer to Regulation C, section 1003.3.
The Bureau notes that even if a transaction is excluded under
Regulation C, that does not mean it is necessarily reportable under
section 1071. For example, even though a transaction is a not a HMDA
``covered loan'' if it is a purchase of a partial interest in an
otherwise covered loan, and thus not excluded by new Sec.
1002.104(b)(2), it is also not reportable under this rule because, as
explained below in the section regarding certain purchases of covered
transactions, only the definition of ``covered application'' will
trigger data collection and reporting obligations with respect to
covered credit transactions and such purchases do not involve an
application for credit.
---------------------------------------------------------------------------
\427\ 12 CFR 1003.3(c)(9).
\428\ 12 CFR 1003.3(c)(10).
\429\ 12 CFR 1003.2(i).
\430\ 12 CFR 1003.2(j).
\431\ 12 CFR 1003.2(p).
---------------------------------------------------------------------------
While the Bureau anticipates that adoption of new Sec.
1002.104(b)(2) results in the exclusion of most dwelling-secured
lending, this Bureau is not expanding this exclusion to all investment
(non-owner occupied) property lending, as recommended by a few
commenters. Where a small business seeks credit to invest in commercial
(non-dwelling) real estate, it is likely to apply to a financial
institution's commercial lending division and there are unlikely to be
any difficulties in determining that the transaction is a business-
purpose real estate investment (and not a consumer-purpose real estate
investment). It is
[[Page 35234]]
important for this rule to capture lending to true small businesses (as
opposed to consumers seeking to diversify their investments) to meet
section 1071's business and community development purpose. Moreover,
because such lending is not covered by HMDA, the potential for poor
data quality arising from inconsistent dual reporting does not occur in
this situation. In other words, excluding such transactions from
coverage would not advance section 1071's statutory purposes in the
same way as does excluding HMDA-reportable transactions. Rather,
covering these transactions will allow data users for the first time to
better understand the rationale behind credit decisions, help identify
potential fair lending concerns, and provide financial institutions
with data to evaluate their business underwriting criteria and address
potential gaps for commercial real estate lending and cash flow
financing. In addition, robust data on such credit transactions across
applicants, financial institutions, products, and communities could
help target limited resources and assistance to applicants and
communities, thus furthering section 1071's business and community
development purpose. With respect to fair lending compliance, such data
would help data users analyze potential discriminatory disparities.
104(b)(3) Insurance Premium Financing
To better manage cash flow and help pay for costly property and
casualty insurance premiums, many businesses enter into insurance
premium financing arrangements. Under a typical arrangement, an
insurance premium financing company provides funds to pay for premiums
that are remitted directly to the business's insurance provider, either
directly or through an insurance agent or broker. The business then
repays the premium amount advanced, plus some additional amount in the
form of interest or a service charge, which is sometimes capped by
State law.\432\ If the business fails to repay the loan or otherwise
defaults in its obligation, or if the insurance contract is cancelled,
the insurance premium financing company is empowered under the
financing agreement to demand the unearned premiums directly from the
insurer. The Bureau understands that insurance premium financing
companies have little to no contact with the businesses seeking credit
and insurance premium financing arrangements are typically underwritten
based on the terms of the insurance policy, the financial strength of
the insurer that issued the policy and holds the unearned premium, and
the uncollateralized exposure of the financing company, if any.
---------------------------------------------------------------------------
\432\ See, e.g., Fla. Stat. Ann. section 627.840(3)(b); 215 Ill.
Comp. Stat. Ann. 5/513a10(c).
---------------------------------------------------------------------------
Unlike with other forms of credit, borrowers in insurance premium
financing transactions are not free to use advanced amounts for general
purchases because those amounts are intended solely to cover the cost
of property and casualty insurance premiums and the funds are often
remitted directly to the business's insurer. Moreover, because
insurance premium financing companies are contractually empowered in
the event of default to cancel the insured's insurance coverage and
obtain a refund of unearned premiums to repay the amount advanced,
these transactions are not typically underwritten based on the
insured's ability to repay but on the value of the unearned premium
collateral and the financial strength of the insurance carrier holding
that collateral. The Bureau also understands that, in some cases,
certain contractual terms, including maximum interest rates, are
regulated by State law.\433\
---------------------------------------------------------------------------
\433\ See, e.g., Fla. Stat. Ann. section 627.840 (providing, in
part, that a premium finance company shall not impose a service
charge of more than $12 per $100 per year); 215 Ill. Comp. Stat.
Ann. 5/513a10 (stating that the maximum service charge is $10 per
$100 per year).
---------------------------------------------------------------------------
In the NPRM, the Bureau stated its belief that an organization
offering insurance premium financing, where the organization provides
short-term loans to businesses to pay for property and casualty
insurance, would have been included within the definition of a
financial institution in proposed Sec. [thinsp]1002.105(a), even
though this specific business model was not described in proposed
comment 105(a)-1. The Bureau did not specifically discuss insurance
premium financing in its section-by-section analysis of proposed Sec.
1002.104, noting that the Bureau was proposing to require that covered
financial institutions report data for all applications for
transactions that meet the definition of business credit unless
otherwise excluded.
A group of insurance premium financing trade associations urged the
Bureau to exclude insurance premium financing from the rule. This
comment did not dispute that such financing is credit but argued that
it should not be covered because it is unlike any other form of small
business credit--insurance premium finance lenders do not interact with
or exchange information with the applicant, credit terms (including
interest rate and fees) are preestablished and do not vary, and some
State insurance codes provide requirements regarding interest rates,
fees, disclosures, and other aspects of a premium finance transaction.
This commenter also maintained that insurance premium financing
presents minimal fair lending risk, most of the data proposed to be
required is not currently collected and would not be useful for
comparisons, and financing companies would incur significant costs to
comply, potentially limiting access to this credit. The commenter noted
that FinCEN exempted insurance premium financing companies from its
final rule imposing customer due diligence (beneficial ownership)
obligations under the Bank Secrecy Act. This trade association stated
that, if the Bureau does not exclude insurance premium financing
companies, the Bureau should clarify how the rule will apply to avoid
curtailment of credit and conflict with State insurance laws,
particularly those that prohibit, or at a minimum discourage, insurance
agents and brokers from collecting applicant-provided demographic data
from insureds.
The Bureau also received a letter from several members of Congress
citing potential conflicts between proposed section 1071 requirements
and State regulatory frameworks that they believed would improperly
impair or interfere with State insurance law. They requested the Bureau
reconsider subjecting these products to the final rule because they
believed that doing so would not advance the policy underpinning
section 1071 and would further negatively impact small businesses and
their ability to purchase adequate insurance coverage.
For the reasons set forth herein, the Bureau is excluding insurance
premium financing transactions from the final rule. New Sec.
1002.104(b)(3) defines insurance premium financing as a financing
arrangement wherein a business agrees to pay to a financial
institution, in installments, the principal amount advanced by the
financial institution to an insurer or insurance producer in payment of
premium on the business's insurance contract or contracts, plus
charges, and as security for repayment, the business assigns to the
financial institution certain rights, obligations, and/or
considerations (such as the unearned premiums, accrued dividends, or
loss payments) in its insurance contract or contracts. New Sec.
1002.104(b)(3) adds that this exclusion does not include the financing
of insurance policy premiums obtained in connection with the financing
of goods and services.
[[Page 35235]]
The Bureau is adopting a definition of ``covered credit
transaction'' that excludes insurance premium financing pursuant to its
authority under ECOA section 704B(g)(1) to prescribe such rules and
issue such guidance as may be necessary to carry out, enforce, and
compile data under section 1071, as well as its authority under
704B(g)(2) to adopt exceptions to any requirement of section 1071 and
to conditionally or unconditionally exempt any financial institution or
class of financial institutions from the statute's requirements, as the
Bureau deems necessary or appropriate to carry out the purposes of
section 1071. While insurance premium financing constitutes ``credit''
within the meaning of Sec. 1002.102(i) and may constitute ``business
credit'' within the meaning of Sec. 1002.102(d) (depending on its
purpose), the Bureau believes that it is categorically different from
products like loans, lines of credit, credit cards, and merchant cash
advances and that there are several reasons to believe that excluding
it from coverage advances section 1071's statutory purposes. Insurance
premium financing is not a general-use lending product, but instead,
like trade credit, exists only to facilitate the sale of a specific
nonfinancial product or service. Providers of insurance premium
financing are not primarily financial services providers, nor do they
currently manage compliance with regulatory requirements associated
with making extensions of credit. Taken together, requiring insurance
premium financing to be reported under subpart B may lead to
significant data quality issues. In addition, the fixed costs of coming
into compliance with this final rule could lead insurance premium
financing companies to limit offering this credit to their small
business customers, potentially undermining the business and community
development purpose of section 1071.
The Bureau believes the new exclusion in final Sec. 1002.104(b)(3)
will carve out narrow financing arrangements where the amount financed
is reasonably related to and intended to directly pay the cost of a
business's insurance policy premiums. New Sec. 1002.104(b)(3) also
limits the exclusion to situations where the business assigns the
financial institution certain rights, obligations, and/or
considerations (such as the unearned premiums) in its insurance policy
because the Bureau understands that such security interests ensure that
the underwriting focus is on the insurer, and not the small business
applicant. New Sec. 1002.104(b)(3) clarifies that the exclusion does
not include the financing of insurance contract premiums purchased in
connection with the financing of goods and services.
The Bureau notes that final Sec. 1002.104(b)(3) does not cover
situations where the insurance provider itself provides a business the
right to defer payment of an insurance premium or fee owed by the
business beyond the monthly period in which the premium or fee is due.
However, such arrangements may be covered by the trade credit exclusion
in final Sec. 1002.104(b)(1).
Factoring
Background
In traditional factoring arrangements, a business in need of
financing sells all or a portion of its accounts receivable (existing
but unpaid invoices) to another business, known as a ``factor.'' The
factor then receives payments on the accounts receivable from the
business's debtors or customers directly, and not from the business
that had entered into the factoring transaction. If the business has
sold only a portion of its invoices, then once the account debtors pay
their invoices to the factor, the factor remits the remainder of the
balance to the business after deducting a fee (specifically, a discount
applied to the sold accounts receivable usually stated on a percentage
basis).
The Bureau understands that the factoring market is generally
dominated by nondepository institutions not subject to Federal safety
and soundness supervision or reporting requirements. The Bureau also
understands that generally, factors may not be required to obtain State
lending licenses. As a result, information on factoring volume and
practices is limited. The Bureau notes, however, that the California
and New York disclosure laws mentioned above cover factoring.\434\
---------------------------------------------------------------------------
\434\ See Cal. S.B. 1235 (Sept. 30, 2018), https://leginfo.legislature.ca.gov/faces/billTextClient.xhtml?bill_id=201720180SB1235; N.Y. S.B. S5470B (July
23, 2020), https://legislation.nysenate.gov/pdf/bills/2019/S5470B.
---------------------------------------------------------------------------
The Bureau's 2017 White Paper estimated the factoring market as
constituting around 8 percent of the number of accounts used by small
businesses in the U.S. in 2014.\435\ Based on more recent evidence, the
Bureau believes the industry has not significantly grown. For example,
the 2017 and 2020 Federal Reserve Banks' surveys of firms with 1-499
employees (``employer firms'') found that 4 percent of such businesses
applied for and regularly used factoring.\436\ In the 2020 Small
Business Credit Survey of Employer Firms, this figure dropped to 3
percent of employer firms \437\ and in the 2021 survey, this figure
went back up to 4 percent.\438\
---------------------------------------------------------------------------
\435\ White Paper at 21 fig. 2, 22 fig. 3.
\436\ 2020 Small Business Credit Survey; 2017 Small Business
Credit Survey.
\437\ See 2021 Small Business Credit Survey at 24.
\438\ See 2022 Small Business Credit Survey at 25.
---------------------------------------------------------------------------
An existing comment in Regulation B (comment 9(a)(3)-3) provides
that ``[f]actoring refers to a purchase of accounts receivable, and
thus is not subject to [ECOA or Regulation B].'' Existing Regulation B
does not offer a definition for ``accounts receivable.'' However, if
there is a ``credit extension incident to the factoring arrangement,''
Regulation B's notification rules \439\ apply, as do other relevant
sections of ECOA and Regulation B.\440\ The Bureau understands that the
Board's treatment of credit extensions incident to factoring
arrangements--as a type of credit but one entitled to exemptions from
certain requirements--was motivated by its reading of congressional
intent related to the Women's Business Ownership Act of 1988,\441\
which amended ECOA to extend notification and record retention
requirements to business credit. In its proposed rule on this issue,
the Board explained that it was treating credit extensions incident to
factoring arrangements differently from other forms of business credit
based on ``evidence of congressional intent that the amendments should
not apply to . . . certain types of business credit (such as
applications for trade credit and credit incident to factoring
arrangements).'' \442\
---------------------------------------------------------------------------
\439\ See existing Sec. 1002.9(a)(3)(ii) (requiring a creditor
to notify an applicant, within a reasonable time (as opposed to
within 30 days for credit sought by consumers and businesses with
gross revenues of $1 million or less in preceding fiscal year),
orally or in writing, of the action taken).
\440\ Comment 9(a)(3)-3.
\441\ Public Law 100-533, 102 Stat. 2689 (1988).
\442\ 54 FR 29734, 29736 (July 14, 1989); see also 134 Cong.
Rec. H9282-89 (daily ed. Oct. 3, 1988) (explaining that the
committee recognizes that some forms of commercial loan transactions
and extensions of credit may ``require specialized rules,'' and
that, for example, the committee believes that loans and credit
extensions incidental to trade credit, factoring arrangements, and
sophisticated asset-based loans should continue to be exempted from
the record retention and automatic notification requirements).
---------------------------------------------------------------------------
Proposed Rule
In the NPRM, the Bureau proposed to not cover factoring. Modeled on
the definitions set forth in the New York and California commercial
financing
[[Page 35236]]
disclosure laws,\443\ proposed comment 104(b)-1 would have provided
that factoring is an accounts receivable purchase transaction between
businesses that includes an agreement to purchase, transfer, or sell a
legally enforceable claim for payment for goods that the recipient has
supplied or services that the recipient has rendered but for which
payment has not yet been made. Proposed comment 104(b)-1 would have
also clarified that an extension of business credit incident to a
factoring arrangement is a covered credit transaction and that a
financial institution shall report such a transaction as an ``Other
sales-based financing transaction'' under proposed Sec.
1002.107(a)(5).
---------------------------------------------------------------------------
\443\ See Cal. S.B. 1235 (Sept. 30, 2018), https://leginfo.legislature.ca.gov/faces/billTextClient.xhtml?bill_id=201720180SB1235; N.Y. S.B. S5470B (July
23, 2020), https://legislation.nysenate.gov/pdf/bills/2019/S5470B.
---------------------------------------------------------------------------
The Bureau sought comment on its proposed approach to factoring.
The Bureau also sought comment on how the subset of purported factoring
arrangements that may in fact be credit (i.e., those that are revolving
in nature or that cover anticipated receivables) should be reported
under the rule. Specifically, the Bureau sought comment on whether such
arrangements should be reported as credit extensions incident to
factoring (and thus reported as ``other sales-based financing'') or as
merchant cash advances.
Comments Received
The Bureau received comments on this aspect of the proposal from a
range of commenters, including lenders, trade associations, and
community groups. One commenter urged the Bureau to include the
distinctions between merchant cash advances and factoring that were
discussed in its NPRM preamble in the final rule's text or commentary
to avoid future confusion over what products are ultimately covered by
the final rule. This commenter also asked the Bureau to address the
role of recourse and underwriting in its analysis of whether a
particular financing transaction qualifies as credit. Another commenter
encouraged the Bureau to consider differences between various factoring
product structures and offered some explanations on how the term and
costs of factoring arrangements could be reported. A community group
asked the Bureau to explicitly include credit extensions incident to
factoring arrangements in the list of covered transactions in the final
rule, along with loans, lines of credit, credit cards, and merchant
cash advances.
A wide range of commenters, including many community groups,
community-oriented lenders, several members of Congress, individuals,
and a nonbank online lender, urged the Bureau to cover factoring in the
final rule. One community group suggested the Bureau use its
discretionary authority to define credit broadly, regardless of comment
9(a)(3)-3 in Regulation B or other ECOA provisions, to avoid a conflict
with congressional intent of shedding light on the distribution of
financing to minority-owned, women-owned, and small businesses. Several
commenters shared concerns about insufficient data on factoring and
stressed the need for more transparency and for having a complete
picture of the small business financing market. A few commenters argued
that factoring constitutes a large part of the small business financing
landscape and that section 1071's purposes would not be fulfilled
without covering this product. Several commenters pointed to the fact
that factoring arrangements are often used by minority-owned small
businesses as evidence that they should be covered by the rule, with a
few commenters specifically raising fair lending concerns related to
factoring.
A few commenters questioned factoring's exclusion as non-credit,
with the cross-sector group arguing that its inclusion would not create
compliance concerns for other provisions of Regulation B because
section 1071 is not broadly applicable to the entirety of Regulation B.
That commenter also argued that a factoring arrangement is ``credit''
whenever its recipient is held liable for deferred payments conditional
on the third party's ability to repay. This commenter noted that while
recourse agreements (cited by the commenter as constituting 88 percent
of the industry) enable the factor to pursue payment from the recipient
if the third party fails to repay, non-recourse agreements also enable
factors to seek payments from recipients under a variety of
circumstances. Another community group argued a factoring arrangement
is credit when a small business receives an amount less than the amount
due from its client because the small business recipient in that case
is effectively paying interest and/or fees. A joint letter from
community groups suggested the Bureau make clear that factoring is
excluded only where there is a bona fide sale of an accrued right to
payment without creating any obligations--contingent or otherwise--on
the seller.
Two commenters pointed to the fact that New York and California
both include factoring in their respective commercial financing
disclosure laws as a reason why it should be covered by the rule. Some
commenters expressed strong concerns that the exclusion of factoring
would open a door to potential evasion by merchant cash advance
providers and other actors. Many commenters urged the Bureau to include
factoring within its rule implementing section 1071 in order to monitor
these arrangements and prevent abuses.
Two commenters, both providers of factoring, suggested the Bureau
clarify that non-recourse factoring is covered by the trade credit
exclusion. These commenters noted that non-recourse factors would be
subject to the rule as proposed because it would have provided that the
extension of business credit by a financial institution (such as a
factor) other than a supplier for the financing of the sale of
inventory is not ``trade credit.'' These commenters argued that
compliance would be burdensome and disruptive to their operations, with
one commenter stressing how important non-recourse factoring is in
facilitating the sale of product by sellers to buyers.
Final Rule
For the reasons set forth herein, the Bureau is finalizing comment
104(b)-1 largely as proposed and is not covering factoring under the
rule. The Bureau believes that, as discussed with respect to merchant
cash advances above, a factoring agreement, as described in comment
104(b)-1, is not credit under ECOA because the provider of the funds
does not grant the recipient the right to defer payment. Instead, the
provider of funds seeks payment directly from a third party on a
legally enforceable claim for payment for goods that the recipient has
supplied or services that the recipient has rendered but for which
payment in full has not yet been made. The Bureau also believes that
treating factoring as credit under the rule could create
inconsistencies and compliance concerns related to existing Regulation
B, which currently states that factoring (as a purchase of accounts
receivable) is not subject to ECOA.
The Bureau is finalizing a detailed description of what constitutes
factoring in comment 104(b)-1 because the existing Regulation B
commentary regarding factoring may not provide sufficient clarity for
purposes of collecting and reporting data under section 1071 as it does
not define ``accounts receivable.'' This finalized description, modeled
on the definitions set forth in the New York and California commercial
financing disclosure
[[Page 35237]]
laws,\444\ provides that factoring is an accounts receivable purchase
transaction between businesses that includes an agreement to purchase,
transfer, or sell a legally enforceable claim for payment for goods
that the recipient has supplied or services that the recipient has
rendered but for which payment in full has not yet been made. The
Bureau has added the words ``in full'' to the proposed description to
account for the fact that factoring may include an immediate partial
payment or down payment to the businesses supplying the goods or
services. Comment 104(b)-1 states that it is not intended to repeal,
abrogate, annul, impair, or interfere with any existing
interpretations, orders, agreements, ordinances, rules, or regulations
adopted or issued pursuant to existing comment 9(a)(3)-3.
---------------------------------------------------------------------------
\444\ See Cal. S.B. 1235 (Sept. 30, 2018), https://leginfo.legislature.ca.gov/faces/billTextClient.xhtml?bill_id=201720180SB1235; N.Y. S.B. S5470B (July
23, 2020), https://legislation.nysenate.gov/pdf/bills/2019/S5470B.
---------------------------------------------------------------------------
Based on the Bureau's work to date, comments received, and
conversations with industry stakeholders, the Bureau understands that
purported factoring arrangements may take various forms, including
longer-term or revolving transactions that appear to have credit or
credit-like features, and the Bureau believes that a subset of such
arrangements may constitute credit incident to the factoring
arrangement. Comment 104(b)-1 thus clarifies that an extension of
business credit incident to a factoring arrangement is a covered credit
transaction and that a financial institution shall report such a
transaction as an ``Other sales-based financing transaction'' under
Sec. 1002.107(a)(5). By contrast, arrangements that do not involve
goods or services that have already been supplied or rendered are not
``factoring'' under the Bureau's description. The Bureau makes clear in
comment 104(b)-1 that, despite the fact that some providers may label
such arrangements as factoring, the name used by the financial
institution for a product is not determinative of whether or not it is
a ``covered credit transaction,'' and such arrangements are not
factoring as described in the final rule and are covered.
The Bureau does not believe it would be appropriate to codify
distinctions between merchant cash advances and factoring in the final
rule's text or commentary, as suggested by a commenter. The Bureau
believes that factoring involves the sale of existing and alienable
assets, while merchant cash advances involve a promise of future
payments derived from anticipated receivables. Accordingly, providers
of merchant cash advances--but not factoring that involves the sale of
existing and alienable assets--grant the right to incur debt and defer
its payment at a later date within the meaning of ``credit'' under
Sec. 1002.102(i).
For that reason, to the extent that a purported factoring
arrangement involves multiple revolving transactions such that the
transaction between the recipient and the provider of funds is not
complete at the time of the sale, that transaction constitutes credit,
and the Bureau would expect such a transaction to be reported as an
``Other sales-based financing transaction'' because it constitutes an
extension of business credit that may or may not be incident to a
factoring arrangement (depending on whether the first transaction
involved the sale of existing and alienable assets). In terms of how to
report the term and costs of extensions of credit incident to factoring
arrangements, the Bureau notes that final Sec. 1002.107(a)(12)(v)
would require financial institutions to report, for a merchant cash
advance or other sales-based financing transactions, the difference
between the amount advanced and the amount to be repaid and that final
Sec. 1002.107(a)(5)(iii) requires reporting of estimated loan term for
merchant cash advances and other sales-based financing in certain
circumstances.
As noted above, the products discussed in this preamble do not
constitute an exhaustive list of covered credit transactions; other
types of business credit not specifically described nevertheless
constitute covered credit transactions unless excluded by final Sec.
1002.104(b). In line with this approach, the Bureau is not expressly
delineating additional products (such as credit extensions incident to
factoring arrangements) as covered credit transactions in the final
rule's regulatory text or commentary. Nor is it reopening existing
Regulation B at this time in order to interpret ``credit'' to include
factoring. The Bureau acknowledges that factoring constitutes a large
part of the small business financing landscape, particularly among
minority-owned small businesses, and that it would be helpful to have
more transparency into these arrangements. However, making such a
change as part of this final rule could creating inconsistences and
compliance challenges with respect to existing Regulation B provisions.
The Bureau also does not believe that the question of whether a
factoring arrangement is credit should be determined based on whether
the small business recipient is effectively paying finance charges. For
the reasons discussed in the section-by-section analysis of Sec.
1002.102(i), the Bureau is finalizing a definition of ``credit'' that
largely follows the definition of credit in ECOA \445\ and existing
Sec. 1002.2(j); meaning the right granted by a creditor to an
applicant to defer payment of a debt, incur debt and defer its payment,
or purchase property or services and defer payment therefor. This
longstanding definition does not turn on ``the number of installments
required for repayment, or whether the transaction is subject to a
finance charge,'' \446\ nor on how underwriting is conducted. Rather,
in order for factoring to be credit under ECOA, a factor must grant the
right to defer payment of debt or to incur debts and defer its payment.
---------------------------------------------------------------------------
\445\ See 15 U.S.C. 1691a. Existing Regulation B uses the term
``applicant'' instead of ``debtor.''
\446\ Existing comment 2(j)-1.
---------------------------------------------------------------------------
The Bureau also does not believe it would be appropriate, at this
time, to distinguish between recourse and non-recourse factoring that
involves the business-to-business sale of existing and alienable
assets. The Bureau is aware that a significant proportion of the
factoring market, as it is currently understood, may consist of
recourse factoring, in which factors may pursue repayment from the
recipient of funds if the third party fails to pay, and that even non-
recourse agreements may enable factors to seek repayment from
recipients under some circumstances, such as fraud. As a result, the
Bureau understands that in much of what market participants understand
to be ``factoring'' within the meaning of existing Regulation B, the
transaction between the recipient and the provider of funds is not
conclusively complete at the time of the sale. The Bureau agrees with
commenters that these transactions are, at minimum, akin to credit.
Nevertheless, the Bureau believes that requiring reporting for these
transactions at this time would have the effect of upending market
participants' settled expectations that ``factoring'' is not credit
within the meaning of existing Regulation B. Therefore, data collection
and reporting pursuant to subpart B is not required for an accounts
receivable purchase transaction between businesses that includes an
agreement to purchase, transfer, or sell a legally enforceable claim
for payment for goods that the recipient has supplied or services that
the recipient has rendered but for which payment has not yet been made,
regardless of whether the
[[Page 35238]]
agreement includes recourse or other nonpayment contingency provisions.
The Bureau appreciates the fact that New York and California both
include factoring in their respective commercial financing disclosure
laws and has in fact drawn from the States' helpful regulatory language
for its own section 1071 commentary. However, coverage of factoring by
these or other States \447\ in their commercial financing disclosure
regimes does not affect what constitutes ``credit'' under ECOA. The
Bureau understands concerns that exclusion of factoring may open a door
to potential evasion by merchant cash advance providers and other
actors. However, the Bureau does not agree that it must include
factoring in this final rule in order to monitor these arrangements and
prevent abuses.
---------------------------------------------------------------------------
\447\ Other States, including Virginia and Utah, have passed
similar commercial financing disclosure laws. See, e.g., Virginia H.
1027 (enacted Apr. 11, 2022), https://lis.virginia.gov/cgi-bin/legp604.exe?221+ful+CHAP0516; Utah S.B. 183 (enacted Mar. 24, 2022),
https://le.utah.gov/~2022/bills/static/SB0183.html.
---------------------------------------------------------------------------
In the course of considering financial institutions' compliance
with the rule, the Bureau intends to closely scrutinize secured finance
transactions to ensure that companies are appropriately categorizing
and reporting products as required by section 1071. The Bureau also
intends to obtain more information about the use of recourse and other
nonpayment provisions in the factoring market, including types of these
provisions and the frequency with which factors invoke them. If it
proves necessary to modify existing Regulation B or subpart B, the
Bureau is prepared to exercise all of its available authorities,
including its authority under section 703 of ECOA to make adjustments
that are necessary to prevent circumvention or evasion.
With respect to comments asking the Bureau to clarify that non-
recourse factoring is covered by the trade credit exclusion, the Bureau
notes that while non-recourse factors may not be subject to the trade
credit exclusion because they are not typically a supplier that
finances the sale of equipment, supplies, or inventory, they are likely
providing ``factoring'' as described in final comment 104(b)-1. For the
reasons discussed in the section-by-section analysis of Sec.
1002.104(b)(1), the Bureau is not expanding its exclusion of trade
credit to include third-party financing companies.
Leases
Background
A leasing transaction generally refers to an agreement in which a
lessor transfers the right of possession and use of a good or asset to
a lessee in return for consideration.\448\ Under a ``true'' or
``operating'' lease, a lessee (the user) makes regular payments to a
lessor (the owner) in exchange for the right to use an asset (such as
equipment, buildings, motor vehicles, etc.).
---------------------------------------------------------------------------
\448\ See UCC 2A-103(1)(j) (defining a ``lease'').
---------------------------------------------------------------------------
Leases are not expressly addressed in ECOA or Regulation B. Until
the issuance of the NPRM, the Bureau had never opined on whether ECOA
and Regulation B apply to leases, and the Board made only one statement
about the applicability of ECOA and Regulation B to leases, in the
preamble to a final rule under ECOA. In that 1985 statement, the Board
responded to the Ninth Circuit's opinion in Brothers v. First
Leasing,\449\ which concluded that consumer leasing falls under
ECOA.\450\ The Board stated that it believes that ``Congress did not
intend the ECOA, which on its face applies only to credit transactions,
to cover lease transactions unless the transaction results in a `credit
sale' as defined in the Truth in Lending Act and Regulation Z.'' \451\
The Board then noted that it will continue to monitor leasing
transactions and take further action as appropriate.\452\ The Bureau is
unaware of any such further actions taken by the Board.
---------------------------------------------------------------------------
\449\ 724 F.2d 789 (9th Cir. 1984).
\450\ 50 FR 48018, 48020 (Nov. 20, 1985).
\451\ Id.
\452\ Id. Since then, courts have gone both ways on the issue.
Compare Ferguson v. Park City Mobile Homes, No. 89-CIV-1909, 1989 WL
111916, at *5 (N.D. Ill. Sept. 18, 1989) (consumer leases are
``credit'' under ECOA), with Laramore v. Ritchie Realty Mgmt. Co.,
397 F.3d 544, 547 (7th Cir. 2005) (consumer leases are not
``credit'' under ECOA).
---------------------------------------------------------------------------
The Bureau understands that many financial institutions (such as
equipment finance companies) offer both loans and leases to their small
business customers and some financial institutions comply with
Regulation B for their leases as well as their loans as a matter of
course. Lessor stakeholders have told Bureau staff that from their
perspective, as well as that of their customers, loans and leases are
indistinguishable. The Bureau understands that this is particularly
true of ``financial'' or ``capital'' leases, as defined under article
2A of the Uniform Commercial Code (UCC),\453\ which closely resemble
(and according to some stakeholders, in some cases are
indistinguishable from) term loans. The Bureau understands that
financial leases are treated like assets on buyers' balance sheets,
whereas operating leases are treated as expenses that remain off the
balance sheet. The Bureau understands that the ownership
characteristics of a financial lease also resemble those of a loan--the
financial lease term is the substantial economic life of the asset (as
evidenced by a low dollar purchase option at the end of the lease term
and/or lack of residual financial obligations at the end of the lease
term) and the lessee claims both interest and depreciation on their
taxes. The Bureau understands that for some financial institutions,
reporting loans but not leases may require added cost and effort to
separate them in databases. The Bureau also understands that because
depository institutions currently report both loan and lease activity
to other regulators in their Call Reports, they may prefer to maintain
a consistent approach for section 1071.
---------------------------------------------------------------------------
\453\ The Bureau notes that the UCC separately defines a
``consumer lease.'' See UCC 2A-103(1)(e). The Bureau's analysis
regarding leases does not apply to leases primarily for a personal,
family, or household purpose.
---------------------------------------------------------------------------
Proposed Rule
In the NPRM, the Bureau proposed to not cover leases. Drawing from
the UCC definition of ``lease,'' \454\ which was incorporated into the
New York and California commercial financing disclosure laws,\455\
proposed comment 104(b)-2 would have provided that the term covered
credit transaction does not cover leases, and that a lease, for
purposes of proposed subpart B, is a transfer from one business to
another of the right to possession and use of goods for a term, and for
primarily business or commercial (including agricultural) purposes, in
return for consideration. It would have further stated that a lease
does not include a sale, including a sale on approval or a sale or
return, or a transaction resulting in the retention or creation of a
security interest. The Bureau sought comment on whether there are types
of leases, or leases with certain characteristics, that should be
excluded from proposed comment 104(b)-2 and thus treated as reportable
under section 1071. Based on the practical difficulty cited by some
stakeholders of distinguishing leases from loans, the Bureau also
sought comment on whether financial institutions should be permitted to
voluntarily report lease transactions.
---------------------------------------------------------------------------
\454\ UCC 2A-103(1)(j) (`` `Lease' means a transfer of the right
to possession and use of goods for a term in return for
consideration, but a sale, including a sale on approval or a sale or
return, or retention or creation of a security interest is not a
lease. Unless the context clearly indicates otherwise, the term
includes a sublease.'').
\455\ See Cal. S.B. 1235 (Sept. 30, 2018), https://leginfo.legislature.ca.gov/faces/billTextClient.xhtml?bill_id=201720180SB1235; N.Y. S.B. S5470B (July
23, 2020), https://legislation.nysenate.gov/pdf/bills/2019/S5470B.
---------------------------------------------------------------------------
[[Page 35239]]
Comments Received
The Bureau received comments on this aspect of the proposal from
several community groups and community oriented lenders, trade
associations, an online lender, and several members of Congress. Many
of these comments argued that leases should be covered under the
Bureau's rule. A few commenters suggested that leases were much like
loans and other credit, with one commenter asserting that where a small
business may retain leased equipment, that is akin to lending in which
debt is incurred, payment is deferred and payments are made over a
significant time period for a substantial asset, that is, the
equipment. This commenter noted that the Bureau could apply its
proposed loan threshold to leases. A cross-sector group of lenders,
community groups, and small business advocates maintained that any data
collection on the leasing market would be valuable, even if limited to
credit sale leases or ``$1 leases'' (where the lessee makes payments on
the leased item and at the end of the lease term, purchases the item
for $1), which the commenter viewed as a form of credit sale lease.
A few commenters urged the Bureau to cover this large and growing
share of the small business financing market in order to avoid data
gaps. Two commenters expressed fair lending and predatory practice
concerns regarding leasing--one commenter pointed to a lawsuit filed by
the California State Attorney General against two lease financing
companies operating in 15 states that allegedly forced 193 Black
churches to make lease payments on falsely advertised and faulty
computer kiosks.\456\ Another commenter noted that leases are often
used by minority-owned businesses, in some cases more often than white-
owned businesses. This commenter also noted that New York and
California both include leasing in their respective commercial
financing disclosure laws and that at the Federal level, bicameral
commercial financing disclosure legislation has been introduced to
cover leasing. Two commenters argued that not covering leases in the
final rule would open the door to potential evasion, allowing merchant
cash advance providers and other financing companies to structure
transactions as leases instead of loans.
---------------------------------------------------------------------------
\456\ See Complaint, California v. Television Broadcasting
Online, Ltd., 2011 WL 849066 (Cal. Super. Feb. 2011), https://oag.ca.gov/system/files/attachments/press_releases/n2042_complaint.pdf.
---------------------------------------------------------------------------
Several trade associations, including ones representing equipment
and vehicle lease and finance companies, expressed support for the
Bureau's proposed approach to not cover leases. One commenter commended
the Bureau for recognizing that leases are not treated as credit in the
U.S. regulatory structure and for proposing use of the widely accepted
UCC definition of a lease. Another commenter observed that the Bureau's
proposed definition of ``lease'' would not cover instances where a
lessee purchased or eventually owned the product being leased. This
commenter advised against covering leases in the rule, arguing that
doing so would result in incorrect reporting when applicants' employees
submit lease applications but do not know the full scope of their
employer's ownership makeup or financial holdings; it would also
increase compliance costs, making short-term leases and rentals
significantly more expensive.
Final Rule
For the reasons set forth herein, the Bureau is finalizing comment
104(b)-2 largely as proposed and is not covering leases under the final
rule. Drawing from the UCC definition of ``lease,'' \457\ which was
incorporated into the New York and California commercial financing
disclosure laws,\458\ comment 104(b)-2 provides that the term covered
credit transaction does not cover leases, and that a lease, for
purposes of subpart B, is a transfer from one business to another of
the right to possession and use of goods for a term, and for primarily
business or commercial (including agricultural) purposes, in return for
consideration. It further states that a lease does not include a sale,
including a sale on approval or a sale or return, or a transaction
resulting in the retention or creation of a security interest. In
addition, comment 104(b)-2 clarifies that the name used by the
financial institution for a product is not determinative of whether or
not it is a ``covered credit transaction.''
---------------------------------------------------------------------------
\457\ UCC 2A-103(1)(j) (`` `Lease' means a transfer of the right
to possession and use of goods for a term in return for
consideration, but a sale, including a sale on approval or a sale or
return, or retention or creation of a security interest is not a
lease. Unless the context clearly indicates otherwise, the term
includes a sublease.'').
\458\ See Cal. S.B. 1235 (Sept. 30, 2018), https://leginfo.legislature.ca.gov/faces/billTextClient.xhtml?bill_id=201720180SB1235; N.Y. S.B. S5470B (July
23, 2020), https://legislation.nysenate.gov/pdf/bills/2019/S5470B.
---------------------------------------------------------------------------
The Bureau considered several other approaches to covering leasing,
including referring to Regulation Z's definition of ``credit sale.''
Under that definition, a ``credit sale'' is ``a sale in which the
seller is a creditor,'' and it includes a lease--unless the consumer
may terminate it at any time without penalty--where the consumer
``[a]grees to pay as compensation for use a sum substantially
equivalent to, or in excess of, the total value of the property and
service involved'' and ``[w]ill become (or has the option to become),
for no additional consideration or for nominal consideration, the owner
of the property upon compliance with the agreement.'' \459\ The Bureau
understands that financial institutions focused on offering leases and
loans for business purposes are generally not familiar with the
Regulation Z definition of ``credit sale,'' given that Regulation Z
applies only to consumer credit.\460\ The Bureau thus believes that
referring to the Regulation Z definition of ``credit sale'' could
create confusion and would not align with current industry practices.
The Bureau understands that such financial institutions offering leases
primarily for business or commercial (including agricultural) purposes
are more accustomed to applying the UCC definitions of ``lease'' \461\
and ``finance lease,'' \462\ and/or the generally accepted accounting
principles (GAAP) rules issued by the Financial Accounting Standards
Board governing ``operating,'' ``capital,'' and ``finance''
leases.\463\ The Bureau believes that drawing from the UCC definition
of lease will lead to more consistency with financial institutions'
current practices. Nearly all U.S. jurisdictions have adopted Article
2A of the UCC,\464\ and the Bureau
[[Page 35240]]
understands that virtually every form of lease used by major leasing
companies provides that it is governed by the laws of one of the
jurisdictions that has adopted Article 2A.
---------------------------------------------------------------------------
\459\ 12 CFR 1026.2(a)(16).
\460\ See Regulation Z Sec. Sec. 1026.2(a)(12) (defining
``consumer credit'' as ``credit offered or extended to a consumer
primarily for personal, family, or household purposes'') and
1026.3(a)(1) (excluding extensions of credit ``primarily for a
business, commercial or agricultural purpose'').
\461\ UCC 2A-103(1)(j).
\462\ UCC 2A-103(1)(g).
\463\ See Fin. Acct. Standards Bd., Accounting Standards Update:
Leases (Topic 842), No. 2016-02 (Feb. 2016), https://www.fasb.org/Page/ShowPdf?path=ASU+2016-02_Section+A.pdf&title=Update+2016-02%E2%80%94Leases+%28Topic+842%29+Section+A%E2%80%94Leases%3A+Amendments+to+the+FASB+Accounting+Standards+Codification%C2%AE&acceptedDisclaimer=true&Submit=.
\464\ See Ala. Code 7-2A-101 et seq.; Alaska Stat. 45.12.101 et
seq.; Ariz. Rev. Stat. 47-2A101 et seq.; Ark. Code Ann. 4-2A-101 et
seq.; Cal. Com. Code 10101 et seq.; Choctaw Tribal Code 26-2A-101 et
seq.; Colo. Rev. Stat. 4-2.5-101 et seq.; Conn. Gen. Stat. 42a-2A-
101 et seq.; D.C. Code 28:2A-101 et seq.; Del. Code Ann. tit. 6, 2A-
101 et seq.; Fla. Stat. 680.1011 et seq.; Ga. Code Ann. 11-2A-101 et
seq.; Haw. Rev. Stat. 490:2A-101 et seq.; Idaho Code 28-12-101 et
seq.; 810 Ill. Comp. Stat. 5/2A-101 et seq.; Ind. Code 26-1-2.1-101
et seq.; Iowa Code 554.13101 et seq.; Kan. Stat. Ann. 84-2a-101 et
seq.; Ky. Rev. Stat. Ann. 355.2A-101 et seq.; Mass. Gen. Laws ch.
106, 2A-101 et seq.; Md. Code Ann., Com. Law 2A-101 et seq.; Me.
Stat. tit. 11, 2-1101 et seq.; Mich. Comp. Laws 440.2801 et seq.;
Minn. Stat. 336.2A-101 et seq.; Miss. Code Ann. 75-2A-101 et seq.;
Mo. Rev. Stat. 400.2A-101 et seq.; Mont. Code Ann. 30-2A-101 et
seq.; N.C. Gen. Stat. 25-2A-101 et seq.; N.D. Cent. Code 41-02.1-01
et seq.; N.H. Rev. Stat. Ann. 382-A:2A-101 et seq.; N.J. Stat. Ann.
12A:2A-101 et seq.; N.M. Stat. Ann. 55-2A-101 et seq.; N.Y. UCC Law
2-A-101 et seq.; Neb. Rev. Stat. UCC 2A-101 et seq.; Nev. Rev. Stat.
104A.2101 et seq.; Ohio Rev. Code Ann. 1310.01 et seq.; Okla. Stat.
tit. 12A, 2A-101 et seq.; Or. Rev. Stat. 72A.1010 et seq.; Pa. Cons.
Stat. 2A101 et seq.; R.I. Gen. Laws 6A-2.1-101 et seq.; S.C. Code
Ann. 36-2A-101 et seq.; S.D. Codified Laws 57A-2A-101 et seq.; Tenn.
Code Ann. 47-2A-101 et seq.; Tex. Bus. & Com. Code Ann. 2A.101 et
seq.; Utah Code Ann. 70A-2a-101 et seq.; V.I. Code Ann. tit. 11A,
2A-101 et seq.; Va. Code Ann. 8.2A-101 et seq.; Vt. Stat. Ann. tit.
9A, 2A-101 et seq.; W. Va. Code 46-2A-101 et seq.; Wash. Rev. Code
62A.2A-101 et seq.; Wisc. Stat. 411.101 et seq.; Wyo. Stat. Ann.
34.1-2.A-101 et seq.
---------------------------------------------------------------------------
Based on its review of business-purpose leases and its expertise
with respect to the meaning of ``credit,'' the Bureau believes that the
term ``credit'' does not encompass such business leases. In the
business-purpose context, the Bureau understands that in a true lease,
the lessor retains title and will receive the property back after the
conclusion of the lease term, without any expectation by either party
that, for example, ownership of the property will be transferred or
that payments made pursuant to the lease agreement constitute anything
other than payments in exchange for the temporary use of the property.
As a result, the Bureau does not believe that in the business-purpose
context a true lease transaction involves the right to incur debt and
defer its payment, defer payment of a debt, or defer payment for goods
or services.
The Bureau is aware that there are other types of leases with
characteristics that bear some resemblance to forms of credit like
credit sales, such as a contemplated transfer of ownership at the end
of the lease term. The Bureau does not parse whether different types of
leases might constitute ``credit'' but notes that final comment 104(b)-
2's definition of lease does not include a sale, including a sale on
approval or a sale or return, or a transaction resulting in the
retention or creation of a security interest. For further
clarification, the Bureau notes that UCC section 1-203 provides helpful
guidance on how to distinguish a lease from a security interest. For
example, UCC section 1-203 provides, in part, that a lease transaction
creates a security interest if the lessee's payment obligation
continues for the term of the lease and is not subject to termination
by the lessee and the lessee has an option to become the owner of the
goods for no additional consideration or for nominal additional
consideration upon compliance with the lease agreement.\465\ The UCC
additionally provides that additional consideration is nominal if it is
less than the lessee's reasonably predictable cost of performing under
the lease agreement if the option is not exercised.\466\ The UCC
appropriately notes that whether a transaction in the form of a lease
creates a lease or security interest is determined by the facts of each
case.\467\ The Bureau believes that drawing from an established
definition of ``lease'' that small business lenders already use will
minimize compliance risks and will offer sufficient consistency and
clarity regarding interpretation of final comment 104(b)-2.
---------------------------------------------------------------------------
\465\ UCC 1-203(b).
\466\ UCC 1-203(d).
\467\ UCC 1-203(a).
---------------------------------------------------------------------------
The Bureau is not covering leases under this final rule, as
requested by some commenters. The Bureau agrees that some business
leases are structured like loans and other credit but notes that a
commenter's example of a small business being able to retain leased
equipment is an example of the creation of a security interest, not a
lease under final comment 104(b)-2. Similarly, so-called ``$1 leases''
create security interests because the lessee has an option to become
the owner of the goods for nominal additional consideration. As noted
by one commenter, final comment 104(b)-2's definition of lease does not
include a transaction resulting in the retention or creation of a
security interest.
The Bureau understands that bicameral commercial financing
disclosure legislation was introduced in the last Congress to cover
some leasing and other commercial finance products under the Federal
Truth in Lending Act and that New York and California both include
leases in their respective commercial financing disclosure laws. (The
Bureau has in fact drawn from the states' helpful regulatory language
for its own section 1071 commentary.) However, the Bureau does not
believe that the coverage of leases in these particular legislative
efforts has any bearing on what constitutes ``credit'' under ECOA. The
Bureau appreciates commenters' concerns that not covering leases could
open a door to potential evasion and lead to data gaps or fair lending
problems. The Bureau believes that it can observe the small business
financing market for such abuses and prevent them without including all
leases in the rule. For example, in considering financial institutions'
compliance with the rule, the Bureau intends to closely scrutinize
transactions to ensure that companies are appropriately categorizing
and reporting products as required by section 1071.
Consumer-Designated Credit
The Bureau understands that some small business owners may use
consumer-designated credit in order to finance their small businesses--
such as taking out a home equity line of credit or charging business
expenses on their personal credit cards.
The proposed rule would not have covered products designated by the
creditor as consumer-purpose products (consumer-designated credit).
Proposed comment 104(b)-3 would have made clear that the term covered
credit transaction does not include consumer-designated credit used for
business purposes, because such transactions are not business credit.
Proposed comment 104(b)-3 would have provided that a transaction
qualifies as consumer-designated credit if the financial institution
offers or extends the credit primarily for personal, family, or
household purposes. The Bureau sought comment on this proposed
interpretation, including how the Bureau has defined the scope of
consumer-designated credit. The Bureau also sought comment on whether
it should permit financial institutions to voluntarily report consumer-
designated credit when they have reason to believe the credit might be
used for business purposes.
The Bureau received comments on this aspect of the proposal from a
range of banks, credit unions, trade associations, and community
groups. One trade association generally agreed with the Bureau's
approach to consumer-designated credit but asked the Bureau to clarify
whether retail installment sales contracts are covered by the exclusion
of consumer-designated credit. This commenter also asked the Bureau to
confirm that, in determining whether credit is excluded as consumer-
designated credit, existing comment 2(g)-1 interpreting the definition
of ``business credit'' applies, which provides that ``[a] creditor may
rely on an applicant's statement of the purpose for the credit
requested.''
Some industry commenters supported the Bureau's proposed exclusion
of consumer-designated credit. One of these commenters argued that the
inclusion of consumer-designated credit within the rule would
dramatically expand the size of the data collected beyond the purpose
of section 1071, circumventing the congressional intent and increasing
the rule's impact on the availability of credit for all consumers--
[[Page 35241]]
not just business borrowers. Another commenter asked the Bureau to
clarify that it will not challenge the designation of a transaction as
consumer-designated credit, expressing concerns because financial
institutions have no reliable method for validating a latent business
purpose in an application for a consumer-designated credit transaction.
Two banks recommended against requiring financial institutions to
second guess consumers' intentions regarding use of funds by requiring
them to report on loans suspected to be used for business purposes.
Several commenters urged the Bureau to cover consumer credit that
will be used for business purposes. One community group suggested
collecting 1071 data where personal credit card applicants responded
that 50 percent or more of the loan would be used for small business
purposes, asserting that this threshold would sufficiently weed out
applications that would result in nominal amounts of funding for small
business purposes but would still capture ones that are potentially
important for meeting the community development purpose of section
1071. Two commenters expressed concerns that not covering consumer-
designated credit would result in a push toward unregulated products,
with one commenter asserting that a portion of the fintech sector is
engaging in unscrupulous targeting of vulnerable customers (including
racial and ethnic minorities). Two community groups asked the Bureau to
reconsider its proposal, emphasizing how important consumer-designated
credit is as a source of financing for small businesses, particularly
for women-owned and minority-owned small businesses, sole
proprietorships, and new businesses. Another community group
recommended that the Bureau additionally include personal credit card
loans that finance business expenses, asserting that these cards are a
vital source of credit for very small and start-up businesses, as well
as businesses owned by women and people of color.
A number of banks suggested the Bureau exclude all credit subject
to Regulation Z. Some suggested that such an exemption would provide
clarity to the definition of ``covered credit transaction'' and would
ease compliance burden when identifying covered applications,
implementing data collection, and ensuring data integrity in a manner
that meets the statutory purpose. One trade association added that
financial institutions are already familiar with determining loan
purpose under the Regulation Z definition in their everyday lending
activities and that this approach would alleviate confusion with the
proposed exclusion for credit secured by certain investment properties.
For the reasons set forth herein, the Bureau is finalizing comment
104(b)-3 almost entirely as proposed and is not covering consumer-
designated credit under the final rule. Comment 104(b)-3 makes clear
that the term covered credit transaction does not include consumer-
designated credit used for business or agricultural purposes, because
such transactions are not business credit. The Bureau is adding the
reference to agricultural purposes for clarity. Comment 104(b)-3
provides that a transaction qualifies as consumer-designated credit if
the financial institution offers or extends the credit primarily for
personal, family, or household purposes. For example, an open-end
credit account used for both personal and business purposes is not
business credit for the purpose of subpart B unless the financial
institution designated or intended for the primary purpose of the
account to be business-related.
The Bureau believes it is appropriate to interpret section 1071 as
not applying to this type of credit. Most notably, ECOA section 704B(b)
directs financial institutions to collect data in the case of an
application ``for credit for women-owned, minority-owned, or small
business'' (emphasis added). The statute thus applies only to
applications for credit for a business; at the time of an application
for consumer-designated credit, however, the application is not for a
business. Several policy reasons also support this approach. First,
financial institutions may not be able to consistently identify when
consumer-designated credit is being used for business or agricultural
purposes. Inconsistent reporting across financial institutions could
lead to data quality concerns. Credit sought by consumers for both
personal and business purposes could be particularly difficult to
separate into reportable and non-reportable portions. The Bureau
believes that excluding consumer-designated credit will simplify
compliance by obviating the need for financial institutions to identify
and distinguish business uses of consumer-purpose credit products.
Second, not including consumer-designated credit that is used for
business or agricultural purposes within the scope of this rulemaking
makes it clear that the applications reported will all be seeking
credit to use for business/agricultural purposes, which supports
section 1071's directive to collect and report data in the case of an
application for credit for a business. Third, not covering consumer-
designated credit that is used for business or agricultural purposes
provides certainty to financial institutions that offer only consumer-
designated credit that they are not subject to this final rule's data
collection and reporting requirements.
With respect to the request to clarify whether retail installment
sales contracts are covered by the exclusion of consumer-designated
credit, the Bureau notes that this exclusion applies equally to all
credit products. In other words, a retail installment sales contract
qualifies as consumer-designated credit if the financial institution
offers or extends it primarily for personal, family, or household
purposes. The Bureau confirms, as requested, that because the Bureau is
finalizing Sec. 1002.102(d) to define business credit as having the
same meaning as in existing Sec. 1002.2(g), existing comment 2(g)-1
also applies to subpart B. Thus, in determining whether credit is
excluded as consumer-designated credit, a financial institution ``may
rely on an applicant's statement of the purpose for the credit
requested.'' \468\
---------------------------------------------------------------------------
\468\ Existing comment 2(g)-1.
---------------------------------------------------------------------------
The Bureau agrees with commenter concerns that the inclusion of
consumer-designated credit within the rule would dramatically expand
the size of the data collected beyond the purpose of section 1071,
circumventing congressional intent and potentially increasing the
rule's impact on the availability of credit for all consumers--not just
small business borrowers. The Bureau also confirms that financial
institutions may rely on an applicant's statement of purpose for the
credit requested and need not report consumer-purpose loans suspected
to be used for business purposes, recognizing that alternative
approaches would likely result in inconsistent results across lenders
as they tried to discern latent business purposes in an application for
a consumer-designated credit transaction.
With respect to the suggestion that the Bureau require financial
institutions to inquire on an application whether 50 percent or more of
the borrowed funds would be used for small business purposes and
require collection of 1071 data in those instances, the Bureau believes
that this approach would raise many of the policy concerns discussed
above. The Bureau appreciates the concerns about potential fair lending
violations and evasion raised by commenters relating to consumer-
designated credit. The Bureau believes that its finalized bright-line
approach
[[Page 35242]]
will better enable it to ensure that financial institutions that are
offering business credit are complying with the final rule.
The Bureau is not excluding to exclude all credit subject to
Regulation Z from this rule's definition of ``business credit,'' as
suggested by some commenters. The final rule does not cover consumer-
designated credit, which includes Regulation Z credit as well as other
consumer-designated credit that is not encompassed by Regulation Z. The
Bureau notes that some of Regulation Z's provisions apply to business
purpose credit cards \469\ and that Regulation Z does not cover
consumer credit over certain applicable threshold amounts.\470\
---------------------------------------------------------------------------
\469\ See Regulation Z Sec. 1026.12(a) and (b).
\470\ See id. Sec. 1026.3(b).
---------------------------------------------------------------------------
Certain Purchases of Covered Credit Transactions, Including Pooled
Loans and Partial Interests Proposed Rule
As discussed in the section-by-section analysis of Sec. 1002.103
above, ECOA section 704B(b) requires that financial institutions
collect, maintain, and report to the Bureau certain information
regarding ``any application to a financial institution for credit.''
For covered financial institutions, the definition of ``application''
triggers data collection and reporting obligations with respect to
covered credit transactions. In the NPRM, the Bureau noted that under
proposed subpart B, purchasing a loan, purchasing an interest in a pool
of loans, or purchasing a partial interest in a loan does not, in
itself, generate an obligation for a covered financial institution to
report small business lending data. Rather, a reporting obligation
arises on the basis of receiving a covered application for credit. (See
the section-by-section analysis of Sec. 1002.109(a)(3) for additional
information.) The Bureau also noted the corollary point that selling an
originated covered credit transaction would not, in itself, obviate an
existing obligation of a covered financial institution to report small
business lending data for that application, pursuant to proposed
comment 107(a)-1.i.
In addition, the Bureau believed that requiring covered financial
institutions to collect and maintain data related to the purchase of an
interest in a pool of covered credit transactions would do little to
further the purposes of section 1071. The Bureau generally believed
that a pooled loan purchase would arise after credit decisions on the
relevant loans had already been made (e.g., after the loans were
originated) and therefore the Bureau believed that the purchaser of an
interest in a pool of loans would understand that there would be no
section 1071 obligation. Information about the loans in this pool would
already be captured, as the application for each originated loan in the
pool would already be reported (assuming it was originated by a covered
financial institution and otherwise satisfies the requirements of
subpart B). For clarity, however, the Bureau stated in the NPRM
preamble that no reporting obligations arise from purchasing an
interest in a pool of covered credit transactions, including credit-
backed securities or real estate investment conduits. The Bureau
believed that this clarification, similar to Regulation C comment
3(c)(4)-1, would assist covered financial institutions in understanding
the scope of their obligations.
Moreover, the Bureau stated that the purchase of a partial interest
in a loan does not, in itself, generate an obligation for a covered
financial institution to report small business lending data. The Bureau
believed that this approach, combined with proposed Sec.
1002.109(a)(3), provided sufficient clarity for financial institutions
that choose to take part in loan participations. For example, Financial
Institution A receives an application from a small business for a
covered credit transaction and approves the loan, and then Financial
Institution A organizes a loan participation agreement where Financial
Institutions B and C agree to purchase a partial interest. This is a
reportable application for a covered credit transaction for Financial
Institution A, but it is not a reportable application for Financial
Institutions B and C. The Bureau noted that this approach differs from
how loan participations are reported by banks and savings associations
under the CRA. That is, under the CRA, if the loan originated by
Financial Institution A met the definition of a small business loan,
then for any (or all) of the financial institutions that were CRA
reporters, the loans could be reported under the CRA.\471\
---------------------------------------------------------------------------
\471\ See, e.g., 12 CFR 228.21(f) (stating that when assessing
the record of a nonminority-owned and nonwomen-owned bank, the Board
considers loan participation as a factor).
---------------------------------------------------------------------------
The Bureau believed that the statutory purposes of section 1071
encourage the broad collection of small business lending data by
financial institutions. The Bureau was not aware of any reason why data
with respect to covered credit transactions should not be collected
because more than one financial institution holds an interest in the
originated loan. Conversely, the Bureau did not believe that requiring
reporting by each financial institution with a partial interest in a
covered credit transaction would further section 1071's purposes, and
because having a single loan reported by multiple financial
institutions could compromise the quality of the 1071 dataset. Read in
conjunction with proposed Sec. 1002.109(a)(3), however, the Bureau
believed that the covered credit transactions at issue here would
nonetheless generally be reported by one financial institution provided
it met the threshold for originated loans pursuant to Sec.
1002.105(b)--i.e., the financial institution that sold portions of the
loan to other participants.
The Bureau did not expressly exclude loan purchases, the purchase
of an interest in a pool of covered credit transactions or the purchase
of a partial interest in a covered credit transaction in the proposed
rule's regulatory text or commentary, but sought comment on this
approach. With respect to partial interests specifically, the Bureau
solicited comment on how such an exclusion may differ from reporting
obligations under the CRA and, if the Bureau adopted another approach,
how overlapping reporters or data might be flagged to avoid double-
counting certain information.
Comments Received
The Bureau received several comments regarding loan purchases and
loan participations. Commenters did not address pooled loans
specifically. A trade association and two banks agreed that loan
purchases should not be covered; one of these banks requested that the
Bureau add commentary emphasizing this point.
In contrast, two other commenters argued that all loan purchases
should be reported, citing consistency with treatment under CRA and
HMDA. One commenter further stated that excluding loan purchases and
participations from reporting requirements would ignore the role of
financial institutions with a significant percentage of loan purchases,
despite their importance in the small business lending market. The
other commenter stated that 1071 data should replace CRA lending data,
the CRA considers loan purchases, and thus so should the Bureau's rule
for consistency.
Several farm credit lenders and a trade association said that
participation interests and participation loans should be specifically
excluded, noting that a participation interest is legally distinct from
a loan, the purchaser of an interest
[[Page 35243]]
is not considered a creditor, and there is risk of double counting the
data. One commenter asked that the Bureau exclude loan participations
from the definition of ``covered credit transaction'' because a
customer never applies for any lender to participate in a covered
credit transaction. In addition, some farm credit lenders noted that
they frequently enter into loan participation agreements. They stated
that a loan participation is significantly different from the purchase
of a loan because under these agreements, the borrower's contractual
relationship remains solely with the lead lender. These commenters
further stated that requiring a participant to report would be akin to
requiring a trust in a mortgage securitization to report HMDA data.
Final Rule
For the reasons set forth herein, the Bureau is revising the
commentary to Sec. 1002.104(b) to make clear that loan purchases, the
purchase of an interest in a pool of loans, and the purchase of a
partial interest in a credit transaction are not ``covered credit
transactions.'' Specifically, the Bureau is adding comment 104(b)-4 to
clarify that for purposes of subpart B, the term ``covered credit
transaction'' does not include the purchase of an originated credit
transaction, the purchase of an interest in a pool of credit
transactions, or the purchase of a partial interest in a credit
transaction such as through a loan participation agreement. Such
purchases do not, in themselves, constitute applications for business
credit that the purchasing entity makes decisions on. Relatedly, in
order to illustrate reporting obligations regarding pooled loans and
partial interests, the Bureau is also adding examples to the commentary
to Sec. 1002.109(a)(3). The section-by-section analysis of Sec.
1002.109(a)(3) addresses in detail situations where multiple financial
institutions are involved in a covered credit transaction.
While the Bureau acknowledges the important role of loan purchases
in the small business lending market, the Bureau notes that the
definition of ``covered application'' triggers data collection and
reporting obligations with respect to covered credit transactions.
Under the final rule, purchasing an originated loan, purchasing an
interest in a pool of loans, or purchasing a partial interest in a loan
does not, in itself, generate an obligation for a covered financial
institution to report small business lending data regarding the
application underlying the purchased loan. The Bureau has made clear in
final Sec. 1002.109(a)(3) and associated commentary that only the
action taken on the application is reportable.
In response to commenters who urged consistency with HMDA, as noted
above, the statutory language in HMDA contemplates data collection for
loan purchases. Similarly, as interpreted by the agencies administering
CRA, the CRA statute permits banks to fulfill their obligation to meet
local credit needs by lending in low-to-moderate income communities or
by purchasing loans made by others.\472\ Conversely, section 1071 does
not contain such language; it is focused on applications as the trigger
for data collection and reporting obligations. Thus, the Bureau
concludes for this rule that it is appropriate for financial
institutions to have reporting obligations on the basis of making
credit decisions on applications, as explained further in the section-
by-section analysis of Sec. 1002.109(a)(3)--a subsequent purchase of a
loan (or an interest in a pool of loans, or a partial interest in a
loan) is not, in itself, reportable.
---------------------------------------------------------------------------
\472\ See, e.g., 12 CFR 228.22(a)(2) (stating that the Board
will consider both originations and purchases of loans under the
lending test).
---------------------------------------------------------------------------
104(b)(4) Public Utilities Credit
As noted above, the existing definition of business credit in Sec.
1002.2(g) partially excludes public utilities credit, securities
credit, incidental credit, and government credit, as defined in
existing Sec. 1002.3(a) through (d), from requirements of existing
Regulation B. For the purpose of proposed subpart B, the Bureau
proposed complete exclusions for public utilities credit from the
definition of a covered credit transaction in proposed Sec.
1002.104(b). The Bureau also proposed to define business credit in
proposed Sec. 1002.102(d) by reference to existing Sec. 1002.2(g),
which already excludes public utilities credit. The Bureau sought
comment on its proposal to exclude public utilities credit but did not
receive any comments in response.
For the reasons set forth herein, the Bureau is finalizing Sec.
1002.104(b)(2) as proposed. Section 1002.104(b)(2) excludes public
utilities credit, as defined in existing Sec. 1002.3(a)(1). Existing
Sec. 1002.3(a)(1) states that the term public utilities credit refers
to extensions of credit that involve public utility services provided
through pipe, wire, or other connected facilities, or radio or similar
transmission (including extensions of such facilities), if the charges
for service, delayed payment, and any discount for prompt payment are
filed with or regulated by a government unit. Several existing
Regulation B requirements do not apply to public utilities credit
transactions.\473\ Existing comment 3(a)-1 explains that the definition
applies only to credit for the purchase of a utility service, such as
electricity, gas, or telephone service. Credit provided or offered by a
public utility for some other purpose--such as for financing the
purchase of a gas dryer, telephone equipment, or other durable goods,
or for insultation or other home improvements--is not excepted under
Sec. 1002.104(b)(2) but may be excepted if it constitutes trade credit
under Sec. 1002.104(b)(1), or in the example of financing for certain
home improvements, if it does not constitute an extension of business
credit under Sec. 1002.104(a). Existing comment 3(a)-2 states in part
that a utility company is a creditor when it supplies utility service
and bills the user after the service has been provided.
---------------------------------------------------------------------------
\473\ See Sec. 1002.3(a).
---------------------------------------------------------------------------
The Bureau is adopting a definition of ``covered credit
transaction'' that only covers business credit and that fully excludes
public utilities credit pursuant to its authority under ECOA section
704B(g)(1) to prescribe such rules and issue such guidance as may be
necessary to carry out, enforce, and compile data under section 1071,
as well as its authority under ECOA 704B(g)(2) to adopt exceptions to
any requirement of section 1071 and to conditionally or unconditionally
exempt any financial institution or class of financial institutions
from the statute's requirements, as the Bureau deems necessary or
appropriate to carry out the purposes of section 1071. The Bureau
believes that fully excluding public utilities credit from the rule is
reasonable for the same reasons as the Board enumerated when it adopted
exemptions from certain procedural requirements under subpart A.
Specifically, covering public utilities credit under this rule could
potentially result in ``substantial changes in the forms and procedures
of public utilities companies. Costs associated with such changes
would, in all likelihood, be passed along to [small business owners].''
\474\ The Bureau notes that many of the policies and procedures of
public utilities companies are separately regulated at the State and
municipal levels by public service commissions, and at the Federal
level by the Federal Energy Regulatory Commission. The Bureau also
believes that public utilities credit is akin to trade credit and thus
is
[[Page 35244]]
excluding it from coverage under subpart B for the same reasons.
---------------------------------------------------------------------------
\474\ 40 FR 49298, 49305 (Oct. 22, 1975).
---------------------------------------------------------------------------
104(b)(5) Securities Credit
As noted above, the existing definition of business credit in Sec.
1002.2(g) partially excludes public utilities credit, securities
credit, incidental credit, and government credit, as defined in
existing Sec. 1002.3(a) through (d), from requirements of existing
Regulation B. For the purpose of proposed subpart B, the Bureau
proposed complete exclusions for securities credit from the definition
of a covered credit transaction in proposed Sec. 1002.104(b). The
Bureau sought comment on its proposal to exclude securities credit but
did not receive any comments in response.
For the reasons set forth herein, the Bureau is finalizing Sec.
1002.104(b)(3) as proposed. Section 1002.104(b)(3) excludes securities
credit, as defined in existing Sec. 1002.3(b)(1). Existing Sec.
1002.3(b)(1) states that the term securities credit refers to
extensions of credit subject to regulation under section 7 of the
Securities Exchange Act of 1934 or extensions of credit by a broker or
dealer subject to regulation as a broker or dealer under the Securities
Exchange Act of 1934. Several existing Regulation B requirements do not
apply to securities credit transactions.\475\
---------------------------------------------------------------------------
\475\ See Sec. 1002.3(b).
---------------------------------------------------------------------------
The Bureau is adopting a definition of ``covered credit
transaction'' that only covers business credit and that fully excludes
securities credit pursuant to its authority under ECOA section
704B(g)(1) to prescribe such rules and issue such guidance as may be
necessary to carry out, enforce, and compile data under section 1071,
as well as its authority under ECOA 704B(g)(2) to adopt exceptions to
any requirement of section 1071 and to conditionally or unconditionally
exempt any financial institution or class of financial institutions
from the statute's requirements, as the Bureau deems necessary or
appropriate to carry out the purposes of section 1071. The Bureau is
excluding securities credit to foster consistency with existing
Regulation B.
104(b)(6) Incidental Credit
As noted above, the existing definition of business credit in Sec.
1002.2(g) partially excludes public utilities credit, securities
credit, incidental credit, and government credit, as defined in
existing Sec. 1002.3(a) through (d), from requirements of existing
Regulation B. For the purpose of proposed subpart B, the Bureau
proposed complete exclusions for incidental credit from the definition
of a covered credit transaction in proposed Sec. 1002.104(b).
As the Bureau explained in the NPRM, existing Sec. 1002.3(c)(1)
states that incidental credit refers to extensions of consumer credit
other than public utilities and securities credit (i) that are not made
pursuant to the terms of a credit card account; (ii) that are not
subject to a finance charge (as defined in Regulation Z Sec. 1026.4);
and (iii) that are not payable by agreement in more than four
installments. For example, existing comment 3(c)-1 explains that if a
service provider (such as a hospital, doctor, lawyer, or merchant)
allows the client or customer to defer the payment of a bill, this
deferral of debt is credit for purposes of Regulation B, even though
there is no finance charge and no agreement for payment in
installments--meaning that it would not be covered under Regulation Z.
Such extensions of incidental credit are excepted from compliance with
certain procedural requirements as specified in existing Sec.
1002.3(c). The Board created these exceptions in response to commenters
that urged it to minimize burdens on businesses that ``permit their
customers to defer payment of debt as a convenience and are not in the
business of extending credit.'' \476\
---------------------------------------------------------------------------
\476\ 40 FR 49298, 49304 (Oct. 22, 1975).
---------------------------------------------------------------------------
The Bureau sought comment on its proposal to exclude incidental
credit and it received one industry comment in support of the proposed
exclusion.
For the reasons set forth herein, the Bureau is finalizing Sec.
1002.104(b)(4) as proposed. The Bureau is adopting a definition of
``covered credit transaction'' that only covers business credit and
that fully excludes incidental credit pursuant to its authority under
ECOA section 704B(g)(1) to prescribe such rules and issue such guidance
as may be necessary to carry out, enforce, and compile data under
section 1071, as well as its authority under 704B(g)(2) to adopt
exceptions to any requirement of section 1071 and to conditionally or
unconditionally exempt any financial institution or class of financial
institutions from the statute's requirements, as the Bureau deems
necessary or appropriate to carry out the purposes of section 1071. The
Bureau believes that the Board's reasoning with respect to incidental
credit's limited exception under existing Regulation B is equally
applicable and relevant here. Additionally, the Bureau believes that
providers of incidental credit may not intend to extend credit and may
not currently manage compliance with regulatory requirements associated
with making extensions of credit. The Bureau believes an exclusion is
appropriate to further the business and community development purpose
of section 1071 because of the likelihood that these entities may incur
large costs relative to their size to collect and report 1071 data in
an accurate and consistent manner, which could result in entities
limiting credit to their small business customers or in potential data
quality issues.
Government Credit
The existing definition of business credit in Sec. 1002.2(g)
partially excludes public utilities credit, securities credit,
incidental credit, and government credit (that is, extensions of credit
made to governments or governmental subdivisions, agencies, or
instrumentalities--not extensions of credit made by governments), as
defined in existing Sec. 1002.3(a) through (d), from existing
Regulation B.\477\
---------------------------------------------------------------------------
\477\ As explained in existing comment 3-1, under Sec. 1002.3,
procedural requirements of Regulation B do not apply to certain
types of credit. The comment further states that all classes of
transactions remain subject to Sec. 1002.4(a) (the general rule
barring discrimination on a prohibited basis) and to any other
provision not specifically excepted.
---------------------------------------------------------------------------
In its NPRM, the Bureau did not propose in Sec. 1002.104(b) to
separately exclude government credit, as defined in existing Sec.
1002.3(d)(1) to mean ``extensions of credit made to governments or
governmental subdivisions, agencies, or instrumentalities.'' The Bureau
sought comment on its approach to government credit but did not receive
any comments on this aspect of the proposal. For the purpose of subpart
B, the Bureau is finalizing complete exclusions for public utilities
credit, securities credit, and incidental credit from the definition of
a covered credit transaction in final Sec. 1002.104(b), as described
above, but is not adopting a similar exclusion for government credit.
The Bureau is finalizing its approach because it believes that an
express exclusion for extensions of credit made to governments or
governmental subdivisions, agencies, or instrumentalities is not
necessary because such governmental entities would not constitute small
businesses under the final rule.\478\
---------------------------------------------------------------------------
\478\ Government entities are not ``organized for profit'' and
are thus not a ``business concern'' under proposed Sec.
1002.106(a).
---------------------------------------------------------------------------
Additional Requested Exclusions
The Bureau received numerous comments requesting the Bureau exclude
additional products from coverage under the rule. These
[[Page 35245]]
comments and the Bureau's response are discussed below.
Point-of-sale transactions. A trade association urged the Bureau to
fully exempt point-of-sale transactions from the rule, arguing that
data collected in connection with such transactions would be
inaccurate. In the alternative, this commenter suggested an exception
from the requirement to obtain principal owners' ethnicity, race, and
sex information, for credit lines below $50,000. As discussed in the
section-by-section analysis of Sec. 1002.107(c), the Bureau does not
believe it would be appropriate to categorically exempt point-of-sale
transactions. The Bureau also is not adopting a minimum transaction
amount threshold, as discussed below.
Minimum transaction amount threshold. Some industry commenters
requested the Bureau exempt all credit transactions from section 1071
collection and reporting requirements if they fell below a certain
minimum transaction threshold. One commenter asked the Bureau to adopt
a de minimis loan amount exemption of at least $1 million to soften the
rule's impact on small entities and borrowers. A credit union stated
that the Bureau should implement a minimum loan amount of $10 million.
Some banks urged an exemption for ``small loans'' under $25,000,
asserting a need to help institutions, especially smaller institutions,
keep compliance costs down and ensure these credit products remain
available to the small and agricultural businesses who need them most.
Some industry commenters, including several credit union trade
associations, requested an exemption for credit transactions under
$50,000. A few commenters argued such an exemption was needed for
consistency with National Credit Union Administration regulations,
which impose a $50,000 threshold for reporting member business loans.
Two credit union trade associations argued that failing to exempt such
loans would reduce their availability and also reflects a substantial
underestimation of the full impact of the proposed covered financial
institution threshold. Several trade associations also recommended the
Bureau permit voluntary reporting of loans below $50,000. A bank stated
that a $50,000 threshold would result in a significant improvement that
would still allow the Bureau to obtain meaningful data. Another bank
maintained that this exclusion was needed to reduce compliance burdens
related to small loans that are not profitable but that are important
to communities. On the other hand, another commenter stressed the
importance of supporting access to microloans for financing start-up or
growth and suggested separating microloans ($50,000 or less) into a
separate category.
A few industry commenters suggested exempting loans under $100,000.
These commenters generally argued that such an exemption was needed to
keep the cost of loan origination lower for small dollar borrowers,
thereby helping to make more borrowers eligible for credit. Several
industry commenters urged the Bureau adopt a minimum transaction amount
threshold, without specifying a dollar amount. One of these commenters
noted that, due to price inflation, $100,000 would be too small of an
amount for such a threshold and that if a threshold were established,
it would need to be per loan and not cumulative.
For the reasons set forth herein, the Bureau is not adopting an
exemption for credit transactions below a certain dollar threshold. At
the time of the Federal Reserve Banks' 2021 survey of employer firms,
60 percent of employer firms had $100,000 or less in outstanding debt,
with 48 percent of such firms holding $50,000 or less in outstanding
debt.\479\ According to SBA data, more than 87 percent of Paycheck
Protection Program loans in 2021 were loans of $50,000 and below,\480\
and approximately 20 percent of SBA 7(a) loans between 2010 and 2019
were in amounts less than $25,000. In terms of industry adoption of
minimum loan amount thresholds, research by the FDIC shows that only a
small share (14.8 percent) of small banks require a minimum loan amount
for their top loan product to small businesses, compared with a
majority (69.8 percent) of large banks.\481\ Moreover, as discussed in
the section-by-section analysis of Sec. 1002.106(b)(1), the Bureau
believes that loan size a poor proxy for small business size--in fact,
FDIC staff found ``at least $19.1 billion in gross understatement of
small business lending (in which small businesses with less than $1
million in gross annual revenue received loans with amounts greater
than $1 million).'' \482\ Based on this information, the Bureau does
not believe that adopting a minimum transaction amount threshold would
further the purposes of section 1071 because it would exclude
substantial portions of small business lending.
---------------------------------------------------------------------------
\479\ 2022 Small Business Credit Survey at 13.
\480\ Small Bus. Admin., PPP Report: Approvals through 05/31/
2021, https://www.sba.gov/sites/default/files/2021-06/PPP_Report_Public_210531-508.pdf.
\481\ Small Business Lending Survey at 44, https://www.fdic.gov/bank/historical/sbls/full-survey.pdf.
\482\ Fed. Deposit Ins. Corp., Measurement of Small Business
Lending Using Call Reports: Further Insights From the Small Business
Lending Survey, at 7 (July 2020), https://www.fdic.gov/analysis/cfr/staff-studies/2020-04.pdf.
---------------------------------------------------------------------------
Vehicle financing. One bank urged the Bureau to specify that any
motor vehicle financed in the first instance by retail motor vehicle
dealers are deemed consumer loans and thus exempt. A vehicle leasing
trade association also suggested that vehicle financing was so similar
to consumer lending that it should be exempt from section 1071
reporting requirements.
The Bureau is not categorically exempting business-purpose vehicle
financing, even though it may often be offered alongside consumer-
purpose credit. Per existing comment 2(g)-1, the test for deciding
whether a transaction qualifies as business credit is one of primary
purpose. Where a small business applies for vehicle financing primarily
for business or commercial (including agricultural) purposes from a
covered financial institution, the transaction is reportable. For a
broader discussion of vehicle financing with respect to reporting
obligations where multiple financial institutions are involved in a
covered credit transaction, see the section-by-section analysis of
Sec. 1002.109(a)(3).
Letters of credit. A bank asked the Bureau to clarify if letters of
credit are covered credit transactions for purposes of section 1071,
and if they are, this commenter also recommended that the Bureau
exclude these types of transactions from reporting.
The Bureau understands that letters of credit products are
primarily used in the international trade context. Generally, a letter
of credit is an instrument issued by a bank that promises, upon the
presentation of certain documents and/or satisfaction of certain
conditions, to direct payment to a beneficiary of the instrument.
Letters of credit are often presented by buyers of goods who seek to
postpone payment until their goods have been received. Some letters of
credit are secured by a promissory note and are converted if the
customer fails to pay.
ECOA and Regulation B do not address letters of credit. Regulation
Z excludes letters of credit under its comment 2(a)(14)-1.vi. In
finalizing this exclusion, the Board stated that ``[i]ssuance of
letters of credit and execution of option contracts are not extensions
of credit, although there may be an extension of credit when the letter
of credit is presented for payment or the option is exercised, if there
is a deferral of the payment of a debt at that
[[Page 35246]]
time.'' \483\ The Bureau agrees with the Board's assessment of these
products and believes that a letter of credit is not credit under ECOA.
Thus, the Bureau is not covering letters of credit under the final
rule.
---------------------------------------------------------------------------
\483\ 46 FR 20848, 20851 (Apr. 7, 1981).
---------------------------------------------------------------------------
Government programs. Some industry commenters urged the Bureau to
exempt government lending programs (such as the Paycheck Protection
Program) and/or government sponsored/guaranteed loans (such as USDA
loans), arguing that inclusion would discourage participation. One also
argued that the fact that the fees and interest rates for Paycheck
Protection Program loans were set by Congress, meant there was a
reduced risk of discriminatory lending practices related to terms of
the credit transaction. Another suggested that 1071 data collection and
reporting was not required because many government programs already
collected similar information. A few commenters specifically
recommended exempting SBA lending programs, particularly section 504
loans.
The Bureau has considered these comments but is not categorically
exempting credit transactions originated by, sponsored by, facilitated
by, or guaranteed by government entities. According to one source,
there are 65 government-sponsored, grants, loans, and programs that may
benefit small businesses.\484\ The Bureau understands that many small
businesses rely on government programs for credit and believes that
excluding such credit in this final rule would not further either of
section 1071's statutory purposes.
---------------------------------------------------------------------------
\484\ U.S. Chamber of Com., 65 Grants, Loans and Programs to
Benefit Your Small Business (Nov. 17, 2022), https://www.uschamber.com/co/run/business-financing/government-small-business-grant-programs.
---------------------------------------------------------------------------
C-PACE loans. A trade association of Commercial Property Assessed
Clean Energy (C-PACE) loan providers requested an exemption due to
purportedly unique features of C-PACE loans, such as prior approval by
the local government, absence of acceleration, lack of control over the
identity of the obligor, and absence of private remedies.
C-PACE programs generally allow commercial property owners, which
could include small businesses, to receive financing to fund clean-
energy, seismic strengthening, or water conservation improvements to
their properties. The financial obligation arises from voluntary
contract. Various private companies appear to play a significant role
in financing, originating, and administering C-PACE transactions. Under
State law, C-PACE is an assessment that appears on businesses' property
tax bills. Although the commercial property owner signs the financing
agreement, it is typically not a personal liability of the commercial
property owner, and the obligation will stay with the property until
fully paid. C-PACE is secured by a super-priority lien on the
property--if the property is sold through foreclosure, C-PACE (like a
regular property tax lien) is first in line to receive any proceeds
from the sale even if a mortgage was on the property first. The Bureau
understands that typically, only the arrearage on the C-PACE lien gets
paid off in foreclosure, and the rest of the C-PACE indebtedness
remains with the property after foreclosure.
While publicly available data on C-PACE programs appear to be
limited, the Bureau understands that these programs are growing in
popularity; \485\ excluding these loan products from the requirements
of this rule would result in incomplete data about the relevant markets
and would thus not advance section 1071's business and community
development purpose.
---------------------------------------------------------------------------
\485\ See, e.g., Greenworks Lending, C-PACE Financing Sees
Massive Growth Nationally: What you should know about this
alternative development financing mechanism (June 7, 2021), https://commercialobserver.com/2021/06/c-pace-financing-sees-massive-growth-nationally/.
---------------------------------------------------------------------------
The Bureau is not excluding C-PACE financing arrangements from
reporting under section 1071, as requested by one commenter. Based on
its understanding of typical C-PACE financing arrangements and its
expertise with respect to the nature of credit transactions, the Bureau
believes that the term ``credit'' under ECOA and final Sec.
1002.102(i) encompasses these products. Under a C-PACE financing
arrangement, there is (1) a ``debt'' in the form of an obligation to
pay for the cost of property upgrades and (2) a right to defer payment
on that obligation for a term. Similarly, there is (1) a ``purchase[]
[of] property or services'' in the form of property upgrades, and (2) a
right to defer payment on the property or services. The borrower enters
into C-PACE financing through a voluntary transaction. That the parties
agree that payment will be made through an assessment through the
property tax system does not change the Bureau's analysis. ECOA (and
Regulation B) do not specify a particular vehicle or form of payment
for a transaction to constitute credit, nor do they limit the form of
obligation. The Bureau is not specifically defining C-PACE financing
arrangements in the rule because the Bureau believes these products are
covered by the definition of ``credit'' in final Sec. 1002.102(i).
Finally, in the Bureau's judgment, an exclusion of C-PACE loans--
whether by interpretation or by granting an exception--would not
further the fair lending and the business and community development
purposes of section 1071.\486\ This is for three independent reasons.
First, while the Bureau understands that C-PACE financing may present
less fair lending risk compared to some other products because such
financing is based on the value of the property, not the
creditworthiness of the obligor (who can change along with ownership of
the property), the Bureau does not believe that is a sufficient reason
by itself to exclude C-PACE lending from coverage under this final
rule. Section 1071 is not limited to those products with the highest
fair lending risk. Second, the Bureau does not agree that data
collection to provide additional insight into the product is
unnecessary. Third, and most significantly, including C-PACE loans
should create a more level playing field across financial institutions
that provide construction financing to small businesses as well as
create a dataset that better reflects demand for such financing by the
smallest and most vulnerable businesses.
---------------------------------------------------------------------------
\486\ ECOA section 704B(a).
---------------------------------------------------------------------------
Overdraft lines of credit. In its NPRM, the Bureau did not address
overdraft lines of credit other than asking whether they should be
listed as a credit product separate from other lines of credit. The
Bureau received one comment urging exclusion of overdraft lines of
credit on the grounds that their inclusion would significantly expand
the data collection requirements for small business deposit account
applications since most such deposit accounts have an option to obtain
an overdraft line of credit. This commenter also argued that collecting
data on overdraft lines of credit would not further section 1071's
purpose of preventing discrimination against small business credit
applicants because banks conduct little, if any, underwriting when
extending overdraft lines of credit on small business deposit accounts.
The Bureau is not categorically exempting overdraft lines of credit
but notes that they are reportable only where there is an
``application'' under Sec. 1002.103. Providing occasional overdraft
services as part of a deposit account offering would not be reported
for the purpose of subpart B pursuant to new comment 107(a)(6)-8.
[[Page 35247]]
Voluntary Reporting
Absent a specific requirement to collect protected demographic data
(such as in section 1071), ECOA generally blocks collection of such
demographic data in connection with an application for credit. The
Bureau sought comment on whether financial institutions should be
permitted to voluntarily collect and report applicants' protected
demographic information for transactions such as leases (due to the
practical difficulty cited by some stakeholders of distinguishing
leases from loans), consumer-designated credit (when financial
institutions have reason to believe the credit might be used for
business purposes), and real estate investment loan transactions that
are secured by non-owner occupied 1-4 dwelling unit properties pursuant
to proposed Sec. 1002.109.
The Bureau received comments from community groups and trade
associations on this aspect of the proposal. A number of community
groups stated that the Bureau should permit voluntary reporting on
leases and factoring to have the most comprehensive data on the small
business financing market as it relates to minority entrepreneurs. A
community group purporting to address the proposed amendments to
existing Sec. 1002.5(a)(4) commented that the Bureau should permit
voluntary collection not only by financial institutions not covered by
the rule, but also should permit covered financial institutions to
collect data on consumer credit used to fund small businesses.
The Bureau did not receive any industry comments expressing an
interest in being able to voluntarily report non-covered products. In
fact, a few trade associations and a business advocacy group expressly
opposed such voluntary reporting. One trade association argued against
voluntary reporting of non-covered transactions, citing concerns about
the quality of data collected and the creation of an uneven playing
field among financial institutions that would contribute to
misinterpretations of the data by observers. Two other commenters also
argued against the voluntary reporting of consumer-designated credit
used for business purposes, asserting that such reporting would create
confusion, introduce the possibility of error, and put financial
institutions in a position to question their members' intentions.
For the reasons set forth herein, the Bureau is finalizing its
approach to not permit voluntary reporting of non-covered products. The
Bureau sought comment on voluntary reporting to address a potential
pain point for industry but heard no industry interest in such a
solution. The Bureau thus finds it unnecessary to change the proposed
section 1071 collection system to receive data on such non-covered
products. However, as discussed in the section-by-section analysis of
Sec. 1002.112(c)(3), the Bureau is adopting a catch-all safe harbor
that will protect financial institutions who encounter the underlying
situation that voluntary reporting was intended to address.
Specifically, that safe harbor will address situations where a
financial institution has a reasonable basis--at the time of collecting
the protected demographic information required by this rule--to believe
there is a covered application and that data collection is necessary,
including situations in which it later determines that the transaction
is not in fact reportable (because the ultimate transaction is not a
covered product, the business is not small, or there is otherwise not a
covered application).
Section 1002.105 Covered Financial Institutions and Exempt Institutions
ECOA section 704B(h)(1) defines the term ``financial institution''
as ``any partnership, company, corporation, association (incorporated
or unincorporated), trust, estate, cooperative organization, or other
entity that engages in any financial activity.'' The Bureau is
finalizing a definition of financial institution in Sec. 1002.105(a)
consistent with that statutory language. The Bureau is defining a
covered financial institution in Sec. 1002.105(b) as a financial
institution that originated at least 100 covered credit transactions
from small businesses in each of the two preceding calendar years. Only
those financial institutions that meet this loan-volume threshold in
the definition of a covered financial institution would be required to
collect and report small business lending data pursuant to proposed
subpart B.
The Bureau's definitions reflect the broad nature of the data
collection specified in section 1071, while recognizing the risks that
financial institutions with the lowest volume of small business lending
might limit their small business lending activity because of the fixed
costs of coming into compliance with this rule.
The Bureau is finalizing Sec. 1002.105 to implement ECOA section
704B(h)(1) and pursuant to its authority under 704B(g)(1) to prescribe
such rules and issue such guidance as may be necessary to carry out,
enforce, and compile data pursuant to section 1071. The Bureau is also
finalizing Sec. 1002.105(b) pursuant to its authority under 704B(g)(2)
to conditionally or unconditionally exempt any financial institution or
class of financial institutions from the statute's requirements, as the
Bureau deems necessary or appropriate to carry out the purposes of
section 1071. The Bureau is finalizing these provisions and using its
exemption authority under 704B(g)(2) for the reasons set forth below.
105(a) Financial Institution
Proposed Rule
ECOA section 704B(h)(1) defines the term ``financial institution,''
for purposes of section 1071, as ``any partnership, company,
corporation, association (incorporated or unincorporated), trust,
estate, cooperative organization, or other entity that engages in any
financial activity.'' Existing Regulation B, which implements ECOA, has
not otherwise defined this term.
Proposed Sec. 1002.105(a) would have restated the statutory
definition of a financial institution as any partnership, company,
corporation, association (incorporated or unincorporated), trust,
estate, cooperative organization, or other entity that engages in any
financial activity. The Bureau believed that this definition reflects
the broad nature of small business lending data collection specified in
section 1071. Under such a definition, the rule's data collection and
reporting requirements would apply to a variety of entities that engage
in small business lending, including depository institutions (i.e.,
banks, savings associations, and credit unions),\487\ online lenders,
platform lenders, CDFIs, Farm Credit System lenders, lenders involved
in equipment and vehicle financing (captive financing companies and
independent financing companies), commercial finance companies,
governmental lending entities, and nonprofit, nondepository lenders.
---------------------------------------------------------------------------
\487\ Throughout this document, the Bureau is using the term
depository institution to mean any bank or savings association
defined by the Federal Deposit Insurance Act, 12 U.S.C. 1813(c)(1),
or credit union defined pursuant to the Federal Credit Union Act, as
implemented by 12 CFR 700.2. The Bureau notes that the Dodd-Frank
Act defines a depository institution to mean any bank or savings
association defined by the Federal Deposit Insurance Act; there,
that term does not encompass credit unions. 12 U.S.C. 5301(18)(A),
1813(c)(1). To facilitate analysis and discussion, the Bureau is
referring to banks and savings associations together with credit
unions as depository institutions throughout this rulemaking, unless
otherwise specified.
---------------------------------------------------------------------------
The Bureau noted that the broad scope of what may be considered a
``financial activity'' in the proposed
[[Page 35248]]
definition of financial institution would not be the principal
determinative factor as to whether small business lending data
collection and reporting is required; the proposed definition of a
covered financial institution, the proposed definition of a covered
application, and the proposed definition of a covered credit
transaction, among others, all would impose limits on what entities
could be subject to the rule's data collection and reporting
requirements.
Proposed comment 105(a)-1 would have provided a list of examples of
entities that may fit within the definition of a financial institution.
This proposed comment would have made clear that nonprofit and
governmental entities, governmental subdivisions, or governmental
agencies, among others, who conduct financial activity fit within the
definition of a financial institution. Proposed comment 105(a)-2 would
have referred to proposed Sec. 1002.101(a) to reiterate the statutory
exclusion for motor vehicle dealers.
The Bureau sought comment on this proposed definition of a
financial institution, and generally requested comment on whether
additional clarification is needed.
Comments Received
A broad range of commenters, including lenders, trade associations,
community groups, and business advocacy groups, expressed support for
the Bureau's proposed general definition of financial institution. A
number of commenters stated that it is an appropriately broad
definition that captures a wide variety of lenders, including online
lenders, platform lenders, lenders involved in equipment and vehicle
financing, and commercial finance companies. Commenters asserted that a
broad definition will yield meaningful data. Several commenters noted
that capturing a broad array of lenders is essential for achieving the
objectives of section 1071 and that a broad definition is important for
regulatory parity. Other commenters stated that there should be no
exceptions permitted for certain types of lenders and a community group
stated that missing any segment of lending risks encouraging abusive
lending institutions to violate fair lending laws. One trade
association expressed opposition to the proposed definition, however,
arguing that it is too broad because it includes captive vehicle
finance partners.
Several commenters agreed that the rule must apply to government
lenders, with one commenter specifically requesting inclusion of the
Farm Service Agency. An association urged the Bureau to include as
examples in the rule the largest Federal, State, and municipal lending
programs.
Another trade association stated that SBA certified development
companies are certified and regulated by the SBA, and the SBA already
collects application information that includes the data points that the
Bureau proposes to collect. The commenter further asserted that
reproducing these data will likely incur significant one time and
ongoing compliance costs. In contrast, a bank stated that data shows
that the performance levels of the SBA and the lenders participating in
their programs has produced dismal results, permitting some lenders to
enjoy ``preferred'' lender status while not delivering loans to
disadvantaged communities. Moreover, two commenters urged the Bureau to
work with other government agencies to ensure that existing reporting
is leveraged where possible.
Final Rule
For the reasons set forth herein, the Bureau is finalizing Sec.
1002.105(a) and its associated commentary as proposed. The Bureau
emphasizes that the list of examples of entities in comment 105(a)-1 is
not exhaustive and that other entities not specifically described may
nonetheless fit within the definition of a financial institution under
Sec. 1002.105(a). The Bureau agrees with commenters that governmental
lenders should be covered by the rule. As explained in the proposed
rule, the Bureau interprets the statute to include government entities
in the definition of financial institution. The definition of the term
``financial institution'' in ECOA section 704B(h)(1) includes the
phrase ``or other entity.'' That term readily encompasses governments
and government entities. Even if the term ``or other entity'' were
ambiguous, the Bureau believes--based on its expertise and experience--
that interpreting it to encompass governments and government entities
promotes the purposes of section 1071.
For example, the Bureau believes that it will be helpful to
identify the business and community development needs and opportunities
of small businesses, including those that are women-owned, minority-
owned, and LGBTQI+-owned, by collecting lending data from both a
county-run assistance program for establishing new businesses and
financial institutions that operate nationwide, like online lenders.
The Bureau also believes that the terms ``companies'' or
``corporations'' under the definition of ``financial institution'' in
ECOA section 704B(h)(1), cover all companies and corporations,
including government-owned or -companies and corporations. And even if
those terms were ambiguous, the Bureau believes--based on its expertise
and experience--that interpreting them to cover government-owned or -
companies and corporations advances the purposes of section 1071,
particularly the business and community development purpose, as it will
more accurately capture demand for credit.
The Bureau is not, however, listing specific examples of covered
governmental lenders/programs in the rule. The Bureau does not believe
such a list is necessary, and inclusion of a specific list could cause
confusion if the listed programs (or those lenders' loan volumes) were
to change.
In response to commenters who raised potential overlap with other
reporting regimes, see part V.D.3 for a detailed discussion of this
issue.
Commenters' requests for specific exclusions, such as for captive
vehicle finance partners, are discussed in the section-by-section
analysis of Sec. 1002.105(b) below.
105(b) Covered Financial Institution
Background
Throughout the rulemaking process, the Bureau has received requests
to adopt a variety of exemptions from collection and reporting
requirements under section 1071. Reasons cited have included
discouraging market disruption, ensuring data quality, alleged lack of
materiality of data from smaller lenders that rarely make small
business loans, and lack of capacity by the lenders sufficient to
justify small business lending as a line of business in light of the
cost of complying with the rule.
As detailed below, the Bureau is adopting an activity-based
exemption. The Bureau defines a covered financial institution in Sec.
1002.105(b) as a financial institution that originated at least 100
covered credit transactions from small businesses in each of the two
preceding calendar years. Only those financial institutions that meet
this loan-volume threshold in the definition of a covered financial
institution will be required to collect and report small business
lending data under this rule. The final rule does not include
categorical exemptions for particular types of institutions from
coverage, but the Bureau notes that its Regulation B does not apply to
motor vehicle dealers.\488\
---------------------------------------------------------------------------
\488\ Regulation B does not apply to a person excluded from
coverage by section 1029 of the Consumer Financial Protection Act of
2010, title X of the Dodd-Frank Wall Street Reform and Consumer
Protection Act, Public Law 111-203, 124 Stat. 1376, 2004 (2010).
---------------------------------------------------------------------------
[[Page 35249]]
Proposed Rule
Activity-based exemption. In the SBREFA Outline, the Bureau stated
that it was considering whether only financial institutions that engage
in a certain amount of small business lending activity should be
required to collect and report 1071 data.\489\ The Bureau explained
that in light of section 1071's potentially broad application to
financial institutions, an activity-based test to determine reporting
responsibility might be appropriate. In particular, the Bureau
expressed concern that financial institutions with the lowest volume of
small business lending might limit their small business lending
activity because of the fixed costs of coming into compliance with the
rule. The Bureau stated that this result could be contrary to the
community development purpose of section 1071.
---------------------------------------------------------------------------
\489\ SBREFA Outline at 12-13.
---------------------------------------------------------------------------
In the NPRM, the Bureau stated that it believed that an activity-
based threshold would provide a simple basis for financial institutions
that infrequently lend to small businesses to determine whether they
have conducted sufficient lending activity as to be required to collect
and report data under proposed subpart B. The Bureau believed that
furnishing a dual activity-based and asset-based threshold, under which
infrequent lenders must ascertain both measurements to determine
whether reporting may be required, would cut against the goal of
simplifying the rule as lenders would then have to track two metrics,
not one. The Bureau believed that a dual threshold would create more
regulatory complexity as compared to only tracking total annual small
business originations.
In particular, the Bureau believed that a primary advantage of an
activity-based threshold--ease of compliance--would be undermined if
the Bureau were to implement a complex, dual threshold eligibility
test. The Bureau wished to ensure that infrequent lenders were not
incurring significant undue compliance costs, particularly while not
reporting data. In general, tracking two thresholds is more complex
than tracking one. The Bureau believed it is also more likely that
financial institutions are already tracking total originations. The
Bureau believed that proposing an activity-based threshold that employs
data already generally collected by financial institutions could
mitigate the risk that section 1071, when implemented, would result in
reduced access to credit.
Activity threshold level. Proposed Sec. 1002.105(b) would have
defined a covered financial institution as a financial institution that
originated at least 25 covered credit transactions for small businesses
in each of the two preceding calendar years. Only those financial
institutions that meet this loan-volume threshold in the definition of
a covered financial institution would be required to collect and report
small business lending data pursuant to subpart B.
The Bureau believed this definition would facilitate compliance by
describing which financial institutions are required to collect and
report small business data. The Bureau also proposed commentary to
accompany proposed Sec. 1002.105(b). In general, the Bureau believed
that fulfilling the purposes of section 1071 necessitates collecting
small business lending data from all sizes and types of financial
institutions (other than those with a low volume of lending activity),
particularly given the variety of entities identified in ECOA section
704B(h)(1). The Bureau proposed to exempt certain financial
institutions from its small business lending rule because it remained
concerned that financial institutions with the lowest volume of small
business lending might limit their small business lending activity due
to the fixed costs of coming into compliance with the rule. That type
of market disruption could run contrary to the business and community
development purpose of section 1071. Section 1071 describes its
community development purpose as ``enabl[ing] communities, governmental
entities, and creditors to identify business and community development
needs and opportunities of women-owned, minority-owned, and small
businesses.'' \490\ In the Bureau's view, ensuring that business and
community development opportunities could be met as well as identified
supported the Bureau's use of its exemption authority under 704B(g)(2)
here.
---------------------------------------------------------------------------
\490\ ECOA section 704B(a).
---------------------------------------------------------------------------
The Bureau proposed to set the activity-based threshold based on
small business originations, rather than applications. The statutory
language of section 1071 generally applies to applications; however,
the Bureau believed that using small business originations for purposes
of defining a covered financial institution is the better approach. The
Bureau expected that financial institutions track their small business
application volumes in various ways, but whether an origination
resulted was a clear and readily identifiable metric. Using an
exemption metric based on applications would have imposed new
obligations on financial institutions solely for purposes of
determining whether or not they are subject to this rule. As discussed
above, the Bureau believed that proposing an activity-based threshold
that employed data already generally collected by financial
institutions could mitigate the risk that section 1071, when
implemented, would result in reduced access to credit. In addition,
even those financial institutions that track total applications now may
not do so in a way that fully aligns with how the Bureau proposed to
define covered applications for purposes of proposed subpart B. Using
the number of originations, as opposed to applications, for an
activity-based threshold was also consistent with the Bureau's
Regulation C.
The Bureau proposed to clarify in Sec. 1002.105(b) that for
purposes of defining a covered financial institution, if more than one
financial institution was involved in the origination of a covered
credit transaction, only the financial institution that made the final
credit decision approving the application shall count the origination.
The Bureau believed that providing this clarifying language would
assist financial institutions in understanding which transactions count
towards the loan-volume threshold. This approach was consistent with
the Bureau's proposed Sec. 1002.109(a)(3).
Proposed comments 105(b)-4 and -5 would have explained when a
financial institution was a covered financial institution following a
merger or acquisition. These proposed comments were largely consistent
with the Bureau's approach to reporting obligations surrounding a
merger under Regulation C,\491\ with modifications to reflect the
nature of the small business lending market and to provide additional
clarifications.
---------------------------------------------------------------------------
\491\ See Regulation C comments 2(g)-3 and -4.
---------------------------------------------------------------------------
Proposed comment 105(b)-6 would have clarified that Regulation B
(including proposed subpart B) generally did not apply to lending
activities that occur outside the United States.
Finally, proposed comment 105(b)-7 would have addressed financial
institutions that do not qualify as covered financial institutions but
may nonetheless wish to voluntarily collect and report small business
lending data. This proposed comment would have reiterated that proposed
[[Page 35250]]
Sec. 1002.5(a)(4)(vii) through (ix) permitted a creditor that was not
a covered financial institution under proposed Sec. 1002.105(b) to
voluntarily collect and report information regarding covered
applications in certain circumstances. If a creditor is voluntarily
collecting applicants' protected demographic information for covered
applications, it shall do so in compliance with proposed Sec. Sec.
1002.107, 1002.108, 1002.111, 1002.112, and 1002.114 as though it were
a covered financial institution. Proposed comment 105(b)-7 would have
further stated that if a creditor was voluntarily reporting those
covered applications to the Bureau, it shall do so in compliance with
proposed Sec. Sec. 1002.109 and 1002.110 as though it were a covered
financial institution.
The Bureau sought comment on its proposed 25 originations threshold
incorporated into the definition of a covered financial institution.
The Bureau also solicited comment on whether this threshold should
alternatively be set at 50 or 100 covered credit transactions. In
addition, the Bureau sought comment on whether an activity-based
threshold should be based on the total number of small business
applications, rather than originations. The Bureau also requested
comment on whether additional clarification was needed for this
proposed definition.
Two-year threshold measurement period. The Bureau proposed to
define a covered financial institution using a loan-volume threshold
that must be achieved in each of the two preceding calendar years.
The Bureau acknowledged that a loan-volume threshold based on a
two-year period could create some operational complexity for some
financial institutions. To be sure that it was not a covered financial
institution, a financial institution would need to maintain records
sufficient to show total small business originations for both years of
the threshold period. The Bureau believed that two years was not a
prohibitively long time, although it is possible that infrequent
lenders may have smaller staff or fewer resources to reliably track
such information for section 1071's purposes. The Bureau believed that
a two-year threshold period was advisable to eliminate uncertainty
surrounding data collection responsibilities. Under this proposal, a
financial institution that may not frequently lend to small businesses,
but that experiences an unusual and unexpectedly high lending volume in
a single year would not be a covered financial institution. As
discussed in part VIII below, in order to comply with the Bureau's
rule, a financial institution may need to undertake substantial one-
time costs that include operational changes, such as staff training,
information technology changes, and develop policies and procedures.
Therefore, the Bureau believed it appropriate to propose a two-year
threshold period to provide more stability around reporting
responsibilities. Regulations that implement HMDA and the Community
Reinvestment Act provide similar periods to determine coverage.
The Bureau noted that employing a two-year approach would delay
reporting for new, potentially active entrants. For example, under this
proposal a large lender that enters the market and originates hundreds
or even thousands of small business loans in its first two calendar
years of lending would not report its covered applications. That is,
under the Bureau's proposal, this financial institution would not be
required to collect and report data on its covered applications for
small businesses in those first two years, although the institution
could choose to voluntarily collect and report data. The Bureau
recognized, however, that triggering data collection and reporting
requirements based on lenders' estimates of their projected future
volume could be challenging to implement.
The proposed two-year threshold period could pose other challenges
for financial institutions that conduct small business lending activity
near the proposed 25 small business originations threshold. See the
section-by-section analysis of Sec. 1002.5(a)(4) above for a
discussion of Sec. 1002.5(a)(4)(viii), which would allow a financial
institution to collect ethnicity, race, and sex information pursuant to
proposed subpart B for a covered application under certain
circumstances during the second year of the threshold period. See the
section-by-section analysis of Sec. 1002.114(c)(2) below for
discussion of additional flexibility that the Bureau is finalizing
regarding measuring lending activity prior to the rule's compliance
date.
Proposed comment 105(b)-1 would have clarified the meaning of a
preceding calendar year for purposes of the proposed activity-based
threshold. See the section-by-section analysis of Sec. 1002.114(c)(3)
below for additional discussion regarding measuring lending activity
prior to the rule's compliance date. Proposed comment 105(b)-2 would
have emphasized that a financial institution qualifies as a covered
financial institution based on total covered credit transactions
originated for small businesses, rather than covered applications
received from small businesses. Proposed comment 105(b)-3 would have
explained that whether a financial institution is a covered financial
institution depends on its particular small business lending activity
in the two preceding calendar years, and that the obligations of a
covered financial institution is an annual consideration for each year
that data may be compiled and maintained under proposed Sec.
1002.107(a).
Other requested exemptions. The Bureau did not propose to adopt
alternative exemptions or exceptions to the definition of covered
financial institution, other than the loan-volume threshold as
described above.
With respect to government lenders, in the proposal the Bureau
stated that it has not identified, nor did small entity representatives
or other stakeholders provide, policy or legal rationales for excluding
government lenders from the rule. The Bureau believed that collecting
information on small business lending by government entities furthered
the purposes of section 1071. Moreover, the Bureau believed, as
described above in the discussion of proposed comment 105(a)-1, that
government entities were included within the phrase ``other entity'' in
the ECOA section 704B(h)(1) definition of ``financial institution.''
For example, the Bureau believed that it would be helpful to identify
the business and community development needs of women-owned, minority-
owned, and small businesses by collecting lending data from both an
online lender and a county-run assistance program for establishing new
businesses.
For the same reasons, the Bureau did not believe that exempting
not-for-profit lenders from data collection was consistent with the
purposes of section 1071. The Bureau believed that organizations exempt
from taxation pursuant to 26 U.S.C. 501(c) play a crucial role in
lending to small businesses, particularly those that are women- or
minority-owned, in certain communities.
With respect to the concern that certain financial institutions may
encounter difficulty absorbing compliance costs, the Bureau believed
that directly considering a financial institution's activity is a more
appropriate way to address this concern and not a categorical
exemption. With respect to a financial institution's lending importance
for a community or region (such as low income or rural) as a reason to
include categorical exemptions, the Bureau believed that
[[Page 35251]]
such arguments emphasize the importance of collecting and analyzing
such data to further the purposes of section 1071 rather than justify
an exemption. Finally, with respect to the concern that certain
business models or products are not conducive to data collection or
reporting, the Bureau believed it would most appropriately address such
concerns by providing clarification regarding how reporting rules apply
to certain covered credit transactions and also not covering certain
transactions. See the section-by-section analyses of Sec. Sec.
1002.104(b) and 1002.109(a)(3). The Bureau proposed comment 105(a)-1,
discussed above, consistent with the considerations discussed here.
Therefore, for the reasons described above, the Bureau did not
propose to define a covered financial institution by providing
alternative exemptions or exceptions. The Bureau sought comment on this
approach, including data or information that might bear upon any such
alternative exemptions in light of section 1071's purposes.
Comments Received
Commenters expressed a variety of perspectives with respect to the
Bureau's proposal regarding potential exemptions. Feedback from most
industry commenters generally was in support of exempting certain
financial institutions from data collection and reporting obligations.
Most feedback in support of pursuing exemptions focused on the
potential burden of new regulatory requirements, with some commenters
cautioning that collection and reporting obligations could lead to an
increase in the cost of credit and could cause lenders to exit the
market. A few commenters connected these potential costs with section
1071's purpose of identifying business and community development needs
and opportunities (chiefly arguing that costs might lead to higher
costs of lending or lower lending volume), or otherwise expressed a
general belief that some exemptions were consistent with statutory
purposes. In addition, many commenters, mostly community groups, urged
caution with respect to the extent of any such exemptions, arguing that
not capturing a significant amount of small business lending data would
run contrary to the general purposes of section 1071.
Activity-based exemption. Many commenters supported the general
concept of an activity-based threshold. A large bank asserted that an
origination-based approach would ensure that collected data represents
a comprehensive view of the small business lending landscape. A few
commenters stated that a clear, bright line rule is helpful, and that
an activity threshold is relatively simple for low-volume lenders to
apply. Moreover, two commenters said that an activity threshold creates
a level playing field, while a CDFI lender stated that such an approach
will ensure that the Bureau captures data from lenders that are small
in asset size but active in small business lending. Two commenters,
however, noted that some lenders may not currently track applicant GAR
and this may somewhat increase burden of counting originations to small
businesses.
A community group urged the Bureau to guard against evasion of the
activity-based threshold through the creation of subsidiaries, stating
that the Bureau should include a rule that for the purposes of
determining the loan threshold, loans are counted at the parent
institution or holding company level.
A number of commenters opposed an activity-based threshold. Two
banks stated that it was confusing because the threshold is only for
originations, yet all applications are reported. One of the banks
stated that a financial institution may not know whether it would meet
the threshold until very close to the reporting period, while another
bank stated it may be difficult to know which loans are covered for
purposes of determining loan activity.
Several industry commenters asserted that an activity-based
threshold is not a good metric for banks, with several banks suggesting
that an asset-size coverage definition would be more straightforward
and consistent. Commenters explained that lending varies each year,
while assets are more predictable and forecastable. A few community
banks stated that an activity-based threshold based solely on
originations is misguided and results in a one-size-fits-all exemption
that disregards the unique characteristics that exist in communities
across the country, resulting in reduced access to credit. Several
industry commenters stated that an activity-based threshold could
encourage lenders to deny applications or reduce their lending to stay
under the threshold. Additionally, several commenters noted that some
lenders near the threshold may go back and forth between being covered
or not.
Counting originations. Several lenders, trade associations, and a
community group, expressed support for counting originations, not
applications, for determining coverage. The community group asserted
that this approach is consistent with CRA and HMDA.
A few commenters provided feedback on how originations should be
counted for purposes of determining the threshold. A trade association
asserted that all Paycheck Protection Program loans and similar future
government programs should be exempt from the originations threshold.
In addition, two commenters stated that additional credit amounts, such
as line increases, should not count as a separate credit product for
purposes of counting originations for the threshold. One noted that
very small businesses may request multiple line increases in a year.
Activity threshold level. The Bureau received a large number of
comments regarding the activity threshold level from a range of
stakeholders, including lenders and community groups. Many community
groups and some industry commenters, including community-oriented
lenders and a few large banks, along with a minority business advocacy
group and several members of Congress, supported the proposed 25 loan
threshold, citing its broad coverage. Commenters stated that the
proposed threshold allows for coverage of banks, nondepository lenders,
``fintech'' lenders, CDFIs, and other types of financial institutions.
A community-oriented lender argued that gathering data from small
business lenders or all types and sizes is critical, given that
entrepreneurs of color are less likely to be approved for capital by
banks, often turning to alternative lenders as a result. Another
commenter stated that even a 25-origination lender will have
substantial data with respect to adverse actions or declinations, up to
four times as much.
Commenters asserted that this threshold was an appropriate approach
to excluding de minimis lenders, was simple to apply, and would yield
meaningful data collection. A few commenters argued that the activity
threshold should not be increased above 25 loans, given the Bureau's
estimated costs of compliance. Some commenters cited similarities to
the 2015 HMDA rule, with one commenter further asserting that when the
HMDA threshold was raised, certain lenders no longer reported data.
Commenters asserted that gathering robust lending data will ensure that
the rule implementing section 1071 is fulfilling the statutory purposes
and community development organizations need sufficient data that cover
enough of the market. In addition, one commenter urged a 10-loan
threshold, asserting that is the minimum threshold that is necessary to
change lending behavior
[[Page 35252]]
and improve access to capital for Black business borrowers. This
commenter further asserted that all regulated financial institutions
that maintain FDIC deposit insurance should report their small business
lending results.
Many commenters, including community groups, community-oriented
lenders, individual commenters, and a business advocacy group,
emphasized that section 1071's statutory purposes could be frustrated
if the threshold were increased. Commenters argued that it would be
impossible to meet the statutory purposes of the rule unless most of
the market is covered. A commenter further asserted that if the
threshold were increased, the database would no longer be statistically
representative of actual lending and would not be able to accurately
reveal whether credit needs were being met in all communities.
Commenters stated that increasing the threshold will disproportionately
harm many small business owners, rural communities, banking deserts and
redlined areas that may find that ``small'' lenders make up a
significant portion of the local lending market. Commenters stated that
accurately measuring access to credit, and pursuing fair lending
enforcement when warranted, would be substantially diminished if too
many lenders and loans are exempt from reporting, particularly in
smaller cities and rural areas. Another commenter asserted that if the
Bureau elected to use a higher threshold it would exclude gathering
data from commercial lenders that are small, but still impact many
people. Moreover, a commenter stated that the Bureau's estimates show
decreased coverage of banks at higher thresholds.
Commenters stated that it is important to ensure coverage of rural
areas, which may be in persistent poverty, and which are often served
by small lenders. Moreover, a community group stated that the threshold
must cover intermediate-sized banks, which are important to rural
communities and small cities, and whose information has been missing
from CRA data since 2003. Commenters stated that increasing the
threshold could frustrate enforcement of the CRA, and risk the chance
that the data are not representative of the actual small business
lending landscape. A commenter further asserted that comprehensive data
are needed to assist in fair lending actions at the local level.
In contrast, nearly all industry commenters opposed the proposed
coverage threshold of 25 originations annually for two consecutive
years. Commenters stated that the threshold was too low and would lead
to increased costs and burden, particularly for community banks and
credit unions. Numerous banks and trade associations expressed concern
that too many small banks would be subject to the rule with a 25-loan
activity threshold. For example, two trade associations asserted that
at least 780 banks under $100 million in assets would be subject to
reporting, and these institutions average 13 employees at 1.6 branches.
In addition, several members of Congress asserted that the proposed
threshold levels for the rule were far too stringent, and would
drastically impact the ability of small institutions to make loans to
small businesses and decrease access to credit for minority-owned,
women-owned, and small businesses. Several commenters argued that small
lenders have little data to offer relative to the costs of acquiring
the data. One also asserted that it was unreasonable to subject
thousands of additional small depository institutions to a complex and
costly rule to collect data on approximately four percent of the small
business lending market. Many of commenters suggested higher
thresholds, with requests ranging from 100 to 1,000 transactions
annually, using the same two-year test. In particular, a large number
of commenters requested thresholds at 100, 200, 500, or 1,000 loans
annually.
A number of industry commenters supported a 100-loan threshold.
Many of these commenters urged the Bureau to set institutional coverage
similar to HMDA at that time, both for consistency and because lenders
already reporting HMDA data would incur lower compliance costs because
they already have data collection systems in place. Moreover,
commenters asserted that a 100-loan threshold would still capture an
estimated 95 percent of businesses loans in the country.
Conversely, a CDFI lender and two business advocacy groups opposed
a 100-loan threshold, arguing that the Bureau's estimates show narrower
coverage of small business lending at that threshold level. Another
CDFI lender stated that nearly a half billion in lending would be
obscured from reporting in its community with a 100-loan threshold.
A credit union trade association stated that a 100-loan threshold
was too low. This commenter asserted that researchers draw
statistically significant conclusions from HMDA data which covers
approximately 90 percent of the mortgage market, and because a 100-loan
threshold covers more than that percentage of the small business
market, the rule would gather more data than is necessary.
In the context of discussing the rule's threshold, numerous
commenters, including community banks, credit unions, and trade
associations, along with a group of State bank regulators, cautioned
the Bureau regarding the risk of small lenders exiting the market due
to the rule's burden. Commenters argued that the rule will damage small
institutions' ability to remain competitive and would favor large
lenders with large compliance teams. Many commenters stated that small
community banks and credit unions lack the staff or resources,
including automation capabilities, to comply with the reporting
requirements, with numerous institutions sharing the limited number of
full-time staff that they had dedicated to business and agricultural
lending.
Commenters further argued that Dodd-Frank Act mortgage rules
resulted in many community banks leaving the mortgage lending business,
and this proposal would produce similar results. For example, several
commenters argued that HMDA and TILA-RESPA integrated disclosure rules
led to market exodus, and they were concerned that there would be
similar market exit of local lenders following the proposed rule
implementing section 1071.\492\ Commenters stated that communities
could be left without a hometown bank and small businesses may seek
credit from unregulated lenders. Moreover, two national trade
associations stated that about 30 percent of surveyed franchised light-
duty and commercial truck dealerships would discontinue small business
credit extensions.
---------------------------------------------------------------------------
\492\ CFPB, Integrated Mortgage Disclosure Rule Under the Real
Estate Settlement Procedures Act (Regulation X) and the Truth in
Lending Act (Regulation Z), 78 FR 80225 (Dec. 31, 2013).
---------------------------------------------------------------------------
Several commenters also argued that the rule would exacerbate bank
consolidation, particularly in rural and underserved areas, as the
additional regulatory burden on community banks would lead to more
mergers and acquisitions. Commenters further asserted that
consolidation would reduce lending options for consumers and small
businesses, and would discourage some smaller financial institutions
from making small business loans. A few commenters stated that the rule
would damage relationship banking and create an environment with less
competition.
Numerous commenters also asserted that the rule is likely to reduce
access to credit, as small banks and credit unions do not have the
economies of scale to absorb the reporting costs, and thus compliance
costs will be passed
[[Page 35253]]
along to small business customers. Several commenters stated that they
would have to reconsider their product offerings. For example, one bank
stated that they might need to also reconsider their consumer product
offerings and prices, and a credit union stated they might consider
reducing lending to avoid being covered by the rule. In addition, one
bank stated that they may need to charge additional fees for
agricultural borrowers, while another bank stated that they would
either need to increase their origination fee or greatly increase the
minimum loan amounts. Another bank stated that as operating costs
increase, they will be forced to adjust their business model by either
increasing interest rates on loans, decreasing interest rates on
deposits, or implement other account fees. Moreover, several commenters
stated that the 25-loan threshold would limit small business lending
flexibility, which could stifle lending innovation and result in
lenders choosing to set minimum loan amounts.
In addition, many commenters argued that the 25-loan threshold
would have a negative effect on lending in small and rural communities.
Commenters stated that small banks, which are vulnerable to increased
compliance costs, are often located in rural areas where lending
options are limited. Several commenters stated that the rule risks
underserved areas being afforded fewer loan options. Commenters further
asserted that the rule's regulatory burden would drive consolidation in
rural and underserved areas, limiting access to credit in these
communities.
Several commenters drew comparisons to HMDA. One bank stated that
when it was subject to HMDA reporting, they struggled with compliance
and eventually elected to reduce lending. In addition, several
commenters asserted that the proposed 25-loan threshold was
inconsistent with the reporting threshold of 100 closed-end mortgages
in Regulation C at the time. Commenters argued that although their
institution was exempt from HMDA reporting, and although their
commercial lending unit is small, they would not qualify for the
proposed 25-origination exemption from reporting under section 1071. A
State bankers association stated that half of their survey respondents
are exempt from HMDA, while only six believed they would be exempt with
a 25-loan threshold. The commenter further stated that these small
financial institutions--83 percent under $250 million in assets--have
no data collection infrastructure in place. Some other commenters
similarly asserted that many smaller institutions do not have data
collection infrastructure in place and stated that they would incur
significant costs.
In addition, some commenters asserted that the Bureau did not
provide a sufficient rationale for a 25-loan threshold, arguing that
the Bureau has not shown why this threshold is necessary and
appropriate to carry out section 1071's purposes. Several commenters
argued that the Bureau could obtain sufficient data at a higher
threshold. Another commenter stated that the Bureau did not fully
consider coverage, in particular how much data would be forgone at each
threshold. A group of trade associations further asserted that the
Bureau is obligated to provide coverage estimates for nondepository
institutions and that RFA estimates are not sufficient.
While the Bureau did not propose an asset-based threshold in the
proposed rule, numerous industry commenters requested an asset size
threshold, ranging from $50 million to $10 billion. However, some
industry commenters as well as community groups counseled against an
asset-based exemption, arguing that exemptions should be based instead
on lending activity, and that size-based exemptions risked under-
reporting in important markets. For example, one commenter stated that
an asset-based threshold could affect different regions of the country
and risk ``blind spots'' in the data. Some commenters said that assets
are not an applicable measurement for many lenders, such as
nondepository institutions. A bank trade association stated that asset-
based exemptions have been exploited by market disruptors partnering
with exempted institutions to create an uneven regulatory playing
field.
Other requested exemptions. A number of commenters opposed
exemptions for specific categories of lenders (consistent with the
Bureau's proposal), with several commenters noting that capturing a
broad array of lenders is essential for achieving the objectives of
section 1071. Some commenters asserted that the rule must apply to
government and public sector lenders, merchant cash advance companies,
nondepository lenders, non-profit lenders, online lenders, and/or
commercial finance providers. A State bankers association stated that
the Bureau should specifically name industrial loan companies to make
clear that all nonbank entities making small business loans are covered
by the rule. Community groups asserted that all lenders are obligated
to comply with fair lending laws, and requiring data disclosure will
assist with ensuring compliance. Moreover, several industry commenters
stated that a broad definition is important to ensure a level
regulatory playing field and to ensure a comprehensive view of the
entire small business lending market. A bank trade association urged
the Bureau to pay close attention to nonbank lenders, which the
commenter stated are roughly 30 percent of the current market and not
currently subject to the Bureau's supervision.
In contrast, a large number of industry commenters urged the Bureau
to exclude specific types of entities from coverage under the rule.
Some requested that certain types of lenders such as credit unions or
CDFIs be excluded from the rule entirely, while others requested
certain indirect lending/multi-party business models be excluded, such
as when applications are made via loan brokers, equipment dealers, or
motor vehicle dealers. Numerous industry commenters noted the unique
burdens they believed the rule would place on small banks and credit
unions, while a subset of these commenters argued that the Bureau
should exempt these smaller institutions from the rule altogether.
Several commenters requested an exemption for CDFIs, stating that
they are mission-driven institutions and dedicating resources to new
regulatory requirements would detract from their community focus.
Moreover, some commenters argued that requiring CDFIs to report would
be duplicative, as CDFIs already report lending data to the CDFI Fund
that shows that they are providing financial products for small
businesses in their communities. Commenters further cited the Treasury
Department's certification process for CDFIs and stated that CDFIs are
already held to a high standard. Several commenters cited that the
Bureau decided to exempt CDFIs when implementing the Qualified Mortgage
rule. Conversely, a number of community groups argued that the rule
must apply to all financial institutions, including CDFIs.
A number of commenters urged the Bureau to exempt community banks
from reporting requirements, stating that community banks already incur
substantial regulatory burden and would be put at a competitive
disadvantage under the rule. Several commenters emphasized the ``high-
contact and relationship-based business lending model'' of community
banks. A community bank asserted that community banks should be
commended for advancing over 50 percent of the nation's small business
loans and over 80 percent of the nation's agriculture loans despite
holding less
[[Page 35254]]
than 20 percent of the nation's deposits. Another community bank stated
that currently they are not subject to HMDA or CRA reporting
requirements and thus this rulemaking poses the threat of significant
new burdens on small community banks as well as on those community
banks that are already subject to HMDA reporting.
In addition, some commenters stated that covering community banks
will have the opposite effect of section 1071's purposes. Commenters
asserted that community banks would incur substantial burden in
gathering new data, which would make it more burdensome and expensive
to offer small business loans, thus raising the cost of credit. A
community bank stated that, if adopted as written, the rule's paperwork
burden will harm community banks, waste critical resources, and further
restrict lending. Another community bank stated that the rule as
proposed may very well be the final straw of regulation that will drive
small community banks out of business with devastating impact on the
small communities they serve. Moreover, commenters argued that the
Bureau was designed to regulate large, complex financial institutions,
not community banks.
Several commenters also urged the Bureau to exempt credit unions
from reporting requirements, stating that credit unions have not
demonstrated a pattern of unfair lending, that they seek to help women-
owned and minority-owned businesses, and that credit unions are member-
owned and not-for-profit. A trade association asserted that credit
unions would like to furnish more small business loans, but a reporting
regime will increase costs. Some commenters stated that exempting
credit unions would allow them to remain competitive lenders and would
avoid imposing new burdens on members. In contrast, a number of
commenters--including community groups, community-oriented lenders, a
business advocacy group, and a bank trade association--opposed special
treatment for credit unions, citing a 2020 Federal Reserve study that
shows a higher percentage of Black and Hispanic-owned firms sought
loans from credit unions and CDFIs. In addition, a commenter stated
that 2018-2020 HMDA data show that 73 percent of credit union lending
in Mississippi went to white borrowers and 15 percent to Black
borrowers.
One farm credit lender stated that Farm Credit System institutions
should be exempt from collection and reporting, while another asserted
that FCA financial institutions should have a qualified exemption that
permits voluntary reporting. The latter commenter stated that these
financial institutions are already reporting lending on Young,
Beginning, and Small lending efforts and volume to the Farm Credit
Administration. In addition, one commenter asserted that a lack of
understanding of the Farm Credit System by the Bureau in this
rulemaking will have unintended consequences for their customers. In
contrast, a community group urged the Bureau to apply the rule
implementing section 1071 to agricultural lenders, stating that
historic discrimination against minority and disadvantaged groups has
been well documented in agriculture, and including agricultural lenders
will hold financial institutions accountable to equitably serving small
farms and mid-sized farms, beginning farmers, and historically
underserved farmers. Another community group asserted that Farm Service
Agency activity should also be covered by the rule.
Several commenters requested an exemption for institutions outside
of Metropolitan Statistical Areas, with many specifying that rural
institutions should be exempt from the rule. Commenters stated that
rural banks and credit unions often play a vital role in their
communities and acquiring data from rural lending will result in fewer
institutions willing to conduct rural lending. Several industry
commenters asserted that the new burden to these institutions will
increase the cost of credit, and will be a significant detriment for
local small businesses seeking access to credit. A bank argued that
many rural loans are small dollar loans to sole proprietors such as
farmers and ranchers and without an exemption, the nation's most rural
and remote borrowers will have a harder time obtaining credit for their
businesses.
Two banks requested exemptions for CRA reporters, arguing that
financial institutions subject to Board, FDIC, or OCC regulations under
the CRA are already being assessed to ensure that they are identifying
and meeting the credit needs of the small businesses in their
communities. In addition, one of the banks stated that CRA-examined
institutions with at least a satisfactory rating for its two previous
exams should be exempt from reporting requirements. In contrast,
another commenter opposed exempting CRA reporters, stating that big
banks and ``shadow lenders'' have the most impact on small business
lending and have thwarted the effective oversight and enforcement of
the CRA.
The Federal Home Loan banks argued that they should be exempt from
the rule, explaining that the proposed definition of covered financial
institution inadvertently would capture lending to their financial
institution member/borrowers because those members are small
businesses. They stated that applying the rule implementing section
1071 to them is unnecessary in light of the comprehensive FHFA
regulatory regime that applies to credit extended by the Federal Home
Loan banks to their small and diverse financial institution members.
A trade association urged the Bureau to exempt SBA certified
development companies from the rule, stating that these financial
institutions are certified and regulated by the SBA and have a mission
to assist small businesses with access to capital, including businesses
in underserved communities. In addition, two development companies
stated that they do not have the budget to incur these new reporting
costs.
A few commenters requested an exemption for minority depository
institutions. A national trade association asserted that Congress has
determined that such institutions play an important role in serving
underserved communities and minority populations, the intent behind
section 1071 is already met by minority depository institutions, and
therefore, the rule should not redundantly be applied to this special
class of financial institutions. One bank stated that minority
depository institutions are mission-driven to support their
communities, while another bank asserted that these institutions are
certified by the Treasury Department for serving historically
underserved communities and/or low-to-moderate income Americans.
A trade association stated that retailers by their very nature are
not financial institutions and thus should not be covered by the rule.
The commenter further argued that applying this rule to retailers will
have a negative impact on retail employees and customers as offering
credit at retail could be reduced or eliminated, affecting overall
access to credit. Moreover, the commenter stated that the retail
environment is different from a typical bank, in that employees are not
trained in the specifics of financial products, and the environment may
not be practical for obtaining more sensitive information.
Two trade associations requested an exemption for loan brokers. One
argued that there could be duplicative or inaccurate reporting in cases
where technology companies match an applicant with multiple third-party
[[Page 35255]]
lenders. The other argued that it is appropriate to have a similar
approach to HMDA and data can be obtained from the lender instead of
the broker.
Several commenters urged the Bureau to exempt indirect lending
transactions where the applicant interacts only with a vendor partner,
such as equipment dealers and manufacturers. Commenters argued that the
financial institution does not directly interact with the applicant,
only the dealer or manufacturer, and thus the fair lending purpose of
section 1071 would not be furthered. A trade association asserted that
such an exemption would be consistent with the Bureau's proposed
approach to motor vehicle dealers. A business advocacy group stated
that, alternatively, there should be flexibility with respect to the
timing and collection of this information. They further argued that the
equipment dealer or manufacturers' employees are not trained staff for
the financial institution and the data may be less accurate.
Some commenters stated that indirect auto lenders should be exempt
from the rule. One commenter stated that the Bureau should exclude
motor vehicle dealers, and by extension, financial institutions when
they are working with motor vehicle dealers. Two commenters stated that
while indirect lenders may be involved in credit decisions, compliance
with the rule would be difficult, as the financial institutions that
evaluate and purchase the auto loan never meet the applicant. One also
said that it was unclear what information indirect lenders would be
required to gather.
In addition, two motor vehicle dealer trade associations urged the
Bureau to exempt motor vehicle dealers. They argued that collecting new
data will slow applications, raise compliance burden, and increase the
risk of inaccurate data. They stated that motor vehicle dealers do not
have the resources to comply with a rule in the manner that a financial
institution would. Moreover, they stated that survey data indicates 30
percent of dealers might choose to leave the market rather than face
these compliance costs. Two other trade associations pointed to Board
regulations implementing ECOA and argued that the dealer would be
prohibited under the law from asking the business owner for ethnicity,
race, and sex demographic data. In addition, a bank expressed confusion
over how a covered financial institution can require an exempt motor
vehicle dealers to collect 1071 data. Another commenter noted that many
dealers act as intermediaries between buyers and financial
institutions, and requested that the Bureau work with small motor
vehicle dealers to make the direct and indirect impacts of the
rulemaking the least burdensome possible.
One State bankers association asserted that much valuable small
business lending data will not be captured given the Dodd-Frank Act
exclusion for motor vehicle dealers and urged the Bureau to advocate in
Congress as necessary to include them in the rule.
A trade association urged the Bureau to exempt captive vehicle
partners from reporting, arguing that these institutions are
inextricably tied to entities that are exempt. The trade association
further argued that it would be confusing in terms of reporting
responsibility, as there are many creditors involved in a single loan
and its subsequent assignment, and the finance partner does not
directly interact with the applicant. Furthermore, the commenter stated
that a lack of regulatory relief could lead to market exit and that
captive finance companies are crucial to the economy.
Commenters urged the Bureau to exempt a variety of other entities,
including institutions outside of direct CFPB supervisory authority,
mission-driven banks, and financial institutions that identify as small
businesses. In addition, some commenters urged the Bureau to adopt
exemptions similar to HMDA using exemption factors such as asset size,
location test, federally related test, and loan activity. One merchant
cash advance provider stated that merchant cash advance funders should
not be considered covered financial institutions because they do not
extend credit or provide loans.
In addition, several commenters cited the firewall requirement and
said that certain financial institutions should be exempted from the
entire rule due to the challenges associated with the statutory
firewall provision. One commenter said that banks under $1 billion
should be exempted on this basis, a few said community banks should be
exempted on this basis, and one commenter said that all but the largest
lenders or all depository lenders should be exempted.
Two-year threshold measurement period. Commenters who addressed the
issue were in support of a two-year threshold measurement period, with
one community group citing its consistency with CRA and HMDA.
Final Rule
For the reasons set forth herein, the Bureau is revising Sec.
1002.105(b) to set the activity-based coverage threshold at 100
originations in each of the two preceding calendar years, rather than
25 originations as proposed. The Bureau is also finalizing its proposal
not to exempt particular types of institutions from the rule. The
Bureau believes that a 100-loan activity threshold achieves section
1071's purposes while minimizing any risk that low volume small
business lenders would reduce their lending activity. The Bureau is
adding comments 105(b)-3 and -4, as explained below, as well as making
other minor revisions to the commentary for additional clarity.
The Bureau is finalizing Sec. 1002.105(b) pursuant to its
authority under ECOA section 704B(g)(1) to prescribe such rules and
issue such guidance as may be necessary to carry out, enforce, and
compile data pursuant to section 1071 and its authority under
704B(g)(2) to adopt exceptions to any requirement of section 1071 and,
conditionally or unconditionally, exempt any financial institution or
class of financial institutions from the requirements of section 1071,
as the Bureau deems necessary or appropriate to carry out the purposes
of section 1071.
Activity-based exemption. The activity-based threshold for coverage
in the final rule will provide a simple basis for financial
institutions that infrequently lend to small businesses to determine
whether they have conducted sufficient lending activity as to be
required to collect and report data under the final rule. Furthermore,
in comparison to an asset-based exemption or a dollar-volume threshold,
the Bureau believes that an activity-based exemption is a more
compelling basis for exempting certain financial institutions from
coverage in light of section 1071's business and community development
purpose.
While several commenters expressed support for an asset-based
threshold or a dual asset-based and activity-based threshold, the
Bureau believes an activity-based threshold is considerably less
complex. Moreover, small business lending activity is more directly
related to a given financial institution's role in the small business
lending market than a measurement of the financial institution's size
as measured in total assets.
In addition, the Bureau believes that an activity-based exemption
is a superior approach to a size-based exemption because an exemption
based on asset size would apply only to depository institutions. The
Bureau is unaware of a similar size metric for nondepository
institutions, and commenters did not offer one. In addition, the Bureau
agrees with commenters who stated that an asset-based exemption
approach might create an uneven playing field and might risk
[[Page 35256]]
presenting a cost disadvantage for other small financial institutions.
Moreover, exempting proportionately more depository institutions
than nondepository institutions may present a challenge to the
comprehensiveness of the small business applicants' demographic data
collected under section 1071 as well as to the lending by different
types of lenders. A recent small business credit survey revealed racial
disparities in applications under the SBA's Paycheck Protection
Program: the data showed white-owned firms were most likely to apply
for a loan through a small bank (defined as under $10 billion in
assets), while Black-owned firms were three times as likely as white-
owned firms to apply for a loan through an online lender.\493\
Exempting depository institutions using an asset-based threshold and
not similarly exempting nondepository institutions could run counter to
the purposes of section 1071 and undermine the utility of the data, as
well as the purposes of the Bureau, which are, in part, ``to implement
and, where applicable, enforce . . . consistently'' Federal laws
including ECOA.\494\
---------------------------------------------------------------------------
\493\ Small Business Credit Survey of Firms Owned by People of
Color at 14.
\494\ 12 U.S.C. 5511(a).
---------------------------------------------------------------------------
A few commenters asserted that an activity-based threshold could
encourage lenders to deny applications or reduce their lending to stay
under the threshold. These are speculative fears, but to the extent
that institutions intend to take such action, the Bureau reminds
financial institutions that inconsistencies in the way an institution
applies its policies could give rise to a fair lending violation under
ECOA. Denied applications must indicate the principal reason(s) for the
adverse action, as required by Sec. 1002.9(b)(2).
Regarding a commenter's concern about potential evasion of the
activity-based threshold through the creation of subsidiaries, see the
section-by-section analysis of Sec. 1002.109(a)(2) which addresses
reporting by subsidiaries.
Counting originations. The Bureau agrees with commenters who
asserted that using a coverage threshold based on the number of
originations rather than applications for purposes of defining a
covered financial institution is the better approach. As one commenter
pointed out, many financial institutions are already familiar with this
approach due to its consistency with CRA and HMDA. Using originations
provides a clear and readily identifiable metric for financial
institutions. One commenter stated that the Paycheck Protection Program
and similar future government programs should be exempt from the
threshold. As discussed above, the Bureau is not exempting specific
government programs from the activity-based threshold. However, by the
time this rule is effective and implemented, lending activity conducted
pursuant to the Paycheck Protection Program will have long since ceased
and such loans will not be included in origination counts, rendering
such commenter concerns moot.
In addition, the Bureau agrees with commenters who stated that
additional credit amounts, such as line increases, should not count as
a separate origination for purposes of counting the activity-based
threshold. Financial institutions may receive multiple requests for
additional credit amounts on existing accounts in any given year and
such activity may make it more difficult for institutions to determine
coverage under the rule. In order to address this issue, the Bureau is
adding comment 105(b)-5 which clarifies that for purposes of
determining coverage under Sec. 1002.105(b), requests for additional
credit amounts on an existing account are not counted as originations.
Moreover, as discussed in Sec. 1002.106(b)(2), every five years
the gross annual revenue threshold used to define a small business in
Sec. 1002.106(b)(1) shall be adjusted, if necessary, to account for
inflation. The first time such an update could occur is early 2030,
with an effective date of January 2031. The Bureau is adding comment
105(b)-4 to clarify how financial institutions reporting data should
count originations in this situation, explaining that a financial
institution seeking to determine whether it is a covered financial
institution applies the gross annual revenue threshold that is in
effect for each year it is evaluating.
Two-year threshold measurement period. Consistent with commenters
who addressed the issue, the Bureau believes that a two-year threshold
period is advisable to minimize uncertainty surrounding data collection
responsibilities.
Activity threshold level. Supporters of the 25-loan threshold and
supporters of the 100-loan threshold each argued that the Bureau should
set the threshold with reference to the HMDA threshold for closed-end
loans. Given the differences in statutory authorities and between home
mortgages and small business loans, the Bureau does not believe that
the activity-based thresholds implementing HMDA and section 1071 must
be the same.\495\
---------------------------------------------------------------------------
\495\ The Bureau's 2015 HMDA Rule set the closed-end loan
threshold at 25 originated loans for each of the two preceding
calendar years. Then, in 2020, the Bureau increased the threshold to
100 closed-end loans, effective the same year. However, in September
2022, the United States District Court for the District of Columbia
vacated the 2020 HMDA Rule's increased reporting threshold for
closed-end mortgage loans as arbitrary and capricious under the
Administrative Procedure Act. Nat'l Cmty. Reinvestment Coal. v.
Consumer Fin. Prot. Bureau, No. 20-cv-2074, 2022 WL 4447293 (D.D.C.
Sept. 23, 2022).
Accordingly, the threshold for reporting data about closed-end
mortgage loans is 25, which was the threshold set by the 2015 HMDA
Rule. The court upheld the 2020 HMDA Rule's increase in the open-end
credit threshold.
See also CFPB, Home Mortgage Disclosure (Regulation C); Judicial
Vacatur of Coverage Threshold for Closed-End Mortgage Loans,
Technical Amendment, 87 FR 77980 (Dec. 21, 2022), https://files.consumerfinance.gov/f/documents/cfpb_judicial-vacatur-_technical-amendment_2022-12.pdf.
---------------------------------------------------------------------------
Table 1 below provides the Bureau's estimated share of depository
institutions, estimated share of small business loans from those
institutions (measured in total number of loans), and estimated share
of small business credit from those institutions (measured in dollars)
that would be covered by a loan-volume threshold of 25, 50, or 100
small business loans. This information is based on FFIEC and NCUA Call
Reports, as well as CRA submissions.\496\ The Bureau estimates that a
depository institution is covered for a particular loan-volume
threshold as of 2019 if the estimated number of originations for that
institution exceeded the threshold in both 2017 and 2018. Given the
limitations of the existing source data (limitations acknowledged by
the congressional mandate of section 1071), the Bureau cautions that
these estimates cannot provide a complete sense of the possible
consequences of adopting each particular threshold. These estimates
apply only to depository institutions.\497\
---------------------------------------------------------------------------
\496\ On the bank Call Report and in the Community Reinvestment
Act data, for small bank and small farm loans, banks report on
business loans with original amounts of $1 million or less and farm
loans with original amounts of $500,000 or less. For lines of credit
or loan commitments, banks report the size of the line of credit or
commitment when it was most recently approved. Banks include loans
guaranteed by the SBA and other government entities in their small
loans to businesses. Banks do not report loans to nonprofit
organizations in this category. Thus, these data collections would
include loans made to purchase, for example, individual vehicles and
pieces of equipment for the nation's largest businesses.
\497\ Under these data collections, banks report small loans
made to businesses and farms (regardless of the borrower's size).
Credit unions report commercial loans over $50,000 made to members
(also, regardless of the borrower's size). The methodologies and
assumptions used to produce these estimates are further documented
in the Supplemental estimation methodology for institutional
coverage and market-level cost estimates in the small business
lending rulemaking. This document is available at https://https.consumerfinance.gov/data-research/research-reports/supplemental-estimation-methodology-institutional-coverage-market-level-cost-estimates-small-business-lending-rulemaking/.
\498\ There were 10,525 depository institutions as of December
31, 2019, including 112 credit unions that are not Federally
insured.
[[Page 35257]]
Table 1--Estimated Depository Institution Coverage by Loan Volume (as of 2019)
----------------------------------------------------------------------------------------------------------------
Coverage category 25 Loans 50 Loans 100 Loans
----------------------------------------------------------------------------------------------------------------
Institutions Subject to Reporting.... 38%-40% of all 27%-30% of all 17%-19% of all
depository depository depository
institutions \498\. institutions. institutions.
SBL Institutions Subject to Reporting 63%-67% of SBL 46%-50% of SBL 29%-32% of SBL
\499\. depository depository depository
institutions. institutions. institutions.
Banks and Savings Associations (SAs) 70%-73% of all banks 52%-56% of all banks 33%-36% of all banks
Subject to Reporting. and SAst \500\. and SAs. and SAs.
SBL Banks and SAs Subject to 71%-75% of SBL banks 53%-57% of SBL banks 33%-37% of SBL banks
Reporting. and SAs. and SAs. and SAs.
Credit Unions Subject to Reporting... 7% of all credit unions 4% of all credit unions 2% of all credit
\501\. unions.
SBL Credit Unions Subject to 31% of SBL credit 18% of SBL credit 8% of SBL credit
Reporting. unions. unions. unions.
Share of Total Small Business Credit 98.3%-98.6%............ 96.7%-97.3%............ 94.2%-95.1%.
by Depository Institutions (Number
of Loans Originated) Captured.
Share of Total Small Business Credit 95.3%-96.0%............ 89.4%-91.0%............ 81.0%-83.0%.
by Depository Institutions (Dollar
Value of Loans Originated) Captured.
----------------------------------------------------------------------------------------------------------------
Table 1 above shows that as the loan-volume threshold rises, the
estimated share of depository institutions subject to section 1071
decreases substantially. Likewise, the estimated share of small
business loans and small business credit captured by the rule would
also decrease, although those decreases are less pronounced. The Bureau
has no information for nondepository institutions (other than for Farm
Credit System institutions based on their Call Report data \502\) such
that the Bureau could provide similar estimates for comment. The Bureau
requested in the NPRM such information and data that might bear on any
activity-based exemption for nondepository institutions and did not
receive any substantive information.
---------------------------------------------------------------------------
\499\ A depository institution is considered an ``SBL
institution'' if it has any small business loans on its balance
sheet.
\500\ Based on FFIEC Call Report data, there were 5,177 banks
and savings associations as of December 31, 2019.
\501\ Based on the 2019 NCUA Call Report data, there were 5,348
credit unions as of December 31, 2019, including 112 credit unions
that are not Federally insured.
\502\ To estimate the number of Farm Credit System (FCS) members
covered by the final rule, the Bureau considers the Young,
Beginning, and Small Farmers Reports for all Farm Credit System
lenders as of December 31, 2019. For the purposes of estimating
coverage, the Bureau assumes that all loans made by FCS members to
farmers are covered loans. Thus, the Bureau estimates that the rule
will cover almost all FCS small business loans.
---------------------------------------------------------------------------
The Bureau notes that the above estimates represent small business
lending data prior to the COVID-19 pandemic and ensuing policy
responses. The Bureau is keenly aware that many financial institutions,
including those that may not have historically participated actively in
small business lending, served their communities by becoming
participating lenders in the SBA's Paycheck Protection Program. This
program ended on May 31, 2021. Because financial institutions' initial
determinations of whether they are covered under this final rule, and
if so into which compliance date tier they fall, will be based on 2022
and 2023 originations (see final Sec. 1002.114(b)), institutions'
Paycheck Protection Program lending activity will not factor into
whether a given financial institution qualifies as a covered financial
institution because such lending ceased in May 2021.
After considering the feedback from commenters, the Bureau seeks to
minimize impact on the financial institutions with the lowest volume of
small business lending due to the fixed costs of coming into compliance
with this final rule. Numerous industry commenters cautioned the Bureau
regarding the risk of market disruption due to the rule's burden and
cost. Many argued that the relatively large fixed cost of complying
with section 1071's data collection and reporting requirements would
significantly increase the cost of small business credit. Commenters
argued that the rule will damage small institutions' ability to remain
competitive, would hasten consolidation, and would favor large lenders
with large compliance teams. A number of lenders discussed the ways in
which they may be forced to limit their lending, particularly in rural
and underserved areas. Several lenders asserted that a 100-loan
threshold was preferable, in part because HMDA reporters already have
data collection infrastructure in place.
The Bureau stated in the NPRM that it was also considering a 50 or
100 origination threshold. After consideration of the comments, the
Bureau believes that a 100-loan activity threshold is more appropriate.
The Bureau believes that this adjustment will best address widespread
industry concerns regarding compliance burdens for the smallest
financial institutions and that it is consistent with the purposes of
section 1071. A 100-loan threshold will ease compliance burdens for the
smallest financial institutions and will still capture the overwhelming
majority of the small business lending market, including the majority
of agricultural lending. As demonstrated in Table 1, a 100-loan
threshold captures nearly 95 percent of the share of small business
loans originated by depository institutions. In short, while a 100-loan
origination threshold decreases data coverage in comparison to a 25-
loan origination threshold, a 100-loan origination threshold massively
expands data availability relative to the status quo.\503\
---------------------------------------------------------------------------
\503\ See part IX.H below for additional analysis on coverage of
rural vs. non-rural depository institution branches. The Bureau
notes that it has no data on the geography of lending for all
depository institutions. Furthermore, commenters provided no
additional data. As such, the Bureau is unable to estimate coverage
of rural vs. non-rural small business loans.
---------------------------------------------------------------------------
Other requested exemptions. The Bureau agrees with commenters who
[[Page 35258]]
urged broad coverage of financial institutions under the rule. The
Bureau believes that, in light of the text and purposes of section
1071, the Bureau should generally adopt the posture that all manner of
small business lenders should be subject to reporting. The Bureau is
not categorically exempting any particular type of financial
institution from coverage. The Bureau believes that exemptions for any
category of financial institution--whether credit unions, community
banks, CDFIs, minority depository institutions, government lenders,
non-profit lenders, agricultural lenders, retailers, or merchant cash
advance providers--would create significant gaps in the data and would
create an uneven playing field between different types of institutions.
Inclusion of data from not-for-profit lenders is likely to be
particularly helpful in identifying further opportunities for business
and community development, including by for-profit creditors. Moreover,
the Bureau believes that most policy arguments made by industry for
being exempt from this rule are better addressed by adjusting the
activity-based threshold to 100 originated loans. The higher activity
threshold will help minimize compliance costs for all types of smaller
financial institutions with lower lending volumes but still result in a
comprehensive dataset that furthers section 1071's statutory purposes.
Comment 105(a)-2 refers to Sec. 1002.101(a) to reiterate the
statutory exclusion for motor vehicle dealers. Given the statutory
exclusion, motor vehicle dealers are not required to report small
business lending data to the Bureau. See the section-by-section
analysis of Sec. 1002.109(a)(3) for further discussion on reporting
obligations where multiple financial institutions are involved in a
covered credit transaction, including indirect lending transactions.
With respect to addressing the particularities of certain lending
models, the Bureau is not categorically exempting particular financial
institutions from coverage. The Bureau is, however, providing
clarification regarding how reporting rules apply to certain covered
credit transactions and is also not covering certain transactions. See
the section-by-section analyses of Sec. Sec. 1002.104(b) and
1002.109(a)(3). Regarding the request by some commenters to be exempted
from this rule due to the statutory firewall requirement, see the
section-by-section analysis of Sec. 1002.108.
Section 1002.106 Business and Small Business
ECOA section 704B(h)(2) defines the term ``small business'' as
having the same meaning as ``small business concern'' in section 3 of
the Small Business Act.\504\ The Bureau is defining a small business
consistent with the statutory language. In particular, the Bureau is
defining a small business to have the same meaning as the term ``small
business concern'' in 15 U.S.C. 632(a), as implemented by 13 CFR
121.101 through 121.107. Notwithstanding the size standards set forth
in 13 CFR 121.201, for purposes of subpart B, the Bureau is providing
that a business is a small business if its gross annual revenue for its
preceding fiscal year is $5 million or less. The SBA Administrator has
approved the Bureau's use of this alternate small business size
standard pursuant to the Small Business Act.\505\ The Bureau has also
obtained approval for this gross annual revenue threshold to adjust, if
need, for inflation or deflation every five years (after January 1,
2025) using the Consumer Price Index for All Urban Consumers (U.S. city
average series for all items, not seasonally adjusted), rounded to the
nearest multiple of $500,000.
---------------------------------------------------------------------------
\504\ 15 U.S.C. 632.
\505\ 15 U.S.C. 632(a)(2)(C).
---------------------------------------------------------------------------
Under the final rule, financial institutions will need to consider
whether an applicant is a business under Sec. 1002.106(a) and if the
applicant is a business, whether it is small under Sec. 1002.106(b).
The Bureau believes that these definitions implement the statutory
language of section 1071 while reflecting the need for a wide variety
of financial institutions to apply a simple, broad definition of a
small business that is practical across the many product types,
application types, technology platforms, and applicants in the market.
For the reasons set forth below, the Bureau is adopting Sec.
1002.106 to implement ECOA section 704B(h)(2) and pursuant to its
authority under ECOA section 704B(g)(1) to prescribe such rules and
issue such guidance as may be necessary to carry out, enforce, and
compile data under section 1071.
106(a) Business
Background
ECOA section 704B(h)(2) defines the term ``small business'' as
having the same meaning as ``small business concern'' in section 3 of
the Small Business Act.\506\ The Small Business Act provides a general
definition of a ``small business concern,'' authorizes the SBA to
establish detailed size standards for use by all agencies, and permits
an agency to request SBA approval for a size standard specific to an
agency's program. The SBA's regulations define a ``business concern''
as ``a business entity organized for profit, with a place of business
located in the United States, and which operates primarily within the
United States or which makes a significant contribution to the U.S.
economy through payment of taxes or use of American products, materials
or labor.'' \507\
---------------------------------------------------------------------------
\506\ 15 U.S.C. 632.
\507\ 13 CFR 121.105.
---------------------------------------------------------------------------
Proposed Rule
Proposed Sec. 1002.106(a) would have defined a business as having
the same meaning as the term ``business concern or concern'' in 13 CFR
121.105. This proposed definition is consistent with ECOA section
704B(h)(2), which defines the term ``small business'' as having the
same meaning as ``small business concern'' in section 3 of the Small
Business Act.\508\ The SBA issued 13 CFR 121.105, entitled ``How does
SBA define `business concern or concern,''' pursuant to the Small
Business Act. The Bureau referred to the entirety of that section for
additional information. In particular, the Bureau noted that this
definition would include elements such as being ``a business entity
organized for profit'' that has ``a place of business located in the
United States'' and ``operates primarily within the United States or .
. . makes a significant contribution to the U.S. economy.'' \509\
---------------------------------------------------------------------------
\508\ 15 U.S.C. 632.
\509\ 13 CFR 121.105(a)(1).
---------------------------------------------------------------------------
The Bureau sought comment on its proposed definition of a business,
and generally sought comment on whether additional clarification is
needed.
Comments Received
Comments received focused primarily on the Bureau's proposed
business size standard, which are discussed in the section-by-section
analysis of Sec. 1002.106(b) below. The Bureau did receive some
comments, however, on its proposed approach to the definition of
business concern from a few banks, trade associations, a business
advocacy group, and an online lender. These commenters requested that
the Bureau consider certain modifications or adjustments to the
definition of a business concern, such as clarifying that the term does
not include non-profit entities, government agencies, certain trusts,
foreign entities, and certain real estate holding companies.
[[Page 35259]]
One bank generally supported the proposed definition but requested
clarification that the definition of business concern excludes
``passive businesses'' and non-natural borrowing entities that are
established by applicants solely for tax, anonymity, and other such
purposes not intended to earn profit through business production,
operations, or service delivery. This commenter noted that it is common
for consumer borrowers to establish limited liability companies or
trusts solely to acquire properties and conduct similar transactions,
or for use in remaining anonymous to preserve their physical safety,
and requested that these scenarios be explicitly excluded because these
entities' obligations and contributions do not align with those of
small businesses.
A few commenters recommended that applications from nonprofit
organizations also be exempted. A few commenters specifically requested
the Bureau exclude any not-for-profit organizations, which might
include non-operating entities, holding companies, trusts, special
purpose vehicles, pass-through entities, holding companies that are not
organized for profit, and limited liability companies that are not
formed for business purposes.
Two commenters asked the Bureau to confirm that public agencies and
government institutions are excluded from the coverage of the final
rule. One commenter asked the Bureau to exclude foreign-owned entities
from the final rule. A bank asked for clarification on whether a
``small business'' can be taxed under the owner's Social Security
number (as opposed to an employer identification number) or whether
people that have a ``hobby'' business or farm that report income under
Schedule C or F within their tax returns are considered a small
business.
A trade association suggested the Bureau exclude applications from
trusts (which could be a single purpose trust, such as a land trust
that is established only to hold specific real estate, a traditional
estate planning vehicle or, though more infrequently, a business trust)
from coverage under the final rule. This commenter stated that
including trusts could raise difficult issues regarding who should be
considered for data collection purposes (the settlors, beneficiaries,
trustees or some combination thereof), what is the ``net profit or
loss'' of the trust, as well as who is entitled to that net profit or
loss. The commenter argued that such burdens would not be justified by
the minimal information that would be generated with respect to
reporting of lending to trusts.
One commenter argued for the inclusion of a test that would discern
between independent contractors and what it called ``actual'' small
businesses, as it believes that the credit needs and experiences of
independent contractors and many small businesses can differ greatly.
Another suggested the Bureau confirm that the proposed definition of
``small business'' excludes subsidiaries of large corporate entities.
A trade association for community banks recommended the Bureau
exclude farms from the definition of ``small business,'' arguing that
the underwriting criteria for small farm loans differ from other small
business loans and that this distinction is acknowledged in several
Federal laws such as CRA and HMDA. This commenter argued that the
proposed originations-based coverage threshold would likely lead to
many small lenders reducing their agricultural lending below the
threshold, thereby limiting the access to credit for small farms, and
concluded that an exemption was needed to acknowledge the uniqueness of
agricultural lending.
Final Rule
For the reasons discussed herein, the Bureau is finalizing Sec.
1002.106(a) as proposed, to define the term business as having the same
meaning as the term ``business concern or concern'' in 13 CFR 121.105.
As noted above, this definition includes elements such as being ``a
business entity organized for profit'' that has ``a place of business
located in the United States'' and ``operates primarily within the
United States or . . . makes a significant contribution to the U.S.
economy.'' \510\ This definition also provides that a business concern
may take a number of different legal forms, including a trust, sole
proprietorship, partnership, limited liability company, corporation,
joint venture, or cooperative, except that where the form is a joint
venture there can be no more than 49 percent participation by foreign
business entities in the joint venture.\511\ The Bureau is not
providing interpretations of this SBA regulation in subpart B, as
requested by some commenters, because the Bureau believes that existing
SBA interpretations are responsive to commenters' request for
clarification. For example, financial institutions are not required to
collect and report data for not-for-profit applicants, because they are
not ``organized for profit'' and are thus not a ``business concern.''
\512\ Moreover, the Bureau expects that applications from foreign
businesses will fall outside the scope of the rule's data collection
and reporting requirements unless they have a place of business located
in the United States and they either operate primarily within the
United States or they make a significant contribution to the U.S.
economy through payment of taxes or use of American products,
materials, or labor.
---------------------------------------------------------------------------
\510\ 13 CFR 121.105(a)(1).
\511\ 13 CFR 121.105(b).
\512\ See id., which states that a business concern may be in
the legal form of an individual proprietorship, partnership, limited
liability company, corporation, joint venture, association, trust or
cooperative, except that where the form is a joint venture there can
be no more than 49 percent participation by foreign business
entities in the joint venture.
---------------------------------------------------------------------------
The Bureau also does not believe it would be appropriate to deviate
from the term ``business concern or concern'' in 13 CFR 121.105 by
adopting additional exclusions such as one for passive businesses. As
discussed above, section 1071 defines small business as referring to
the definition of small business concern in section 3 of the Small
Business Act. The Bureau thus must look to this definition, and the
SBA's implementing regulations, in defining both a business and a small
business for purposes of this final rule. (The SBA Administrator's
approval for the Bureau's alternate size standard for this rulemaking
is discussed in the section-by-section analysis of Sec. 1002.106(b)
below.)
In addition, the Bureau believes that covering applications from
all types of businesses in its rule (including passive businesses \513\
and non-operating entities) is important for advancing both of section
1071's statutory purposes. The Bureau is thus not adopting such
exclusions requested by commenters. However, because the Bureau
understands that passive businesses and non-operating entities are
generally affiliated with other businesses (for example as subsidiaries
of large corporate entities), and because financial institutions are
permitted to consider affiliate revenue in determining whether a
business is small for purposes of this rule, the Bureau anticipates
that applications from most
[[Page 35260]]
of these kinds of businesses ultimately will not be reportable since
many such businesses will not be ``small'' businesses under the rule
implementing section 1071. (See the section-by-section analysis of
Sec. 1002.106(b) for additional related discussion.)
---------------------------------------------------------------------------
\513\ The SBA defines a business as passive if: (i) it is not
engaged in a regular and continuous business operation (the mere
receipt of payments such as dividends, rents, lease payments, or
royalties is not considered a regular and continuous business
operation); or (ii) its employees are not carrying on the majority
of day to day operations, and the company does not provide effective
control and supervision, on a day to day basis, over persons
employed under contract; or (iii) it passes through substantially
all of the proceeds of the financing to another entity. 13 CFR
107.720(b)(1).
---------------------------------------------------------------------------
The Bureau does not agree that trusts must be excluded, as
suggested by one commenter, on the grounds that covering applications
from trusts could raise difficult issues regarding who should be
considered the principal owner for data collection purposes. Treatment
under the final rule differs, for certain data points, based on whether
the applicant's owner is a trust or whether the applicant itself is a
trust. When a financial institution seeks to extend credit to a small
business applicant whose ownership interests or assets are owned by a
trust, the trust or trustee often needs to be the applicant for the
credit. In such situations, because only individuals who are direct
owners are considered principal owners under final Sec. 1002.102(o),
entities such as trusts would not be principal owners and thus the
financial institution would not need to collect or report principal
owners' ethnicity, race, and sex or the number of principal owners. And
as outlined in new comment 102(o)-2, if the applicant for a covered
credit transaction is a trust, a trustee is considered the principal
owner of the trust for reporting purposes. The Bureau also notes that
only a trust organized for profit would meet the definition of a
``business concern'' and fall within the scope of the rule. The Bureau
believes that these clarifications sufficiently address the commenter's
concerns and that covering different types of business structures in
its final rule is important for advancing both of section 1071's
statutory purposes. Thus, the Bureau is not defining business in a way
that would exclude trusts from the final rule.
In response to comments asking the Bureau to confirm that public
agencies and government institutions are excluded from the coverage of
the final rule, the Bureau notes that an express exclusion for
extensions of credit made to governments or governmental subdivisions,
agencies, or instrumentalities is not necessary because such
governmental entities do not constitute businesses under the final
rule. Specifically, government entities are not ``organized for
profit'' and are thus not a ``business concern'' under final Sec.
1002.106(a).
With respect to the suggestion that the Bureau develop a test to
identify independent contractors (and presumably exclude them), the
Bureau notes that it is not requiring financial institutions to collect
or report an applicant's business structure. Independent contractor
arrangements can take many forms; the Bureau does not believe it would
be appropriate to exclude from coverage under section 1071, for
example, a business that acts as an independent contractor to another
business, simply by virtue of that arrangement. Finally, the Bureau
notes that the SBA has routinely treated independent contractors as
business concerns \514\ and based on both of section 1071's statutory
purposes, the Bureau is not convinced that it should define business in
a way that would deviate from the SBA's approach and exclude
independent contractors from the final rule.
---------------------------------------------------------------------------
\514\ For example, in an interim final rule implementing changes
related to loans made under the Paycheck Protection Program, the SBA
stated ``SBA has determined that changing the calculation for sole
proprietors, independent contractors, and self-employed individuals
will reduce barriers to accessing the [Paycheck Protection Program]
and expand funding among the smallest businesses.'' 86 FR 13149,
13150 (Mar. 8, 2021) (emphasis added).
---------------------------------------------------------------------------
In response to a commenter's request for clarification on whether a
``small business'' can be taxed under the owner's Social Security
number (as opposed to an employer identification number) or whether
people that have a ``hobby'' business or farm that report income under
Schedule C or F within their tax returns are considered a small
business, the Bureau notes that generally, tax documentation is not
dispositive for the SBA's definition of a small business concern. In
many instances (for example, with startup businesses), the business may
not have any tax returns available or the business may be a sole
proprietorship that is taxed under its owner's Social Security number.
As long as the business is a ``small business concern'' in 15 U.S.C.
632(a) (as implemented in 13 CFR 121.101 through 121.107) and its gross
annual revenue for its preceding fiscal year is $5 million or less, it
is a small business under this final rule.
For reasons discussed in the section-by-section analysis of Sec.
1002.104(a), the Bureau is not adopting a categorical exclusion for
farms from the definition of ``small business.'' Credit used for
agricultural purposes is generally covered by the broad definition of
``credit'' under ECOA. ECOA's definition of credit is not limited to a
particular use or purpose and Regulation B expressly covers
agricultural-purpose credit; ECOA does not provide an exception for
agricultural credit; and it assigns enforcement authority to regulators
of agricultural lending such as the Secretary of Agriculture and the
Farm Credit Administration.\515\ Moreover, agricultural businesses are
encompassed in section 1071's statutory definition of small
business.\516\ With respect to the concerns that the Bureau's proposed
originations-based threshold would likely lead to many small lenders
reducing their agricultural lending below the exemption threshold, the
Bureau notes that it is increasing the exemption threshold as discussed
in the section-by-section analysis of Sec. 1002.105(b) above.
Moreover, the Bureau believes that covering agricultural businesses in
its rule is important for advancing both of section 1071's statutory
purposes, particularly given historical and/or continuing
discrimination against Black farmers and the need for transparency into
agricultural lending both for fair lending enforcement and business and
community development. The Bureau is thus not defining small business
in a way that would exclude such businesses from the final rule.
---------------------------------------------------------------------------
\515\ See 15 U.S.C. 1691c; Regulation B Sec. 1002.16(a).
\516\ ECOA section 704B(h)(2) (defining a small business as
having the same meaning as the term ``small business concern'' in
section 3 of the Small Business Act (15 U.S.C. 632)). Section
704B(h)(2) defines small business by reference to the Small Business
Act definition of a small business concern, which includes
independently owned and operated ``enterprises that are engaged in
the business of production of food and fiber, ranching and raising
of livestock, aquaculture, and all other farming and agricultural
related industries.'' 15 U.S.C. 632(a)(1).
---------------------------------------------------------------------------
106(b) Small Business Definition
106(b)(1) Small Business
Background
Section 1071 data collection purposes, requirements, and potential
impacts. A key component of the Bureau's fair lending work under the
Dodd-Frank Act is to ensure fair, equitable, and nondiscriminatory
access to credit for both individuals and their communities.\517\
Section 1071 of the Dodd-Frank Act, which amended ECOA, requires
financial institutions to collect and report to the Bureau data
regarding applications for credit for women-owned, minority-owned, and
small businesses. ECOA section 704B(h)(2) states that ``[t]he term
`small business' has the same meaning as the term `small business
concern' in section 3 of the Small Business Act (15 U.S.C. 632).''
Section 1071 was adopted for the dual statutory purposes of
facilitating fair lending enforcement and enabling communities,
governmental entities, and creditors to identify business and community
development needs and
[[Page 35261]]
opportunities of women-owned, minority-owned, and small
businesses.\518\
---------------------------------------------------------------------------
\517\ See 12 U.S.C. 5493(c)(2)(A).
\518\ ECOA section 704B(a).
---------------------------------------------------------------------------
As set forth in section 1071, the data that financial institutions
are required to collect and report to the Bureau include, among other
things, the gross annual revenue of the business in its preceding
fiscal year, the type and purpose of the loan, the census tract for the
applicant's principal place of business, and the ethnicity, race, and
sex of the principal owners of the business.\519\ ECOA section
704B(f)(2)(C) further provides that information compiled and maintained
under the statute shall be ``annually made available to the public
generally by the Bureau, in such form and in such manner as is
determined by the Bureau, by regulation.'' The Bureau believes that the
collection and subsequent publication of robust and granular data
pursuant to section 1071 regarding credit applications for small
businesses will provide much-needed transparency to an otherwise opaque
market and help ensure fair, equitable, and nondiscriminatory access to
credit.
---------------------------------------------------------------------------
\519\ ECOA section 704B(e)(2).
---------------------------------------------------------------------------
The Bureau understands that access to fair, equitable, and
nondiscriminatory credit is crucial to the success of small businesses.
Small businesses--including women-owned and minority-owned small
businesses--need access to credit to smooth out business cash flows and
to enable entrepreneurial investments that take advantage of, and
sustain, opportunities for growth. The market these businesses turn to
for credit is vast, varied, and complex. Overall, small businesses have
many options when it comes to financing, including a wide range of
products and providers. Yet market-wide data on credit to small
businesses remain very limited, particularly with respect to
applicants' protected demographic information at the core of section
1071. The Bureau believes that its rulemaking implementing section 1071
of the Dodd-Frank Act will provide critical data for financial
institutions, community groups, policy makers, and small businesses.
SBA size standards. The Small Business Act permits the SBA
Administrator to prescribe detailed size standards by which a business
concern may be categorized as a small business, which may be based on
the number of employees, dollar volume of business, net worth, net
income, a combination of these, or other appropriate factors.\520\
---------------------------------------------------------------------------
\520\ 15 U.S.C. 632(a)(2)(A) and (B).
---------------------------------------------------------------------------
As implemented by the SBA, these size standards generally hinge on
average annual receipts or the average number of employees of the
business concern and are customized industry-by-industry across 1,012
6-digit NAICS codes. Specifically, the SBA typically uses two primary
measures of business size for size standards purposes: (i) average
annual receipts \521\ for businesses in services, retail trade,
agricultural, and construction industries, and (ii) average number of
employees for businesses in all manufacturing, most mining and
utilities industries, and some transportation, information and research
and development industries.\522\ To measure business size, the SBA also
uses financial assets for certain financial industries, and for the
petroleum refining industry it uses refining capacity and employees.
The SBA's size standards are used to establish eligibility for a
variety of Federal small business assistance programs, including for
Federal government contracting and business development programs
designed to assist small businesses in obtaining Federal contracts and
for the SBA's loan guarantee programs, which provide access to capital
for small businesses that are unable to qualify for and receive
conventional loans elsewhere.
---------------------------------------------------------------------------
\521\ Effective January 6, 2020, the SBA changed its regulations
on the calculation of average annual receipts for all its receipts-
based size standards from a three-year averaging period to a five-
year averaging period. 84 FR 66561 (Dec. 5, 2019).
\522\ The SBA now uses a 24-month average to calculate a
business concern's number of employees for eligibility purposes in
all its programs. 87 FR 34094 (June 6, 2022).
---------------------------------------------------------------------------
Under the Small Business Jobs Act of 2010,\523\ the SBA is required
to review all size standards no less frequently than once every five
years.\524\ The SBA's lowest size standards based on average annual
receipts are currently used for agricultural industries. At the time of
the Bureau's NPRM, the SBA used a $1 million average annual receipts
standard for 46 out of 64 agricultural industries.\525\
---------------------------------------------------------------------------
\523\ Public Law 111-240, 124 Stat. 2504 (2010).
\524\ 15 U.S.C. 632 note.
\525\ See Small Bus. Admin., Table of size standards (effective
Oct 1, 2022), https://www.sba.gov/document/support-table-size-standards.
---------------------------------------------------------------------------
The SBA has since maintained or increased its size standards across
all industries. Following the SBA's implementation of revised size
standards in May and June 2022 \526\ and its inflation adjustment of
monetary-based industry size standards in November 2022,\527\ a $1
million standard is no longer used for any industry. The size standards
for agricultural industries now range from $2.25 million to $34
million, and the size standards for non-agricultural industries now
range from $8 million to $47 million. In April 2022, the SBA also
proposed increasing 150 size standards for businesses in manufacturing
and other sectors (excluding wholesale trade and retail trade) that are
based on the number of employees.\528\ The SBA also increased size
standards for 57 industries in the wholesale trade and retail trade
sectors.\529\
---------------------------------------------------------------------------
\526\ Through a series of rules that became effective on May 2,
2022, the SBA implemented revised size standards for 229 industries
(all using average annual receipts standards) to increase
eligibility for its Federal contracting and loan programs. See 87 FR
18607 (Mar. 31, 2022); 87 FR 18627 (Mar. 31, 2022); 87 FR 18646
(Mar. 31, 2022); 87 FR 18665 (Mar. 31, 2022). The SBA did not reduce
any size standards--it either maintained or increased the size
standards for all 229 industries, in many cases with size standard
increases of 50 percent or more. Effective July 14, 2022, the SBA
also increased size standards for 22 wholesale trade industries and
35 retail trade industries. 87 FR 35869 (June 14, 2022).
\527\ 87 FR 69118 (Nov. 17, 2022) (adjusting monetary-based
industry size standards (i.e., receipts- and assets-based) for
inflation that occurred since 2014 by adding an additional 13.65
percent inflation increase to these size standards).
\528\ 87 FR 24752 (Apr. 26, 2022) (establishing 250 employees
and 1,500 employees, respectively, as the minimum and maximum size
standard levels for Manufacturing and other industries (excluding
Wholesale and Retail Trade), up from the current minimum of 100
employees and the current maximum of 1,500 employees in the SBA's
existing size standards).
\529\ 87 FR 35869 (June 14, 2022).
---------------------------------------------------------------------------
The Small Business Act further provides that no Federal agency may
prescribe a size standard for categorizing a business concern as a
small business concern absent approval by the SBA Administrator.\530\
The SBA's rule governing its consideration of other agencies' requests
for approval of alternate size standards requires that the agency
seeking to adopt an alternate size standard consult in writing with the
SBA's Division Chief for the Office of Size Standards in advance of
issuing an NPRM containing the proposed alternate size standard.\531\
The Bureau met this requirement and also provided a copy of the
published NPRM to the Division Chief for the Office of Size Standards.
The Bureau subsequently obtained approval from the SBA Administrator
for its alternate small business size standard contained in this final
rule.
---------------------------------------------------------------------------
\530\ 15 U.S.C. 632(a)(2)(C); see also 13 CFR 121.903(a)(5).
\531\ 15 U.S.C. 632(a)(2).
---------------------------------------------------------------------------
Market considerations. A wide variety of financial institutions,
with varying levels of sophistication and experience, extend credit to
small businesses. This rulemaking applies to a broad range of financial
institutions. Banks and credit unions that serve a breadth of customers
[[Page 35262]]
typically organize their commercial lending operations into segments
based on a combination of risk, underwriting, product offering, and
customer management factors that are appropriate to each segment. The
three most frequent organizational groupings are retail/small business,
middle market, and large corporate banking. Commercial customers are
generally assigned to an organizational grouping based on their revenue
potential and aggregate credit exposure, with smaller accounts assigned
to the retail/small business banking area. The overwhelming
preponderance of small businesses are found in the retail/small
business banking group, which may also conduct consumer banking.
Today, the distinguishing characteristic that many larger financial
institutions (principally banks with $10 billion or more in assets) use
to assign small businesses into the retail/small business banking group
is gross annual revenue.\532\ While cut-offs vary by financial
institution, the Bureau understands that a common demarcation for
small/retail customers are those with less than $5 million, or
sometimes up to $10 million, in gross annual revenue. The maximum
amount of a retail/small business banking term loan or credit line is
typically $5 million or less.
---------------------------------------------------------------------------
\532\ See Fed. Deposit Ins. Corp., Small Business Lending
Survey, at 11 (2018), https://www.fdic.gov/bank/historical/sbls/full-survey.pdf (FDIC Small Business Lending Survey) (finding that a
substantial majority of large banks use gross annual revenue (61.8
percent) as a limit to define small businesses).
---------------------------------------------------------------------------
Financial institutions that do not conduct SBA lending generally do
not collect or consider the number of employees of a small business
applying for credit, but they often capture gross annual revenue
information, including for regulatory compliance purposes.
Specifically, retail/small business lenders routinely collect
applicants' gross annual revenue information because notification
requirements under existing Regulation B vary for business credit
applicants depending on whether they ``had gross revenues of $1 million
or less in [their] preceding fiscal year.'' \533\ For a business
applicant with gross annual revenues of $1 million or less, a creditor
must provide a notification following an adverse action, such as a
credit denial, that is generally similar to that provided to a consumer
in both substance and timing.\534\ As a result, small business lenders
often adopt compliance management systems similar to those found among
consumer lenders.
---------------------------------------------------------------------------
\533\ 12 CFR 1002.9(a)(3)(i).
\534\ Id. The notification requirements for applicants with
gross annual revenues in excess of $1 million are generally more
flexible in substance and also do not impose a firm deadline for
provision of a Regulation B notification. 12 CFR 1002.9(a)(3)(ii).
---------------------------------------------------------------------------
The Bureau believes it is important for a financial institution to
be able to quickly determine at the beginning of the application
process whether an applicant is a ``small business'' for purposes of
this final rule. Financial institutions generally cannot inquire about
an applicant's protected demographic information (including the
ethnicity, race, and sex of an applicant's principal owners) without
being legally required to do so.\535\ As discussed in the Overview of
this part V, this final rule will only require (and thus only permit)
such inquiries for small business applicants.\536\ While the Bureau is
allowing financial institutions flexibility in when they seek this
protected demographic information, the Bureau believes that financial
institutions generally have the best chance of obtaining it and
supporting the purposes of section 1071, if they ask for it in the
earlier stages of the application process. As a result, a financial
institution may need to know, even before the application is initiated,
which application path the applicant must follow--a 1071-governed or a
non-1071-governed application path.
---------------------------------------------------------------------------
\535\ See 12 CFR 1002.5(a).
\536\ Such inquiries are also permitted for co-applicants of
small businesses pursuant to final Sec. 1002.5(a)(4)(x).
---------------------------------------------------------------------------
Early feedback. From very early on in its discussions with
stakeholders regarding section 1071, the Bureau has received feedback
focused primarily on how the Bureau might define a business size
standard. For example, in response to the Bureau's 2017 request for
information, many stakeholders expressed concern about the difficulties
in determining the appropriate NAICS code for businesses and in
applying the NAICS-based standards in determining whether a business
loan applicant is a small business. Commenters who addressed the issue
of a small business definition were universally in favor of the Bureau
adopting something less complex than the SBA's size standards based on
6-digit NAICS codes. Commenters noted that the use of these standards
is relatively complex and would introduce burdens for this rule with
limited benefit.
Likewise, during the SBREFA process, small entity representatives
generally preferred a simple small business definition and expressed
concern regarding the complexity of the SBA's NAICS-based size
standards. Some small entity representatives supported an approach for
defining a small business that would use an applicant's gross annual
revenue for determining whether it was ``small'' (thresholds under
consideration at SBREFA were $1 million and $5 million). For most small
entity representatives, nearly all their small business customers had
less than $5 million in gross annual revenue; most were under $1
million. Several small entity representatives remarked that a $1
million gross annual revenue threshold would be too low, noting that it
would exclude many businesses defined by SBA regulations as ``small'';
some of these small entity representatives said that a $5 million gross
annual revenue threshold would be acceptable. Some small entity
representatives advocated for higher revenue thresholds, such as $8
million or $10 million. Some small entity representatives supported a
more complex approach that would distinguish between applicants in
manufacturing and wholesale industries (500 employees) and all other
industries ($8 million in gross annual revenue). One small entity
representative also supported another approach, which was closest to
the SBA's existing size standards, stating that it reflects the SBA's
substantially different definitions of a small business across
different industries. Feedback from stakeholders other than small
entity representatives also reflected broad support for the Bureau
pursuing a simplified version of the SBA small business definition.
Proposed Rule
Proposed Sec. 1002.106(b) would have defined a small business as
having the same meaning as the term ``small business concern'' in 15
U.S.C. 632(a), as implemented in 13 CFR 121.101 through 121.107.
Proposed Sec. 1002.106(b) would have further stated that,
notwithstanding the size standards set forth in 13 CFR 121.201, for
purposes of proposed subpart B, a business is a small business if its
gross annual revenue, as defined in proposed Sec. 1002.107(a)(14), for
its preceding fiscal year is $5 million or less. The Bureau's proposal
noted it was seeking SBA approval for this alternate small business
size standard pursuant to the Small Business Act.\537\
---------------------------------------------------------------------------
\537\ 15 U.S.C. 632(a)(2)(C).
---------------------------------------------------------------------------
Proposed comments 106(b)-1 and 106(b)-2 would have clarified the
obligations of covered financial institutions when new information
changed the determination of whether an applicant is a small business,
giving rise to requirements under proposed subpart B and/or
prohibitions under
[[Page 35263]]
existing Regulation B. The Bureau acknowledged that a financial
institution's understanding of an applicant's gross annual revenue may
change as the application proceeds through underwriting.
Proposed comment 106(b)-3 would have explained that a financial
institution may rely on an applicant's representations regarding gross
annual revenue (which may or may not include an affiliate's revenue)
for purposes of determining small business status under proposed Sec.
1002.106(b).
The Bureau sought comment on this proposed definition of a small
business, including the $5 million gross annual revenue size standard,
as well as whether additional clarification is needed for any aspect of
this proposed definition. The Bureau also sought comment on whether
another variation of the proposed size standard would better serve the
purposes of section 1071, such as a lower revenue size standard or a
higher one, potentially at the $8 million or $10 million level. The
Bureau also sought comment on whether, in addition to the above-
described gross annual revenue-based size standard, a small business
definition that also included any business that was furnished a loan
pursuant to an SBA program (regardless of the applicant's gross annual
revenue) would further the purposes of section 1071.
Similarly, the Bureau sought comment on whether a threshold based
on $8 million gross annual revenue or 500 employees (depending on the
type of business) would align more closely with section 1071's
purposes. Likewise, the Bureau sought comment on whether a variation of
the proposed size standard, such as using an applicant's average gross
annual revenue averaged over two or five years, would better serve the
purposes of section 1071. In addition, the Bureau sought comment on
defining a small business consistent with the entirety of existing SBA
regulations, including any advantages or disadvantages that using such
a definition might pose specifically in the context of this rulemaking.
Specifically, the Bureau sought comment on how the proposed size
standard would fit in with a financial institution's current lending or
organization practices. The Bureau sought comment on whether the
proposed size standard would introduce additional difficulties or
challenges for SBA lenders.
Comments Received
The Bureau received many comments supporting the use of a simple
gross annual revenue threshold from a range of lenders and trade
associations, along with a community group, a technology service
provider, a business advocacy group, several members of Congress, and
others. Many commenters said that a gross annual revenue threshold was
simple, objective, relatively easy to apply at the time of application,
and/or will make compliance easier. One bank more generally emphasized
the need for a simplified definition of small business that is easily
determinable at the time of application. Another commenter noted that
determining the appropriate NAICS codes and the number of employees is
not easy early on in the application process. A bank stated that
revenue thresholds provide a consistent and transparent line of
delineation. Some commenters asserted that a gross annual revenue
threshold was preferable to the SBA's more complex size standards that
change over time. One commenter asserted that a gross annual revenue
threshold was the only feasible way to implement section 1071 and that
trying to apply SBA size standards would massively complicate the data
collection process, lead to the introduction of errors that would
undermine data accuracy and interfere with financial institutions'
ability to extend credit to business applicants in a prompt and
efficient manner. One agricultural lender argued that having to
determine whether a business is small for the purposes of the rule
could delay communicating a credit decision in violation of ECOA and
the Farm Credit Act, while another commenter hypothesized that
financial institutions may decline loan requests due to inadequate
financial documentation for a small business determination. Another
commenter expressed general support for a broad definition of small
business.
Despite the broad support for a gross annual revenue threshold,
commenters disagreed on where to set the threshold. Some commenters
supported the proposed threshold of $5 million or less in gross annual
revenue. A trade association stated that the proposed approach was
sufficiently broad and could encompass as great a portion of the
population of minority- and women-owned businesses as practical. One
agricultural lender asked for additional context and insight for the $5
million threshold and an explanation regarding how a number larger than
$1 million, which the Bureau had previously considered during the
SBREFA process, meets the intent of Congress under section 1071. A bank
advocated for a $250,000 gross annual revenue threshold, asserting that
most businesses that surpass this threshold have access to or already
utilize an attorney or accountant, either one of which should be able
to adequately advise on the presence of any discriminatory terms.
The Bureau received some comments expressing general disapproval of
its proposed approach to the gross annual revenue threshold. A few
banks argued that a $5 million threshold is too high, with one adding
that this was particularly true in community bank areas and another
suggesting that the Bureau did not adequately support its proposal with
statistics. A few industry commenters asserted that an expansive small
business definition would burden their organizations with significant
costs and that the Bureau should instead reduce the number of
businesses that are reportable under the regulation. A women's business
advocacy group suggested the Bureau have ``multiple levels'' in its
small business definition. Several commenters noted a preference for a
gross annual revenue threshold lower than $5 million, without
specifying an amount. A credit union suggested the Bureau ensure that
both annual revenue and asset size \538\ be taken into consideration.
---------------------------------------------------------------------------
\538\ It is unclear whether the commenter was referring to the
asset size of the small business or asset size of the financial
institution.
---------------------------------------------------------------------------
Most commenters that suggested an alternative small business
definition expressed preference for a $1 million gross annual revenue
threshold. Some industry commenters asserted that a $1 million
threshold would be less burdensome, less costly, and/or would simplify
compliance as compared to the proposed $5 million threshold. One said
that anything other than a $1 million threshold may be too complex for
applicants and/or financial institutions, which could lead to less than
expected levels of data integrity and misalignment with the 1071
statutory purposes. Several industry commenters and a business advocacy
group argued that a gross annual revenue threshold of $1 million or
less is more in line with congressional intent and purpose. A bank
asserted that it would be more feasible to implement a firewall between
underwriter and customer because a $1 million threshold would avoid a
complete change in how the bank underwrites and processes small
business loan applications.
Some commenters said that a $1 million threshold would better align
with existing Regulation B adverse action notification requirements,
with one adding that misalignment leads to compliance costs. A bank
suggested the Bureau amend the existing Regulation B
[[Page 35264]]
requirements on adverse actions to ensure consistency with this rule
and avoid confusion with loan officers and loan processers.
Many more commenters advocated for alignment with CRA regulations
that use $1 million or less in annual revenue to define a small
business, with some arguing that misalignment with the CRA would lead
to increased compliance costs. Some industry commenters stressed the
need for consistency between reporting regimes, asserting that the
proposed threshold did not align with other regulatory requirements
such as CRA. One commenter suggested that inconsistency with CRA would
add another nuance to data validation. A State bankers association
suggested that a $1 million threshold would also better align with
Small Business Development Center and Small Business Investment Company
program guidelines. A credit union trade association suggested that a
$1 million gross annual revenue threshold would be consistent with the
SBA's definitions for some types of small businesses, including most
agricultural small businesses.
Some commenters said that a $1 million threshold would cover most
(over 95 percent) of small businesses as defined by the SBA size
standards in effect at the time of the NPRM. Similarly, many commenters
argued that the proposed $5 million threshold would be overinclusive
and a $1 million threshold would better exclude non-small businesses.
One bank said this overinclusiveness would be particularly notable in
middle/rural America, while another argued that the proposed definition
would create inequity and inflated costs for banks serving small-to-
midsize markets by picking up a disproportionate number of businesses
as small businesses under the rule.
Two credit union trade associations argued that the proposed $5
million threshold would increase the size of the 1071 data collection,
the risk to data privacy, and the costs associated with compliance for
covered financial institutions. Two other commenters suggested that a
$1 million threshold would accomplish the goals of section 1071 without
unnecessary drawbacks.
In contrast, some commenters requested a more expansive size
standard for defining small businesses under the rule. A number of
community groups expressed a preference for a $7.5 million threshold,
citing language from the SBA's website \539\ indicating that most non-
manufacturing businesses with average annual receipts under $7.5
million will qualify as a small business. A few other commenters
expressed a preference for a $8 million threshold. A CDFI lender
maintained that a $8 million threshold was the most common SBA size
standard threshold for average annual receipts, would cover more
manufacturing and wholesale businesses, and received broad support from
small entity representatives (though they recommended eliminating the
500 employees standard for manufacturing and wholesale that was part of
that option under consideration at SBREFA). Another commenter opined
that a threshold of $8 million (adjusted every five years according to
the SBA's recalibrations) would better cover the small business market,
account for differences in business types (such as manufacturing) and
regional economic conditions, and would more closely align with what
lenders already consider small businesses. Finally, a joint letter from
community groups, community oriented lenders, and business advocacy
groups asserted that a threshold lower than $8 million would lead to
significantly less data against which to compare lending patterns and
to identify lending trends and gaps.
---------------------------------------------------------------------------
\539\ Small Bus. Admin., Basic requirements, https://www.sba.gov/federal-contracting/contracting-guide/basic-requirements
(last visited Mar. 20, 2023).
---------------------------------------------------------------------------
Existing SBA size standards. Several commenters recommended the
Bureau use the SBA's definition and size standards. One credit union
trade association asserted that the SBA definition is already used by
credit unions and all financial services providers as the industry
standard and thus using an alternative definition would only create
confusion and inconsistent Federal regulations, thereby harming credit
unions' ability to serve their members. A bank argued that having
different definitions and requirements across similar regulatory
obligations would result in more burden and costs due to the unique
review and maintenance of each obligation.
Loan size. Some industry commenters suggested defining a small
business by the credit amount requested. Several said that small
businesses should be defined by loans of $1 million or less. A bank
asserted that this would be a much more reasonable definition of what a
small business is and will encompass the majority of its commercial
lending to small businesses. A few commenters argued that this would
better align with CRA and call report requirements. Another commenter
noted that loan size does not fluctuate over time like revenue and it
is easy to identify at the beginning of the application process. Some
credit union commenters suggested requiring reporting for small
business loans up to $10 million. A few other industry commenters
suggested adopting a maximum amount applied for ``exclusion'' of
$750,000 in order to exempt applications from non-small businesses.
These commenters asserted that such an exclusion would harmonize this
rule with the SBA's maximum direct loan amount. A few commenters
expressed disapproval of a $1 million loan size threshold, noting many
small businesses borrow amounts far more than $1 million while many
large businesses borrow amounts far below that threshold.
Small farm definition. The Bureau received comments from many
agricultural lenders suggesting that the $5 million gross annual
revenue threshold would be overinclusive when applied to farms and that
agricultural lending needs a different small business definition for
purposes of section 1071 in order to capture only truly small farms.
One commenter asserted that under the Small Business Act's implementing
regulations, the Bureau must take into account differing industry
characteristics. Specifically, many agricultural lenders suggested that
the Bureau's definition of ``small business'' align with the Farm
Credit Administration's (FCA) definition of ``small farmer,'' which is
a ``farmer, rancher, or producer or harvester of aquatic products who
normally generates less than $250,000 in annual gross sales of
agricultural or aquatic products.'' \540\ A few also urged the Bureau
not to ignore the USDA small farm definitions.\541\ One commenter noted
that even a $1 million threshold would be too high because 96 percent
of farms had less than $1 million in annual sales of agricultural
products. Several commenters suggested that the FCA
[[Page 35265]]
definition would facilitate compliance because staff and compliance
professionals at Farm Credit lenders are already very familiar with
that standard and because it would be confusing and burdensome for
staff to manage two competing regulatory definitions of ``small''
customers.
---------------------------------------------------------------------------
\540\ Farm Credit Admin., Bookletter 040--Revised: Providing
Sound and Constructive Credit to Young, Beginning, and Small
Farmers, Ranchers, and Producers or Harvesters of Aquatic Products,
at 2 (Aug. 10, 2007), https://ww3.fca.gov/readingrm/Handbook/FCA%20Bookletters/BL-040%20REVISED.docx.
\541\ The USDA Economic Research Service (USDA-ERS) measures
farm size by annual gross cash farm income--a measure of the farm's
revenue (before deducting expenses) that includes sales of crops and
livestock, payments made under agricultural Federal programs, and
other farm-related cash income including fees from production
contracts. Econ. Rsch. Serv., U.S. Dep't of Agric., Farm Structure
and Contracting (last updated Mar. 8, 2022), https://www.ers.usda.gov/topics/farm-economy/farm-structure-and-organization/farm-structure-and-contracting/. Within this
classification system, small family farms have gross cash farm
income less than $350,000, with subcategories of low-sales farms
(gross cash farm income less than $150,000) and moderate-sales farms
(gross cash farm income between $150,000 and $349,999). Id.
---------------------------------------------------------------------------
Several commenters noted that approximately half of Farm Credit
System loans outstanding were to ``small farmers'' and that this level
of coverage would more than accomplish section 1071's statutory
purposes. One agricultural lender noted that over 76 percent of its
loan volume portfolio would fall within the proposed $5 million ``small
business'' definition (approximately 3,770 loans) but 10.7 percent of
the loan volume portfolio falls under the FCA definition (approximately
2,730 loans).
Other suggested size standards. A trade association representing
online lenders recommended the Bureau adopt an easy-to-administer
definition based on 4-digit NAICS codes. This commenter argued that
while a singular revenue or number of employees standard to designate
small businesses might be simpler for the Bureau, it would not be a
true reflection of the small business market. The commenter asserted
that employing the first 4 digits of the NAICS codes would provide
measurements that differentiates broadly by industry, but provides a
standard that gives lenders flexibility, allowing them to use data
supplied by the borrower without having to undertake a costly and time-
consuming verification process of the data provided.
Many community groups, community-oriented lenders, and a minority
business advocacy group urged the Bureau to adopt the 500 employee/$8
million test set forth in the SBREFA Outline. A few of these commenters
said this was an easily implemented definition that covered the bulk of
small businesses as defined by the SBA without the complexities of the
SBA's NAICS-code based definitions, whereas the Bureau's proposal would
exclude 270,000 businesses that the SBA classifies as small businesses,
with many such businesses disproportionately located within retail
trade and construction industries, where small businesses are more
likely to be owned by people of color.
One comment letter suggested defining a small business as having a
gross annual revenue of $1 million and including a threshold for the
number of employees required for a business to be deemed small. They
referenced the SBA's size standards, which use a 100-employee threshold
for some industries, but suggested the Bureau use a similar definition
or alter its small business definition to include more minority- and
women-owned small businesses.
Other issues. A few comments addressed the role of affiliate
revenue in business size determinations. A bank suggested aligning
treatment of affiliate revenue with current CRA requirements \542\ to
avoid reporting disparities from institution to institution for
similarly situated applicants. Pointing to SBA rules and guidance, two
other industry commenters asserted that subsidiaries of large companies
should be excluded from the definition of ``small business'' if the
aggregate revenues for all affiliates, as defined in 13 CFR 121.103,
exceed the gross annual revenue threshold.
---------------------------------------------------------------------------
\542\ The CRA requires an institution to rely on the revenues
that it considered in making its credit decision when indicating
whether a small-business or small-farm borrower had gross annual
revenues of $1 million or less--in the case of affiliated
businesses, the institution would aggregate the revenues of the
business and the affiliate to determine whether the revenues are $1
million or less only if the institution considered the revenues of
the entity's parent or a subsidiary corporation of the parent as
well as that of the business. See Fed. Fin. Insts. Examination
Council, A Guide to CRA Data Collection and Reporting, at 13 (Jan.
2001), https://www.ffiec.gov/cra/pdf/cra_guide.pdf.
---------------------------------------------------------------------------
Two commenters asked for clarification related to business size
determinations involving multiple applicants. One suggested the Bureau
clarify that loans jointly made to multiple borrowers are not
reportable where one or more of the borrowers may qualify as a small
business under the rule but is not the primary business seeking the
funding. Another commenter suggested the Bureau (i) allow lenders to
treat all co-borrowers as one applicant such that the gross annual
revenue of all co-borrowers would be aggregated for purposes of
assessing whether the loan is a small business loan and (ii) clarify
how to identify loans to a ``minority-owned business'' or a ``women-
owned business'' when one, but not all, co-borrowers meet the
definitions of these terms.
A group of insurance premium finance trade associations noted that
their members do not obtain any financial information or information
about for-profit status regarding any applicant and suggested the
Bureau permit their members to ask the insured business if it is a
small business (after furnishing the regulation's operative definition)
when the signed premium finance agreement is submitted to the lender or
immediately after the lender receives the signed premium finance
agreement.
Final Rule
For the reasons set forth herein, the Bureau is finalizing Sec.
1002.106(b)(1) (proposed as Sec. 1002.106(b)) to define a small
business as having the same meaning as the term ``small business
concern'' in 15 U.S.C. 632(a), as implemented in 13 CFR 121.101 through
121.107. As discussed above, the Bureau believes that adopting existing
statutory and regulatory small business definitions, which are widely
understood and already the subject of notice and comment, is consistent
with the purposes of section 1071 and will facilitate compliance. Final
Sec. 1002.106(b)(1) further states that, notwithstanding the size
standards set forth in 13 CFR 121.201, for purposes of subpart B, a
business is a small business if its gross annual revenue, as defined in
final Sec. 1002.107(a)(14), for its preceding fiscal year is $5
million or less. The Bureau believes this definition implements the
statutory language of section 1071 while reflecting a need for
financial institutions to apply a simple, broad definition of a small
business across industries. The Bureau has obtained SBA approval for
this alternate small business size standard pursuant to the Small
Business Act.\543\
---------------------------------------------------------------------------
\543\ 15 U.S.C. 632(a)(2)(C); 13 CFR 121.903.
---------------------------------------------------------------------------
The Bureau believes that adopting this gross annual revenue
standard is consistent with the purposes of section 1071 and addresses
the concerns that the Bureau has heard with respect to determining
whether applicants are small businesses for purposes of complying with
section 1071, particularly regarding determining the applicant's NAICS
code, and the implications thereof. Due to concerns expressed by other
stakeholders, which are described above, and upon its own further
consideration as discussed in this section-by-section analysis under
Alternatives Considered below, the Bureau is not adopting suggested
alternative standards, including, but not limited to a $1 million gross
annual revenue standard, a $7.5 or $8 million gross annual revenue
standard, a threshold based on loan size, a different standard for
agricultural lending, nor the existing SBA size standards.
The Bureau agrees with the many commenters who said that a
definition of small business for purposes of section 1071 based on a
gross annual revenue threshold was simple, objective, relatively easy
to apply at the time of application, and/or will make compliance
easier. The Bureau understands that a majority of large banks already
use gross annual revenue
[[Page 35266]]
thresholds to delineate small business lending within their own
institutions.\544\ The Bureau also agrees that a gross annual revenue
threshold is the preferred way to implement section 1071 to avoid
overly complicating the data collection process, leading to the
introduction of errors that would undermine data accuracy, or
interfering with financial institutions' ability to extend credit to
business applicants in a prompt and efficient manner. The Bureau
believes that a simplified definition of small business that does not
require determining the appropriate NAICS codes and/or the number of
employees will satisfy lenders' needs to easily determine small
business status early in the application process and avoid delays in
communicating a credit decision.
---------------------------------------------------------------------------
\544\ See FDIC Small Business Lending Survey at 11.
---------------------------------------------------------------------------
While the Bureau received broad support for a simple gross annual
revenue threshold generally, it received narrower support for a
threshold of $5 million or less in gross annual revenue. The Bureau
believes that a $5 million threshold strikes the right balance in terms
of broadly covering the small business financing market to fulfill
section 1071's statutory purposes while meeting the SBA's criteria for
an alternative size standard.\545\ As described above, the SBA is
generally increasing size standards across industries and no longer
uses a $1 million annual receipts standard for any industry. As a
result, the Bureau's $5 million standard is sufficiently inclusive
relative to the SBA size standards. Moreover, while there is no clear
consensus on a simplified size standard that uniformly covers all small
business financing markets,\546\ the Bureau understands that among the
banks that already use a gross annual revenue threshold to delineate
small business lending, the majority of banks of all sizes use a
threshold above $1 million in firm gross annual revenue.\547\ In fact,
larger banks typically use even higher thresholds (for banks with less
than $1 billion in assets, 25.1 percent use a threshold greater than $5
million in firm gross annual revenue, while 37.0 percent of banks with
$1 billion to $10 billion in assets use a gross annual revenue
threshold of $5 million or more).\548\
---------------------------------------------------------------------------
\545\ See 15 U.S.C. 632(a)(2)(C); 13 CFR 121.903.
\546\ See, e.g., FDIC Staff Report at 10 (discussing various
gross annual revenue thresholds ranging from $1 million to $10
million and resolving ``[g]iven the lack of consensus on the correct
definition of a small business, [to] present results using both
thresholds wherever possible'').
\547\ Id. at 9.
\548\ Id.
---------------------------------------------------------------------------
The Bureau has considered the potential effect of applying a $5
million gross annual revenue threshold to both non-agricultural and
agricultural industries and compared that standard to coverage under
the SBA's existing size standards. Among non-agricultural industries,
the Bureau estimates \549\ that over 1.5 million (27 percent) small
businesses would not be covered by an alternative $1 million gross
annual revenue threshold and at a $2 million threshold, the rule would
have been underinclusive by 12 percent. (This and other size standards
suggested by commenters are discussed in detail under Alternatives
Considered below.) At a $8 million threshold, the percentage of
underinclusivity falls to approximately 4 percent, or approximately
235,000 non-agricultural businesses.
---------------------------------------------------------------------------
\549\ The Bureau used the most recent Statistics of U.S.
Businesses (SUSB) from Census (from 2017) to estimate the total
number of businesses that would be under- or over-included for
section 1071, relative to the SBA's size standards and based on
various revenue-based size standard alternatives. We use SBA size
standards as of May 2022 which reference 2017 NAICS codes; these
NAICS codes are consistent with the SUSB data. The 2017 SUSB only
contains information on employer businesses.
---------------------------------------------------------------------------
Applying an $8 million threshold to agricultural businesses, the
Bureau's analysis \550\ shows that over 20,000 such businesses that are
not considered small under the SBA's size standards would have their
applications reported to the Bureau.\551\ With the finalized $5 million
gross annual revenue threshold, relative to current SBA size standards,
all small farms' applications will be reported to the Bureau, along
with applications from 14,000 agricultural businesses that are not
considered small under the SBA's size standards. Thus, the Bureau
believes that its $5 million gross annual revenue threshold strikes an
appropriate balance between covering the applications of most
businesses that are considered small under the SBA's size standards,
while minimizing the number of businesses above the SBA's size
standards whose applications will be reported to the Bureau, and in a
way that satisfies the SBA's criteria for approving an alternative size
standard under its regulations.
---------------------------------------------------------------------------
\550\ The Bureau's analysis of agricultural industries used the
2017 Census of Agriculture from the USDA, relative to the SBA's size
standards, based on various revenue-based size standard
alternatives. The Bureau notes that because the Census of
Agriculture does not have the granularity of the SUSB, it made some
additional strong assumptions. The Census of Agriculture also does
not have the same employer/non-employer distinction as the SUSB and
therefore includes information on all farms.
\551\ In the Census of Agriculture, there is just a $5+ million
category so this number would not change for thresholds above $5
million.
---------------------------------------------------------------------------
The Bureau also notes that in their proposal to amend their
regulations implementing the CRA, the Board, FDIC, and OCC proposed to
define the terms ``small business'' and ``small farm'' consistent with
the Bureau's definitions in its NPRM.\552\ Thus, per the CRA proposal,
once 1071 data are available, the agencies would transition from the
current CRA definitions of small business and small farm loans to
definitions that cover loans to small businesses and small farms with
gross annual revenues of $5 million or less.\553\ Given the many
comments that the Bureau received advocating for CRA alignment, the
Bureau strongly supports the CRA agencies' efforts and believes that
finalizing its proposed small business definition will streamline
reporting and minimize compliance risks for financial institutions that
are also reporting covered credit transactions under CRA and would
simplify data analysis for CRA-reportable transactions. See part
II.F.2.i above for further discussion of the CRA and its relationship
to this rule.
---------------------------------------------------------------------------
\552\ 87 FR 33884, 33890 (June 3, 2022).
\553\ Id. at 33899.
---------------------------------------------------------------------------
With respect to a commenter's suggestion that the Bureau increase
the existing Regulation B threshold for notification to business credit
applicants for consistency with this rule, the Bureau does not believe
such a change would be appropriate at this time. Given the fact that
these notification requirements have been in place for close to 50
years and financial institutions have invested in compliance
infrastructure around these requirements, the Bureau believes that the
notification threshold in existing Regulation B should not be amended
without additional research and input from stakeholders.
To address ECOA and existing Regulation B's general prohibition
against inquiring about protected demographic information in connection
with a credit transaction,\554\ and to clarify the obligations of
covered financial institutions under subpart B, the Bureau is adopting
final comments 106(b)(1)-1 and 106(b)(1)-2 to address situations when
new information may arise that could change the determination of
whether an applicant is a small business. The Bureau acknowledges that
a financial institution's understanding of an applicant's gross annual
revenue may
[[Page 35267]]
change as the institution proceeds through underwriting. The Bureau is
finalizing comment 106(b)(1)-1 (proposed as 106(b)-1) with updated
cross-references to other portions of the final rule. Final comment
106(b)(1)-1 explains that if a financial institution initially
determines an applicant is a small business as defined in final Sec.
1002.106(b) based on available information and obtains data required by
final Sec. 1002.107(a)(18) and (19), but the financial institution
later concludes that the applicant is not a small business, the
financial institution may process and retain the data without violating
ECOA or Regulation B if it meets the requirements of final Sec.
1002.112(c)(4). The Bureau is finalizing comment 106(b)(1)-2 (proposed
as 106(b)-2) with certain revisions for additional clarity. Final
comment 106(b)(1)-2 explains that if a financial institution initially
determines that the applicant is not a small business as defined in
final Sec. 1002.106, but then later concludes the applicant is a small
business prior to taking final action on the application, the financial
institution must report the covered application pursuant to final Sec.
1002.109. In this situation, the financial institution shall endeavor
to compile, maintain, and report the data required under final Sec.
1002.107(a) in a manner that is reasonable under the circumstances.
---------------------------------------------------------------------------
\554\ See existing Sec. 1002.5(a)(2); 15 U.S.C. 1691(b)(5).
---------------------------------------------------------------------------
The Bureau is finalizing comment 106(b)(1)-3 (proposed as comment
106(b)-3) to explain that a financial institution is permitted to rely
on an applicant's representations regarding gross annual revenue (which
may or may not include an affiliate's revenue) for purposes of
determining small business status under final Sec. 1002.106(b)(1). The
comment further clarifies that, if the applicant provides updated gross
annual revenue information or the financial institution verifies such
information, the financial institution must use the updated or verified
information in determining small business status. The Bureau has
changed the heading of this comment and has removed some of the
introductory language to this comment for clarity as suggested by
several commenters; this change is not intended to alter the meaning of
this comment.
The Bureau has considered comments regarding the role of affiliate
revenue in business size determinations. The Bureau agrees that
subsidiaries of large companies should be excluded from the definition
of ``small business'' provided that the aggregate revenues for all
affiliates, as defined in 13 CFR 121.103, exceed the $5 million gross
annual revenue threshold--and, indeed, this is consistent with what the
Bureau proposed. The Bureau is not, however, adopting the mandate in
the SBA regulations, which provide that the average annual receipts
size of a business concern with affiliates must be calculated by adding
the average annual receipts of the business concern with the average
annual receipts of each affiliate.\555\ The Bureau understands that the
SBA totals the average annual receipts of the applicant and all of its
affiliates in determining size because in order to be eligible for
certain Federal programs and certain Federal contracts and
subcontracts, a firm must be a ``small business concern.'' \556\
Because the size standard used for this rule is only to determine
whether data collection is required pursuant to section 1071 and has no
bearing on eligibility for Federal small business assistance, the
Bureau does not believe it is necessary to mandate that financial
institutions consider affiliate revenue in determining an applicant's
small business status.
---------------------------------------------------------------------------
\555\ 13 CFR 121.104(d)(1).
\556\ Small Bus. Admin., Small Business Compliance Guide, at 4
(July 2020), https://www.sba.gov/sites/default/files/2020-10/AFFILIATION%20GUIDE_Updated%20%28004%29-508.pdf.
---------------------------------------------------------------------------
The Bureau believes that this approach to use of affiliate revenue
in size determinations will address concerns related to treatment of
passive businesses and non-operating entities, such as special purpose
vehicles. The Bureau understands that passive businesses and non-
operating entities are generally affiliated with other businesses (for
example as subsidiaries of large corporate entities). The Bureau notes
that final Sec. 1002.102(a) adopts the SBA's expansive view of what
constitutes affiliation,\557\ and it is therefore unlikely that a
special purpose entity or other large project financing investment
entity would be formed without any affiliation with an established
entity--rather, they are likely created as subsidiaries of an existing
business or as joint ventures between existing businesses.\558\ Thus,
financial institutions will be able to exclude businesses that are, in
fact, middle- or large-sized applicants from data collection and
reporting under this final rule by considering these businesses'
affiliate revenues, which will likely exceed the $5 million gross
annual revenue threshold for purposes of the definition of a small
business. For example, if a financial institution receives an
application for financing from a special purpose vehicle or shell
company established for the purpose of acquiring significant commercial
real estate (such as a hospital building), the financial institution
could rely on information provided by the applicant regarding its, and
its affiliates, gross annual revenue for purposes of determining small
business status under Sec. 1002.106(b). As discussed in greater detail
below, the Bureau also believes that its approach to affiliate revenue
further obviates the need to define a small business by the credit
amount requested as suggested by some commenters.
---------------------------------------------------------------------------
\557\ 13 CFR 121.103; see also Small Bus. Admin., Small Business
Compliance Guide (July 2020), https://www.sba.gov/sites/default/files/2020-10/AFFILIATION%20GUIDE_Updated%20%28004%29-508.pdf
(affiliation can be based on (1) ``control (when one controls or has
the power to control the other, or a third party or parties controls
or has the power to control both)''; (2) ownership; (3) ``stock
options, convertible securities, and agreements to merge''; (4)
management; (5) identity of interest''; or (6) ``franchise and
license agreements'').
\558\ Similarly, where a substantial portion of its assets and/
or liabilities of a special purpose entity is the same as a
predecessor entity, the SBA's definition of a business concern
specifically dictates that the annual receipts and employees of the
predecessor must be taken into account in determining size of the
new business concern. 13 CFR 121.105(c).
---------------------------------------------------------------------------
The Bureau has considered the comments regarding business size
determinations involving multiple unaffiliated applicants and does not
agree with the suggested approach to allow financial institutions to
treat all co-applicants as one applicant by aggregating their gross
annual revenues for purposes of assessing business size. The Bureau
does not believe that (in situations not involving affiliated entities)
such an approach would be consistent with the SBA's definitions of
business concern and small business concern. The Bureau is addressing
commenters' requests for clarification on this issue by adding new
comment 106(b)(1)-4, which provides that if a covered financial
institution receives a covered application from multiple businesses who
are not affiliates, as defined by final Sec. 1002.102(a), where at
least one business is a small business under final Sec. 1002.106(b),
the financial institution shall compile, maintain, and report data
pursuant to final Sec. Sec. 1002.107 through 1002.109 regarding the
covered application for only a single applicant that is a small
business. The comment clarifies that the financial institution shall
not aggregate unaffiliated co-applicants' gross annual revenues for
purposes of determining small business status under final Sec.
1002.106(b) and provides a cross reference to final comment 103(a)-9
for additional details.
[[Page 35268]]
In response to the group of insurance premium finance trade
associations that highlighted their members' challenges with
determining small business status, the Bureau notes that insurance
premium financing arrangements are excluded under final Sec.
1002.104(b)(4) for the reasons set forth in the corresponding section-
by-section analysis.
Alternatives Considered
Gross annual revenue of $1 million. In the NPRM, the Bureau did not
propose a $1 million gross annual revenue threshold, expressing concern
that such a threshold likely would not satisfy the SBA's requirements
for an alternative size standard across industries and would exclude
too many businesses designated as small under the SBA's size standards.
Nevertheless, as discussed above, many commenters requested the Bureau
adopt a $1 million gross annual revenue threshold.
The SBA no longer uses a $1 million annual receipts standard for
any industry and the Bureau does not believe that a gross annual
revenue threshold of $1 million would be more in line with
congressional intent and purpose. Congress did not specify a gross
annual revenue threshold for defining a small business under section
1071 but instead pointed to the SBA's definition of small business
concern.\559\ However, Congress set forth a process to allow the Bureau
to prescribe an alternative size standard, if approved by the SBA
Administrator.\560\ Given the fact that the SBA no longer uses a $1
million standard for any industry \561\ and is thus unlikely to approve
an alternative size standard at that threshold for all industries, the
Bureau believes that its small business definition is a more
appropriate alternative size standard.
---------------------------------------------------------------------------
\559\ In ECOA section 704B(h)(2), Congress provided that ``[t]he
term `small business' has the same meaning as the term `small
business concern' in section 3 of the Small Business Act (15 U.S.C.
632).''
\560\ 15 U.S.C. 632(a)(2)(C).
\561\ Through a series of rules that became effective on May 2,
2022, the SBA implemented revised size standards for 229 industries
(all using average annual receipts standards) to increase
eligibility for its Federal contracting and loan programs. See 87 FR
18607 (Mar. 31, 2022); 87 FR 18627 (Mar. 31, 2022); 87 FR 18646
(Mar. 31, 2022); 87 FR 18665 (Mar. 31, 2022). The SBA did not reduce
any size standards--it either maintained or increased the size
standards for all 229 industries, in many cases with size standard
increases of 50 percent or more. Effective July 14, 2022, the SBA
also increased size standards for 22 wholesale trade industries and
35 retail trade industries. 87 FR 35869 (June 14, 2022). Effective
December 19, 2022, the SBA added an additional 13.65 percent
inflation increase to the monetary small business size standards. 87
FR 69118 (Nov. 17, 2022).
---------------------------------------------------------------------------
While it is true that a $1 million threshold would better align
with existing Regulation B adverse action notification requirements,
the Bureau believes that the flexibilities built into the final rule
for small business size determinations will obviate the need for
changes to adverse action operations, including compliance with
existing Regulation B adverse action notification requirements. The
Bureau also notes that the concerns raised by many commenters regarding
alignment with CRA regulations would likely be resolved if the CRA
proposal, which expressly seeks alignment with the Bureau's alternative
small business definition, is finalized. With respect to suggested
alignment with Small Business Development Center and Small Business
Investment Company program guidelines, the Bureau points to the fact
that credit transactions made under programs with lower thresholds are
by default small business transactions for the purposes of the final
rule and thus not inconsistent.
The Bureau has considered the comments arguing that a $5 million
threshold would be overinclusive and a $1 million threshold would
better exclude non-small businesses. Based on the Bureau's analysis,
neither a $1 million threshold nor $5 million threshold would be
overinclusive among non-agricultural industries relative to the SBA's
current size standards. On the other hand, the Bureau estimates that,
in terms of the number of SBA ``small'' firms whose applications would
not be reported to the Bureau, a $1 million threshold would be 4.5
times more underinclusive than a $5 million threshold. Moreover,
research conducted by FDIC staff found that among banks with $1 billion
to $10 billion in assets, more than one-third of self-described small
business lending would be excluded under the $1 million gross annual
revenue definition and that among banks with more than $10 billion in
assets, nearly two-thirds would be excluded.\562\ Based on this study,
FDIC staff concluded that ``for the typical bank, a [gross annual
revenue] threshold of $1 million is overly conservative and would
exclude many firms that should properly be considered small
businesses.'' The Bureau agrees with this conclusion, and likewise
believes that a $1 million gross annual revenue threshold would not
satisfy the SBA's requirements for an alternative size standard across
industries and would exclude too many businesses designated as small
under the SBA's size standards.
---------------------------------------------------------------------------
\562\ FDIC Staff Report at 10.
---------------------------------------------------------------------------
Gross annual revenue of $7.5 to $8 million. The Bureau is not
adopting a $7.5 million or $8 million gross annual revenue threshold,
as suggested by a number of commenters. While the Bureau agrees that a
threshold of $7.5 to 8 million would more expansively cover SBA small
businesses (the Bureau estimates that under a $8 million threshold,
applications from approximately 130,000 more SBA ``small'' firms would
be reported to the Bureau as compared to a $5 million threshold), the
Bureau does not believe that this definition more closely aligns with
what lenders already consider small businesses based on comments
received in support of a lower than $5 million threshold. Moreover, the
Bureau notes that while an $8 million threshold would be less
underinclusive among non-agricultural industries relative to SBA size
standards, it would be more overinclusive among agricultural
businesses.
Loan size. The Bureau does not believe that it would be appropriate
to define a small business based on the size of the loan applied for
(i.e., by adopting a maximum ``amount applied for'' exclusion) such as
one in the amount of $750,000 (for SBA alignment) or $1 million (for
CRA alignment), as suggested by some commenters. The Bureau likewise is
not defining a small business based on whether a loan is for an amount
up to $10 million, as suggested by some commenters, or any other
size.\563\ As explained in the NPRM, the Bureau believes that such
potential definitions do not bear a sufficient relationship to the size
of the business or its operations. For instance, under a definition
similar to existing CRA requirements, application data for businesses
with low revenue that may be applying for large loans would be
excluded. The Bureau does not believe that adopting such an approach
would further the purposes of section 1071. The Bureau likewise agrees
with commenters cautioning against using the CRA definition based on
loan size, because many small businesses borrow amounts far more than
$1 million while many large businesses borrow amounts far below that
threshold.\564\
---------------------------------------------------------------------------
\563\ It is possible that these commenters intended to advocate
for a $10 million gross annual revenue threshold. For the reasons
stated above, the Bureau does not believe a definition of small
business using a $10 million gross annual revenue threshold would
fulfill section 1071's statutory purposes.
\564\ See, e.g., FDIC Small Business Lending Survey at 17
(finding that at banks with assets of $1 billion to $10 billion, at
least $19.1 billion in gross understatement of small business
lending (in which small businesses with less than $1 million in
gross annual revenue received loans with amounts greater than $1
million)).
---------------------------------------------------------------------------
[[Page 35269]]
Existing SBA size standards. Despite some recommendations that the
Bureau use the SBA's definition and size standards, the Bureau believes
the SBA's size standards are not suitable for this data collection
initiative and prefers to establish a small business definition
specifically tailored to this rulemaking implementing section 1071.
A simple, easy-to-implement small business definition is necessary
in light of the general prohibition in existing Regulation B against
creditors' inquiring about protected demographic information in
connection with a credit transaction unless otherwise required by
Regulation B, ECOA, or other State or Federal law, regulation, order,
or agreement.\565\ ECOA section 704B(e)(2)(G), as implemented by this
rule, requires a financial institution to collect and report the
ethnicity, race, and sex of the principal owners of the business. Thus,
in order to avoid potential liability under ECOA and existing
Regulation B, a financial institution must accurately determine that a
business credit application is subject to section 1071 before inquiring
about the applicant's protected demographic information. The Bureau
does not believe the SBA's existing size standards allow for the quick
and accurate determination of small business status required for this
1071 data collection initiative. Specifically, the Bureau does not
believe this determination can be quickly and accurately made if, as
required under the SBA's existing size standards, the financial
institution must determine the appropriate 6-digit NAICS code for the
business and then apply the NAICS-based size standards to determine
whether an applicant for business credit is a small business.
---------------------------------------------------------------------------
\565\ ECOA provides that it is not discrimination for a
financial institution to inquire about women-owned or minority-owned
business status, or the ethnicity, race, and sex of principal owners
pursuant to section 1071. 15 U.S.C. 1691(b)(5).
---------------------------------------------------------------------------
As discussed above, commenters expressed concern to the Bureau
about the difficulties in determining the appropriate 6-digit NAICS
code for businesses and in applying the SBA's NAICS-based size
standards. They generally preferred a simple small business definition
and expressed concern that the SBA's approach to defining a small
business--which bases classification on an applicant's 6-digit NAICS
code--is relatively complex in this context. The Bureau believes that
removing a NAICS code-based small business determination as a step in
determining small business status will both facilitate compliance and
better achieve the purposes of section 1071. The Bureau understands
that one reason that commenters expressed a strong desire for a simple
approach to determining whether an applicant is small is that this
initial determination may drive the application process. To comply with
section 1071 requirements, financial institutions may use a different
application process, or different or additional application materials,
with small business credit applicants than they do with applicants that
are not small businesses. Thus, quickly and accurately determining
whether an applicant is a small business at the outset of the
application process may be a crucial step, one that financial
institutions would benefit from being able to seamlessly accomplish.
Considering the requirements and prohibitions in ECOA with respect to
protected demographic information, the Bureau understands the import
that financial institutions have placed on both the speed and accuracy
of this determination.
Notwithstanding its decision to not rely on NAICS codes in its
small business definition, the Bureau believes that NAICS codes possess
considerable value for section 1071's fair lending purpose as well as
its business and community development purpose. As discussed in the
section-by-section analysis of Sec. 1002.107(a)(15) below, the Bureau
is therefore requiring financial institutions to collect and report 3-
digit NAICS sector codes for applications subject to this final rule.
However, the Bureau believes that gathering NAICS code information at
some point during the application process, while still the subject of
some concern for financial institutions, differs in kind from requiring
NAICS information as a necessary step to beginning an application (and
correctly determining which type of application to initiate). In
addition, the NAICS information now required by the final rule is a 3-
digit NAICS code instead of a 6-digit code as proposed; this
information will provide valuable data to analyze fair lending patterns
and identify business subsectors with unmet credit needs, while
limiting the burden this collection may impose on financial
institutions and small business applicants.
The Bureau also believes that its simplified alternative size
standard will provide reporting results that are largely consistent
with what would be reported by adopting the full SBA size standards.
The Bureau used data from the U.S. Census's 2012 Statistics of U.S.
Businesses (SUSB) and the U.S. Department of Agriculture's 2012 Census
of Agriculture to analyze how various alternative approaches would
change the number of businesses considered ``small'' under this rule
relative to the SBA definition.\566\ Among the 7.2 million small
employer businesses and farms, the Bureau estimates that 365,000
businesses that would be small under the SBA's existing size standards
will not be covered by the Bureau's $5 million gross revenue standard.
The Bureau further estimates that the Bureau's rule will cover some
14,000 agricultural businesses that would not be small under the SBA's
existing size standards. The Bureau believes that such variation with
respect to the SBA's current size standards is an appropriate trade-off
for the reasons described herein.
---------------------------------------------------------------------------
\566\ The 2012 SUSB is the most recent Census product to have
categories of revenue and employees granular enough to conduct this
analysis. The Bureau constructed the 2012 equivalents of the second
and third alternatives due to the vintage of the SUSB data available
and used the SBA's 2012 size standards for the analysis. The 2012
SUSB only covers employer firms or businesses with at least one
employee.
---------------------------------------------------------------------------
The Bureau notes, however, that some industries will have greater
divergence between which businesses are small under the Bureau's $5
million gross annual revenue alternative size standard and which
businesses are small under the SBA's existing size standards. That is,
applications for businesses that are small under the SBA's existing
size standards will be reported to the Bureau less from some industries
than others. In general, there will be a larger proportion of
businesses whose applications will not be reported in industries with a
higher revenue-based size standard. The industries most affected by
this are the retail trade and construction industries. Other industries
disproportionately affected may include manufacturing, wholesale trade,
health care and social assistance, and professional, scientific, and
technical services. The Bureau received limited public feedback with
respect to such concerns.
The Bureau also believes that a simplified size standard will be
important for financial institutions that may not frequently engage in
small business lending in determining whether they are covered under
this final rule. As discussed in the section-by-section analysis of
Sec. 1002.105(b), small business lending data collection and reporting
is required only for financial institutions that originated at least
100 covered credit transactions for small businesses in each of the two
preceding calendar years. Financial institutions that do not frequently
lend
[[Page 35270]]
to small businesses will seek to track precisely how many such
transactions they have originated. The Bureau believes that it is
important to empower financial institutions to quickly ascertain
whether a covered credit transaction was originated for a small
business, so that infrequent lenders can continue to monitor whether
compliance with this final rule is required.
The Bureau believes that its $5 million gross annual revenue
standard is a more efficient and appropriate measure of applicant size
for purposes of determining whether small business lending data
collection is required pursuant to section 1071. The Bureau understands
that the SBA generally bases business concern size standards on average
annual receipts or the average number of employees of the business
concern, as customized industry-by-industry across 1,012 6-digit NAICS
codes. The SBA typically uses two primary measures of business size for
size standards purposes: (i) average annual receipts \567\ for
businesses in services, retail trade, agricultural, and construction
industries, and (ii) average number of employees \568\ for businesses
in all manufacturing industries, most mining and utilities industries,
and some transportation, information, and research and development
industries.\569\ The Bureau understands that the SBA's size standards
are used to establish eligibility for a variety of Federal small
business assistance programs, including for Federal government
contracting and business development programs designed to assist small
businesses in obtaining Federal contracts and for the SBA's loan
guarantee programs, which provide access to capital for small
businesses that are unable to qualify for and receive conventional
loans elsewhere. The Bureau notes that its $5 million size standard
will only be used to determine whether small business lending data
collection is required pursuant to section 1071, and has no bearing on
eligibility for Federal small business assistance. Moreover, the Bureau
believes it is far more likely that an applicant will be able to
readily respond to a question regarding its gross annual revenue for
the preceding fiscal year--something already contemplated by existing
Regulation B for all business credit to determine whether adverse
action notice requirements apply \570\--than offer the closest metric
currently in use by SBA regulations, which is generally average annual
receipts across the previous five fiscal years.\571\
---------------------------------------------------------------------------
\567\ The Bureau understands that the SBA changed its
regulations on the calculation of average annual receipts for all
its receipts-based size standards, and for other agencies' proposed
receipts-based size standards, from a three-year averaging period to
a five-year averaging period, outside of the SBA Business Loan and
Disaster Loan Programs. 84 FR 66561 (Dec. 5, 2019).
\568\ Generally, the average number of employees of the business
concern is used (including the employees of its domestic and foreign
affiliates) based upon numbers of employees for each of the pay
periods for the preceding completed 24 calendar months. See 13 CFR
121.106(b)(1).
\569\ To measure business size, the SBA also uses financial
assets for certain financial industries, and for the petroleum
refining industry, it uses refining capacity and employees.
\570\ See 12 CFR 1002.9(a)(3).
\571\ 13 CFR 121.104(a) and (c).
---------------------------------------------------------------------------
The Bureau believes that requiring application of existing SBA size
standards for this rule could result in many financial institutions
having to undergo extensive operational and/or compliance management
system changes. The Bureau believes that it will reduce burden for
financial institutions, particularly those without sophisticated
compliance management systems or familiarity with SBA lending, to
comply with a gross annual revenue size standard for the section 1071
small business definition that better aligns with current lending
practices.
If the Bureau were to adopt a small business definition using the
existing SBA size standards that vary by industry based on 6-digit
NAICS codes, financial institutions would only be able to request an
applicant's protected demographic information further along in the
application process, once they have obtained the multiple pieces of
data that would be necessary to determine whether the applicant is
small and, therefore, the 1071 process applies. This delay could make
it more difficult for financial institutions to collect applicants'
protected demographic information (particularly for applications that
are withdrawn or closed for incompleteness early in the application
process), which is important to both of section 1071's statutory
purposes. These data collection considerations differ from those
applicable to SBA lending programs, whereby a lender often cannot (and
should not) make an accurate eligibility determination for an SBA loan
until later in the application process, often after a loan has already
been initially decisioned and after the lender has collected
information related to size, time in business, and other data.
In order to allow financial institutions to expeditiously determine
whether this rule applies, the Bureau is seeking to minimize complexity
for financial institutions in determining whether a covered application
is reportable because the applicant business is a small business--a
necessary determination for the collection of protected demographic
information pursuant to section 1071. The Bureau believes, and most
commenters agreed, that this rule will benefit from a universal, easy-
to-apply reporting trigger that does not need to be supported by
additional documentation or research. Such a reporting trigger must be
easily understood by small business owners who may be completing an
application online, or by the tens of thousands of customer-facing
personnel who take small business applications in an industry with a
recent turnover rate of over 20 percent.\572\ The Bureau also believes
that a gross annual revenue reporting trigger will facilitate better
compliance with section 1071 requirements because it aligns with many
larger financial institutions' current lending and organizational
practices, which use gross annual revenue to assign small businesses
into their retail/small business banking groups.\573\
---------------------------------------------------------------------------
\572\ Jim Dobbs, Employee churn surges at banks despite pay
hikes, Am. Banker (Sept. 9, 2022), https://www.americanbanker.com/news/employee-churn-surges-at-banks-despite-pay-hikes.
\573\ See Fed. Deposit Ins. Corp., Small Business Lending
Survey, at 12 (2018), https://www.fdic.gov/resources/publications/small-business-lending-survey/2018-survey/section2.pdf (finding that
a substantial majority of large banks use gross annual revenue (61.8
percent) as a limit to define small businesses).
---------------------------------------------------------------------------
Requiring financial institutions to rely on the SBA's existing size
standards for purposes of 1071 data collection and reporting
requirements could pose risks to the efficient operation of small
business lending. Based on the overwhelmingly consistent feedback the
Bureau has received from stakeholders on this issue, the Bureau
believes that using the SBA's existing size standards for the purposes
of section 1071--wherein the financial institution must quickly
determine the appropriate 6-digit NAICS code for businesses and then
apply a variety of standards, including potentially gathering
information to determine five years of the applicant's average annual
receipts or employee information--would not align with current lending
and organizational practices. Application of the SBA's existing size
standards, at the beginning of the application process, could slow down
the application process, particularly at institutions that otherwise
would often be able to render credit decisions in a matter of minutes;
the Bureau believes that financial institutions may be compelled to
raise the cost of credit or originate fewer covered credit transactions
as a result.
[[Page 35271]]
Such an outcome could needlessly affect access to credit for small
businesses. The Bureau believes that eliminating credit opportunities
or reducing access to credit for small businesses, including women-
owned and minority-owned small businesses, in this way would frustrate
the statutory purpose of section 1071 to ``enable communities,
governmental entities, and creditors to identify business and community
development needs and opportunities of women-owned, minority-owned, and
small businesses.'' \574\
---------------------------------------------------------------------------
\574\ ECOA section 704B(a).
---------------------------------------------------------------------------
The Bureau expects that many financial institutions, for
efficiency, will bifurcate their business credit application procedures
based on an initial determination of whether the application will be
subject to this rule. The Bureau therefore believes that many financial
institutions will not proceed with taking applicant information until
the financial institution is able to determine that the applicant is
small (in which case, this rule requires it to collect and report the
applicant's protected demographic information) or that the applicant is
not small (where ECOA generally prohibits the financial institution
from collecting protected demographic information). If this process
necessitates determining the correct NAICS code for the applicant, and
in many cases, requesting five years of average annual receipts or the
24-month average number of employees from the applicant pursuant to
SBA's existing size standards, the Bureau believes that businesses
seeking credit would encounter, at a minimum, otherwise avoidable
delays in application processing.
Section 1071 is also unique in that Congress specified that the
data collection regime include a particular form of revenue for the
businesses at issue. As discussed in the section-by-section analysis of
Sec. 1002.107(a)(14) below, section 1071 requires a financial
institution to collect ``the gross annual revenue of the business in
the last fiscal year of the women-owned, minority-owned, or small
business loan applicant preceding the date of the application.'' \575\
The Bureau considered whether under section 1071 a financial
institution should have to apply two different revenue-based rules
(first, one for determining whether the business is small under the
existing SBA size standards and therefore 1071 data must be collected
and reported; and, second, if the business is small, another for
reporting the business's gross annual revenue in the last fiscal year),
or whether applying only one revenue-based standard for implementing
section 1071 could be sufficient. Requiring financial institutions to
apply different standards could be unnecessarily confusing and
burdensome, as well as also increase the potential for errors in data
collection and reporting. Moreover, as discussed below, section 1071
amends ECOA, which already incorporates the concept of gross annual
revenue as implemented under existing Regulation B's adverse action
notice requirements.
---------------------------------------------------------------------------
\575\ Id.
---------------------------------------------------------------------------
Small farm definition. The Bureau is not adopting a different small
business definition for farms. Many agricultural lenders suggested
aligning with the Farm Credit Administration's (FCA) small farmer
definition for agricultural financing transactions, primarily arguing
that: (i) the proposed $5 million threshold is substantially
overinclusive as applied to the farming community and would cover
almost all the customers of FCS lenders; (ii) aligning with the FCA's
``small farmer'' definition would facilitate compliance and reduce
burden because FCS lenders are very familiar with the standard; and
(iii) this change would take into account the unique nature of the
agricultural industry, which is disproportionately dominated by family
farms.
The Farm Credit Act of 1971 authorizes the FCS to provide financing
and services to farmers and ranchers through FCS banks and
associations. The Act also provides the FCA, an independent Federal
agency, authority to regulate and examine these institutions and it
requires them to report annually to FCA about the operations and
achievements of the associations' lending and service programs for
young, beginning, and small farmers and ranchers. FCA's definition of
``small farmer'' is ``a farmer, rancher, or producer or harvester of
aquatic products who normally generates less than $250,000 in annual
gross sales of agricultural or aquatic products.'' \576\ The FCA has
not updated this threshold since it was first adopted in 1998 although
it has since considered whether to change it.\577\
---------------------------------------------------------------------------
\576\ Farm Credit Admin., Bookletter 040--Revised: Providing
Sound and Constructive Credit to Young, Beginning, and Small
Farmers, Ranchers, and Producers or Harvesters of Aquatic Products,
at 2 (Aug. 10, 2007), https://ww3.fca.gov/readingrm/Handbook/FCA%20Bookletters/BL-040%20REVISED.docx.
\577\ 84 FR 5389, 5390 (Feb. 21, 2019) (``Several agricultural
and economic cycles have occurred since 1998, and we are considering
whether the $250,000 gross sales amount continues to be appropriate
or should be revised or indexed to reflect the changes, including
the economic conditions presently affecting agricultural
producers.'')
---------------------------------------------------------------------------
The NPRM made clear the Bureau's intention to cover agricultural
credit, and the Bureau did not propose a separate small farm definition
or any other adjustments specifically for agricultural credit. Prior to
the SBA increasing its size standards for small farms, the Bureau
acknowledged in the NPRM that its proposed $5 million size standard
could result in data reporting on applications from approximately
77,000 businesses that would not be considered small under the SBA size
standards in effect at that time, the vast majority of which would be
farms (for which, at that time, the SBA predominantly used a $1 million
standard). Conversely, the Bureau estimated that 270,000 primarily non-
agricultural businesses that would be small under the SBA's size
standards in effect at the time of the NPRM would not be covered under
the proposed $5 million gross annual revenue standard.
As noted above, the SBA's size standards for agricultural
industries have increased since the NPRM and now range from $2.25
million to $34 million average annual receipts--which now means that
the $5 million gross annual revenue standard the Bureau is finalizing
is markedly more aligned with SBA's size standards for farms than it
was at the time of the NPRM. The Bureau believes that these recent
changes to the SBA size standards, which were based on extensive
research and a notice and comment rulemaking, further suggest that a
definition of small farms based on $250,000 in annual gross sales,
preferred by certain commenters, would not sufficiently cover small
agricultural businesses.
The Bureau does not believe that the Small Business Act requires
the Bureau to adopt a separate definition for small farms, as implied
by one commenter. The Small Business Act provides that the SBA
Administrator must ``ensure that the size standard varies from industry
to industry to the extent necessary to reflect the differing
characteristics of the various industries and consider other factors
deemed to be relevant by the Administrator.'' \578\ The Bureau
believes, and explained to the SBA when obtaining its approval, that
this rule will benefit from a universal, easy-to-apply reporting
trigger that reflects the need for a wide variety of financial
institutions to apply a simple, broad definition of a small business
that is practical across the many product types, application types,
technology platforms, and applicants in the market.
[[Page 35272]]
In particular, the Bureau believes that the size standard finalized
here is consistent with factors that the SBA has previously identified
as relevant to the proper exercise of its discretion in this respect--
the SBA considers (1) current economic conditions, (2) its mission and
program objectives, (3) the SBA's current policies, (4) impacts on
small businesses under current and proposed or revised size standards,
(5) suggestions from industry groups and Federal agencies, and public
comments on the proposed rule, and (6) whether a size standard based on
industry and other relevant data successfully excludes businesses that
are dominant in the industry.\579\
---------------------------------------------------------------------------
\578\ 15 U.S.C. 632(a)(3).
\579\ See 85 FR 62372, 62373 (Oct. 2, 2020) (discussing the
SBA's revised size standard methodology).
---------------------------------------------------------------------------
While the Bureau received widespread support for a simple gross
annual revenue threshold, it also understands, as explained by some
commenters, that many agricultural lenders generally do not collect
gross annual revenue for underwriting or regulatory compliance
purposes, which could complicate use of a gross annual revenue
threshold to determine small business status. Nonetheless, ECOA section
704B(e)(2)(F) requires financial institutions to collect and report
gross annual revenue under section 1071. As discussed in its section-
by-section analysis of Sec. 1002.107(a)(14), the Bureau is finalizing
comment 107(a)(14)-2, which first clarifies that pursuant to final
Sec. 1002.107(c), a financial institution shall maintain procedures
reasonably designed to collect applicant-provided data, including the
gross annual revenue of the applicant. The final comment then states
that if a financial institution is nonetheless unable to collect or
determine the specific gross annual revenue of the applicant, the
financial institution reports that the gross annual revenue is ``not
provided by applicant and otherwise undetermined.'' The Bureau believes
that permitting this reporting flexibility for agricultural lenders and
other financial institutions will reduce the complexity and difficulty
of reporting gross annual revenue information, particularly when an
application has been denied or withdrawn early in the process and the
gross annual revenue could not be collected.
While the Bureau acknowledges arguments that the FCA definition
might facilitate compliance among FCS lender staff and other compliance
professionals who are already familiar with that definition, the Bureau
does not believe it would be appropriate to deviate from its otherwise
widely supported cross-industry approach. While the Bureau acknowledges
that the market share of total farm business debt held by FCS lenders
is significant (44.4 percent at the end of 2020 \580\), the Bureau is
mindful that many other types of non-FCS lenders participate in this
important small business lending market. Such lenders would not be able
to leverage familiarity with the existing FCA definition and may engage
in other types of non-farm lending that would not be subject to this
definition. As a result, these lenders may not equally benefit from
applying the FCA definition to agricultural small businesses. Indeed,
the Bureau understands that an association of community banks issued a
letter to oppose efforts to obtain special treatment for FCS lenders,
stating that ``[i]t would be totally inappropriate to exempt FCS
lenders from onerous regulatory burdens while subjecting smaller
lenders, such as community banks, to those regulations even as both
types of lenders are serving the same customer base in many
instances.'' \581\ The Bureau believes a consistent small business
definition that applies to all financial institutions will result in
consistency across the 1071 data, more robust fair lending analyses,
and arguably an even playing field for compliance across all financial
institutions.
---------------------------------------------------------------------------
\580\ Farm Credit Admin., 2021 Annual Report, at 16 (2022),
https://www.fca.gov/template-fca/about/2021AnnualReport.pdf.
\581\ Letter from Indep. Cmty. Bankers of Am., to Senate Chairs
Stabenow and Brown and Ranking Members Boozman and Toomey (June 23,
2022), https://www.icba.org/docs/default-source/icba/advocacy-documents/letters-to-congress/senate-letter-opposing-fca-independent-authority-act.pdf?sfvrsn=8d2f1c17_0.
---------------------------------------------------------------------------
The Bureau acknowledges that a $5 million gross annual revenue
threshold will be somewhat overinclusive relative to SBA and Census of
Agriculture standards. Some agricultural lenders lament that the
threshold would cover almost all their lending and several commenters
argued in favor of the FCA definition instead for section 1071 purposes
because, they said, it would capture a substantial amount of data while
mitigating some of the impact of the compliance cost. As discussed
above, the Bureau believes that its $5 million gross annual revenue
threshold strikes an appropriate balance between covering the
applications of most businesses that are considered small under the
SBA's size standards, while minimizing the number of businesses above
the SBA's size standards whose applications will be reported to the
Bureau, and in a way that satisfies the SBA's criteria for approving an
alternative size standard under its regulations. In striking this
balance, the Bureau considered section 1071's statutory purposes, and
it believes that a broader scope of coverage with regard to
agricultural businesses is warranted, given the historical and/or
continuing discrimination against Black farmers and the need for
transparency into agricultural lending both for fair lending
enforcement and business and community development.
Other suggested size standards. The Bureau is not adopting a small
business definition based on 4-digit NAICS codes, as suggested by one
commenter. As explained above in its discussion of existing SBA size
standards, the Bureau believes needing to obtain even a 4-digit NAICS
code at the beginning of the application process would often result in
a financial institution not being able to determine whether an
applicant for business credit is small (and thus subject to the data
collection requirements of this final rule) until later in the
application process. Similarly, the Bureau believes that a small
business definition based on both number of employees and gross annual
revenues (e.g., the 500 employee/$8 million standard set forth in the
SBREFA Outline and suggested by commenters or one commenter's 100
employee/$1 million standard) would mean that a financial institution
would only be able to request an applicant's protected demographic
information further along in the application process, once they have
obtained the multiple pieces of data that would be necessary to
determine whether the applicant is small and, therefore, only at that
later stage would it be able to determine that such data collection is
required. This delay could interfere with financial institutions'
ability to collect these data, particularly for applications that are
withdrawn or closed for incompleteness early in the application
process, which would limit the usefulness of the data for section
1071's statutory purpose of fair lending enforcement.
106(b)(2) Inflation Adjustment
Inflation is a general increase in the overall price level of the
goods and services in the economy; deflation marks a general decrease
in the same. A price index, of which there are several types, measures
changes in the price of a group of goods and services. The Board's
Federal Open Market Committee currently finds that an annual increase
in inflation of 2 percent in the price index for personal
[[Page 35273]]
consumption expenditures, produced by the Department of Commerce, is
most consistent over the longer run with the Board's mandate for
maximum employment and price stability.\582\ The United States Bureau
of Labor and Statistics, which publishes several price indices, found
that from December 2020 to December 2021, ``consumer prices for all
items rose 7.0 percent, the largest December to December percent change
since 1981.'' \583\
---------------------------------------------------------------------------
\582\ Bd. of Governors of the Fed. Rsrv. Sys., What is inflation
and how does the Federal Reserve evaluate changes in the rate of
inflation? (last updated Sept. 2016), https://www.federalreserve.gov/faqs/economy_14419.htm.
\583\ U.S. Bureau of Labor Stat., Consumer Price Index: 2021 in
review (Jan. 2022), https://www.bls.gov/opub/ted/2022/consumer-price-index-2021-in-review.htm.
---------------------------------------------------------------------------
In order to keep pace with changes to the SBA's own size standards
and the potential impact of future inflation or deflation, the Bureau
stated in the NPRM that it was considering whether it might update its
proposed $5 million gross annual revenue size standard over time
(perhaps at the end of a calendar year in order to allow financial
institutions to use the same threshold consistently throughout the
year). The Bureau sought comment on how this should be done and the
frequency at which it should occur.
Two community groups and a CDFI lender requested that the Bureau
address adjustments of its gross annual revenue threshold for defining
a small business under the rule. The community groups suggested annual
adjustments for inflation, while the CDFI lender suggested an
adjustment every five to ten years to account for future inflation and
keep pace with changes to the SBA's own size standards. Conversely, a
bank argued against incremental adjustments, stating that the Bureau
should set its small business definition once in the final rule.
Another bank suggested that the Bureau wait to determine if the
threshold needs adjusting after it has sufficient data to analyze after
several years of collection.
For the reasons set forth herein, the Bureau is finalizing new
Sec. 1002.106(b)(2) to provide that every five years after January 1,
2025, the gross annual revenue threshold set forth in Sec.
1002.106(b)(1) shall adjust based changes to the Consumer Price Index
for All Urban Consumers (U.S. city average series for all items, not
seasonally adjusted), as published by the United States Bureau of Labor
Statistics (CPI-U). Any such adjustment will be rounded to the nearest
multiple of $500,000. If an adjustment is to take effect, it will do so
on January 1 of the following calendar year.
New comment 106(b)(2)-1 clarifies the Bureau's inflation adjustment
methodology. The comment explains that the base for computing each
adjustment (both increases and decreases) is the January 2025 CPI-U;
this base value will be compared to the CPI-U value in January 2030 and
every five years thereafter. The comment provides several examples
illustrating this comparison. New comment 106(b)(2)-1 makes clear that
if, as a result of rounding to the nearest multiple of $500,000, there
is no change in the gross annual revenue threshold, there will be no
adjustment.
New comment 106(b)(2)-2 provides that if publication of the CPI-U
ceases, or if the CPI-U otherwise becomes unavailable or is altered in
such a way as to be unusable, then the Bureau shall substitute another
reliable cost of living indicator from the United States Government for
the purpose of calculating adjustments pursuant to final Sec.
1002.106(b)(2).
The Bureau agrees with several commenters that it should provide
for a mechanism to update the rule's $5 million gross annual revenue
size standard over time to account for the potential impact of
inflation or deflation. In order to minimize operational disruptions,
the Bureau is not adopting an annual adjustment for inflation; instead,
a determination regarding the need to adjust the threshold will occur
every five years, beginning in 2030, to account for future inflation or
deflation on a schedule similar to the SBA's own size standards, which
are required to be reviewed no less frequently than once every five
years under the Small Business Act.\584\ Recently, the SBA added a
13.65 percent inflation increase to its receipts- and assets-based size
standards.\585\ Moreover, in order to mitigate commenters' concerns
discussed in the section-by-section analysis of Sec. 1002.107(a)(14)
regarding complexity and difficulty of collecting gross annual revenue
information, the Bureau will round any such adjustment to the nearest
multiple of $500,000. The Bureau believes that this rounding, in
combination with the approach in final comment 107(a)(14)-1--clarifying
that a financial institution need not verify applicant-provided gross
annual revenue information, and providing language that a financial
institution may use to ask the applicant for such information--will
make it easier for financial institutions to more quickly determine
small business status for the purpose of rule applicability. The Bureau
also believes that this approach is consistent with existing Bureau
procedures for inflation adjustments (albeit in a more streamlined
way), provides transparency for replication, and will result in less-
frequent changes in the reporting requirements of financial
institutions, thereby reducing the disruption that an annual inflation
adjustment might cause in this situation.
---------------------------------------------------------------------------
\584\ Pub. L. 111-240, 124 Stat. 2504 (2010); see also 13 CFR
121.102(c) (requiring the SBA examine the impact of inflation on
monetary size standards (e.g., receipts, tangible net worth, net
income, and assets) and make necessary adjustments at least once
every five years).
\585\ 87 FR 69118 (Nov. 17, 2022).
---------------------------------------------------------------------------
The Bureau is providing commentary to ensure transparency regarding
its inflation methodology, which will allow financial institutions to
better anticipate and prepare for potential inflation or deflation
adjustments. To further explain its methodology, the Bureau is
providing the following illustration, which assumes that compliance
with the rule was required beginning July 1, 2014, subject to the same
five-year adjustment schedule described above. In this illustration,
the base for computing each adjustment would be January 2015, which had
a CPI-U value of 233.707. Here, the CPI-U value for January 2020
(257.971) would be used for the first five-year inflation update since
January 2015 and would update the gross annual revenue threshold to
reflect the change in the CPI between January 2015 and January 2020. As
demonstrated with the formulas below, the percentage change between
those two years' CPI-U values would be calculated (about 10.4 percent)
and then would be applied to the $5 million gross annual revenue
threshold to get a value of $5,519,112. This would be rounded to
$5,500,000 and would become the new threshold effective in January
2021.
[[Page 35274]]
[GRAPHIC] [TIFF OMITTED] TR31MY23.209
All subsequent adjustments would be made in the same manner. For
instance, using the above illustrative example, the following
calculation would be performed in January 2025 (ten years after January
2015, five years after January 2020):
[GRAPHIC] [TIFF OMITTED] TR31MY23.210
The CPI-U series \586\ used for the Bureau's inflation adjustment
methodology is public and can be used by anyone wishing to perform the
calculation themselves. Additionally, the Bureau of Labor and
Statistics provides an inflation calculator for this exact CPI-U
series, which allows any entity to easily calculate an adjusted gross
annual revenue threshold without the need for manual calculations.\587\
---------------------------------------------------------------------------
\586\ Specifically, the Bureau of Labor and Statistics series is
CUUR0000SA0 and a chart with its values for all months and years is
available at https://data.bls.gov/timeseries/CUUR0000SA0. The CPI-U
is released on a month lag, so the value for January is available in
February.
\587\ This calculator is available at https://www.bls.gov/data/inflation_calculator.htm and uses the CUUR0000SA0 as the basis for
its calculation. To use this calculator for the illustrative example
above, enter 5,000,000 in the $ field, enter January 2015 as the
starting date, and January 2020 in the subsequent date field. Click
on calculate, and the result is $5,519,111.54, the same number as
above, which would be rounded to the nearest $500,000, i.e.,
$5,500,000.
---------------------------------------------------------------------------
In addition to new comment 106(b)(2)-2, discussed above, which
clarifies the timing of its inflation adjustments, the Bureau believes
that the adjustment schedule set forth below will also be helpful to
explain the inflation adjustment timing:
Table 2--Inflation/Deflation Adjustment Schedule
------------------------------------------------------------------------
Inflation/deflation adjustment
Date schedule
------------------------------------------------------------------------
January 2025........................... Base month/year for computing
each adjustment.
January 2030........................... Reference month/year for the
first five-year inflation
adjustment.
Spring-Summer 2030..................... Calculation performed to
determine changes in the CPI-U
between January 2025 and
January 2030.
January 2031........................... If necessary, effective date
for the adjusted gross annual
revenue threshold amount.
January 2035........................... Reference month/year for the
second five-year inflation
adjustment.
Spring-Summer 2035..................... Calculation performed to
determine changes in the CPI-U
between January 2025 and
January 2035.
January 2036........................... If necessary, effective date
for the adjusted gross annual
revenue threshold amount.
------------------------------------------------------------------------
Section 1002.107 Compilation of Reportable Data
107(a) Data Format and Itemization
Background
ECOA section 704B(e) requires financial institutions to ``compile
and maintain'' records of information provided by applicants ``pursuant
to a request under subsection (b),'' and requires them to ``itemiz[e]''
such information to ``clearly and conspicuously disclose'' a number of
data points enumerated in the statute in section 704B(b) and
(e)(2).\588\ In addition, section 704B(e)(2)(H) provides the Bureau
with authority to require ``any additional data that the Bureau
determines would aid in fulfilling the purposes of [section 1071].''
Section 1071's statutory purposes are twofold: (1) to facilitate
enforcement of fair lending laws; and (2) to enable communities,
governmental entities, and creditors to identify business and community
development needs and opportunities of women-owned, minority-owned, and
small businesses.\589\
---------------------------------------------------------------------------
\588\ As discussed in greater detail above in E.2 of the
Overview to this part V, the Bureau interprets the phrase ``pursuant
to a request under subsection (b)'' in section 1071 as referring to
all of the data points contemplated by ECOA section 704B(e), not
merely whether the applicant is a minority-owned, women-owned, or
small business.
\589\ ECOA section 704B(a).
---------------------------------------------------------------------------
Proposed Rule
The Bureau proposed to adopt the data points enumerated in ECOA
section 704B(b) and (e)(2)(A) through (G) largely consistent with its
proposals under consideration at SBREFA, but with certain changes as
discussed in the proposed rule. Consistent with its
[[Page 35275]]
approach in the SBREFA Outline,\590\ the Bureau proposed data points
pursuant to its statutory authority set forth in section 704B(e)(2)(H)
relating to pricing, time in business, NAICS code, and number of
workers. In addition, based on feedback from small entity
representatives and other stakeholders and in the course of developing
the proposed rule, the Bureau identified several additional data points
that it believed would be important to the quality and completeness of
the data collected and would aid significantly in furthering the
purposes of section 1071. The Bureau proposed to adopt additional data
points regarding application method, application recipient, denial
reasons, and number of principal owners. In addition, the Bureau relied
on ECOA section 704B(e)(2)(H), as well as its authority under
704B(g)(1), to propose certain clarifications to the data points
enumerated in section 704B(b) and (e)(2)(A) through (G).
---------------------------------------------------------------------------
\590\ SBREFA Outline at 34-35.
---------------------------------------------------------------------------
In regard to the specific method by which a financial institution
would collect the data points, the proposed rule would have required a
covered financial institution to compile and maintain data regarding
covered applications from small businesses, and required that the data
be compiled in the manner prescribed for each data point and as
explained in associated Official Interpretations (included in the
proposed rule) and the Filing Instructions Guide that the Bureau
anticipated later providing on a yearly basis. The proposed rule then
explained that the data compiled would include the items described in
proposed Sec. 1002.107(a)(1) through (21). The Official
Interpretations, sometimes referred to as official comments or official
commentary, would provide important guidance on compliance with the
regulation and were discussed in relation to each data point as well as
other regulatory provisions. The Filing Instructions Guide would
provide instructions on the operational methods for compiling and
reporting data, including which codes to report for different required
information. The Filing Instructions Guide would be updated yearly, as
is the Filing Instructions Guide that is used with HMDA compilation and
reporting.\591\ Proposed comment 107(a)-1 would have provided general
guidance on complying with Sec. 1002.107(a).
---------------------------------------------------------------------------
\591\ See generally Fed. Fin. Insts. Examination Council, The
Home Mortgage Disclosure Act, https://ffiec.cfpb.gov/ (last visited
Mar. 20, 2023).
---------------------------------------------------------------------------
The Bureau crafted the proposed rule in consideration of the
concerns and input of the small entity representatives and other
stakeholders. First, the proposed rule would generally not have
required a financial institution to verify applicant-provided
information and limited the data points proposed pursuant to ECOA
section 704B(e)(2)(H) to those that the Bureau believed would be most
useful for the purposes of section 1071. In addition, the Bureau
considered the costs, including data quality scrubs, automation and
training, that would be imposed by the collection and reporting of the
proposed data points; these were discussed in the proposed rule and
that discussion is now updated in part IX below. The Bureau attempted
to craft the collection and reporting requirements to be as clear and
operationally manageable as possible, and requested comment on
potential methods for increasing clarity and manageability.
In regard to concerns from small entity representatives and other
stakeholders about being required to collect applicants' protected
demographic information for purposes of section 1071, the Bureau noted
that several small entity representatives reported collecting this kind
of information currently in certain situations (because they are CDFIs,
or because they are participating in certain SBA or similar guarantee
programs). In addition, the Bureau crafted the proposed rule to provide
flexibility for financial institutions in the collection and reporting
of this information. The Bureau also did not propose an exemption for
small financial institutions from reporting data points adopted
pursuant to ECOA section 704B(e)(2)(H), as suggested by some small
entity representatives and commenters, though it did propose an
exemption from the rule for certain institutions with limited small
business credit originations.
The Bureau sought comment on its proposed approach to the
collection and reporting of data points, including the specific
requests for input above and in the section-by-section analysis of each
of the proposed data points.
Comments Received
The Bureau received numerous comments discussing the general data
point collection and reporting requirements from banks, trade
associations, credit unions, farm credit institutions, community
groups, lenders, research institutions, an association of State bank
supervisors, and a Federal agency. This comment summary section will
discuss the comments regarding the overall data points first, then
focus on those that dealt specifically with the data points proposed
pursuant to ECOA section 704B(e)(2)(H) (often making statements similar
to those on the overall data points). Comments regarding individual
data points are discussed below in the section-by-section analyses that
follow.
General data point comments. Several community groups and a
business advocacy group supported the overall data points requirements,
stating that robust data are essential for understanding underwriting,
gaps in lending, unmet community needs, and other issues that stand in
the way of equitable, responsible lending. A business advocacy group
stated that the recent enhancement of HMDA data proves the importance
of robust data because of its strongly positive impact on lending to
minorities. That commenter also stated that the rule should start out
with the collection of granular data because discrimination often
involves not only credit denials but also less favorable credit terms.
A joint comment letter from community groups, community oriented
lenders, and business advocacy groups stated that CDFIs and mission-
driven lenders, who will have to comply with the data point reporting
requirements, view the costs as reasonable considering the benefits of
the rule. Two community-oriented lenders made similar statements,
saying that they already collect most of this information for
underwriting and compliance with other requirements. One also stated
that it does not plan to raise fees or restrict access to credit as a
result of the rule. One rural community group stated that the data
points will be important for understanding agricultural lending and for
that reason supported the inclusion of agricultural lending under the
rule.
Several industry commenters stated that the data points were too
numerous and would be burdensome to collect and report. These
commenters stated that setting up the compliance system would be
particularly costly and that the cost would have to be passed on to
customers, and one suggested that the Bureau should reconsider moving
forward with the rule. These commenters also stated that financial
institutions do not currently collect these data points. A trade
association for online lenders stated that collecting these data points
would interfere with online lenders' business model and the Bureau
should obtain this information from other sources, such as the SBA, the
Minority Business Development Agency, and the Treasury Department. A
bank stated that 1071 data disclosure
[[Page 35276]]
will help address significant racial and gender gaps but asked that the
Bureau consider the depth and breadth of the data collected because
community banks are faced with what it referred to as seemingly
continuous data collection (for HMDA, Bank Secrecy Act, etc.) and
regulatory exams. The bank also asked that the collection method be
``SMART'' (specific, measurable, attainable, realistic, and timely) in
order to reduce burden.
Several banks suggested that HMDA data yield useful fair lending
analyses in the residential mortgage market because those loans are
underwritten similarly. In contrast, they stated, small business loans
are more complex and unique and have to be manually underwritten to
consider numerous variables in accordance with the individual
institution's standards, rendering any fair lending analyses flawed and
unreliable. One of these commenters suggested that if fair lending
analysis is to be performed using only the data points proposed,
lenders will be forced to revamp and substantially limit the inputs
used in decision making, ultimately leading to a smaller number of
product offerings and fewer approvals for small business loans overall.
Industry commenters also made several other suggestions and
requests regarding the proposed data points. Two commenters asked that
the Bureau eliminate or reduce the use of free-form text to report
additional information, suggesting that the information gathered would
be burdensome, hard to trend, open to different interpretations, and
unreliable. Two commenters stated that it was important that applicants
provide their information voluntarily. A trade association asked for
reporting flexibility when information is not available, recommending
the use of ``declined to answer'' if the applicant declined, and ``not
available'' for all other circumstances in which the applicant did not
provide the information notwithstanding the lender's inquiry.
One commenter asked for a rule provision stating that the
collection and reporting requirements under the rule are not intended
to limit the range of data that a financial institution may collect,
use, and share for its own purposes. That commenter stated that
technology companies currently use numerous data points when making
credit decisions that enable them to extend credit to a wider range of
applicants, and limiting their ability to do so could limit access to
credit for small businesses.
Issues regarding data points proposed pursuant to ECOA section
704B(e)(2)(H). The Bureau received numerous comments from lenders,
community groups, and individual commenters supporting inclusion of the
data points proposed pursuant to ECOA section 704B(e)(2)(H). Several of
these commenters stated that such data points are important because the
dataset must include key underwriting variables in order to fulfill
section 1071's fair lending purpose. One commenter stated that these
data points are necessary to ensure proper analysis and not allow
lenders, as HMDA reporters have done, to hide behind data not collected
as a reason for lending disparities. Two commenters stated that such
data points are necessary because robust data are needed to illuminate
who lenders are serving and who they are excluding.
Several commenters stated that the Bureau must require the
collection and public dissemination of a database detailed enough to
meaningfully achieve section 1071's fair lending and community
development purposes. Others suggested that the data points proposed
pursuant to ECOA section 704B(e)(2)(H) will allow comparisons of small
businesses in general with very small businesses, which they view as
the bedrock of communities. One commenter said that such data points
will help CDFIs better understand the small business credit market,
especially in low-income communities, and whether and how
discrimination in small business lending is occurring. That commenter
and another also stated that robust data will help policymakers and the
public to better understand lending gaps and unmet community needs.
One lender stated that the proposed data points will provide
insight on the quality of the capital accessed by different demographic
groups of small business applicants, which will be useful in not only
identifying potentially discriminatory lending practices, but also
highlight capital gaps in the marketplace that lenders may be able to
fill. It also said that the data will show how financial institutions
compare across key metrics and help determine if an institution has
equitable lending, providing an unprecedented snapshot of the lending
landscape for small businesses.
The Bureau received a large number of comments, mainly from
industry, objecting to the inclusion of data points proposed pursuant
to ECOA section 704B(e)(2)(H). Commenters made many objections, but the
most common was that such data points are not collected now and would
add significantly to the burden imposed by the rule, raising costs for
borrowers. Many commenters also stated that several of these data
points would be of little use and some suggested that they could result
in inaccurate data. Many commenters suggested that the extra burden
would reduce the availability of small business credit, and some stated
that the extra burden of such data points would limit community banks'
survivability and speed up consolidation and the closing of branches in
rural and underserved communities. Other commenters also stated that
these data points would be particularly difficult for institutions that
do not have any reporting requirements under HMDA, credit unions, auto
finance lenders, CDFIs, and/or smaller lenders in general. Several
commenters stated that because farm credit associations are often
customer owned, the increased costs would be imposed directly on the
borrowers. One commenter stated that the data points proposed pursuant
to ECOA section 704B(e)(2)(H) can fluctuate during loan processing, and
would create tracking issues and reporting errors. Some commenters
suggested that small business applicants would not want to provide so
much information, which would slow down and interfere with the lending
process.
Numerous commenters stated that small business lending is complex
and nuanced and very different from residential lending, and the
partial information provided by the data points would lead to
inaccurate interpretations and potentially interfere with current
credit approval methods. Several of these commenters stated that if
statistical disparities are detected using the more straightforward
data points adopted pursuant to ECOA section 704B(e)(2)(A) through (G),
those disparities can be researched on an institution, transaction, or
file basis, providing the same information that the Bureau has proposed
to collect pursuant to 704B(e)(2)(H), but within context and without
raising false positive flags. Those commenters and others stated that
including too many unreliable and nuanced data point analyses will
result in numerous false positives and inaccurate and unfair
conclusions by community groups and their members, and potentially
regulators. A State bankers association stated that these data could be
used against banks as a competitive advantage for credit unions and
other non-traditional lenders. Conversely, a credit union trade
association stated that any rule to implement section 1071 will widen
the competitive gulf between credit unions and big banks and
``fintechs'' that have the economies of scale and the
[[Page 35277]]
technological sophistication to automate complex functions, and the
data points proposed pursuant to ECOA section 704B(e)(2)(H) would make
this problem worse. Another commenter stated that it would be unfair to
compare some such data points between regulated and non-regulated
entities because regulated entities have additional costs.
Some commenters who objected to the inclusion of data points
pursuant to ECOA section 704B(e)(2)(H) suggested that the Bureau should
first require the data points enumerated in 704B(e)(2)(A) through (G),
then add any other appropriate data points over time. They explained
that this approach would allow the Bureau to assess the burden and
potential restriction of small business credit imposed by the data
points in 704B(e)(2)(A) through (G) before moving forward with further
requirements only if appropriate and beneficial. Some commenters also
pointed out that HMDA reporting evolved over many years and the ``all
at once'' approach in the proposal is a mistake and will not allow
lenders time to adjust.
Several small lenders and their trade associations stated that if
the Bureau opts to require some or all of the data points proposed
pursuant to ECOA section 704B(e)(2)(H), then it should consider partial
collection of data for community banks and other small lenders. A trade
association for community banks suggested that the cost of such data
points would include expensive data quality scrubs to avoid negative
exam findings, which would be disproportionately borne by smaller
financial institutions. That commenter was also concerned that the rule
could require the standardization and homogenization of small business
lending, damaging the customized and relationship-based lending for
which community banks are valued. The commenter went on to state that
if community banks are forced to standardize, it will especially harm
the vulnerable small businesses that most benefit from the high-touch,
relationship-based lending that they offer.
Some commenters stated that the data points proposed pursuant to
ECOA section 704B(e)(2)(H) would create serious privacy risks. Several
commenters suggested that this was especially a concern in rural areas
where the applicant might be identified through certain data points,
such as the combination of the NAICS code and census tract, and this
risk might lead some small businesses to not apply for credit. Some of
these commenters also stated that it would be disadvantageous for
financial institutions to have access to pricing terms of their
competitors. One of these commenters stated that collecting more data
points would increase business borrower perception that this
information is being used in the credit decision.
One commenter suggested that data collection mandates in excess of
what the law requires may be found to be ``arbitrary and capricious,''
if a court decides that the Bureau has ``relied on factors which
Congress has not intended it to consider'' or ``offered an explanation
for its decision that runs counter to the evidence before the agency.''
The commenter did not explain whether or how the proposed data points
might be viewed this way. Another commenter stated that the full scope
of data that the rule would require financial institutions to report is
inconsistent with the operation of business credit markets, and that
Congress established a limited scope data collection regime in section
1071. That commenter further stated that if Congress intended to
require all covered financial institutions to proactively deliver the
same data required in fair lending enforcement actions, Congress would
have written that into the law. Although not specifically mentioning
the relevant legal standard for inclusion of such data, several
industry commenters argued that some or all of the data points proposed
pursuant to ECOA section 704B(e)(2)(H) would not fulfill the purposes
of section 1071.
Final Rule
As discussed in the section-by-section analyses that follow, the
Bureau has made changes to many of the proposed data points in order to
carry out the purposes of section 1071 more effectively and to reduce
any difficulties the rule might impose on small business lenders. In
particular, the Bureau has sought to: (1) improve the usefulness of the
data points for fair lending analysis and for business and community
development purposes; and (2) facilitate compliance by, among other
things, focusing on the reporting of information the financial
institution already collects or possesses. The Bureau's NPRM approach,
comments received, and final rule (including changes to specific data
points) are discussed for each data point in turn. The Bureau notes
that proposed Sec. 1002.107(a)(19), ``women-owned business status,''
has been combined with proposed Sec. 1002.107(a)(18), ``minority-owned
business status,'' and the final Sec. 1002.107(a)(18) data point now
addresses ``minority-owned, women-owned, and LGBTQI+-owned business
statuses.'' As a result, the data points in proposed Sec. 1002.107(20)
and (21) have been renumbered as final Sec. 1002.107(19) and (20).
The Bureau is finalizing the introductory text to Sec.
1002.107(a), regarding data format and itemization, to reflect the
number of data points in the final rule. Final Sec. 1002.107(a)
provides that a covered financial institution shall compile and
maintain data regarding covered applications from small businesses, and
that the data shall be compiled in the manner prescribed in the
individual data point provisions and the Filing Instructions Guide for
subpart B for the appropriate year. Furthermore, the data compiled
shall include the items described in final Sec. 1002.107(a)(1) through
(20). The Bureau believes that these methods will facilitate compliance
and yield quality data, and did not receive comments on the specific
text of Sec. 1002.107(a) or associated commentary.
The Bureau is finalizing comment 107(a)-1 to provide general
guidance on complying with Sec. 1002.107(a). Comment 107(a)-1 explains
that a covered financial institution (i) reports the data enumerated in
Sec. 1002.107(a) even if the credit originated pursuant to the
reported application was subsequently sold by the institution; (ii)
annually reports data for covered applications for which final action
was taken in the previous calendar year; and (iii) annually reports
data for a covered application on its small business lending
application register for the calendar year during which final action
was taken on the application, even if the institution received the
application in a previous calendar year. The Bureau believes that these
operational instructions will clarify a financial institution's
collection and reporting requirements and so facilitate compliance. The
Bureau also believes that these instructions will help to ensure the
accuracy and consistency of the data collected and reported. The Bureau
did not receive comments on comment 107(a)-1.
The final rule adds new comment 107(a)-2, which explains that a
covered financial institution may use technology such as autocorrect
and predictive text when requesting applicant-provided data under
subpart B that the financial institution reports via free-form text
fields, provided that such technology does not restrict the applicant's
ability to write in its own response instead of using text suggested by
the technology. The Bureau believes that the ability to use autocorrect
and predictive text will facilitate the use of free-form text boxes.
The Bureau considered commenters' objections to the use of free-form
text
[[Page 35278]]
boxes for collecting and reporting data under this final rule. Although
the Bureau is aware that data collected with predetermined lists is
easier to report and work with, the Bureau believes that free-form text
responses will provide useful information that would not otherwise be
collected, as they have done for HMDA data, and the use of autocorrect
and predictive text will facilitate use of free-form text boxes and
reduce inadvertent errors or typos.
The Bureau is finalizing comment 107(a)-3 (which was numbered as
comment 107(a)-2 in the proposal) as proposed, except that the final
rule adds a web address instead of the placeholder in the proposed
rule. Final comment 107(a)-3 explains that additional details and
procedures for compiling data pursuant to Sec. 1002.107 are included
in the Filing Instructions Guide, which is available at https://www.consumerfinance.gov/data-research/small-business-lending/filing-instructions-guide/. As explained above, the Bureau did not receive
comments on the use of the Filing Instructions Guide.
The Bureau is also adding new comment 107(a)-4, to make clear that
the Bureau may add additional response options to the lists of
responses contained in certain of the individual data-point comments,
via the Filing Instructions Guide, and instructs financial institutions
to refer to the Filing Instructions Guide for any updates for each
reporting year. For example, a credit purpose provided frequently in
the free-form text box for that data point could be added to the
response options via listing in the Filing Instructions Guide. The
Bureau believes that such flexibility will enhance the quality and
currency of the data collected. In addition, because financial
institutions must refer to the Filing Instructions Guide when
compiling, maintaining and reporting their data, the Bureau does not
believe that this flexibility will add operational difficulty to the
reporting of data under this final rule.
General data point issues. In regard to the comments suggesting
that the overall data point collection regime is too burdensome, the
Bureau notes that most of the data points are enumerated in the statute
and the Bureau has implemented the data points in such a way as to
reduce the burden of compilation and reporting as much as feasible
while fulfilling the purposes of section 1071. The Bureau does not
require verification of applicant-provided data, allows responses of
``not applicable'' and ``not provided by applicant and otherwise
undetermined'' when appropriate, and provides several safe harbors to
facilitate compliance. In addition, the Bureau believes that it has set
up the compilation and reporting system in a way that is specific,
measurable, attainable, realistic and timely, as requested by a
commenter. In addition, see the discussion below regarding other data
points considered for further information on the question of the rule's
burden and the issue of accuracy of fair lending analysis and small
business credit data.
In regard to the suggestion that the Bureau use other sources to
obtain information regarding small business credit instead of via this
rulemaking, as explained above the Bureau does not believe that
currently available sources are sufficient to carry out the purposes of
section 1071, and Congress required the Bureau to promulgate a rule to
collect the data. In addition, the Bureau notes that the data collected
under this rule are not exclusive, and financial institutions may
collect any other data allowable under current law to use in processing
or underwriting small business credit. For this reason, the Bureau does
not believe that this final rule will interfere with online lenders'
business practices, which a commenter was concerned about, or the
business practices of other entities that offer small business credit.
In addition, the Bureau does not believe that compilation of data under
this final rule will interfere with relationship banking by community
banks, because they will continue to be able to relate to and serve
customers as they have done previously, and may continue to make credit
decisions in any legally appropriate fashion that they have done in the
past.
As for the commenter's concern that applicant responses be
voluntary, the Bureau notes that although financial institutions are
required to have processes and procedures in place to collect these
data, applicants are free to choose not to answer their requests. For
the collection of demographic data, applicants may select an option of
``I do not wish to respond'' or similar. For many of the other data
points, so long as a financial institution maintains procedures
reasonably designed to collect applicant-provided data, a financial
institution may report ``not provided by applicant and otherwise
undetermined.'' In regard to the commenter's request that the Bureau
allow responses of ``declined to answer'' and ``not available,'' the
Bureau believes that the reporting options of ``not provided by
applicant and otherwise undetermined'' and ``not applicable'' are more
suited to this data collection, and notes that the commenter did not
explain why the suggested responses would be better.
Issues regarding data points adopted pursuant to ECOA section
704B(e)(2)(H). The Bureau is finalizing its proposed data points with
certain changes as described in the respective section-by-section
analyses of those data points below. The Bureau is relying on ECOA
section 704B(e)(2)(H), as well as its authority under 704B(g)(1), to
make clarifications to certain of the data points set forth in 704B(b)
and (e)(2)(A) through (G), as described in the section-by-section
analyses of those data points below.
Pursuant to its statutory authority set forth in ECOA section
704B(e)(2)(H), the Bureau is adopting data points for pricing, time in
business, NAICS code, number of workers, application method,
application recipient, denial reasons, and number of principal owners.
The Bureau has determined that these data points will serve the
purposes of section 1071, improve the utility of the data for
stakeholders, and reduce the occurrence of misinterpretations or
incorrect conclusions based on analysis of an otherwise more limited
dataset. In finalizing these data points, the Bureau considered the
additional operational complexity and potential reputational harm
described by commenters that collecting and reporting these data points
could impose on financial institutions. The Bureau seeks to respond to
industry concerns by adopting a limited number of data points that will
offer the highest value in light of section 1071's statutory purposes.
For this reason, the Bureau is not adopting certain additional data
points suggested by commenters such as credit score, applicant's
disability status, or business structure (see the discussion below).
In addition, the Bureau did not choose to take an incremental
approach to adding data points, as several commenters suggested, or
permit collecting and reporting of certain data points to be phased in
over time. The Bureau believes the information from the data points
adopted pursuant to ECOA section 704B(e)(2)(H) will enhance the
usefulness of the data points enumerated in 704B(e)(2)(A) through (G),
and further section 1071's purposes for the reasons stated above and in
the descriptions of those data points in the section-by-section
analyses below, and so should be collected and reported as soon as
possible. In addition, data from these data points will be an important
part of the privacy risk assessment that the Bureau will conduct after
the first full year of data are received. In response to the
[[Page 35279]]
commenters who expressed concern about privacy risks, the Bureau notes
that when making modification and deletion decisions prior to
publication of the data, it intends to consider re-identification risk
and other cognizable privacy risks. See part VIII below for additional
information.
As explained above, numerous industry commenters stated that data
points adopted pursuant to ECOA section 704B(e)(2)(H) would make the
rule more burdensome, result in greater costs for not only financial
institutions but also their small business customers, and potentially
lead to a reduction in credit availability. The Bureau does not believe
that the effects on the small business credit market from the data
points adopted pursuant to ECOA section 704B(e)(2)(H) will be so
pronounced. Rather, such data points will add only incremental costs to
the rule,\592\ and the Bureau has carefully crafted all the data points
in the final rule to provide flexibility by allowing reporting of
information that is already present in the credit file or easily
gathered from the applicant. In addition, the final rule does not
require verification, allows for responses of ``I do not wish to
respond'' or similar, ``not applicable,'' and ``not provided by
applicant and otherwise undetermined'' when appropriate, and provides
several safe harbors to facilitate compliance and reduce costs in the
compilation and reporting of the data points.
---------------------------------------------------------------------------
\592\ See part IX.F.5 below for a discussion of the economic
impacts of an alternative that only includes the data points
specified in ECOA section 704B(e)(2)(A) through (G).
---------------------------------------------------------------------------
Numerous industry commenters also stated that the small business
credit market is different from the residential housing market
disclosed in HMDA data, and the varied and complex nature of the small
business application, underwriting and approval processes will cause
the data collected pursuant to ECOA section 704B(e)(2)(H) to suggest
false positives for discrimination. Although the potential risk of
misinterpretation exists with all public data, the Bureau notes that
any fair lending analysis of the public dataset should be considered
preliminary to meaningful further investigation, and inferences from
the public data alone are not determinative of unlawful
discrimination.\593\ Furthermore, the Bureau believes that the
additional information from these data points is more likely to
eliminate false positives than to create them. For example, knowing
applicants' time in business will help to avoid comparing credit
outcomes for established businesses with outcomes for riskier start-ups
and expecting them to be similar. In this way, regulators engaged in
fair lending analysis, and the financial institutions they are
examining or researching, will be able to avoid unnecessary further
investigation.
---------------------------------------------------------------------------
\593\ In regard to the HMDA dataset for 2020, the Bureau
publicly stated that ``HMDA data are generally not used alone to
determine whether a lender is complying with fair lending laws. The
data do not include some legitimate credit risk considerations for
loan approval and loan pricing decisions. Therefore, when regulators
conduct fair lending examinations, they analyze additional
information before reaching a determination about an institution's
compliance with fair lending laws.'' See CFPB, FFIEC Announces
Availability of 2020 Data on Mortgage Lending (June 17, 2021),
https://www.consumerfinance.gov/about-us/newsroom/ffiec-announces-availability-of-2020-data-on-mortgage-lending/.
---------------------------------------------------------------------------
Many industry commenters also suggested that information from data
points adopted pursuant to ECOA section 704B(e)(2)(H) will be
unreliable and not useful for data users. However, the Bureau considers
the information required to be reported to be very useful in fulfilling
the fair lending and business and community development purposes of
section 1071, as explained in the section-by-section analysis of each
of these data points below. Although, as one commenter pointed out,
some of these data may change in the course of credit processing, HMDA
data and the data from the data points specified in ECOA section
704B(e)(2)(A) through (G) often do the same. The Bureau believes that
financial institutions will use the appropriate information from the
credit file and report accurately, as the overwhelming majority of HMDA
reporters do now.
As explained above, some commenters stated that many applicants
will not want to provide the requested information and some may be
concerned that the information will be used in the credit decision if
too much information is requested. The Bureau does not believe that
these problems will be widespread, and to the extent that they do
manifest, the financial institution can use the appropriate responses
to indicate that the applicant did not wish to provide information. The
Bureau also believes that applicants for small business credit expect
to be asked for numerous pieces of information, and the applicant-
provided data points adopted pursuant to ECOA section 704B(e)(2)(H)
(NAICS code, number of workers, time in business, and number of
business owners) do not appear likely to raise red flags.
Other commenters were concerned that different types of financial
institutions would fare differently regarding the data points adopted
pursuant to ECOA section 704B(e)(2)(H), and this difference would
create competitive distortions. The Bureau does not believe that the
structure of a financial institution will have a large effect on the
difficulty of reporting such data points. Because all covered financial
institutions have the same responsibilities under this final rule, the
Bureau believes that the effects on different financial institution
types will be similar. Numerous commenters also stated that small
financial institutions, such as community banks and small credit
unions, would be disadvantaged because they lack the economies of scale
to allow them to readily absorb the rule's costs. Several of these
commenters requested an exemption for these institutions from any data
points adopted pursuant to ECOA section 704B(e)(2)(H), but the Bureau
has determined that such an additional exemption that focuses
specifically on such data points is not appropriate. As explained in
the section-by-section analysis of Sec. 1002.105 above, the proposed
exemption for certain institutions with limited small business credit
originations is now finalized at a higher transaction level than
proposed, exempting a larger number of small financial institutions
from section 1071's data collection and reporting obligations.
Furthermore, the usefulness of the data collected would be reduced if
the dataset is incomplete for some financial institutions. In addition,
the Bureau will provide assistance to small institutions and compliance
vendors during the implementation period to help them transition to the
new rule's requirements.
In regard to the commenters who discussed legal issues involved in
this rulemaking, the Bureau notes that each of the data points adopted
pursuant to ECOA section 704B(e)(2)(H) fulfills the purposes that
Congress stated in section 1071, fair lending and business and
community development, as explained in the section-by-section analyses
that follow. In addition, the Bureau has carefully considered the
evidence before it, including from the SBREFA process and public
comments, and has based its decisions regarding these data points on
that evidence in relation to the factors that Congress intended it to
consider. Furthermore, as explained above, the Bureau does not consider
that the full data collected, whether pursuant to ECOA section
704B(e)(2)(A) through (G) or pursuant to section 704B(e)(2)(H), should
be used alone to determine whether a lender is complying with fair
lending laws. When regulators conduct fair lending examinations, they
will
[[Page 35280]]
consider additional information before reaching a determination about
an institution's compliance. The Bureau considers the scope of data
reported to be well within the parameters of congressional intent
apparent in section 1071.
Other Data Points Considered
As mentioned above, small entity representatives and other
stakeholders suggested some additional data points for the Bureau's
consideration, and the Bureau considered others in the development of
the proposed rule. Because of the operational complexities likely to be
posed by each of these potential data points, as well as the reasons
explained below, the Bureau chose not to propose to include any of the
following data points in the rule. Nonetheless, the Bureau sought
comment on whether the following potential data points or any others
would further the purposes of section 1071 and thus should be
considered for inclusion in the final rule.
Type of business/entity structure (sole proprietorship, C-
corporation, limited liability company, partnership, etc.). This
information could be useful in providing context to the ethnicity,
race, and sex data regarding applicants' principal owners. However, the
Bureau believed that collecting the number of principal owners, as
proposed in Sec. 1002.107(a)(21), would better serve this purpose.
Credit score. Collecting credit score and other credit information
could be particularly useful for the fair lending purpose of section
1071. However, because of the different types of scores and different
situations in which a financial institution would or would not access
scores, the Bureau believed that this data point could be quite
complicated and involve complex sub-fields, which could pose
operational difficulties for financial institutions in collecting and
reporting this information. These complexities could also make it
difficult for data users to understand and interpret credit score data.
Credit reporting information, including whether credit information
was accessed. This data point could also be complicated and involve
complex sub-fields, making it difficult for financial institutions to
collect and report. As with credit score, these complexities could also
make it difficult for data users to understand and interpret these
data. In addition, it was not clear that this information would be
useful without also collecting credit score.
Percentage ownership of each principal owner and percentage
ownership by women and by minorities. This information could be useful
in providing context to the ethnicity, race, and sex data regarding
applicants' principal owners. However, the Bureau was concerned that
requesting this type of percentage data could be confusing to
applicants and could result in inconsistent responses across applicants
and institutions. The Bureau believed that collecting the number of
principal owners (those individuals who each directly own 25 percent or
more of the equity interests of a business), as proposed in Sec.
1002.107(a)(21), would better serve this same purpose.
Whether the applicant has an existing relationship with the
financial institution and the nature of that relationship. This
information could provide additional context for a financial
institution's credit decision, and thus could be useful for both of
section 1071's statutory purposes. However, the Bureau believed that
the usefulness of the data collected might not justify the additional
operational complexity of identifying and tracking such relationships
for reporting.
Customer number, and/or unique (but anonymous) identification
number for applicants or associated persons for tracking of multiple
applications. This information could be useful to track multiple
applications by a single small business within a particular financial
institution, whether submitted at one time or over the course of the
year. However, the Bureau believed that the potential difficulties
posed by requiring the reporting of this information--particularly for
applications that have been withdrawn or abandoned--would not be
warranted in light of the utility of the data.
Comments Received
Type of business/entity structure. The Bureau received comments
from some lenders, community groups, and others requesting the
inclusion of a data point for type of business structure. The Bureau
did not receive any comments specifically opposing the inclusion of
type of business structure, though the Bureau understands the
overwhelming industry opposition to all data points adopted pursuant to
ECOA section 704B(e)(2)(H) likely implicates this one.
Commenters stated that collecting type of business structure would
allow for better analysis of credit outcomes, because different
structures may indicate varying levels of sophistication and can be
viewed differently by creditors. One commenter pointed out that Black
and Latino business owners are more likely to have non-employer
businesses, and type of business structure could help identify those
businesses and track their access to credit. That commenter also stated
that without the information about business structure, it will not be
possible to identify gaps in capital access between sole
proprietorships (often minority owned) and other forms, and so
collecting business structure will help ensure that future capital
programs, whether private or public, adequately include or target
business structures. One commenter stated that business structure,
along with credit score, would be important for rooting out patterns of
discriminatory or exclusionary lending practices in the deep South. A
CDFI lender stated that being able to differentiate between sole
proprietors versus corporations is also key for philanthropic efforts
that may aid the work of mission-based lenders working with specific
underserved communities, and added that it already collects this
information for the SBA 7(a) program, Paycheck Protection Program, and
the CDFI Fund. Discussing the Bureau's suggestion that collecting the
number of principal owners would provide the desired context, a
commenter stated that under the proposal, only a natural person who
directly owns at least 25 percent of a business is counted as a
principal owner, and thus a partnership, corporation, and sole
proprietorship could appear similarly situated despite presenting
different credit needs.
Credit score. The Bureau received numerous comments from community
groups, community-oriented lenders, business advocacy groups, and
others requesting the inclusion of a data point for credit score. The
Bureau did not receive any comments specifically opposing the inclusion
of credit score, though the Bureau understands the overwhelming
industry opposition to all data points adopted pursuant to ECOA section
704B(e)(2)(H) as likely implicating this one.
Commenters stated that including a data point for credit score,
along with other key underwriting criteria, was important for effective
fair lending analysis. A joint letter from community and business
advocacy groups stated that the Federal Reserve Banks in their annual
small business surveys have found large disparities in credit access
even after controlling for credit scores, and other commenters agreed
that this was the case. Many compared the situation to HMDA, where
credit scores were only recently required, suggesting that the lack of
credit scores allowed lenders to avoid accountability. A number of
community groups stated
[[Page 35281]]
that, in addition to fair lending, credit scores allow users to
understand the characteristics of applicants that are denied credit so
as to identify areas of unmet need. A joint letter from community
groups and community oriented lenders stated that more than half of
Black individuals and 41 percent of Latinos have low or no credit
scores, which impacts their ability to access financing. One community
group stated that since the Bureau implemented the expanded HMDA data
collection rules, they have determined that in their county Black
mortgage applicants are more than 10 percent likelier than white
applicants to be denied for credit history, and that having more robust
information would allow them to better advocate to their financial
partners for more equitable credit scoring models in small business
lending. A CDFI lender stated that lenders rely heavily on credit
scores to assess borrower risk and creditworthiness, and they are used
in many cases to screen for pre-qualified and/or pre-approved
applicants before moving further in the application process. Several
rural community groups stated that credit score reporting would be
important for analyzing potential discrimination in farm credit.
Numerous commenters suggested that requiring credit scores would
not be as complicated or difficult as the Bureau stated in the proposed
rule, pointing out that HMDA currently requires credit score reporting
and this rule could use a similar method. Commenters said lenders that
rely on an individual or composite credit score of business owners
should be required to report that score and the scoring model used, as
is currently required under HMDA. A CDFI lender stated that it would be
straightforward for lenders to disclose borrower credit scores, type
(personal or business), and scoring model and version in accordance
with HMDA procedures, including the options to select not applicable
and write in the name and credit scoring model if not listed. Once
commenter suggested requiring only personal credit scores because
business scores were not yet industry standard. A community group
suggested that the Bureau use the Federal Reserve Bank of Atlanta's
small business credit survey method, which they said accommodates a
single score irrespective of how it was used by the lender. Another
CDFI lender stated that it already collects credit score for the CDFI
Fund. Several commenters stated that privacy would not be a problem,
and some suggested that credit scores could be released in ranges or
other non-specific methods to avoid any issue.
Disability status. Although the Bureau did not propose or seek
comment on the possibility of including the disability status of
applicant owners as a data point, a number of commenters requested that
the Bureau do so. An advocacy group for persons with disabilities
stated that this population is twice as likely as people without
disabilities to be living in poverty, twice as likely to use costly
nonbank lending, and twice as likely to be unbanked. They stated
further that people with disabilities that are part of the labor force
are more likely to own small businesses than those without
disabilities, and that for a growing number of adults with
disabilities, establishing small businesses has become a viable path to
improve their economic stability and security. Finally, they stated
that the absence of disability data renders people with disabilities
invisible and creates an obstacle to understanding and analyzing
potential discriminatory lending practices and creates a challenge in
advocating for and designing effective policies. Other commenters
referred to and supported this organization's comment letter.
Some commenters stated that discrimination against people with
disabilities is clearly present in society, and several suggested that
including a disability data point would further enforcement and
implementation of section 1071, the Americans with Disabilities Act,
and various bank vendor procurement programs, amongst other laws and
initiatives. One commenter stated that people with disabilities often
face significant economic disparities such as lower net worth or
thinner credit history that may create barriers to entrepreneurship. A
CDFI lender stated that it already collects this information for the
SBA 7(a) program.
Additional agricultural data. Although the Bureau did not propose
or seek comment on the issue, two rural community groups requested that
the final rule include additional data points regarding agricultural
credit. One of these commenters stated that the Bureau should require
reporting of farm marketing strategies, years of farmer experience, and
certain kinds of farm production certifications (USDA Organic, animal
welfare, labor standard certification, etc.) to help determine if all
farm operations are treated equally in the lending process. The other
requested that information regarding base acre payments (farm program
benefit payments) be reported because information on program benefits
attached to base acres is valuable to minority farmers' farm credit
loan making and servicing. That commenter also asked that the Bureau
require reporting on collateral requirements, on differences in
appraised value or loans or loan modifications rejected based on
failure to appraise, on refinancings precipitated by required
graduation from Farm Service Agency loans, and on all forms of loan
modifications that have historically been a central factor in farm loss
for farmers of color.
Other requested data points. The Bureau received requests for
several other additional data points that were not proposed and on
which it did not seek comment. Commenters suggested that the Bureau
require reporting on veteran status, limited English proficiency
status, and senior citizen status in order to monitor risks to these
groups. A CDFI lender stated that it already collects veteran status
for SBA 7(a) loans and other programs. They also stated that it
collects information on low-income owned or controlled status for the
CDFI Fund, though did not specifically ask the Bureau to require
reporting of that information or veteran status.
Commenters also requested that the Bureau require reporting of the
appraised value of collateral in relation to the loan amount, the
origination date, community of residence (using ZIP code, school zone
or other demographic data), the type of purchaser of the originated
credit, and a legal entity identifier (LEI) for the small business
applicant.
Final Rule
The Bureau is adopting a limited number of data points pursuant to
the authority set forth in ECOA section 704B(e)(2)(H) that it believes
will offer the highest value in light of section 1071's statutory
purposes. The Bureau believes that the potential additional data points
that it sought comment on would pose operational complexities, as would
the other data points suggested by commenters. For these reasons, and
the reasons explained below, the Bureau is not including any of the
following data points in this final rule.
Type of business/entity structure. The Bureau believes that
collecting the number of principal owners will be more useful than type
of business structure in providing additional useful context to the
ethnicity, race, and sex data regarding applicants' principal owners.
In addition, the Bureau believes that the number of workers and gross
annual revenue data points will provide useful context regarding the
size and sophistication of the applicant, which
[[Page 35282]]
appears to address the primary reason that commenters wanted type of
business structure to be collected.
Credit score. Although the Bureau agrees with commenters that this
data would be useful for fair lending analyses, it nonetheless could be
quite complicated and involve complex sub-fields, which could pose
operational difficulties for financial institutions, especially given
the use of business credit scores as well as personal credit scores in
small business lending.
Disability status. The Bureau did not propose or seek comment on
including this data point, and so does not have the benefit of robust
stakeholder input as to whether and how to implement it. More
importantly, ECOA does not include disability as one of the enumerated
bases on which discrimination is prohibited, and so it is not clear
that the Bureau has the legal authority to include this data point.
Additional agricultural data. The Bureau did not propose or seek
comment on including these data points, and so does not have the
benefit of robust stakeholder input as to whether and how to implement
them. In addition, the Bureau does not have sufficient other
information to assess the importance or feasibility of requiring that
these data points be reported.
Other requested data points. The Bureau did not propose or seek
comment on including these data points regarding veteran, limited
English proficiency, and senior citizen status, and so does not have
the benefit of robust stakeholder input as to whether and how to
implement them. In addition, the Bureau does not have sufficient other
information to assess the importance or feasibility of requiring that
these data points be reported.
Credit reporting information, including whether credit information
was accessed. Commenters did not focus on this potential additional
data point that the Bureau sought comment on, instead focusing their
requests on the related potential credit score data point discussed
above. For the reasons discussed above, the Bureau is not including
this data point in the final rule.
Percentage ownership of each principal owner and percentage
ownership by women and by minorities. The Bureau did not receive
comments on this potential additional data point that the Bureau sought
comment on. For the reasons discussed above, the Bureau is not
including this data point in the final rule.
Whether the applicant has an existing relationship with the
financial institution and the nature of that relationship. The Bureau
did not receive comments on this potential additional data point that
the Bureau sought comment on. For the reasons discussed above, the
Bureau is not including this data point in the final rule.
Customer number, and/or unique (but anonymous) identification
number for applicants or associated persons for tracking of multiple
applications. The Bureau did not receive comments on this potential
additional data point that the Bureau sought comment on. For the
reasons discussed above, the Bureau is not including this data point in
the final rule.
107(a)(1) Unique Identifier
Proposed Rule
ECOA section 704B(e)(2)(A) requires financial institutions to
collect and report ``the number of the application . . . .'' Regulation
C includes a similar reporting requirement for a universal loan
identifier,\594\ though some insured credit unions and depositories
whose lending activity falls below applicable thresholds are partially
exempt and only need to report a non-universal loan identifier.\595\
Both the universal loan identifier and the non-universal loan
identifier use only alphanumeric characters, and do not allow use of
identifying information about the applicant or borrower in the
identifier. The universal loan identifier is ``unique'' in the national
HMDA reporting market because it uses a unique LEI for the reporting
institution and then the identifier is required to be unique within
that institution.\596\ The universal loan identifier must be no more
than 45 characters and the non-universal loan identifier must be no
more than 22 characters.\597\
---------------------------------------------------------------------------
\594\ 12 CFR 1003.4(a)(1)(i).
\595\ 12 CFR 1003.3(d)(5).
\596\ 12 CFR 1003.4(a)(1)(i)(A), (B)(2). The non-universal loan
identifier is only required to be unique within the annual loan/
application register in which the covered loan or application is
included. 12 CFR 1003.3(d)(5)(ii).
\597\ The universal loan identifier length limit is included in
the Bureau's yearly HMDA Filing Instructions Guide. See CFPB, Filing
instructions guide for HMDA Data collected in 2023 (2022), https://ffiec.cfpb.gov/. The length limit for the non-universal loan
identifier is in Regulation C Sec. 1003.3(d)(5).
---------------------------------------------------------------------------
The Bureau proposed to require that financial institutions report
an alphanumeric identifier starting with the LEI of the financial
institution. This unique alphanumeric identifier would have been
required to be unique within the financial institution to the specific
covered application and to be usable to identify and retrieve the
specific file corresponding to the application for or extension of
credit. The Bureau also proposed commentary with additional details, as
discussed below.
For clarity, the Bureau included language in proposed comment
107(a)(1)-1 that would have explained that the identifier can be
assigned at any time prior to reporting the application. Proposed
comment 107(a)(1)-1 would also have provided the formatting
requirements for the unique identifier. The Bureau proposed an
identifier of 45 characters or fewer, as is currently required for
HMDA. The Bureau made clear in the proposal that the unique identifier
would not need to stay ``uniform'' throughout the application and
subsequent processing. Proposed comment 107(a)(1)-1 would have also
explained that refinancings or applications for refinancing must be
assigned a different identifier than the transaction that is being
refinanced.
Proposed comment 107(a)(1)-2 would have made clear that the unique
identifier must not include any directly identifying information
regarding the applicant or persons (natural or legal) associated with
the applicant. The Bureau was aware that internal identification
numbers assigned by the financial institution to the application or
applicant could be considered directly or indirectly identifying
information, and requested comment on this issue. The Bureau also noted
that due to privacy risks the Bureau was proposing to not publish
unique identifier in unmodified form; the Bureau sought comment on
potential modifications to or deletion of this data point in the
published application-level data. Proposed comment 107(a)(1)-2 would
have also cross-referenced proposed Sec. 1002.111(c) and related
commentary, which would have prohibited any personally identifiable
information concerning any individual who is, or is connected with, an
applicant, in records retained under proposed Sec. 1002.111.
As stated above, the Bureau proposed to require that the unique
identifier begin with the financial institution's LEI. Pursuant to
proposed Sec. 1002.109(b)(1)(vi), any covered financial institution
that did not currently use an LEI would have been required to obtain
and maintain an LEI in order to identify itself when reporting the
data. Although a ``check digit''--a portion of an identifying number
that can be used to check accuracy--is required for the HMDA universal
loan identifier, the Bureau did not propose to require its use in the
1071 unique identifier.
The Bureau sought comment on its proposed approach to the unique
identifier data point. In addition, the
[[Page 35283]]
Bureau requested comment on the use of the LEI in the unique identifier
and the possible use of a check digit.
Comments Received
The Bureau received comments on the unique identifier data point
from several lenders and trade associations. Some commenters supported
the data point as proposed; several stated that it was a reasonable and
appropriate means of implementing the statutory requirement. Another
lender noted that it already reports this type of data for Paycheck
Protection Program and CDFI Fund lending. A trade association stated
that community banks prefer not to be required to create this
identifier too early in the credit origination process. A national auto
finance trade association noted that its members generally assign
application or loan numbers to new credit applications, but not
necessarily to credit line increases, and suggested that financial
institutions will have this data without needing the Federal Reserve to
issue a parallel rule to implement section 1071 for motor vehicle
dealers.\598\
---------------------------------------------------------------------------
\598\ ECOA authority over motor vehicle dealers lies with the
Board, not the Bureau, because Regulation B does not apply to a
person excluded from coverage by section 1029 of the Consumer
Financial Protection Act of 2010, title X of the Dodd-Frank Wall
Street Reform and Consumer Protection Act, Public Law 111-203, 124
Stat. 1376, 2004 (2010).
---------------------------------------------------------------------------
A community bank stated that the cost of creating a customer
identification numbering system that does not use the employer
identification number, taxpayer identification number, or Social
Security number (SSN) would be passed on to the borrower. That
commenter requested that the Bureau allow use of the last four digits
of the employer identification number, taxpayer identification number,
or SSN for identification purposes. They also expressed confusion as to
how an LEI (which it may not currently have) could be incorporated with
the loan number in its system for reporting, and stated that the Bureau
did not provide sufficient guidance on how to incorporate the unique
identifiers into its current system.
Final Rule
For the reasons set forth herein, the Bureau is finalizing Sec.
1002.107(a)(1) with a minor edit for clarity. Financial institutions
will report an alphanumeric identifier, starting with the LEI of the
financial institution, that is unique within the financial institution
to the specific covered application. The identifier must be usable to
identify and retrieve the specific file or files corresponding to the
application for or extension of credit.
The Bureau is finalizing comment 107(a)(1)-1 with a minor change.
As apparent from the instructions in comment 107(a)(1)-1, the Bureau
chose to follow the well-known and workable HMDA format to avoid
introducing new complications. With respect to the concerns raised by
one commenter about the unique identifier data point, the Bureau notes
that a customer identification number is not required. The unique
identifier refers to the application or origination being reported, not
the customer who applies for or borrows the funds. In addition, comment
107(a)(1)-1 makes clear that financial institutions may assign the
unique identifier at any time prior to reporting the application,
facilitating compliance. The Bureau believes that final Sec.
1002.107(a)(1) will accommodate different institutions' numbering
systems because the unique identifier can be created separately from
those internal systems. In order to foster uniformity of format and
avoid confusion as to what constitutes a ``unique'' identifier, comment
107(a)(1)-1 now requires that any alphabetical characters in the unique
identifier be upper-case.
The Bureau is finalizing comment 107(a)(1)-2 with a minor change
described below. Final comment 107(a)(1)-2 states that the unique
identifier must not include any directly identifying information
regarding the applicant or persons (natural or legal) associated with
the applicant. In regard to the use of directly identifying
information, such as an SSN or taxpayer identification number, the
Bureau notes that section 1071 specifically forbids financial
institutions from using personally identifiable information concerning
any individual who is, or is connected with, an applicant in compiling
and maintaining data for reporting.\599\ Although the Bureau has
preliminarily determined not to release unique identifier data reported
to the Bureau in unmodified form in the public, application-level
dataset, inclusion of a small business's employer identification number
or a natural person's SSN or taxpayer identification number could
present a risk of fraud or identity theft. Thus, for clarity, the
Bureau is including in comment 107(a)(1)-2 that SSN and employer
identification number, in whole or partial form, are examples of
directly identifying information that must not be used.
---------------------------------------------------------------------------
\599\ ECOA section 704B(e)(3).
---------------------------------------------------------------------------
The final rule requires that the unique identifier begin with the
financial institution's LEI. Final Sec. 1002.109(b)(1)(vi) requires
any covered financial institution that does not currently use an LEI to
obtain and maintain an LEI in order to identify itself when reporting
data to the Bureau. The Bureau does not believe that including the
financial institution's LEI in its unique identifiers will pose
particular difficulties for reporting institutions; as noted above, the
unique identifier can be assigned at any time prior to reporting an
application. The Bureau also believes that including the LEI will
increase the specificity and usefulness of the identifier and the
record it identifies.
The Bureau did not receive comments discussing the possible
inclusion of a ``check digit,'' which is required for the HMDA
universal loan identifier but was not proposed as part of the 1071
unique identifier. The Bureau believes that, based on its expectations
for small business lending data submission platform, a check digit will
be unnecessary, as well as potentially complicated for small financial
institutions to implement, and thus it is not included in the final
rule.
107(a)(2) Application Date
Proposed Rule
ECOA section 704B(e)(2)(A) requires financial institutions to
collect and report the ``date on which the application was received.''
The Bureau proposed to require reporting of application date in
Sec. 1002.107(a)(2) as the date the covered application was received
by the financial institution or the date on a paper or electronic
application form. Proposed comments 107(a)(2)-1 and -2 would have
clarified the need for a financial institution to take a consistent
approach when reporting application date, and would have provided
guidance on how to report application date for applications not
submitted directly to the financial institution or its affiliate
(indirect applications). The Bureau also proposed a safe harbor in
Sec. 1002.112(c)(4), which would have provided that a financial
institution does not violate proposed subpart B if it reports on its
small business lending application register an application date that is
within three calendar days of the actual application date pursuant to
proposed Sec. 1002.107(a)(2).
The Bureau sought comment on its approach to collecting application
date in proposed Sec. 1002.107(a)(2) and associated commentary. The
Bureau also sought comment on how best to
[[Page 35284]]
define the ``application date'' data point in light of the Bureau's
definition of ``covered application'' in proposed Sec. 1002.103.
Comments Received
The Bureau received feedback on its proposal to require reporting
of application date in Sec. 1002.107(a)(2) from several lenders, trade
associations, and a community group. Most commenters to address this
data point supported proposed Sec. 1002.107(a)(2). A trade association
stated that application date is currently collected in its financial
institutions' work flows. A trade association urged the Bureau to
define application date in a manner that is consistent with existing
Regulation B, so to avoid inconsistency, though it did not identify any
aspect of proposed Sec. 1002.107(a)(2) that would be inconsistent with
existing Regulation B. Similarly, a bank urged the Bureau to align
application date with HMDA--to increase efficiency for the customer,
facilitate compliance, and avoid duplicative collections--but did not
identify whether or how proposed Sec. 1002.107(a)(2) would differ from
how financial institutions report application date under Regulation C.
A community bank urged the Bureau to provide a concrete definition of
application date, explaining that a subjective definition would
discourage banks from small business lending, and that application date
is often difficult to pinpoint as there frequently is no written
application and the application process may occur over time, both in-
person and by phone.\600\
---------------------------------------------------------------------------
\600\ Comments primarily directed at how to define an
application under section 1071, rather than the date reported for
that application, are discussed in connection with the section-by-
section analysis of Sec. 1002.103(a) above.
---------------------------------------------------------------------------
Final Rule
For the reasons set forth herein, the Bureau is finalizing Sec.
1002.107(a)(2) to require reporting of application date as the date the
covered application was received or the date on a paper or electronic
application form. The Bureau believes the flexibility to report either
the date the covered application was received or the date shown on a
paper or electronic application form will accommodate institutions'
varied practices. While several commenters urged the Bureau to align
reporting of application date with existing Regulation B and Regulation
C, the commenters did not identify how the proposed definition would
differ from those regulatory provisions, and the Bureau believes they
do not conflict. For example, a financial institution may report
application date based on the date a ``covered application'' was
received, and final Sec. 1002.103(a) defines a covered application
largely based on Regulation B's definition of an application in
existing Sec. 1002.2(f). Similarly, Regulation C Sec.
1003.4(a)(1)(ii) requires reporting of the date the application was
received or the date shown on the application form. While a commenter
urged the Bureau to provide a concrete definition of application date,
the commenter never indicated whether or how the proposed definition
was vague.\601\
---------------------------------------------------------------------------
\601\ As discussed in more detail in the section-by-section
analysis of Sec. 1002.103(b), if the covered application is
requesting additional credit on an existing account, all data
reported, including applicable dates, relate to the new request for
credit rather than the initial origination.
---------------------------------------------------------------------------
Final Sec. 1002.107(a)(2) states that application date may be the
date ``the covered application was received;'' the Bureau has removed
the phrase that followed in proposed Sec. 1002.107(a)(2), which read
``by the financial institution . . . '' to reflect that not all covered
applications will be received directly by the financial institution.
The Bureau is also adopting new comment 107(a)(2)-2 to provide guidance
on when an application is ``received'' for covered applications
submitted directly to the financial institution or its affiliate.
Comment 107(a)(2)-1 is finalized with minor revisions for clarity
and consistency, to provide guidance on maintaining a consistent
approach to reporting application date. Final comment 107(a)(2)-3
(proposed as comment 107(a)(2)-2) provides guidance on how a financial
institution reports application date where a covered application was
not submitted directly to the financial institution or its affiliate.
Lastly, final comment 107(a)(2)-4 is adopted to note the safe harbor in
final Sec. 1002.112(c)(1), which provides that a financial institution
does not violate subpart B if it reports on its small business lending
application register an application date that is within three business
days of the actual application date pursuant to final Sec.
1002.107(a)(2).
107(a)(3) Application Method
Proposed Rule
ECOA section 704B(e)(2)(H) authorizes the Bureau to require
financial institutions to compile and maintain ``any additional data
that the Bureau determines would aid in fulfilling the purposes of
[section 1071].'' The Bureau believes that application method data will
aid in fulfilling the purposes of section 1071.
The Bureau did not address the method of application as a potential
data point under consideration in the SBREFA Outline. However, during
the SBREFA process, one CDFI small entity representative suggested
collecting information regarding the way an application was taken (in
person, by phone, or online) in order to monitor for possible
discouragement of applicants.\602\ Relatedly, several small entity
representatives that took applications for credit primarily or entirely
online asserted that such channels were less likely to result in
discrimination and more likely to increase access to credit to women-
owned and minority-owned small businesses.
---------------------------------------------------------------------------
\602\ SBREFA Panel Report at 30-31.
---------------------------------------------------------------------------
In light of the feedback during the SBREFA process and further
consideration by the Bureau of additional data that would aid in
fulfilling the purposes of section 1071, the Bureau proposed to require
financial institutions to collect and report application method. The
Bureau proposed Sec. 1002.107(a)(3) to define this data point as the
means by which the applicant submitted the covered application directly
or indirectly to the financial institution. The Bureau also proposed
commentary to accompany proposed Sec. 1002.107(a)(3).
The Bureau believed that data on application method would improve
the market's understanding of how applicants apply for credit which, in
turn, would facilitate fair lending enforcement and the business and
community development purposes of section 1071. In addition, the Bureau
believed that collecting data on application method would aid in
analysis of multiple data points collected and reported by financial
institutions, including the ethnicity, race, and sex of applicants'
principal owners.
Finally, data on application method would assist in analyzing data
reported under, and assessing compliance with, proposed Sec.
1002.107(a)(20), which would have required financial institutions to
collect principal owners' ethnicity and race via visual observation or
surname in certain circumstances. The Bureau explained that having
application method reporting would allow the Bureau and other data
users to determine, for example, which applications could be subject to
data collection via visual observation or surname (because the
financial institution met with the applicant in person) and, together
with information reported under proposed
[[Page 35285]]
Sec. 1002.107(a)(20), which of those applications did and did not have
information collected that way.
The Bureau proposed comment 107(a)(3)-1 to clarify that a financial
institution would comply with proposed Sec. 1002.107(a)(3) by
reporting the means by which the applicant submitted the application
from one of the following options: in-person, telephone, online, or
mail. Proposed comment 107(a)(3)-1 would have explained how financial
institutions are to choose which application method to report,
including via a ``waterfall approach'' when they have contact with an
applicant in multiple ways. Proposed comments 107(a)(3)-1.i through .iv
would have provided detailed descriptions and examples of each of the
four proposed application methods.
The Bureau proposed comment 107(a)(3)-2 to provide guidance on what
application method a financial institution would report for
interactions with applicants both online and by mail. In short, a
financial institution would have reported application method based on
the method by which it, or another party acting on its behalf,
requested the ethnicity, race, and sex of the applicant's principal
owners pursuant to proposed Sec. 1002.107(a)(20). Proposed comment
107(a)(3)-2 also would have provided separate examples of when the
application method should be reported as ``online'' and ``mail.''
The Bureau sought comment on its proposed approach to this data
point.
Comments Received
The Bureau received comments on its proposed application method
data point from a number of banks, trade associations, and community
groups. Several commenters supported the Bureau's proposal to require
financial institutions to report data on application method; some noted
that such data would facilitate fair lending enforcement and/or further
the community development purpose of section 1071. A community group
asserted that data on the application method would enable the
comparison of application outcomes based on the application channel at
specific institutions and could also help assess whether applicants are
receiving comparable access to comparable credit across application
channels. Another community group stated that data on application
method would help shed light on the issue of whether newer, online
lenders are more effective at reaching underserved populations and
businesses. One commenter suggested the Bureau create more categories,
particularly to distinguish email from web portal because an
application received by email often reflects a more personal
relationship than does an application submitted via web portal.
In contrast, several banks and trade associations opposed the
proposed requirement to collect application method data and urged the
Bureau to drop it from the final rule. A few commenters said that this
data point was added ``late'' in the rulemaking process or without
adequate public input.
Industry commenters explained that application method data are not
currently collected nor recorded in the loan file. A bank stated that
it would need to collect the data manually because it does not have a
way to record or report the information and asserted that this data
collection requirement would affect its ability to serve the credit
needs of its community. Several other commenters noted that this data
point is not a factor in the credit decision and argued that there is
no information or insight that can be gleaned from it. Some commenters
also questioned how the data point would provide value in fair lending
analysis. One commenter suggested the data have limited value and that
the Bureau's policy goals can be achieved by combining publicly
available data with section 1071's statutory requirements; for example,
collection of census tract data will indicate whether a loan was
originated in a ``credit desert,'' thereby eliminating the need for the
application method data point.
Some commenters asserted that the proposed waterfall approach was
problematic and would introduce complexity into reporting application
method data. These commenters explained that there are multiple
interactions between the lender and the applicant throughout the
application process and suggested that reporting application method
using the proposed waterfall approach would require the financial
institution to document each interaction with an applicant. They
further said that could lead to a cumbersome process in trying to
determine exactly how an application was received and could result in
unintentional errors. One industry commenter stated that an application
may start out as an email request, followed up by a phone call, and
then be completed in person. This commenter suggested that there would
be difficulty collecting the data accurately because the proposal did
not allow for multiple methods of application, particularly because the
definition of application is at the financial institution's discretion.
A bank suggested that the Bureau drop the waterfall approach and allow
financial institutions to designate the best way to determine
application method. A group of trade associations likewise requested
that the Bureau drop the waterfall approach, and instead have financial
institutions report the application method where the ethnicity, race,
and sex of the applicant's principal owners was requested. A few
commenters suggested that the application method should be based only
on the initial contact. Two of these commenters indicated that basing
the application method on initial contact would provide clear
requirements in the event that the applicant provides information via
two methods: for example, when an applicant applies online but later
provides information by telephone.
A group of trade associations noted that while the data point is
about the means by which the application was submitted, the proposed
commentary discusses when a financial institution meets with the
applicant or communicates with the applicant by telephone. This
commenter stated that the proposed commentary was confusing and did not
provide clear guidance on compliance.
Final Rule
For the reasons set forth herein, the Bureau is finalizing Sec.
1002.107(a)(3) with a number of revisions to the associated commentary.
Pursuant to its authority under ECOA section 704B(e)(2)(H), the Bureau
believes that collecting data on application method would aid in
fulfilling the purposes of section 1071, as explained below.
Initially, the Bureau believes that data on application method will
improve the market's understanding of how applicants apply for credit.
In addition, data on application method will support 1071's statutory
purposes by, inter alia, providing additional context for the business
and community development needs of particular geographic regions. For
instance, application method may help data users analyze the extent to
which financial institutions may be providing access to credit online
or by telephone in ``credit deserts'' where financial institutions do
not have branch operations.
In addition, the Bureau believes that collecting data on
application method will aid in analysis of multiple data points
collected and reported by financial institutions, including the
ethnicity, race, and sex of applicants' principal owners. For example,
these data will assist the Bureau and other data users in identifying
whether applicants are more or less likely to
[[Page 35286]]
provide this (and other) 1071 information in different application
channels. This information may also assist in determining whether a
financial institution has procedures to collect applicant-provided data
at a time and in a manner that are reasonably designed to obtain a
response, as required by Sec. 1002.107(c).
The Bureau explained in the NPRM that having application method
data would be useful in analyzing data reported under, and assessing
compliance with, proposed Sec. 1002.107(a)(20) related to collecting
the ethnicity and race of principal owners via visual observation or
surname in certain circumstances. However, as explained in the section-
by-section analysis of Sec. 1002.107(a)(19) below, the Bureau has
removed the visual observation or surname requirement from this final
rule. Consequently, the proposed waterfall approach is less relevant
for assessing compliance with final Sec. 1002.107(a)(19). In
combination with the concerns expressed by commenters regarding
compliance complexities, including the need to document multiple
interactions between the financial institution and applicant, the
Bureau has decided not to adopt the proposed waterfall approach for
reporting application method.
The Bureau is thus adopting comments 107(a)(3)-1.i through .iv with
revisions to reflect the removal of the waterfall. The Bureau believes
these changes will also address a commenter's concern regarding
potential confusion about the proposed commentary's treatment of
meetings and other interactions with applicants. Relatedly, the Bureau
is not finalizing proposed comment 107(a)(3)-2, which would have
provided guidance on reporting for interactions with applicants both
via mail and online under the waterfall approach.
In addition, the Bureau has added new guidance in comment
107(a)(3)-1 to clarify what a financial institution reports if it
retains multiple versions of the application form. The Bureau has also
made a few minor revisions in comments 107(a)(3)-1.i through .iv for
clarity. Final comment 107(a)(3)-1 lists the options a financial
institution reports for the means by which an applicant submitted the
application. In final comment 107(a)(3)-1.i, the Bureau has clarified
that the in-person application method applies, for example, to those
applications submitted at a branch office, including applications hand
delivered by an applicant. In final comment 107(a)(3)-1.ii, the Bureau
has clarified that an application submitted via telephone call is
reported as ``telephone.'' In final comment 107(a)(3)-1.iii, the Bureau
has clarified that an application submitted via website, mobile
application (commonly known as an app), fax transmission, or text-based
electronic communication is also reported as ``online.'' The Bureau
does not believe it is appropriate to distinguish between applications
submitted by email and applications submitted through a web portal, on
the basis that an application that is emailed reflects a more personal
relationship, as suggested by a commenter. The Bureau believes that
both application methods are appropriately reportable as ``online''
because they reflect an electronic communication. The Bureau notes that
various electronic communication methods provided in final comment
107(a)(3)-1.iii can reflect a personal relationship. For example, an
applicant may have begun communications with the financial institution
through email, followed by text messages, and then submitted the
application through the financial institution's website. All of these
methods can potentially reflect a personal relationship.
The Bureau removed the hand delivery at a teller window example in
comment 107(a)(3)-1.iv because, under the final rule, an application
hand delivered by an applicant at a branch is reported as ``in-person''
pursuant to final comment 107(a)(3)-1.i. Regarding a suggestion from
commenters that the Bureau use the method by which ethnicity, race, and
sex of the principal owners are collected for reporting this data
point, the Bureau does not believe that such an approach is necessary
given that it is not finalizing its proposed requirement to collect
principal owners' ethnicity and race via visual observation or surname
in certain circumstances. In addition, the Bureau does not believe that
application method should be based on initial contact, as suggested by
a few commenters. As explained by commenters, there could be multiple
interactions between the lender and applicant throughout the pre-
application and application process. Thus, the initial interaction may
not amount to an application submission because, for example, the
initial contact was simply an inquiry.\603\ In light of commenters'
concerns regarding the potential difficulties in identifying
application method, the Bureau believes that its approach to final
Sec. 1002.107(a)(3), which is tied to an applicant submitting an
application, is preferable to the suggestions made by commenters.
---------------------------------------------------------------------------
\603\ Under Sec. 1002.103(b)(2), a covered application does not
include inquiries and prequalification requests.
---------------------------------------------------------------------------
Regarding commenters' concerns about the utility of this data
point, the Bureau believes that application method data will facilitate
the fair lending and business and community development purposes of
section 1071, as explained above. This information cannot be replicated
by combining data points specifically enumerated in section 1071, such
as census tract, with other publicly available data. Application method
is not intended solely to identify ``credit deserts,'' as the commenter
appeared to suggest, and although census tract information might
provide information as to where the proceeds will be applied (or the
location of the applicant's headquarters/main office, or another
location), that does not necessarily indicate where (or how) the
financial institution interacted with the applicant. With respect to
comments stating that application method is not currently collected nor
is it considered as part of the credit decision, the Bureau believes
that removal of the proposed waterfall approach will make collecting
this data easier than contemplated in the proposed rule.
Finally, this data point was introduced with sufficient time for
the public to provide feedback and offer alternatives. The data point
was suggested by small entity representatives during the SBREFA process
and was included in the SBREFA Panel Report. It was also included in
the proposed rule and the Bureau specifically sought--and obtained--
comment on it. As noted, the Bureau has made changes as a result of
that feedback.
107(a)(4) Application Recipient
Proposed Rule
ECOA section 704B(e)(2)(H) authorizes the Bureau to require
financial institutions to compile and maintain ``any additional data
that the Bureau determines would aid in fulfilling the purposes of
[section 1071].'' The Bureau believes that information regarding how an
application is received will enhance small business lending data and
aid in fulfilling the purposes of section 1071.
The Bureau proposed Sec. 1002.107(a)(4), which would have required
financial institutions to collect and report the application recipient,
meaning whether the applicant submitted the covered application
directly to the financial institution or its affiliate, or whether the
applicant submitted the covered application
[[Page 35287]]
indirectly to the financial institution via a third party. Proposed
comment 107(a)(4)-1 would have clarified that if a financial
institution is reporting actions taken by its agent consistent with
proposed comment 109(a)(3)-3, then the agent is considered the
financial institution for the purposes of proposed Sec.
1002.107(a)(4).
The Bureau sought comment on its proposed approach to this data
point.
Comments Received
The Bureau received comments on the proposed application recipient
data point from industry and community groups. A community group
expressed its support, noting that in combination with the application
method data point under proposed Sec. 1002.107(a)(3), it would help
stakeholders determine whether traditional banking or online lending is
most effective in reaching underserved small businesses or whether the
effectiveness of the lending model depends on local context and
conditions. A trade association also expressed its support, stating
that the information can help data users understand the relationship
between lender and applicant. This commenter further noted that
recipient data would provide context for other collected and reported
data and also improve transparency around when and whether an
intermediary is considered a financial institution for the purposes of
this data collection. In addition, a CDFI lender stated its general
support of the Bureau's proposal to collect application recipient data.
In contrast, a number of banks and trade associations opposed the
Bureau's proposal to collect application recipient data for various
reasons. One trade association raised a concern that the application
recipient data point was not included in the SBREFA Outline and, along
with several other industry commenters, pointed out it is not one of
the data points expressly enumerated in ECOA section 704B(e)(2).
Several industry commenters stated that the data are not currently
collected and a few of these commenters further stated that such data
are not used or considered in the underwriting decision. Several
industry commenters argued that the data point is burdensome and two
banks stated they would need to collect the data manually because their
systems are not equipped to collect the data. Other industry commenters
questioned the value of the data point or how it fulfills the statutory
purposes of section 1071. One industry commenter stated it is not
dispositive of fair lending violations. Two banks urged the Bureau to
drop the data point from the final rule or provide an exemption for
certain institutions. One of these banks urged the Bureau to drop the
data point from the final rule because it does not have affiliates nor
does it accept applications indirectly and thus would not provide any
data. The other bank commented that community banks should be exempt if
they do not use actual third parties, but instead use a third-party
online application system within the bank's firewall, and suggested
that the only reason this data point should apply is if a bank is truly
working with a third party, not a vendor who helps manage online tools.
A trade association urged the Bureau to eliminate the application
recipient data point from the final rule until a later determination
can be made regarding its necessity.
Final Rule
For the reasons set forth herein, the Bureau is finalizing Sec.
1002.107(a)(4) and related commentary with a small modification for
clarity. Final Sec. 1002.107(a)(4) requires the financial institution
to report whether the applicant submitted the covered application
directly to the financial institution or its affiliate, or whether the
applicant submitted the covered application indirectly to the financial
institution via a third party. Final comment 107(a)(4)-1 explains that
if a financial institution is reporting actions taken by its agent
consistent with comment 109(a)(3)-3, then the agent is considered the
financial institution for the purposes of Sec. 1002.107(a)(4). The
comment also provides an example. The Bureau believes data on
application recipient will facilitate fair lending analysis and enable
a better understanding of business and community development needs.
Pursuant to ECOA section 704B(e)(2)(H), the Bureau believes that
collecting data on application recipient will aid in fulfilling the
purposes of section 1071.
Regarding commenters' concerns that application recipient data are
not currently collected nor used in underwriting decisions, the Bureau
anticipates that financial institutions know and track how they receive
applications for small business loans. The Bureau does not believe it
would be difficult to track this information, even if the financial
institution does not currently collect the information.
With respect to the comments received that question how application
recipient data fulfill the purposes of section 1071, the Bureau
believes that collecting data on application recipient, in combination
with application method, as discussed above, will improve the market's
understanding of how small businesses interact with financial
institutions when applying for credit which, in turn, will facilitate
fair lending analysis, including the identification of risks in small
business lending. Regarding the comment that application recipient data
are not dispositive of fair lending violations, the Bureau agrees that
such data would not be dispositive of a violation on their own, but
believes data on application recipient can be used in combination with
other data points or information to provide a more robust analysis.
With respect to promoting the business and community development
purposes of section 1071, the Bureau believes that data on application
recipient will improve the public's understanding of the structure of
small business lending originations across the market, the methods by
which credit is originated for particular groups or underserved
markets, and trends over time (for example, to the extent applicant
preferences shift from in-person to online interactions). In addition,
application recipient data may assist with an understanding of the
business and community development needs of an area or applicant. For
example, such data may help data users understand whether financial
institutions making credit decisions are directly interacting with the
applicant and/or generally operate in the same community as the
applicant. Moreover, data on application recipient will allow the
Bureau and data users to better understand the relationship between the
covered financial institution and the applicant in the context of
certain other data collected and reported under this final rule.
The Bureau is not removing the application recipient data point
from the final rule or providing an exemption, as suggested by some
commenters, for financial institutions that do not have affiliates, do
not accept applications indirectly, and/or do not use third parties.
Some financial institutions employ a wide variety of lending models in
extending credit to small businesses. They may receive applications for
credit directly from the applicant and some financial institutions may
receive applications routed to them through third parties, such as
brokers or vehicle or equipment dealers. Some financial institutions
issue credit cards branded for particular retailers, for which
applications are taken in person at the retailer's store locations.
Some brokers and dealers may send applications to a single financial
institution, while others may
[[Page 35288]]
send them to multiple financial institutions at the same time. In these
types of application scenarios involving third parties, the financial
institution may not directly interact with the applicant at all during
the application process. Information regarding whether the applicant
submitted the application directly to the financial institution is
necessary to further the purposes of section 1071, including by
improving the market's understanding of how small businesses interact
with financial institutions when applying for credit and whether the
financial institution is operating in the same community as the small
business. This is true even if a particular financial institution does
not accept applications indirectly or does not use third parties, and
reporting of this data point should be simple for financial
institutions in that situation.
Finally, this data point was introduced with sufficient time for
the public to provide feedback and offer alternatives. It was also
included in the proposed rule and the Bureau specifically sought--and
obtained--comment on it. Given the wide variety of lending models
financial institutions currently use when extending credit to small
businesses, the Bureau believes it is timely and appropriate to include
this data point in this final rule.
107(a)(5) Credit Type
Proposed Rule
Section 1071 requires financial institutions to collect and report
``the type and purpose of the loan or other credit being applied for.''
\604\ (The credit purpose data point is discussed in the section-by-
section analysis of Sec. 1002.107(a)(6) immediately below.) For HMDA
reporting, Regulation C requires numerous data points that indicate the
type of credit applied for or originated: the type of guarantees used;
lien order; loan term; the presence of nontraditional contract terms
including balloon, interest only, and negative amortization payments;
variable rate information; open-end status; and reverse mortgage
status.\605\ Section 1071 provides no additional information or details
regarding what aspects of credit type should be collected and reported.
---------------------------------------------------------------------------
\604\ ECOA section 704B(e)(2)(B).
\605\ Regulation C Sec. 1003.4(a)(2), (14), (25), (27), (28),
(37), and (38).
---------------------------------------------------------------------------
The Bureau proposed in Sec. 1002.107(a)(5) to require that
financial institutions collect and report the following information
regarding the type of credit applied for or originated: (i) The credit
product; (ii) The type or types of guarantees that were obtained for an
extension of credit, or that would have been obtained if the covered
credit transaction were originated; and (iii) The length of the loan
term, in months, if applicable. These aspects of credit type are
discussed in turn below. This proposal was consistent with the approach
presented in the SBREFA Outline, and would have required the financial
institution to choose the credit product and guarantee(s) from a
specified list. (These lists were provided in the commentary
accompanying proposed Sec. 1002.107(a)(5).) The lists included choices
for ``Other'' and ``Not provided by applicant and otherwise
undetermined,'' as appropriate, to facilitate compliance.
The Bureau sought comment on its proposed approach to the credit
type data point, including the lists of products and guarantees
proposed and the other specific requests for input below.
Credit product. The first subcategory the Bureau proposed to
include in the credit type data point was the credit product (i.e., a
commonly understood category of small business lending like term loans
or lines of credit) which the Bureau considered to be an integral part
of the statutory requirement to collect credit type.
Proposed comment 107(a)(5)-1 would have presented the instructions
for collecting and reporting credit product and the proposed list of
credit products from which financial institutions would select.
Proposed comment 107(a)(5)-1 would have explained that a financial
institution would comply with Sec. 1002.107(a)(5)(i) by selecting the
credit product requested from the list provided in the comment. It
would also have explained that if an applicant requests more than one
credit product, the financial institution reports each credit product
requested as a separate application. Proposed comment 107(a)(5)-1 would
have also explained that if the credit product for an application does
not appear on the list of products provided, the financial institution
would select ``other'' as the credit product and report the specific
product via free-form text.
Proposed comment 107(a)(5)-2 would have explained that, pursuant to
proposed Sec. 1002.107(c)(1), a financial institution would be
required to maintain procedures reasonably designed to collect
applicant-provided data, which includes credit product. However, if a
financial institution was nonetheless unable to collect or otherwise
determine credit product information because the applicant did not
indicate what credit product it sought and the application was denied,
withdrawn, or closed for incompleteness before a credit product was
identified, the proposed comment would have explained that the
financial institution would report that the credit product was ``not
provided by applicant and otherwise undetermined.''
Proposed comment 107(a)(5)-3 would have explained how a financial
institution would report a transaction that involves a counteroffer.
The comment would have stated that if a financial institution presents
a counteroffer for a different credit product than the product the
applicant had initially requested, and the applicant does not agree to
proceed with the counteroffer, a financial institution would report the
application for the original credit product as denied pursuant to
proposed Sec. 1002.107(a)(9). If the applicant agrees to proceed with
consideration of the financial institution's counteroffer, the
financial institution would report the disposition of the application
based on the credit product that was offered, and would not report the
original credit product applied for. In addition, proposed comment
107(a)(5)-6 would have explained when ``other sales-based financing
transaction'' would be used for reporting.
The Bureau noted that, under its proposal, line increases would be
reportable so that the small business lending market could be tracked
accurately. See the section-by-section analysis of Sec. 1002.103(a)
above for additional details. However, the Bureau did not propose that
line increases be included as a separate item in the credit product
list.
The Bureau sought comment on its proposed approach to this
subcategory, including the appropriateness and usefulness of the
products included in the list, whether there were other products that
should be added, and the proposed treatment of counteroffers. The
Bureau also sought comment on how financial institutions currently
handle increases in lines of credit and whether a line increase should
be considered a credit product, and on whether an overdraft line of
credit should be considered a product separate from a line of credit
and thus added to the product list.
Type of guarantee. The second data field the Bureau proposed to
include in the credit type data point was guarantee. Proposed comment
107(a)(5)-4 would have presented the instructions for collecting and
reporting type of guarantee and the proposed list of guarantees from
which financial institutions would select. Proposed comment 107(a)(5)-4
would also have explained that a financial institution
[[Page 35289]]
complies with Sec. 1002.107(a)(5)(ii) by selecting the type or types
of guarantee(s) obtained for an originated covered credit transaction,
or that would have been obtained if the covered credit transaction were
originated, from the list provided in the comment.
Proposed comment 107(a)(5)-4 would have also explained that the
financial institution may select, if applicable, up to a maximum of
five guarantees for a single application or transaction. Small business
credit may have more than one guarantee, such as an SBA guarantee and a
personal guarantee, and the Bureau believed that more complete
information could be collected by requiring as many as five to be
reported.
Proposed comment 107(a)(5)-4 would have also explained that if the
type of guarantee for an application or originated transaction does not
appear on the list of guarantees provided, the financial institution
selects ``other guarantee,'' and reports the type of guarantee as free-
form text. As with credit product, the Bureau believed that allowing
financial institutions to choose ``other'' when a guarantee for the
application does not appear on the provided list would facilitate
compliance. In addition, collecting this information on ``other''
guarantee types would assist the Bureau in monitoring trends in usage
of other types of guarantees and key developments in the small business
lending market, which the Bureau could use to inform any future
iterations of the list.
Finally, proposed comment 107(a)(5)-4 would have provided that if
no guarantee is obtained or would have been obtained if the covered
credit transaction were originated, the financial institution would
select ``no guarantee.'' Because a small business credit transaction
does not always involve use of a guarantee, the Bureau did not propose
to include ``not provided by applicant and otherwise undetermined'' as
an option. If no guarantee was identified for an application, the
financial institution would report ``no guarantee.''
The Bureau sought comment on its proposed approach to this
subcategory, including the appropriateness and usefulness of the items
listed, and whether there are other guarantees that should be added.
The Bureau also sought comment on whether five is the appropriate upper
limit for reporting guarantees.
Loan term. The third subcategory the Bureau proposed to include in
the credit type data point was the loan term. Proposed comment
107(a)(5)-5 would have presented the instructions for collecting and
reporting loan term. Specifically, it would have explained that a
financial institution complies with proposed Sec. 1002.107(a)(5)(iii)
by reporting the number of months in the loan term for the covered
credit transaction, and that the loan term is the number of months
after which the legal obligation will mature or terminate. The comment
would have further explained how to measure the loan term and the
possible use of rounding.
Proposed comment 107(a)(5)-5 would have also made clear that if a
credit product, such as a credit card, does not have a loan term, the
financial institution would report loan term as ``not applicable.'' The
financial institution would also report ``not applicable'' if the
application is denied, withdrawn, or determined to be incomplete before
a loan term has been identified.
The Bureau sought comment on its proposed approach to this
subcategory.
Comments Received
The Bureau received comments on its proposed approach to the credit
type data point from a number of banks, community-oriented lenders,
trade associations, community groups, and others.
Several commenters, including community-oriented lenders, community
groups, a trade association, and a business advocacy group, supported
the credit type data point as proposed, though some suggested small
changes to the three individual subcategories discussed below. One
commenter stated that to avoid the pitfalls that limited the use of
HMDA data for spotting predatory trends in mortgages, the Bureau must
collect sufficiently granular data on applicants and credit terms,
including credit type. That commenter further stated that this
information is critical because discrimination is not just evidenced in
loan denials, but also less favorable credit terms. A community group
stated that the information collected for the credit type data point
would allow for more effective analysis than the current CRA small
business information. A trade association stated that despite the added
complexity of requiring three ``data points'' for the one listed in the
statute, the Bureau has accounted for and addressed some of the
concerns that community banks have raised related to credit type. That
commenter went on to state its approval of the simple reporting of
counteroffers and the ability to mark fields as ``not provided by
applicant'' in the case of incomplete applications. Finally, a lender
stated that it already collects the credit type information for the
CDFI Fund.
Only one commenter opposed the credit type data point as a whole,
stating that credit type and other data points would be a waste of time
and efficiency.
Credit product. Two community groups and an auto finance trade
association expressed support for the product list the Bureau proposed.
The community groups stated that the list was nuanced and would provide
useful differentiation between products. One explained that being able
to determine which products were accessed could help in understanding
bias in the credit market more accurately than CRA data currently
allows for. An auto finance trade association specifically expressed
support for the inclusion of ``other'' and ``unknown'' to facilitate
compliance.\606\
---------------------------------------------------------------------------
\606\ The proposed rule used the terms ``other'' and ``not
provided by applicant and otherwise undetermined.''
---------------------------------------------------------------------------
One commenter stressed the importance of providing detail in
distinguishing credit products, and several commenters requested
changes to the credit products list. A joint letter from community
groups and business advocacy groups stated that there might be value in
separating out mortgages, auto loans and equipment financing as
discrete secured loan types but treating all other term loan
applications together, rather than treating secured term loans as one
category and unsecured term loans as another. A community group asked
that refinances and renewals be added to the product list, stating that
this information would help demonstrate community credit needs. That
commenter went on to state that listing refinances in the credit
purpose data point, as proposed, would be confusing, and that the
Bureau should look at the ways refinances are reported under HMDA and
CRA. Several minority business advocacy groups, along with a joint
letter from community groups, community oriented lenders, and business
advocacy groups, responded to the Bureau's request for comment by
encouraging the Bureau to include ``overdraft line of credit'' in the
list of credit products. These commenters stated that overdraft can
contain hidden costs, so having a way to monitor lenders who provide it
could be useful.. A trade association opposed the inclusion of
overdraft line of credit in the credit products list, though it did not
provide a reason. Several community groups commented that the Bureau
should require reporting of collateral requirements and value, instead
of simply requiring ``secured'' and ``unsecured'' for items in the
credit product list. One of these commenters suggested that collateral
info would
[[Page 35290]]
shed light on underwriting changes and approaches during various
economic conditions, allow stakeholders to understand why pricing might
be lower on some loans and the risk that some loans might pose to
borrowers.
A joint letter from community and business advocacy groups objected
to the requirement to report each credit product requested as a
separate application, stating that this would seem to require the
lender to report each credit type requested as a separate application
even when the applicant is seeking only one transaction but is open to
alternative structures, and even though there would be only one action
taken and one set of terms.
Type of guarantee. Several community groups expressed support for
including guarantees as part of the credit type data point. These
commenters stated that data on government guarantee programs would
allow for better analysis of their usage, including whether minority
and women owned businesses are being steered to these loans. One of
these commenters stated that requiring reporting on all types of
guarantees would facilitate analysis of whether minority and women
owned businesses were receiving more costly or onerous credit. That
commenter also stated that personal guarantees can at times be abusive,
and reporting of those would allow better monitoring of this issue.
Although it did not specifically express support for requiring
reporting of guarantees, a trade association for auto finance lenders
stated that its members will have this information for reporting.
Two industry commenters objected to the collection of guarantees as
part of the credit type data point on the grounds that the statute does
not require reporting of guarantees and asking that the credit type
data point be limited to credit product and loan term. Those
commenters, and several others who did not object to the general
guarantee reporting requirement, were concerned in particular about the
requirement to report what guarantees would have been obtained if the
transaction had been originated. Some commenters stated that such a
requirement extends into mere speculation, and would undermine the
accuracy, reliability, and consistency of the data. Another commenter
stated that it would not be possible to report what guarantees would
have been obtained, and joint letter from community groups and business
advocacy groups stated that the requirement could be problematic in the
case of a declined application because the lender would be speculating
as to potential guarantees, such as personal guarantees, from owners or
non-owners. That comment went on to recommend that the Bureau either
limit the reporting of this field to offers and counteroffers that are
made (i.e., allow financial institutions to report type of guarantee as
``not applicable'' for declined applications, as is permitted with
respect to the loan term and loan pricing data fields) or, for declined
applications, require reporting only if the requested guarantee were a
government or programmatic guarantee (such as SBA, USDA or some other
third-party guarantee program).
A community group and two CDFI lenders requested that the list of
guarantees be changed in certain ways. The community group stated that
the data should distinguish whether the guarantee is offered by the
natural person(s) owning the business or the business itself, because
it matters whether a creditor can seize assets of a person or the
business. One of the CDFI lenders requested that the guarantee
categories be broken down further to detail collateral coverage, which
is often the deciding factor on approval or denial, and because people
of color own homes (and amass wealth) at much lower rates than whites.
That commenter went on to suggest that these details could shed light
on the credit needs of minority small business owners and whether
financial institutions are applying collateral requirements equitably.
The other lender requested that State guarantee and local guarantee be
separated on the list, rather than the combined ``state or local
guarantee'' that was proposed. That commenter stated that
differentiating between the performance of these two levels of
government would be critical for understanding the focus of future
reforms or capital flows through these entities. The commenter also
provided statistics suggesting that conflating State and local
guarantees would not be as informative as separating them.
Loan term. A community group and a community-oriented lender stated
their support for the proposed loan term provision. The community group
stated that loan term length influences pricing and other terms and
conditions, and would help in explaining differences in these features.
That commenter also suggested that loan term should be straightforward
to report for lenders. In addition, a national auto finance trade
association stated that its members would have this information to
report.
A number of banks and a trade association objected to the proposal
to have the loan term measured from the first payment period rather
than the date of origination. These commenters stated that they do not
measure loan term in this way, and having to do so for reporting would
cause unnecessary and significant compliance difficulties. They asked
to be able to measure loan term from the date of origination of the
credit. Another bank objected to the reporting of loan term for
applications, stating that applicants seldom make an application that
specifies the desired loan term.
Although the proposed rule did not discuss how or whether merchant
cash advance providers would report loan term, the Bureau did seek
comment on proposed Sec. 1002.107(a)(12)(v) and its commentary, the
pricing provision for merchant cash advances, including whether to
require additional pricing information for merchant cash advances, and
whether merchant cash advances could be structured in ways that evade
the proposed reporting requirement. Two commenters urged the Bureau to
make clear that merchant cash advance providers must report loan term,
and must not use the proposed rule's provision stating that ``not
applicable'' could be reported for a product that has no loan term.
These commenters discussed the importance of loan term in comparing
different credit pricing and stated that merchant cash advances are
sometimes abusive and are used disproportionately by minority
businesses. These commenters also stated that loan term can be readily
ascertained for merchant cash advances and they described different
methods for doing so. One method suggested was that when a merchant
cash advance is paid off before reporting, the provider should report
the actual length of time to repayment. In addition, they suggested
that for a partially paid merchant cash advance the provider could
project the amount of time to repayment based on the amount already
paid. One of these commenters, a cross-sector group of lenders,
community groups, and small business advocates, stated that merchant
cash advance providers establish an estimated loan term when they
underwrite an advance, and that most merchant cash advance contracts
have an estimated payment amount.
Final Rule
The Bureau is finalizing Sec. 1002.107(a)(5) certain changes to
facilitate compliance and enhance the quality and usefulness of the
data reported. Final Sec. 1002.107(a)(5) requires that financial
institutions collect and report the following information regarding the
type of credit applied for or originated: (i) the credit product; (ii)
[[Page 35291]]
the type or types of guarantees that were obtained for an extension of
credit, or that would have been obtained if the covered credit
transaction were originated; and (iii) the length of the loan term, in
months, if applicable.
The Bureau believes that it is reasonable to interpret the
statutory term ``credit type'' to comprise the three required
subcategories, because they are critical to understanding the nature of
small business credit applied for and provided, as explained below. For
the reasons discussed herein, the Bureau believes that the
subcategories of credit product (including collateral), guarantee type,
and loan term will aid in fulfilling the purposes of section 1071.
Financial institutions generally have all of the information required
for this data point when they process applications (and the reporting
regime is sufficiently flexible when they do not), so the Bureau does
not believe there is anything in this approach that will impose
particular operational difficulty. Additionally, the Bureau believes it
is reasonable to interpret type of credit ``applied for'' to include
the type of credit actually originated when an application results in
an extension of credit.
The statutory term ``type . . . of the loan'' is ambiguous, and the
Bureau reasonably interprets the term to include the credit product,
any guarantee obtained, and the term of a loan because an accurate and
useful record of the ``type'' of loan or credit would include those
data fields. In the alternative, ECOA section 704B(e)(2)(H) authorizes
the Bureau to require inclusion of ``any additional data that the
Bureau determines would aid in fulfilling the purposes of [section
1071],'' and for the reasons discussed herein, the Bureau has also
determined that the subcategories of credit product (including
collateral), guarantee type, and loan term will aid in fulfilling those
purposes.
Credit product. The Bureau is finalizing the credit product
subcategory with certain changes to the associated commentary to
facilitate compliance and enhance the quality and usefulness of the
data reported. Final Sec. 1002.107(a)(5)(i) requires financial
institutions to compile and maintain data on the credit product applied
for or originated. The Bureau continues to consider credit product to
be an integral part of the statutory requirement to collect credit
type. The Bureau believes information about the various products sought
by applicants will further the purposes of section 1071 by
demonstrating, for example, how small businesses of different sizes or
in different sectors choose to pursue, or ultimately access, different
forms of credit.
The Bureau distinguishes between secured and unsecured term loans
and lines of credit in its list of credit products because it believes
that whether a term loan or line of credit is collateralized can have
such a significant effect on things like approval rates and pricing
that secured and unsecured products fundamentally differ in kind. For
this reason, the Bureau believes that including information on the use
of collateral in the credit product subcategory will help data users to
avoid inaccurate interpretations of data. The Bureau believes that
whether a loan is secured or unsecured will be part of an application
or loan file and, as a result, will not be operationally difficult to
report once a financial institution's section 1071 compliance system is
set up.
Final comment 107(a)(5)-1 presents the instructions for collecting
and reporting credit product and the list of credit products from which
financial institutions will select. Comment 107(a)(5)-1 explains that a
financial institution complies with Sec. 1002.107(a)(5)(i) by
selecting the credit product applied for or originated from the list
provided in the comment. The Bureau believes that the list of credit
products provided in final comment 107(a)(5)-1 aligns with the most
common types of credit products in small business lending. Final
comment 107(a)(5)-1 also explains that if the credit product for an
application does not appear on the list of products provided, the
financial institution selects ``other'' as the credit product and
reports the specific product via free-form text. The Bureau believes
that allowing financial institutions to choose ``other'' when the
credit product for the application does not appear on the provided list
will facilitate compliance. In addition, collecting this information on
``other'' credit products will assist the Bureau in tracking product
trends and key developments in the small business lending market, which
the Bureau can use to inform any future iterations of the list.
Comment 107(a)(5)-1 also explains that if an applicant requests
more than one credit product at the same time, the financial
institution reports each credit product requested as a separate
application. The issue of how to collect and report multiple products
applied for at the same time affects several data points, but is most
salient for credit type. The Bureau believes that requiring a separate
application to be reported for each credit product requested will yield
more complete and useful data, and that a financial institution will
not experience operational difficulties in copying the relevant
information, identical for most data points, to separate lines in the
small business lending application register. However, the Bureau has
changed the language regarding this requirement from the proposed rule,
in order to clarify that when the applicant is seeking only one
transaction but is open to alternative product types, the financial
institution reports only one application. Comment 107(a)(5)-1 now
includes instructions on how to report credit product when the
applicant only requests a single covered credit transaction, but has
not decided which particular product to request. The Bureau believes
that this new language will facilitate compliance and lead to the
collection of more accurate data. The issue of reporting requests for
multiple covered credit transactions at one time is discussed more
fully in the section-by-section analysis of Sec. 1002.103(a) above.
As explained above, many commenters suggested changes to the list
of products in comment 107(a)(5)-1. In regard to the requests to
separate out mortgages, auto loans and equipment financing as discrete
secured loan types, to include additional information about collateral,
and to make ``refinancing'' a credit product rather than a credit
purpose, the Bureau believes that its credit product taxonomy presents
a clear, uncomplicated framework using the basic forms of credit
extended to small businesses. Including types of collateral and
different refinancings as part of credit products would complicate the
taxonomy and introduce categorization difficulties, for example with
partial refinancings. Under the final rule, these types of credit will
be reported using the credit product applied for or originated, from
the list in comment 107(a)(5)-1, and the extra information suggested
may or may not be appropriately included in the credit purpose data
point under Sec. 1002.107(a)(6), depending on the situation.
Similarly, the Bureau believes that the overdraft aspect of overdraft
lines of credit will best be reported using the credit purpose
``overdraft,'' and that the credit product will then be reported as a
line of credit, secured or unsecured. The Bureau believes that this
arrangement will help preserve the uncomplicated framework of the
credit products list. See the section-by-section analysis of Sec.
1002.107(a)(6) below for further discussion.
As a result of further analysis and consideration, the Bureau has
made one change from the proposal to the final
[[Page 35292]]
credit products list in comment 107(a)(5)-1. The proposed ``credit card
account'' product has now been separated into ``credit card account,
not private-label,'' and ``private-label credit card account.'' The
Bureau believes that private-label credit cards form a distinct and
important market segment that operates differently from other credit
cards, and this distinction will facilitate robust data analysis and
better further the purposes of section 1071. The Bureau also believes
that financial institutions will have the information needed for
reporting these different types of accounts readily available, and so
separating the two types will not cause operational difficulty. In
addition to the change in the credit product list in comment 107(a)(5)-
1, the Bureau has added new comments 107(a)(5)-2 and -3 to explain the
difference between these card products and facilitate compliance. Final
comment 107(a)(5)-2 provides a definition of credit card accounts that
are not private-label and includes instructions on reporting these
products. Final comment 107(a)(5)-3 provides a definition of private-
label credit card accounts and includes instructions on reporting these
products.
The Bureau is also finalizing comments 107(a)(5)-4, -5 (which were
numbered as comments 107(a)(5)-2 and -3 in the proposal) and comment
107(a)(5)-6 as proposed. Final comment 107(a)(5)-4 describes the
situation in which a financial institution reports that the credit
product was ``not provided by applicant and otherwise undetermined.''
The Bureau believes that permitting this response will facilitate
compliance and enhance the quality of data collected. As discussed
above, commenters supported the flexibility afforded by this kind of
response.
Final comment 107(a)(5)-5 provides instructions on how a financial
institution reports a transaction that involves a counteroffer. The
comment states that if a financial institution presents a counteroffer
for a different credit product than the product the applicant had
initially requested, and the applicant does not agree to proceed with
the counteroffer, a financial institution reports the application for
the original credit product as denied pursuant to Sec. 1002.107(a)(9).
If the applicant agrees to proceed with consideration of the financial
institution's counteroffer, the financial institution reports the
disposition of the application based on the credit product that was
offered, and does not report the original credit product applied for.
The Bureau believes that, in the complex circumstances created by
counteroffers, the meaning of the type of credit ``applied for'' is
ambiguous, and it is reasonable to interpret the credit product
``applied for'' to mean the credit product considered via the
applicant's response to the counteroffer. For a discussion of the
Bureau's treatment of counteroffers more generally, see the section-by-
section analysis of Sec. 1002.107(a)(9) below.
Final comment 107(a)(5)-6 explains that for an extension of
business credit incident to a factoring arrangement that is otherwise a
covered credit transaction, a financial institution selects ``other
sales-based financing transaction'' as the credit product, and provides
a cross reference to comment 104(b)-1. The Bureau believes that this
explanation will facilitate reporting of applications involving this
important market segment.
Type of guarantee. The Bureau is finalizing the requirement to
report guarantees as a subcategory of the credit type data point with
changes to enhance the quality of the data collected and facilitate
compliance. The final rule requires a financial institution to report
the type or types of guarantees that were obtained for an extension of
credit, or that would have been obtained if the covered credit
transaction were originated.
The Bureau considers the guarantee obtained for an extension of
credit to be part of the credit ``type'' because it is fundamental to
the nature of the transaction in that it meaningfully impacts terms
such as interest rates, such that guarantee information can help to
explain potential disparities in outcomes and reduce inaccurate
conclusions, aiding in fulfilling the fair lending purpose of section
1071. Indeed, in common parlance, small business credit transactions
are often referred to using the name of the guarantee (e.g., ``a 7(a)
loan,'' referring to the SBA 7(a) guarantee). Because various types of
guarantees are available for different credit products, the Bureau
believes that guarantee type should constitute a separate subcategory
within the credit type data point, so that data users can conduct
separate analyses with respect to credit product and guarantees, and to
avoid excessive complexity in the credit product data field. The Bureau
further believes that information on the distribution of government
loan guarantees (such as those provided in SBA programs) across
different geographic areas and applicant groups will allow a better
understanding of how those programs function on the ground, aiding in
fulfilling the business and community development purpose of section
1071. As with collateral, information on guarantees is generally a part
of an application or loan file and the Bureau does not believe it will
be operationally difficult to report once a financial institution's
1071 compliance system is set up.
Final comment 107(a)(5)-7 (which was numbered as comment 107(a)(5)-
4 in the proposal) presents the instructions for collecting and
reporting type of guarantee and the list of guarantees from which
financial institutions will select. The Bureau believes the list of
guarantee types provided in comment 107(a)(5)-7 aligns with the most
common types of guarantees used in small business lending. Final
comment 107(a)(5)-7 also explains that a financial institution complies
with Sec. 1002.107(a)(5)(ii) by selecting the type or types of
guarantee(s) obtained for an originated covered credit transaction, or
that would have been obtained if the covered credit transaction were
originated, from the list provided in the comment.
The Bureau agrees with the commenters who suggested that clarity
was needed on how to report guarantee type when the covered credit
transaction is not originated. Consequently, comment 107(a)(5)-7 now
states that if an application is denied, withdrawn, or closed for
incompleteness before any guarantee has been identified, the financial
institution selects ``no guarantee.'' The Bureau believes that this
reporting option will facilitate compliance and result in the
collection of more reliable data. The Bureau also agrees that
separating State and local guarantees, so that they can be tracked
individually, will enhance the quality of the data collected. Comment
107(a)(5)-7 now includes separate items for these guarantee types, and
states that the financial institution chooses State government
guarantee or local government guarantee, as applicable, based on the
entity directly administering the program, not the source of funding.
The Bureau believes that this instruction will facilitate compliance
and enhance the quality of the data collected. The Bureau also believes
that differentiating between State and local guarantees will not cause
operational difficulty for reporters because the financial institution
will have the information in the loan file.
The Bureau understands that there may be some value in collecting
the additional information suggested by commenters on whether a natural
person or business makes a guarantee and the nature of the collateral
backing a guarantee. However, the Bureau
[[Page 35293]]
believes that these items will increase the complexity and operational
difficulty of compliance in reporting the type of guarantee and has not
included them in the final rule.
Loan term. The Bureau is finalizing the requirement to report loan
term as part of the credit type data point with certain changes to the
associated commentary to facilitate compliance and enhance the quality
of the data collected. Final Sec. 1002.107(a)(5)(iii) requires a
financial institution to report the length of the loan term, in months,
if applicable.
As with the consumer lending market, the pricing and sustainability
of closed-end credit transactions for small businesses are associated
with term length, and without awareness of the term of the loan, data
users will have less of an understanding of the types of credit being
made available to applicants. Credit with a one-month term may differ
not just in degree but in kind from credit with a 60-month term. The
Bureau thus believes that the length of the loan term is a fundamental
attribute of the type of credit that applicants are seeking such that
it should be treated as a separate subcategory within credit type. As
with other elements of the credit type data point, loan term
information will allow data users to reduce inaccurate conclusions or
misinterpretations of the data, aiding in fulfilling both the fair
lending and business and community development purposes of section
1071. Likewise, the loan term will be part of the application or loan
file and should not be operationally difficult to report once a
financial institution's 1071 compliance system is set up.
Final comment 107(a)(5)-8 (which was numbered as comment 107(a)(5)-
5 in the proposal) presents the instructions for collecting and
reporting loan term. Specifically, it explains that a financial
institution complies with Sec. 1002.107(a)(5)(iii) by reporting the
number of months in the loan term for the covered credit transaction,
and that the loan term is the number of months after which the legal
obligation will mature or terminate. In the proposed rule, this comment
included language that would have required financial institutions to
measure the loan term in the way that loan terms are generally
described in real property transactions. However, the Bureau agrees
with those commenters who stated that such a provision would create
compliance difficulties. Although the final comment continues to allow
the loan term to be measured for real property transactions in the way
the Bureau proposed, it makes clear that loan term for small business
credit is generally measured from the date of origination and should be
reported that way.
Final comment 107(a)(5)-8 also makes clear that if a credit
product, such as a credit card, does not have a loan term, the
financial institution reports loan term as ``not applicable.'' The
Bureau believes that permitting the use of ``not applicable'' in these
situations will facilitate compliance and aid in the collection of
appropriate data. However, the Bureau does not consider products that
have an estimated loan term, such as certain merchant cash advances and
other sales-based financing transactions, as products that do not have
a loan term. The Bureau agrees with those commenters who suggested that
merchant cash advance providers should report loan term so that
appropriate comparisons can be made with other products. Consequently,
comment 107(a)(5)-8 now provides that for merchant cash advances and
other sales-based financing transactions, the financial institution
complies with Sec. 1002.107(a)(5)(iii) by reporting the loan term, if
any, that the financial institution estimated, specified, or disclosed
in processing or underwriting the application or transaction. The
Bureau notes that loan term for a merchant cash advance or other sales-
based financing transaction can also be the estimated loan term
disclosed in a State or locally required disclosure, if applicable. The
comment also explains that if more than one loan term is estimated,
specified, or disclosed, the financial institution reports the one it
considers to be the most accurate, in its discretion. The Bureau
believes that these instructions will enhance the quality of the data
collected and facilitate compliance by providing clear guidance on
these providers' reporting responsibilities. The Bureau chose not to
use the other loan term measurements that commenters suggested because
they would likely have introduced significant operational difficulty.
The Bureau believes that merchant cash advance and other sales-based
financing providers will not have operational difficulty reporting an
estimate that they already possess. If a merchant cash advance or other
sales-based financing provider does not estimate, specify, or disclose
a loan term as part of the processing or underwriting of the
application or transaction, the provider may report that the loan term
is ``not applicable.''
The proposed rule's loan term comment would have also provided that
the financial institution would report ``not applicable'' if the
application is denied, withdrawn, or determined to be incomplete before
a loan term has been identified. However, in order to facilitate
compliance, enhance the quality of information collected, and for
consistency with the other data points in the final rule, final comment
107(a)(5)-8 now provides that for a credit product that generally has a
loan term, the financial institution reports ``not provided by
applicant and otherwise undetermined'' if the application is denied,
withdrawn, or determined to be incomplete before a loan term has been
identified. The Bureau believes that the availability of this response
will facilitate the reporting of the loan term subcategory for
applications in these situations.
107(a)(6) Credit Purpose
Proposed Rule
Section 1071 requires financial institutions to collect and report
``the type and purpose of the loan or other credit being applied for.''
\607\ (The credit type data point is discussed in the section-by-
section analysis of Sec. 1002.107(a)(5) immediately above.)
---------------------------------------------------------------------------
\607\ ECOA section 704B(e)(2)(B).
---------------------------------------------------------------------------
The Bureau proposed in Sec. 1002.107(a)(6) to require that
financial institutions collect and report the purpose or purposes of
the credit applied for or originated. Proposed comment 107(a)(6)-1
would have presented instructions for collecting and reporting credit
purpose and would have provided the proposed list of credit purposes
from which financial institutions would select.
The proposed list of credit purposes was similar to the list in the
SBREFA Outline, with certain adjustments. First, the items on the
SBREFA list that described types of collateral, such as commercial real
estate, were updated to more clearly reflect that the financial
institution would be collecting and reporting the purpose of the loan,
and not the form of collateral, though the form of collateral might be
referred to in describing that purpose. In addition, the proposed
listed purposes involving real property would have differentiated
between dwelling and non-dwelling real property. The Bureau believed
that this distinction would help in collecting more precise and useful
data. To facilitate compliance the Bureau proposed to include ``not
applicable'' in the purposes list for use when an application is for a
credit product that generally has indeterminate or numerous potential
purposes, such as a credit card. Proposed comment 107(a)(6)-5 would
have also explained
[[Page 35294]]
the use of ``not applicable'' as a response.
Proposed comment 107(a)(6)-2 would have explained that if the
applicant indicated or the financial institution was otherwise aware of
more than one purpose for the credit applied for or originated, the
financial institution would have reported those purposes, up to a
maximum of three, using the list provided, in any order it chose.
Proposed comment 107(a)(6)-3 would have explained that if a purpose
of the covered credit transaction did not appear on the list of
purposes provided, the financial institution would report ``other'' as
the credit purpose and report the purpose as free-form text. For
efficiency and to facilitate compliance, proposed comment 107(a)(6)-3
would have also explained that if the application had more than one
``other'' purpose, the financial institution would choose the most
significant ``other'' purpose, in its discretion, and would report that
``other'' purpose. The comment would have then explained that a
financial institution would report a maximum of three credit purposes,
including any ``other'' purpose reported.
Proposed comment 107(a)(6)-4 would have explained that, pursuant to
proposed Sec. 1002.107(c)(1), a financial institution would maintain
procedures reasonably designed to collect applicant-provided
information, which would include credit purpose. However, if a
financial institution was nonetheless unable to collect or determine
credit purpose information, the financial institution would have
reported that the credit purpose was ``not provided by applicant and
otherwise undetermined.''
In order to facilitate compliance, the Bureau also proposed
comments 107(a)(6)-6 and -7. Proposed comment 107(a)(6)-6 would have
clarified that, as explained in proposed comment 104(b)-4, subpart B
did not apply to an extension of credit that was secured by 1-4
individual dwelling units that the applicant or one or more of the
applicant's principal owners did not, or would not, occupy. Proposed
comment 107(a)(6)-7 would have clarified the collection and reporting
obligations of financial institutions with respect to the credit
purpose data point, explaining that the financial institution would be
permitted, but not required, to present the list of credit purposes
provided in comment 107(a)(6)-1 to the applicant. Proposed comment
107(a)(6)-7 would have further explained that the financial institution
would also be permitted to ask about purposes not included on the list
provided in proposed comment 107(a)(6)-1. Finally, proposed comment
107(a)(6)-7 would have clarified that if an applicant chose a purpose
or purposes that were similar to purposes on the list provided, but
used different language, the financial institution would report the
purpose or purposes from the list provided.
The Bureau sought comment on its proposed approach to the credit
purpose data point. In addition, the Bureau sought comment on whether
there were any purposes that should be added to or modified on its
proposed list. In particular, the Bureau sought comment on the
potential usefulness of including ``agricultural credit'' and
``overdraft line of credit'' in the credit purposes list. Finally, the
Bureau requested comment on whether further explanations or
instructions with respect to this data point would facilitate
compliance.
Comments Received
The Bureau received comments on its proposed approach to the credit
purpose data point from a number of lenders, trade associations, and
community groups, along with a minority business advocacy group.
Several community groups expressed support for the credit purpose data
point as proposed by the Bureau, and a CDFI lender explained that it
already collects this information. A community group stated that the
proposal accurately captured the wide variety of credit purposes and
then expressed specific support for distinguishing dwellings from non-
dwellings, allowing reporting of three credit purposes, and inclusion
of the ``other'' category with a free-form text box. In addition, this
commenter suggested that the proposed method for credit purpose
collection could work well with the CRA.
A trade association representing community banks also supported the
proposal for credit purpose, especially the flexibility provided by the
``not applicable'' and ``not provided by applicant and otherwise
undetermined'' options, and the provision allowing a financial
institution to report the credit purposes in any order it chooses, when
the institution is aware of more than one purpose. That commenter said
that these accommodations would facilitate compliance while still
achieving the policy goals of the law. A trade association representing
auto finance lenders also stated support for the flexibility provided
by the ``not applicable'' and ``not provided by applicant and otherwise
undetermined'' options. Two banks opposed the credit purpose proposal,
explaining that it would require extensive changes and burdensome
ongoing operations, and that the interplay with other regulatory
requirements was unclear. One of these commenters also questioned the
usefulness of the data collected. However, neither commenter suggested
alternative ways to implement the statutorily required credit purpose
data point.
Several commenters asked that the Bureau clarify certain aspects of
the credit purpose proposal. Two industry commenters requested
clarification of the circumstances when institutions should use ``not
provided by applicant and otherwise undetermined'' as opposed to ``not
applicable.'' Several industry commenters requested guidance on when to
use ``owner-occupied'' versus ``non-owner occupied'' for non-dwelling
real property. Another asked about how to report when the loan is
mixed-use (business and consumer purpose). A joint letter from
community groups and community oriented lenders requested that the
Bureau clarify that the category ``Working capital (includes inventory
or floor planning)'' also includes salaries, rents, and other daily
expenses. A credit union trade association suggested that the Bureau
clarify how transactions should be reported when made directly to a
sole proprietor, not to the business directly, explaining that credit
unions may find it confusing to report a loan purpose that implies that
the business itself is the recipient.
Several commenters requested more substantial changes in the
proposed credit purpose data point. Two joint comment letters, each
representing multiple community groups and other entities, requested
that the Bureau require more granular reporting in certain situations,
especially with regard to real property loans. These comments suggested
collecting real property loan data on rental purpose, whether buildings
are mixed-use, the number and type of units in buildings, as well as a
way to easily connect to a HMDA record for any loan that is reported
under both regimes. One of these comments asked that the Bureau make it
easier to determine if a capital expense loan is used to maintain a
business or expand it. Another community group requested that the
Bureau disaggregate the purchase-construction-repair purpose from
refinancing for things like real estate, vehicles, and equipment,
perhaps by adding a separate data point. Another requested that
refinancings (along with renewals) should be listed as a credit product
in the credit type data point, rather than as a credit purpose. That
same commenter requested that financial institutions not be allowed to
use their own list of purposes, as
[[Page 35295]]
proposed, and suggested that the Bureau consider providing a sample
application form, which would include the rule's list of credit
purposes, to facilitate data collection.
Several industry commenters responded to the Bureau's request for
comment on including ``agricultural credit'' as a credit purpose. These
commenters mostly requested that new purposes specifically geared to
agricultural lending be included, though they did not offer any
examples of such purposes. The commenters emphasized that agricultural
lending is different from other business lending and suggested that
choosing from the credit purposes listed would be difficult for this
market. A community group stated that it might be confusing to list
agricultural credit as a credit purpose as the credit product data
point would collect that they are farm loans.\608\
---------------------------------------------------------------------------
\608\ The Bureau notes that the proposed rule did not expressly
list agricultural loans (or similar) on either the credit products
list or credit purposes list.
---------------------------------------------------------------------------
Several community groups and a minority business advocacy group
responded to the Bureau's request for comment on whether the final rule
should include ``Overdraft line of credit'' as a credit purpose. These
commenters supported inclusion of overdraft as a purpose, stating that
it should be monitored for potential abuses, especially abuses in
communities of color. No industry commenters discussed the possible
inclusion of overdraft lines of credit as a credit purpose.
Final Rule
For the reasons set forth herein, the Bureau is finalizing Sec.
1002.107(a)(6) and associated commentary with certain revisions for
clarity, to improve the usefulness of the data collected, and to
accommodate a new coverage exclusion for HMDA-reportable transactions.
Final Sec. 1002.107(a)(6) requires that financial institutions collect
and report the purpose or purposes of the credit applied for or
originated.
Final comment 107(a)(6)-1 provides instructions for collecting and
reporting credit purpose and presents the list of credit purposes from
which financial institutions will select. The final list of purposes is
very similar to the proposed list but deletes two purposes that
describe credit likely to be HMDA reportable, includes one additional
purpose (``overdraft'') and makes minor edits to accommodate those
changes and for clarity. The Bureau believes that the list of credit
purposes provided in comment 107(a)(6)-1 appropriately aligns with the
purposes of credit sought in the small business credit market.
Because the Bureau is adopting an exclusion for HMDA-reportable
credit, the proposed purposes list's differentiation between dwelling
and non-dwelling real property is no longer necessary. In addition, the
purposes in the list that pertained to dwellings were very likely to be
HMDA-reportable, and so have been removed in the final rule. See the
section-by-section analysis of Sec. 1002.104(b) above for further
discussion of this exclusion.
The Bureau agrees with the commenter who suggested that ``Working
capital (includes inventory or floor planning)'' will often also
include salaries, rents, and other daily expenses. However, the final
rule does not include these items in the credit purposes list
description of working capital because the Bureau believes the term is
already clear, and listing these items may cause confusion as to other
working capital items that are not listed.
The Bureau has not added ``Agricultural credit'' or specific
purposes associated with agricultural credit to the list of credit
purposes in the final rule. First, although ``farm loans'' are not
listed as a credit product in the credit type data point, the NAICS
data point in final Sec. 1002.107(a)(15) will make clear when the
small business borrower is an agricultural business. In addition, other
business types are not included in the credit purposes list and doing
so with agriculture could cause confusion. As far as including specific
agricultural purposes in the purposes list, the commenters who
suggested this did not provide examples, and the Bureau did not propose
such purposes. Going forward, the Bureau may learn of specific
agricultural credit purposes from the ``Other'' free-form text box, and
if appropriate, potentially add them to the rule later.
The Bureau agrees that overdraft should be separately identified as
a credit purpose in the list in comment 107(a)(6)-1 in order to observe
its use in the market. Rather than ``Overdraft line of credit'' as
referenced in the proposal's preamble, the Bureau is using the term
``Overdraft.'' In order to facilitate compliance regarding overdraft as
a credit purpose, the Bureau is adding new comment 107(a)(6)-8 to the
final rule, which makes clear that when overdraft is an aspect of the
covered credit transaction applied for or originated, the financial
institution reports ``Overdraft'' as a purpose of the credit. The new
comment also explains that the financial institution reports credit
type pursuant to Sec. 1002.107(a)(5)(i) as appropriate for the
underlying covered credit transaction, such as ``Line of credit--
unsecured.'' The Bureau does not believe that reporting overdraft as a
credit purpose will create operational difficulties for financial
institutions because the information will be readily apparent as an
aspect of the credit. Finally, new comment 107(a)(6)-8 makes clear that
providing occasional overdraft services as part of a deposit account
offering would not be reported for the purpose of subpart B.
The Bureau is finalizing comments 107(a)(6)-2 through -5 with minor
edits to accommodate the removal of purposes related to the exclusion
for HMDA-reportable transactions and for clarity. Final comment
107(a)(6)-2 explains that if the applicant indicates or the financial
institution is otherwise aware of more than one purpose for the credit
applied for or originated, the financial institution reports those
purposes, up to a maximum of three, using the list provided, in any
order it chooses. Since applicants may have more than one purpose for a
credit transaction, the Bureau believes it is appropriate to require
collection and reporting of more than one credit purpose for this data
point in that situation. The Bureau believes that having financial
institutions report up to three credit purposes will provide useful
data. The Bureau also believes that allowing financial institutions
discretion as to the order of the credit purposes reported will
facilitate compliance.
Final comment 107(a)(6)-3 explains that if a purpose of an
application does not appear on the list of purposes provided, the
financial institution reports ``other'' as the credit purpose and
reports the credit purpose as free-form text. The Bureau believes that
allowing financial institutions to choose ``other'' when a credit
purpose for the application did not appear on the provided list will
facilitate compliance. In addition, the Bureau believes that collecting
this information on ``other'' credit purposes will assist in monitoring
trends in this area and key developments in the small business lending
market, which the Bureau can use to inform any future changes to the
list.
Final comment 107(a)(6)-4 makes clear that, pursuant to final Sec.
1002.107(c)(1), a financial institution shall maintain procedures
reasonably designed to collect applicant-provided data, which includes
credit purpose. However, the comment further explains that if a
financial institution is nonetheless unable to collect or determine
credit purpose information,
[[Page 35296]]
the financial institution reports that the credit purpose is ``not
provided by applicant and otherwise undetermined.'' The Bureau agrees
with the industry commenters who stated that this provision would
provide flexibility and believes that permitting use of this response
will facilitate compliance and enhance the quality of data reported.
In order to facilitate compliance, final comment 107(a)(6)-5
explains that if the application is for a credit product that generally
has indeterminate or numerous potential purposes, such as a credit
card, the financial institution may report credit purpose as ``not
applicable.'' As with the ``not provided by applicant and otherwise
undetermined'' purpose, the Bureau agrees with the industry commenters
who felt that this provision would provide appropriate flexibility. The
Bureau does not believe that there will be confusion about the
situations for which ``not provided by applicant and otherwise
undetermined'' (as explained in final comment 107(a)(6)-4) and ``not
applicable'' (as explained in final comment 107(a)(6)-5) are
appropriate to use. The commenters who suggested that such confusion
might occur did not explain why the proposed language would not be
sufficient.
Final comment 107(a)(6)-6 provides details on the collection of
credit purposes by financial institutions. The comment states that,
pursuant to Sec. 1002.107(c)(1), a financial institution shall
maintain procedures reasonably designed to collect applicant-provided
data, including credit purpose. In addition, the financial institution
is permitted, but not required, to present the list of credit purposes
provided in comment 107(a)(6)-1 to the applicant. The financial
institution is also permitted to ask about credit purposes not included
on the list provided in comment 107(a)(6)-1. If the applicant chooses a
purpose or purposes not included on the provided list, the financial
institution follows the instructions in comment 107(a)(6)-3 regarding
reporting of ``other'' as the credit purpose. If an applicant chooses a
purpose or purposes that are similar to purposes on the list provided,
but uses different language, the financial institution reports the
purpose or purposes from the list provided. The Bureau believes that
the explanations and instructions in the final commentary accompanying
Sec. 1002.107(a)(6) will reduce any confusion as to how a financial
institution reports this data point when an application involves
multiple credit purposes, and in other situations.
The Bureau believes that prohibiting financial institutions from
using their own credit purpose lists, as one commenter suggested, would
not be appropriate because the Bureau does not have sufficient
information to create a definitively comprehensive credit purposes list
and wishes to provide institutions the flexibility appropriate to their
market segment. In regard to that commenter's suggestion that the
Bureau provide a sample application form, this issue is discussed in
the section-by-section analysis of appendix E below. In addition, the
Bureau does not believe additional clarification regarding how to
report credit purpose for business loans made to sole proprietors is
necessary.
Because the Bureau is providing a complete exclusion for HMDA-
reportable transactions in the final rule, the Bureau is not finalizing
proposed comment 107(a)(6)-6, which would have provided a cross-
reference to the partial exclusion for dwelling-secured credit in the
proposed rule.
New comment 107(a)(6)-7 explains that real property is owner-
occupied if any physical portion of the property is used by the owner
for any activity, including storage. The Bureau adds this explanation
in response to comments asking for clarity on this issue. The Bureau
believes that the language provided clearly indicates the meaning of
``owner-occupied'' for reporting purposes and will facilitate
compliance and help in the collection of uniform data.
In regard to the commenters that objected to the entire credit
purpose data point as excessively burdensome and not providing useful
information, the Bureau notes that this data point was specified by
Congress in section 1071 as one that financial institutions must
collect and report; these commenters did not suggest a different method
of collection. The Bureau also believes, along with the national trade
association representing small banks whose comment is described above,
that the reporting accommodations included in the credit purpose
provision will facilitate compliance while still achieving the policy
goals of section 1071.
Although some additional useful information might be collected if
the Bureau were to expand the credit purpose data point to include the
more granular reporting requested by community groups, such changes
would make the collection more difficult for financial institutions as
well as potentially confusing for small business applicants; the Bureau
does not believe that further granularity is necessary at this time,
especially at the risk of obtaining potentially less accurate or
complete data overall. In regard to making ``refinancing'' a credit
product rather than a credit purpose as proposed, the Bureau believes
that its credit product taxonomy presents a clear, uncomplicated
framework using the basic forms of credit extended. Making refinancing
a product would complicate the taxonomy and introduce categorization
difficulties, for example with partial refinancings. As for including
renewals, the section-by-section analysis of Sec. 1002.103(b) above
discusses this issue.
107(a)(7) Amount Applied For
Proposed Rule
Section 1071 requires financial institutions to collect and report
``the amount of the credit or credit limit applied for, and the amount
of the credit transaction or the credit limit approved.'' \609\ The
Bureau stated in the SBREFA Outline that it was considering requiring
financial institutions to report the amount applied for data point
using the initial amount of credit or credit limit requested by the
applicant at the application stage, or later in the process but prior
to the financial institution's evaluation of the credit request.\610\
---------------------------------------------------------------------------
\609\ ECOA section 704B(e)(2)(C).
\610\ SBREFA Outline at 28.
---------------------------------------------------------------------------
The Bureau proposed Sec. 1002.107(a)(7) to require a financial
institution to collect and report ``the initial amount of credit or the
initial credit limit requested by the applicant.'' Proposed comment
107(a)(7)-1 would have explained that a financial institution is not
required to report credit amounts or limits discussed before an
application is made, but must capture the amount initially requested at
the application stage or later. In addition, proposed comment
107(a)(7)-1 would have stated that if the applicant does not request a
specific amount, but the financial institution underwrites the
application for a specific amount, the financial institution reports
the amount considered for underwriting as the amount applied for.
Finally, proposed comment 107(a)(7)-1 would have instructed that if the
applicant requests an amount as a range of numbers, the financial
institution reports the midpoint of that range.
To address the situation where the financial institution requests
an amount applied for but the applicant nonetheless does not provide
one, proposed comment 107(a)(7)-2 would have explained that, in
compliance with proposed Sec. 1002.107(c)(1), a financial institution
shall maintain procedures reasonably designed to collect
[[Page 35297]]
applicant-provided information, which includes the credit amount
initially requested by the applicant. However, if a financial
institution is nonetheless unable to collect or otherwise determine the
amount initially requested, the financial institution would have been
required to report that the amount applied for is ``not provided by
applicant and otherwise undetermined.''
Proposed comment 107(a)(7)-3 would have provided instructions for
reporting the amount applied for in regard to firm offers. Proposed
comment 107(a)(7)-3 would have explained that when an applicant
responds to a ``firm offer'' that specifies an amount or limit, which
may occur in conjunction with a pre-approved credit solicitation, the
financial institution reports the amount applied for as the amount of
the firm offer, unless the applicant requests a different amount. If
the firm offer does not specify an amount or limit and the applicant
does not request a specific amount, proposed comment 107(a)(7)-3 would
have explained that the amount applied for is the amount underwritten
by the financial institution.
Proposed comment 107(a)(7)-4 would have explained that when
reporting a covered application that seeks additional credit amounts on
an existing account, the financial institution reports only the
additional credit amount sought, and not any previous amounts sought or
extended. The Bureau noted that a request to withdraw additional credit
amounts at or below a previously approved credit limit amount on an
existing open-end line of credit would not be a covered application,
and so proposed comment 107(a)(7)-4 would not have applied to such a
situation.
The Bureau sought comment on its proposed approach to the amount
applied for data point. The Bureau also requested comment on how best
to require reporting of amount applied for in situations involving
multiple products or credit lines under a single credit limit. The
Bureau also requested comment on potential methods for avoiding
misinterpretations of disparities between the amount applied for and
the amount approved or originated. Finally, the Bureau requested
comment on its proposed approach to reporting when a range of numbers
is requested.
Comments Received
The Bureau received comments from lenders, trade associations,
community groups, and others regarding this proposed data point.
Community groups and a CDFI lender supporting the Bureau's approach to
the collection of the amount applied for data point. One commenter said
that it works with minority farmers whose loans are approved for far
less than what they originally applied for and that the data would give
them information regarding lending practices involving minority farm
businesses. Several commenters stated that amount applied for and
amount approved or originated are key data for fair lending purposes.
One said that Black-, Latino-, and Asian-owned businesses have been
substantially less likely to receive the full small business loan
amount requested than white-owned small businesses. Another commenter
requested that the Bureau scrutinize lenders when the application and
approval amounts are conspicuously close, especially if there is a
disproportionate impact on women and minority-owned businesses, because
some lenders may dissuade applicants from making a specific request and
steer them to the considered underwriting amount that is lower than the
financing need of the small business.
A community group noted that amounts should not be reported in
ranges since the statute requires reporting of amounts and furthermore,
that ranges are not useful for assessing whether lenders are responding
adequately to credit needs. This community group also commented that
with respect to line increases, it makes sense for the lender to report
the additional amount instead of the additional and original amount
because it is more precise in terms of being able to assess whether
credit needs are being met.
Several industry commenters and a group of State banking regulators
expressed concerns about collecting the data in light of the lending
process where the ``amount applied for'' can fluctuate throughout the
application stage. One trade association commented that financial
institutions should not be required to report amounts stated before an
application is made because applicants state a loan amount early on but
that loan amount usually changes throughout the process for various
reasons. Another stated that many business credit applications include
offers, counteroffers, and negotiations. One commenter stated that even
though the initial amount requested appears useful it does not reflect
the true dynamic of the small business lending process. The commenter
reasoned that it is not uncommon during the application process to see
the actual loan amount fluctuate as the entrepreneur further refines
their capital needs, and that makes tracking this type of information
not particularly relevant or reflective of the process. A credit union
trade association recommended that financial institutions have the
discretion to report an ``amount applied for'' that is determined at a
later stage, rather than at the first request of the applicant, because
reporting the initial credit request could inaccurately represent the
lending process. A group of state banking regulators commented that
some applicants may not request an amount or may request a range, and
some financial institutions will not require such information at the
outset. They stated that mandating reporting of a requested loan amount
would impose increased compliance burdens and has the potential to
disrupt the relationship aspect of small business lending.
Two industry commenters requested the Bureau clarify how financial
institutions should report the amount applied for when a firm offer of
credit specifies a range of possible amounts, for example, amounts
between $20,000 and $40,000. These commenters stated they believe such
offers should be deemed not to specify an amount or limit and that
institutions should be able to report the amount underwritten as the
amount applied for. They reasoned that reporting the top of the range
as the amount applied for in these circumstances could be misleading
because many applicants likely will not qualify for amounts at the top
of the range. A bank suggested that when an applicant indicates a
range, each financial institution should be able to decide whether to
report the low, midpoint, or high end of the range so long as it is
consistent for the financial institution's entire small business
lending application register.
Two business advocacy groups noted that uncertainty regarding key
definitions could create compliance challenges and requested that the
Bureau provide additional clarity as to the meaning of ``applied for.''
A bank stated that its systems do not have a way to collect and record
this data point and that it would need to collect it manually, which
would affect its ability to serve its customers and community.
The Bureau did not receive comments on how best to require
reporting for situations involving multiple products or credit lines
under a single credit limit or potential methods for avoiding
disparities between amount applied for and amount originated or
approved.
Final Rule
For the reasons set forth herein, the Bureau is finalizing Sec.
1002.107(a)(7) and associated commentary with revisions and an addition
in the commentary for
[[Page 35298]]
clarity. The Bureau notes that for HMDA, Regulation C Sec.
1003.4(a)(7) requires reporting of ``the amount of the covered loan or
the amount applied for, as applicable,'' which requires reporting of
the amount applied for only when the credit is not originated. Because
section 1071 uses the conjunction ``and'' rather than ``or,'' the
Bureau reads section 1071 to require collection and reporting of the
amount applied for regardless of whether the application is ultimately
approved or originated.\611\ The Bureau believes its interpretation of
``the amount of the credit or credit limit applied for'' pursuant to
ECOA section 704B(e)(2)(C) is reasonable and appropriate.
---------------------------------------------------------------------------
\611\ The amount approved or originated data point is addressed
in the section-by-section analysis of Sec. 1002.107(a)(8).
---------------------------------------------------------------------------
With respect to the commenter that indicated that some lenders may
dissuade applicants from making a specific request and steer them to
the considered underwriting amount, which may be lower than their
financing needs, the Bureau believes that it is necessary to capture
both the amount applied for and amount approved or originated to
fulfill the statutory purposes of section 1071, including facilitating
fair lending enforcement. The Bureau believes the amount applied for
and the amount approved data points are necessary to identify
potentially discriminatory practices, such as discouragement or
steering, in the lending process. For example, greater differences
between amount applied for and amount originated among protected groups
could indicate a fair lending concern. The Bureau notes that if a
financial institution were to seek to unduly influence or alter the
amount requested by the applicant in order to avoid reporting it, such
conduct would violate the requirement in final Sec. 1002.107(c) to not
discourage an applicant from responding to requests for applicant-
provided data and to maintain procedures to collect such data at a time
and in a manner that are reasonably designed to obtain a response.
Regarding commenters' concerns that the amount applied for can
change throughout the lending process, the Bureau acknowledges that
there could be complexity in pinpointing the specific initial amount
requested by an applicant in the fluid process of a small business
credit application. The Bureau acknowledges that this complexity could
make this data point challenging for financial institutions to collect
and report. Nonetheless, the statute requires that the amount applied
for be reported, and the information is important for both of section
1071's statutory purposes. The Bureau is finalizing comment 107(a)(7)-1
with minor edits for clarification. Final comment 107(a)(7)-1 provides
that the financial institution reports the initial amount of credit or
the credit limit initially requested by the applicant at the
application stage and is not required to report credit amounts or
limits discussed before an application is made. The Bureau believes
that this guidance will provide a flexible compliance regime that will
accommodate different business practices. A financial institution will
not be required to report amounts discussed before the application is
made, which will accommodate preliminary informal interactions.
Regarding the recommendation that financial institutions have the
discretion to report an amount determined at a later stage rather than
the initial request of the applicant, the Bureau notes that the statute
requires the amount applied for to be reported even though a small
business credit application process can be fluid. Therefore, a
financial institution should report the initial request of the
applicant if the lending process has already reached the application
stage. In regard to ranges of amounts requested, the Bureau does not
believe that permitting financial institutions to decide whether to
report the low, midpoint, or high end of the range, as requested by a
commenter, would yield data that will be comparable to the other data
collected for this data point because different financial institutions
will be applying different rules for what to report. The Bureau
believes that more uniform information will be more useful and should
not create extra difficulty for financial institutions to collect.
Therefore, to facilitate compliance, final comment 107(a)(7)-1 provides
that for amounts that were requested as a range of numbers, the
financial institution reports the midpoint of the range. In addition,
for clarity, the Bureau moved guidance on what to report if an
applicant does not request a specific amount to final comment
107(a)(7)-2, as explained below.
With respect to the comment that an amount may not be initially
required or that some applicants may not request an amount or may
request a range, the Bureau understands that a specific amount may not
be provided by the applicant and that a specific amount is often not
required by many financial institutions for products such as credit
cards, as the financial institution assigns the credit limit as part of
the credit evaluation process. Final comment 107(a)(7)-2 provides that
in situations where the applicant does not request a specific amount at
the application stage, but the financial institution underwrites the
application for a specific amount, the financial institution reports
the amount that was considered in underwriting. Final comment
107(a)(7)-2 also provides that if a particular type of credit product
does not involve a specific amount requested, then the financial
institution reports ``not applicable.'' The Bureau believes this method
will aid compliance with section 1071 and yield appropriate data by
avoiding the need to report a preliminary number when a financial
institution's business practices do not result in there being such a
number to report. For clarity, the Bureau moved guidance regarding
amounts that are otherwise undetermined that was addressed in proposed
comment 107(a)(7)-2 to final comment 107(a)(7)-5, as explained below.
Regarding the request that the Bureau clarify how institutions
should report the amount applied for when a firm offer of credit
specifies a range of possible amounts, the Bureau added guidance in
final comment 107(a)(7)-3 that addresses this situation. ``Firm
offers'' involve solicitations to small businesses when they have been
pre-approved for a term loan, line of credit, or credit card.\612\ The
Bureau understands that financial institutions often provide an amount
in such solicitations and the Bureau believes that when the applicant
knows the amount of the pre-approval before responding, that figure
could appropriately be considered as the amount applied for. However,
if no amount appears in the pre-approved solicitation, the Bureau
considers that an applicant responding to the firm offer has not
requested a specific amount, and reporting of the amount underwritten
would be appropriate. Final comment 107(a)(7)-3 provides that when an
applicant responds to a firm offer, a financial institution reports the
amount applied for as the amount of the firm offer, unless the
applicant requested a different amount. If, on the other hand, the firm
offer did not contain a specified amount and the applicant did not
request one, then the financial institution reports the amount applied
for as the amount that was underwritten. The Bureau did not propose
guidance that addresses what financial institutions report when a firm
[[Page 35299]]
offer specifies a range of possible amounts. The Bureau agrees with the
commenters that such offers should be treated similarly to those
situations where a firm offer did not specify an amount. To address
this scenario, final comment 107(a)(7)-3 states that if the firm offer
specifies an amount or limit as a range of numbers and the applicant
does not request a specific amount, the amount applied for is the
amount underwritten by the financial institution. The Bureau believes
that this guidance will aid compliance and yield useful data.
---------------------------------------------------------------------------
\612\ See 15 U.S.C. 1681a(l); see also Regulation B comment
12(b)(7)-1 (describing offers of credit).
---------------------------------------------------------------------------
The Bureau is finalizing comment 107(a)(7)-4 as proposed. The
comment explains that when reporting a covered application that seeks
additional credit amounts on an existing account, the financial
institution reports only the additional credit amount sought, and not
any previous amounts extended.
The Bureau added final comment 107(a)(7)-5 to address situations
where the initial amount applied for cannot be determined.
Specifically, the comment provides that under Sec. 1002.107(c)(1), a
financial institution shall maintain procedures reasonably designed to
collect applicant-provided data, which includes the credit amount
initially requested by the applicant (other than for products that do
not involve a specific amount requested). However, the Bureau
understands that there may be situations in which amount applied for
was not collected and could not be otherwise determined. Thus, final
comment 107(a)(7)-5 provides that if a financial institution is unable
to collect or otherwise determine the amount initially requested, the
financial institution reports that the amount applied for is ``not
provided by applicant and otherwise undetermined.'' The Bureau believes
that providing this reporting flexibility will facilitate compliance by
accommodating different business practices.
With respect to the commenter that indicated that its systems do
not have a way to collect this data point, the Bureau believes that the
data on the amount applied for will generally be available in the loan
files and should not present particular difficulties in reporting.
Regarding the request from commenters that the Bureau provide
additional clarity as to the meaning of applied for, the commenters did
not indicate specific issues in the amount applied for data point that
require clarification. The Bureau believes it has addressed in this
final rule the requests for clarity from other commenters as well as
other clarifications the Bureau believes are appropriate.
107(a)(8) Amount Approved or Originated
Proposed Rule
Section 1071 requires financial institutions to collect and report
``the amount of the credit transaction or the credit limit approved.''
\613\
---------------------------------------------------------------------------
\613\ ECOA section 704B(e)(2)(C).
---------------------------------------------------------------------------
Proposed Sec. 1002.107(a)(8) would have required that the amount
approved or originated data point be collected and reported as follows:
(i) for an application for a closed-end credit transaction that is
approved but not accepted, the financial institution collects and
reports the amount approved by the financial institution; (ii) for a
closed-end credit transaction that is originated, the financial
institution collects and reports the amount of credit originated; and
(iii) for an application for an open-end credit transaction that is
originated or approved but not accepted, the financial institution
collects and reports the amount of the credit limit approved.
Proposed comment 107(a)(8)-1 would have provided general
instructions for the amount approved or originated data point,
explaining that a financial institution reports the amount approved or
originated for credit that is originated or approved but not accepted.
For applications that the financial institution, pursuant to proposed
Sec. 1002.107(a)(9), would have reported as denied, withdrawn by the
applicant, or incomplete, the financial institution would have reported
that the amount approved or originated is ``not applicable.''
Proposed comment 107(a)(8)-2 would have explained that when a
financial institution presents multiple approval amounts from which the
applicant may choose, and the credit is approved but not accepted, the
financial institution reports the highest amount approved. Proposed
comments 107(a)(8)-3 and -4 would have provided specific instructions
for identifying and reporting the amount approved or originated for
closed-end transactions, including refinancings.
Proposed comment 107(a)(8)-5 would have provided instructions
regarding counteroffers and the amount approved or originated data
point, explaining that if an applicant agrees to proceed with
consideration of a counteroffer for an amount or limit different from
the amount for which the applicant applied, and the covered credit
transaction is approved and originated, the financial institution
reports the amount granted. Proposed comment 107(a)(8)-5 would have
further explained that if an applicant does not agree to proceed with
consideration of a counteroffer or fails to respond, the institution
reports the action taken on the application as denied and reports ``not
applicable'' for the amount approved or originated. The proposed
comment would have provided a reference to proposed comment 107(a)(9)-
2, which discusses the action taken data point in relation to
counteroffers.\614\
---------------------------------------------------------------------------
\614\ See the section-by-section analysis of Sec.
1002.107(a)(9) for a complete discussion of how the final rule
treats reporting obligations for applications involving
counteroffers.
---------------------------------------------------------------------------
The Bureau sought comment on its proposed approach to the amount
approved or originated data point. The Bureau also requested comment on
potential methods for avoiding misinterpretations of disparities
between the credit amount or limit applied for and the credit amount or
limit originated or approved and on the possible use of ranges of
numbers for reporting the amount applied for and amount approved or
originated data points. In addition, the Bureau requested comment on
whether it would be useful and appropriate to require reporting of the
amount approved as well as the amount originated for closed-end credit
transactions.
Comments Received
The Bureau received comments on the amount approved or originated
data point from lenders, trade associations, and community groups.
Almost all of the comments received supported the Bureau's proposal. A
bank and a trade association commented that the Bureau's proposal is a
reasonable and appropriate means of implementing the statutory
requirement. A community group and a CDFI lender highlighted the
usefulness of the data for fair lending purposes, including identifying
potentially discriminatory lending practices. The CDFI lender suggested
that the data can help show how financial institutions compare across
key metrics and reveal capital gaps in the market that lenders may be
able to fill. Two commenters supported the proposal's requirement that
data collection on amount approved or originated be required for
transactions that are approved but not accepted, not just those that
are originated. A trade association commented that different standards
are appropriate for closed-end and open-end products, while a community
group noted that it is appropriate to report the credit limit in cases
of open-end credit. Another trade association emphasized the Bureau's
proposal regarding counteroffers and
[[Page 35300]]
that it appropriately allows for negotiations prevalent in small
business lending. A community group requested that the Bureau not
permit reporting of amounts in ranges, stating that the statute
requires reporting of specific amounts and that ranges are not useful
for assessing whether lenders are responding to credit needs
adequately.
Two banks expressed concerns about the overall proposed requirement
to collect data on amount approved or originated. One suggested that
the data are meaningless because the majority of loan requests at a
community bank are not submitted formally and in most cases the amount
approved is what was requested. That bank also noted that it would be
rare for the amount to change and it does not have a way to currently
track the information, thus adding burden. Another bank recommended
that financial institutions should not be generally required to report
information on applications where no credit was extended, such as
applications that were not completed by the applicant or where the
applicant did not accept the terms. This bank reasoned that the amount
approved data point is irrelevant because the loan was not originated
and that it does not further the purposes of section 1071 because the
information would not help the Bureau materially understand credit
opportunities nor help ensure fair lending laws are enforced.
Final Rule
For the reasons set forth herein, the Bureau is finalizing Sec.
1002.107(a)(8) and associated commentary as proposed. The Bureau is
also adding new comment 107(a)(8)-6. The Bureau reads the statutory
language ``the amount of the credit transaction or the credit limit
approved'' to require the amount of the credit limit approved to be
reported for open-end applications, and the amount of the credit
transaction to be reported for closed-end applications. The Bureau
believes the phrase ``the amount of the credit transaction or the
credit limit approved'' to be ambiguous in regard to closed-end
transactions because the most common meaning of the word
``transaction'' in the context for closed-end credit transactions would
be an originated loan. Thus, the Bureau reasonably interprets the
statute as requiring reporting of the amount originated for closed-end
credit transactions. In the alternative, section 1071 authorizes the
Bureau to include any ``additional data that the Bureau determines
would aid in fulfilling the purposes of [section 1071].'' The Bureau
believes that it is appropriate to use its exception authority under
ECOA section 704B(g)(2) to require the amount originated, rather than
the amount approved, for originated closed-end credit transactions,
because excluding the amount approved for originated closed-end
transactions, and requiring collection of the amount originated
instead, would enhance the utility and quality of the data being
reported, thus further the fair lending and business and community
development purposes of section 1071.
In response to the commenters' suggestion that data on applications
should not be reported in situations where the application is withdrawn
or incomplete as well as the commenter's suggestion that the data are
meaningless, the Bureau believes there is value in the data to be
reported, even if no amount is reported for the amount approved or
originated data point. Other information to be reported for the
application that was, pursuant to Sec. 1002.107(a)(9), withdrawn by
the applicant or incomplete, can help further the fair lending and
community development purposes of section 1071. For example, data from
applications that are withdrawn or incomplete can help identify
potential discriminatory practices in the application process and also
indicate demand for credit by small business applicants. This would not
be possible if data on applications that are withdrawn or incomplete
are not reported. Accordingly, final comment 107(a)(8)-1 explains that
for applications a financial institution, pursuant to Sec.
1002.107(a)(9), reports as denied, withdrawn by the applicant, or
incomplete, the financial institution reports that the amount
originated or approved is ``not applicable.'' The Bureau also believes
that reporting ``not applicable'' for amount approved or originated in
certain circumstances will facilitate compliance for this data point.
The Bureau does not believe, as suggested by one commenter, that
data on applications where the applicant did not accept the terms would
not further the statutory purposes of section 1071. The data will help
facilitate fair lending enforcement by indicating the credit that had
been offered to different types of applicants when the transaction does
not close and there is no amount originated to report. Reporting data
with respect to the amount approved will also aid in fulfilling the
business and community development purpose of section 1071 by providing
a more complete picture of the credit being offered to different
businesses and communities.\615\
---------------------------------------------------------------------------
\615\ The Bureau similarly believes that reporting the amount
originated on closed-end credit transactions that are originated
also fulfills the purposes of section 1071. For these transactions,
reporting of the amount originated would aid in fulfilling the
enforcement of fair lending laws by indicating the credit that had
been provided to different types of applicants in actual
transactions. It would also aid in fulfilling the business and
community development purpose of section 1071 by providing a more
complete and accurate picture of the credit actually being provided
to different businesses and in different communities.
---------------------------------------------------------------------------
As stated above, the Bureau is finalizing the commentary to Sec.
1002.107(a)(8) as proposed. Final comment 107(a)(8)-2 provides guidance
on reporting the amount approved or originated data point when the
transaction involves multiple approval amounts. The Bureau believes
that reporting the highest amount approved when credit is approved but
not accepted will most accurately reflect the amount of credit that was
made available to the applicant in this situation. Final comments
107(a)(8)-3 and -4 provide guidance on reporting amount approved or
originated for closed-end transactions and refinancings, respectively.
Final comment 107(a)(8)-5 provides guidance on reporting amount
approved or originated when the transaction involves counteroffers.
The Bureau is adding comment 107(a)(8)-6 to provide guidance on
reporting amount approved or originated with respect to existing
accounts. Comment 107(a)(8)-6 provides that the financial institution
reports only the additional credit amount approved or originated for an
existing account, and not any previous amounts that were extended. The
Bureau believes this will help facilitate compliance for this data
point.
The Bureau did not receive specific comments with respect to this
data point on methods for avoiding misinterpretations of disparities
between credit amount or limit applied for and credit amount or limit
originated or approved and whether it would be useful and appropriate
to require reporting of amount approved as well amount originated for
originated closed-end credit transactions. The Bureau is therefore not
requiring reporting of that additional data.
107(a)(9) Action Taken
Proposed Rule
ECOA section 704B(e)(2)(D) requires financial institutions to
report the ``type of action taken'' on an application.
The Bureau proposed in Sec. 1002.107(a)(9) to require reporting of
the action taken by the financial institution on the covered
application, reported as originated, approved but not
[[Page 35301]]
accepted, denied, withdrawn by the applicant, or incomplete. In
addition, the Bureau proposed to categorize all incomplete applications
as a single category of ``incomplete,'' rather than following the
approach in Regulation C of separately reporting denials based on
incompletes and notices of incompleteness. Although the Bureau
considered expanding the action taken codes to those currently used in
Regulation C (including preapprovals or purchased loans), the Bureau
did not believe those additional fields would have been appropriate or
necessary in the context of section 1071 given the diversity of
processes and other complexities in the small business lending space
and because section 1071, unlike HMDA, does not expressly reference
loan purchases.
Proposed comment 107(a)(9)-1 would have provided additional clarity
on when a financial institution should select each of the proposed
action taken codes. The financial institution would have identified the
applicable action taken code based on final action taken on the covered
application.
Proposed comment 107(a)(9)-2 would have provided instructions for
reporting action taken on covered applications that involve a
counteroffer, along with examples. The Bureau's proposed treatment of
counteroffers would have aligned with how counteroffers are treated
under existing Sec. 1002.9 notification procedures and how they are
reported under Regulation C.\616\ The Bureau also considered, but did
not propose, adding an action taken category or flag for counteroffers.
The Bureau believed the addition of a counteroffer flag or field would
have provided limited useful information beyond what would have been
captured under the proposal.
---------------------------------------------------------------------------
\616\ Regulation C comment 4(a)(8)(i)-9.
---------------------------------------------------------------------------
Proposed comment 107(a)(9)-3 would have discussed reporting action
taken for rescinded transactions. Proposed comment 107(a)(9)-4 would
have clarified that a financial institution reports covered
applications on its small business lending application register for the
year in which final action is taken. Finally, proposed comment
107(a)(9)-5 would have provided guidance for reporting action taken if
a financial institution issues an approval that is subject to the
applicant meeting certain conditions.
The Bureau sought comment on proposed Sec. 1002.107(a)(9) and its
associated commentary.
Comments Received
The Bureau received comment on its proposal in Sec. 1002.107(a)(9)
to require reporting of action taken from a wide range of lenders,
trade associations, and community groups.
Action taken categories in general. A number of commenters,
including community groups, lenders, and a trade association supported
the action taken reporting categories in proposed Sec. 1002.107(a)(9).
Two industry commenters agreed that proposed Sec. 1002.107(a)(9) was a
reasonable and appropriate means of implementing section 1071. One
community group stated that the action taken codes are an essential
metric to enforce fair lending laws and that the proposed action taken
categories are substantially similar to those used for HMDA reporting,
and so will be familiar to lenders. A joint letter from community
groups, community oriented lenders, and business advocacy groups
similarly supported use of the action taken fields that are also used
for HMDA reporting. A trade association noted that action taken
information is not typically collected by motor vehicle dealers in
indirect vehicle finance transactions, but may be included by the
finance source as part of the credit application decision.
Some commenters focused on particular proposed action taken
categories, urging the Bureau to retain a proposed action taken
category and not combine categories. For example, a several lenders and
community groups specifically supported collection on incomplete and
withdrawn applications. They asserted that it is important to collect
data on applications that do not go through the full lending process
(i.e., through loan decisioning) in order to identify potential
discouragement. Several commenters further explained that capturing
incomplete and withdrawn applications would be important for fair
lending assessments, as it would identify potential disparities in
treatment, discouragement, and steering. In response to the Bureau's
request for comment on whether to combine the ``withdrawn by
applicant'' and ``incomplete'' categories, a community group supported
the Bureau's proposed approach to keep the categories separate. The
commenter asserted that data analysis and fair lending assessments
would be more accurate if the withdrawn and incomplete categories are
kept separate, as they represent different actions by the applicant.
Another community group commenter supported distinct action taken
categories for approvals and denials, noting, for example, research
finding disparities in credit denials for Black, Latino, and Asian
small businesses.\617\ A lender, however, urged the Bureau to use
caution in interpreting and analyzing data collected under section
1071, noting for example that a high denial rate for different types of
businesses (e.g., small or minority-owned businesses) could be
reflective of a financial institution's high volume of applications
from such small businesses and not of a pattern of discriminatory
lending.
---------------------------------------------------------------------------
\617\ See Fed. Rsrv. Bank of Atlanta, Small Business Loan
Turndowns, Personal Wealth and Discrimination (July 2002), https://www.federalreserve.gov/pubs/feds/2002/200235/200235pap.pdf.
---------------------------------------------------------------------------
In response to the Bureau's request for comment on whether to
retain the ``approved but not accepted'' category, two community groups
urged the Bureau to include this category among the available action
taken options. The commenters argued that the approved but not accepted
category could be used to identify instances where an applicant was
offered loan terms that did not meet the needs of the small business
(such as high pricing or other unfavorable terms), and could be tracked
to identify potential disparities among women-owned or minority-owned
small businesses, or other vulnerable populations. Another commenter
argued that data may be misconstrued if approved but not accepted loans
are treated as ``denials.''
In contrast, several community banks urged the Bureau to remove
certain proposed action taken categories. For example, a community bank
argued against use of withdrawn by applicant or denied action taken
codes, stating that there was no reason to report such applications and
it would violate the applicant's trust. A different community bank
urged the Bureau to remove the incomplete category, noting that
financial institutions treat incompleteness as a denial under existing
Regulation B (because it requires an adverse action notice or a notice
of incompleteness), and that such events are better captured as denials
or withdrawals.
In the NPRM, the Bureau also sought comment on whether the Bureau's
proposal to categorize all incomplete applications as a single category
of ``incomplete'' (closed or denied) should instead be reported
consistent with the approach in Regulation C, which provides separate
categories for denials (including on the basis of incompleteness) and
files closed for incompleteness (if the financial institution sent a
written notice of
[[Page 35302]]
incompleteness). A few industry and community group commenters
specifically supported diverging from Regulation C and reporting
denials based on incompleteness as ``incomplete'' applications, rather
than ``denied'' applications. A CDFI lender and a community group
stated that doing so would be in line with the intent of section 1071
and would lead to more accurate data by reserving the denied category
exclusively for creditworthiness and underwriting factors. One trade
association stated that such reporting would be easier to comply with
and provide less opportunity for data errors, while another trade
association noted that additional subcategories of incomplete would
create confusion and add difficulty for financial institutions.
In contrast, several banks and a group of bank trade associations
urged the Bureau to align reporting of incomplete applications with
HMDA reporting. A bank commented that aligning with HMDA would increase
efficiency for the customer, facilitate compliance, and ensure that
financial institutions only need to collect data once. Similarly,
several commenters argued that misalignment with HMDA would add
substantial difficulty for financial institutions required to report
under HMDA. However, some of those same commenters also stated that
they were sympathetic to the Bureau's underlying reasons for wanting to
report all incomplete applications in one category, and argued that
this was further reason to exclude all HMDA transactions. A bank asked
for clarification on how to report an application that results in
adverse action based on incompleteness.
Treatment of counteroffers. The majority of commenters to address
the issue, including several lenders, trade associations, and a
community group, supported the Bureau's proposal as related to
counteroffers. In response to the Bureau's request for comment on
whether counteroffers that are not accepted should be reported as
``approved but not accepted,'' rather than ``denied,'' several
commenters, including a community group and a CDFI lender, supported
the Bureau's proposal that declined counteroffers would be recorded as
denials and accepted counteroffers would be reported as originations.
Several CDFI lenders further commented that this proposal would avoid
lenders seeking to game the system and avoid reporting denials by
giving unreasonable counteroffers likely to be denied by the applicant.
In contrast, a trade association argued that counteroffers that are not
accepted should be reported as ``approved but not accepted'' as it
would better reflect the availability of credit. A bank asked how to
report an accepted counteroffer that does not ultimately lead to an
origination, and urged consistency with HMDA.
In response to the Bureau's request for comment on whether to
specifically capture data on counteroffers, several industry commenters
supported the Bureau's proposal to not separately track counteroffers.
One of these commenters urged the Bureau to not separately track
counteroffer terms (such as the amount requested and approved) as it
would create burden for financial institutions, and if the offer was
ultimately accepted, would not provide meaningful data. Similarly,
other industry commenters argued that determining what is a
counteroffer would be difficult and it would be infeasible to capture
all data points for each counteroffer. A bank said that small business
lending involves many discussions between the lender and the applicant,
and so capturing counteroffers would be extraordinarily complex and
require additional training. The industry commenters also stated that
capturing counteroffers could lead to confusion and data errors. One of
the commenters further urged the Bureau to align with Regulation C,
which it asserted does not require reporting of counteroffers.
On the other hand, a CDFI lender and a joint letter from community
and business advocacy groups urged the Bureau to require reporting of
any counteroffers and their terms. These commenters suggested the
Bureau modify the action taken fields to add ``counteroffer accepted''
and ``counteroffer rejected,'' and require reporting of pricing
information on these options. The joint letter argued that separate
reporting of counteroffers would provide visibility into pricing of
credit offers made but not accepted or offers that otherwise do not
result in an origination. The commenter further took issue with the
aspect of the proposal that would require a lender to report it has
denied an application, when it has in fact it had approved it on
different terms. A CDFI lender similarly argued that the proposal
provides a loophole for financial institutions, and urged the Bureau to
require reporting of pricing on the initial request and any
counteroffers to prevent exploitative lending. The commenter
acknowledged, however, that the Bureau's proposal does not penalize
entities seeking to provide assistance to businesses, which often
entails multiple counteroffers to best meet the business's needs.
Finally, the joint letter from community and business advocacy
groups asserted that the proposed definition of a counteroffer is
problematic. Under the proposal, a counteroffer was described to occur
when a financial institution offers to grant credit on terms other than
those originally requested by the applicant. The commenter stated,
however, that nothing requires a lender to initially solicit from
applicants what terms they are seeking (other than amount applied for
and credit type), and so it would not be clear when to treat an offer
as a ``counteroffer'' for purposes of the rule.
Final Rule
For the reasons set forth herein, the Bureau is finalizing Sec.
1002.107(a)(9) with a minor revision for consistency, to require
reporting of the action taken by the financial institution on the
covered application, reported as originated, approved but not accepted,
denied, withdrawn by the applicant, or incomplete. Most commenters to
address this issue generally supported the Bureau's proposed action
taken categories, noting that the approach was a reasonable one and
would assist in fair lending enforcement.
Although the Bureau sought comment on whether to remove or combine
certain of the action taken categories, the Bureau is finalizing the
list of categories as proposed in Sec. 1002.107(a)(9). The Bureau is
not eliminating the ``approved but not accepted category''; data
collected under this category would reflect demand for credit, and as
noted by some commenters, could potentially be used to identify offers
made that do not meet the needs of small businesses. Moreover, no
commenter expressly urged the Bureau to remove the ``approved but not
accepted'' category. The Bureau is also retaining the ``withdrawn by
the applicant'' and ``incomplete'' action taken categories. As noted by
some commenters, capturing data on incomplete and withdrawn
applications is important to identifying potential discrimination and
discouragement during the application process, and thus consistent with
the purposes of section 1071. Next, the Bureau is keeping ``withdrawn
by the applicant'' and ``incomplete'' as separate action taken
categories; the categories represent different actions by the
applicant, and so keeping them distinct will lead to more accurate data
analysis, including better fair lending analysis. Moreover, the Bureau
believes a high incidence of incomplete applications could potentially
indicate that there is an issue with the level of
[[Page 35303]]
assistance provided by a financial institution (for example, not
providing reasonable support or assistance to ensure an applicant
satisfies all credit conditions; or providing more support to some
applicants than others). Although a couple of community banks urged the
Bureau to remove the ``denied,'' ``withdrawn by applicant,'' or
``incomplete'' action taken categories as unnecessary or inconsistent
with current lender practice, the Bureau believes retaining those
categories further the purposes of section 1071, as described above.
The Bureau is also finalizing Sec. 1002.107(a)(9) to require a
financial institution to report all incomplete applications--whether
the application is closed or denied based on incompleteness--as the
``incomplete'' action taken category. While this proposed approach is
not consistent with Regulation C comments 4(a)(8)(i)-4 and -6, there
could be potential errors in the data if financial institutions report
incomplete denials separate from notices of incompleteness. As noted by
commenters, grouping all incomplete applications together would lead to
more useful data by reserving the denied category solely for
creditworthiness and underwriting decisions. Moreover, as noted by
several commenters, grouping all incomplete applications in one
category would be easier for financial institutions to implement.
Although several industry commenters urged the Bureau to align
reporting of incomplete applications with Regulation C in order to
increase efficiency and facilitate compliance, those concerns are
mitigated by the Bureau's decision to exclude reporting of all HMDA-
reportable transactions, as set forth in final Sec. 1002.104(b)(2).
Indeed, one of the commenters advocating for alignment with Regulation
C also stated that they were sympathetic to the Bureau's reasons for
wanting all incomplete applications reported under a single category.
In response to a commenter's question regarding the reporting of
applications where an adverse action notice is provided based on
incompleteness, under final Sec. 1002.107(a)(9), the financial
institution would report such an application as ``incomplete,'' rather
than ``denied.'' In response to another commenter's concern that data
may be misconstrued if approved but not accepted loans are treated as
``denials,'' the Bureau notes that there is a separate action taken
category for ``approved but not accepted'' (see final Sec.
1002.107(a)(9) and associated commentary for reporting of that action
code).
The Bureau is also finalizing as proposed its treatment of
counteroffers in final comment 107(a)(9)-2. The Bureau agrees with
commenters that this approach (requiring that counteroffers that are
not accepted to be reported as ``denied,'' rather than ``approved but
not accepted'') would prevent lenders from trying to improperly
influence how their data are reported by extending unreasonable
counteroffers that are likely to be denied. This approach is also
consistent with existing Sec. 1002.9 notification procedures and
reporting of counteroffers under Regulation C,\618\ and so will be
familiar to financial institutions. In response to a commenter's
concern that this approach would not capture the availability of credit
(as rejected counteroffers would be reported as ``denials''), the
Bureau believes the considerations noted above--preventing gamesmanship
and consistency with existing Regulation B and Regulation C--outweigh
the potential benefit of alternate reporting. In response to a
commenter's question about how a financial institution reports an
accepted counteroffer that does not ultimately lead to an origination,
the Bureau directs the commenter to final comment 103(a)(9)-2, which
provides that if an applicant agrees to proceed with consideration of
the financial institution's counteroffer, the financial institution
reports the action taken as the disposition of the application based on
the terms of the counteroffer.
---------------------------------------------------------------------------
\618\ Regulation C comment 4(a)(8)(i)-9.
---------------------------------------------------------------------------
The Bureau is also finalizing comment 107(a)(9)-2 to not separately
track counteroffers as an additional action taken category or flag. As
noted by some commenters, it would be potentially infeasible to capture
all data points for every back-and-forth counteroffer with an
applicant, and attempting to do so would likely lead to confusion,
heightened complexity, and data errors. The Bureau also believes that
even without a counteroffer flag or field, the data will capture many
of the terms of an accepted counteroffers (such as pricing, guarantee,
etc.), as well as the amount initially requested by the applicant.
Therefore, the addition of a counteroffer flag or field would provide
limited useful information beyond what will already be captured under
section 1071. Moreover, while a counteroffer flag or field might be
useful as a screening tool for potential discrimination (for example,
if women-owned businesses or minority-owned businesses are provided
higher rates of counteroffers or denials compared to male- or non-
Hispanic white-owned businesses), a flag alone would lack any
specificity that could be leveraged for further fair lending analysis.
While several commenters urged the Bureau to require reporting of
accepted and rejected counteroffers, as well as their pricing terms,
the Bureau does not believe the benefits of additional reporting would
outweigh the added complexity, logistical challenges, and potential
data accuracy issues involved in reporting counteroffers. For example,
while some commenters suggested adding counteroffer rejected and
counteroffer accepted action taken categories, and to require reporting
of pricing, the commenter does not explain how a financial institution
would report multiple back-and-forth counteroffers connected to a
single covered application, which some commenters report is typical in
small business lending. Moreover, focusing solely on the pricing term
of a counteroffer would leave unknown other material terms of a
counteroffer, such the amount offered, duration, or a requirement to
have a co-signer or guarantor. In response to commenters' concerns that
not capturing counteroffers would mean a lack of visibility into
counteroffers that are made but not accepted, the Bureau agrees that
such information would not be captured, however, as described above,
the Bureau believes that reporting of such data would add significant
complexity, could undermine data quality, and would provide only
limited additional benefits. Regarding some commenters' criticism that
the definition of a counteroffer is flawed because it presumes a lender
has solicited all requested terms from the applicant, the Bureau
believes the description of a counteroffer in final comment 107(a)(9)-2
as an offer to grant credit or terms other than those originally
requested by the applicant is a reasonable one: an applicant will
likely specifically request the terms most important to the applicant,
the definition is consistent with existing Regulation B and Regulation
C and so will be familiar to financial institutions, and the commenters
do not propose an alternative.
The Bureau is finalizing the commentary to Sec. 1002.107(a)(9)
with minor revisions for clarity and consistency. Final comment
107(a)(9)-1 provides additional clarity on when a financial institution
should select each of the proposed action taken codes. The comment
further clarifies that a financial institution identifies the
applicable action taken code based on final action taken on the covered
application.
[[Page 35304]]
Final comment 107(a)(9)-2 provides instructions for reporting
action taken on covered applications that involve a counteroffer, along
with examples. As described above, final comment 107(a)(9)-2 provides
that if a financial institution makes a counteroffer to grant credit on
terms other than those originally requested by the applicant and the
applicant declines to proceed with the counteroffer or fails to
respond, the institution reports the action taken as a denial on the
original terms requested by the applicant. If the applicant agrees to
proceed with consideration of the financial institution's counteroffer,
the financial institution reports the action taken as the disposition
of the application based on the terms of the counteroffer.
Final comment 107(a)(9)-3 discusses reporting action taken for
rescinded transactions. Final comment 107(a)(9)-4 clarifies that a
financial institution reports covered applications on its small
business lending application register for the year in which final
action is taken. Finally, final comment 107(a)(9)-5 provides guidance
for reporting action taken if a financial institution issues an
approval that is subject to the applicant meeting certain conditions.
107(a)(10) Action Taken Date
Proposed Rule
In addition to requiring financial institutions to collect and
report the type of action they take on an application, ECOA section
704B(e)(2)(D) requires financial institutions to collect and report the
``date of such action.''
The Bureau proposed Sec. 1002.107(a)(10) to require action taken
date to be reported as the date of the action taken by the financial
institution. Proposed comments 107(a)(10)-1 through -5 would have
provided additional details on how to report the action taken date for
each of the action taken categories in proposed Sec. 1002.107(a)(9).
For example, proposed comment 107(a)(10)-1 would have explained that
for denied applications, the financial institution reports either the
date the application was denied or the date the denial notice was sent
to the applicant.
Proposed comment 107(a)(10)-4 would have explained that for covered
credit transactions that are originated, a financial institution
generally reports the closing or account opening date. That proposed
comment also stated that if the disbursement of funds takes place on a
date later than the closing or account opening date, the institution
may, alternatively, use the date of initial disbursement.
The Bureau sought comment on its proposed approach to the action
taken date data point as well as whether it should adopt data points to
capture application approval date and/or the date funds are disbursed
or made available.
Comments Received
The Bureau received comments on the proposed action taken date data
point from lenders, trade associations, and consumer groups. One
commenter expressed its support for the data points regarding an
application, including action taken date, noting that the data will
provide insight regarding the quality of the capital accessed and that
it will be useful in identifying potentially discriminatory lending
practices, as well as highlight capital gaps in the marketplace that
lenders may be able to fill. Furthermore, this commenter noted that the
data will show how financial institutions compare across key metrics
and help determine if the institution has equitable lending. Industry
commenters expressed their support for the proposed data point as a
reasonable and appropriate means of implementing the statutory
requirement. A CDFI lender noted that defining ``action taken date'' as
the one in which the financial institution acts is correct.
Several commenters provided feedback on whether the Bureau should
adopt separate data points for application approval date and the date
funds were disbursed or made available. A trade association opposed
adoption of separate data points for the date the application was
approved and the date the funds were disbursed or made available. This
trade association reasoned that it would add degrees of complexity to
the compliance process and the Bureau would be chasing de minimis data
points that have diminishing value. A bank also opposed the separate
data points explaining that the Bureau would already gather enough
information from gathering the application date and the action taken
date to find timing discrepancies and suggested the Bureau focus more
on underwriting data to determine discriminatory and other fair lending
issues. A CDFI lender explained that in many cases the gap between an
approval and disbursal of funds can be affected by several factors
outside a lender's control, such as an applicant's availability to sign
closing documents.
On the other hand, three commenters urged the Bureau to adopt
separate data points for application approval date and the date funds
were disbursed or made available. A community group commented that
separate data fields would be important for fair lending and community
development purposes because if any institutions are delaying the
availability of funds for unreasonable periods of time after loan
approval, they would not be serving community needs, and it could also
possibly indicate fair lending problems if protected classes
disproportionately experience delays. Another community group suggested
that discrimination in the agricultural industry occurs when loan
approvals are delayed or not approved in a timely manner. This
community group noted that untimely disbursement of funds could
drastically impact the opportunity for a small business to succeed.
They further noted that farmers lose entire seasons of income when the
operating loans which they timely applied for are not approved in a
timely manner. A third community group stated that lenders have a
history of delaying loan approvals for farmers of color compared to
white farmers.
Final Rule
For the reasons set forth herein, the Bureau is finalizing Sec.
1002.107(a)(10) and its associated commentary with minor edits for
clarity and consistency. The Bureau believes the action taken date data
point is a reasonable interpretation of ECOA section 704B(e)(2)(D),
which requires financial institutions to collect and report the ``date
of such action'' taken on an application. The Bureau notes that its
approach for this data point largely mirrors the Regulation C approach
for action taken date in Sec. 1003.4(a)(8)(ii) and related commentary,
with modifications to align with the action taken categories in final
Sec. 1002.107(a)(9).
Final Sec. 1002.107(a)(10) requires financial institutions to
report the date of the action taken by the financial institution on the
application. Final comments 107(a)(10)-1 through -5 provide guidance on
how to report the action taken date for each of the action taken
categories provided in final Sec. 1002.107(a)(9). For applications
that were denied, final comment 107(a)(10)-1 provides that a financial
institution reports either the date the application was denied or the
date the denial notice was sent to the applicant. For applications that
were withdrawn by the applicant, final comment 107(a)(10)-2 provides
that a financial institution reports either the date the express
withdrawal was received or the date shown on the notification form in
the case of a written withdrawal. For applications that were approved
but not accepted by the applicant, final
[[Page 35305]]
comment 107(a)(10)-3 provides that a financial institution reports any
reasonable date, such as the approval date, the deadline for accepting
the offer, or the date the file was closed. The comment notes, however,
that the financial institution should generally be consistent in its
approach.
The Bureau is finalizing comments 107(a)(10)-4 and -5 with minor
edits for clarity and consistency to facilitate compliance. Final
comment 107(a)(10)-4 provides that for applications that result in an
extension of credit, a financial institution generally reports the
closing or account opening date. However, if the disbursement of funds
takes place on a date later than the closing or account opening date,
the institution may, alternatively, use the date of initial
disbursement. The comment further provides that the financial
institution should generally be consistent in its approach. Final
comment 107(a)(10)-5 provides that for applications that are closed for
incompleteness, a financial institution reports either the action taken
date or the date the denial or incompleteness notice was sent to the
applicant.
The Bureau is not adopting in this final rule a requirement that
financial institutions report both the date the application was
approved and the date the funds were disbursed. Two of the commenters
who requested this change specifically focused on loan approval delays,
which seems to indicate the issue is with delays in the loan approval
process rather than the timing of the fund disbursements or credit
availability. The application date and action taken date together will
provide information about the length of time it takes for an
application to reach the credit decision. In addition, the Bureau
believes that the time between a loan's approval and the date of funds
availability is dependent on many factors, some of which may not be
within the control of the financial institution, as suggested by a
commenter. Accordingly, the Bureau is not adopting a requirement that
financial institutions report, in all cases, the date the funds were
disbursed or made available.
107(a)(11) Denial Reasons
Proposed Rule
ECOA section 704B(e)(2)(H) authorizes the Bureau to require
financial institutions to compile and maintain ``any additional data
that the Bureau determines would aid in fulfilling the purposes of
[section 1071].'' The Bureau proposed Sec. 1002.107(a)(11) to require
financial institutions to collect and report the principal reason or
reasons an application was denied.
Proposed Sec. 1002.107(a)(11) would have required reporting of the
principal reason or reasons the financial institution denied the
covered application. Proposed comment 107(a)(11)-1 would have explained
that a financial institution complies with proposed Sec.
1002.107(a)(11) by reporting the principal reason or reasons it denied
the application, indicating up to four reasons, and the financial
institution would report only the principal reason or reasons it denied
the application, even if there are fewer than four reasons. The
proposed comment provided an example to illustrate. The proposed
comment would have also stated that the reason(s) reported must
accurately describe the principal reason or reasons the financial
institution denied the application. Finally, the proposed comment
provided a list of denial reasons from which financial institutions
would select the principal reason or reasons for denying a covered
application.
Proposed comment 107(a)(11)-1 would also have explained that a
financial institution would have reported the denial reason as
``other'' where none of the enumerated denial reasons adequately
describe the principal reason or reasons it denied the application, and
the institution would report the denial reason or reasons as free-form
text. Proposed comment 107(a)(11)-2 would have clarified that a
financial institution complies with proposed Sec. 1002.107(a)(11) by
reporting that the requirement is not applicable if the action taken on
the application, pursuant to Sec. 1002.107(a)(9), is not a denial.
The Bureau sought comment on its proposed approach to the denial
reasons data point, including whether the denial reason categories
listed in proposed comment 107(a)(11)-1 sufficiently cover the common
credit denial reasons in the small business lending industry. The
Bureau also sought comment on the potential utility of denial reason
data as well as on the potential burdens to industry in reporting
denial reasons, in light of the proposed denial reason categories and
the data's ability to aid in fulfilling the purposes of section 1071.
Comments Received
The Bureau received comments on the denial reasons data point from
lenders, trade associations, and community groups. A number of these
commenters supported the Bureau's proposal to collect data on denial
reasons, stating that it would aid in fair lending analysis and further
the community development purpose of section 1071. A community group
said that an analysis of different types of lenders could determine
whether industry-wide practices could be creating unnecessary barriers,
and denial reason data could help to illuminate those practices. Some
commenters noted that denial reasons can help policymakers and the
public determine legitimate reasons that small businesses do not
qualify for certain forms of credit and will, in turn, enable
policymakers to work towards solutions. A trade association commented
that the data has the potential to help identify ways to improve
service in underserved communities and agreed this is an opportunity to
provide financial institutions with data to evaluate their business
underwriting criteria and address potential gaps as needed. Another
community group stated that this data point is one of the single most
important items the Bureau can collect in its aim to carry out section
1071 and illuminate the reasons behind disparate results in small
business lending. A bank commented that reporting of denial reasons
would help identify roadblocks to gaining access to credit.
Commenters generally agreed with the Bureau's approach to
collecting reasons for denial. Community groups supported the range of
the Bureau's proposed list of reasons for denial as well as the
Bureau's proposal for a financial institution to select up to four
reasons. A trade association commented that the proposed list of
reasons for denial adequately cover the potential reasons and noted
that the list largely aligns with the HMDA/Regulation C denial reasons.
This commenter also noted the importance of the option for financial
institutions to select ``other'' and report additional denial reason
information as free-form text.
Several community groups suggested that personal credit score must
be included as an option as it is often cited as the reason for denial.
They asserted that if low credit scores or other reasons for denial
correlate with a business owner's race or location, but do not
correlate with loan performance, then it would be important for lenders
to use alternative methods for assessing creditworthiness that do not
have a disparate impact on business owners of color or certain
communities. Another commenter suggested that the Bureau consider
clarifying the government criteria option, recommending that the option
should only be used if no other principal reason applies and should
come after other reasons to ensure that it does not mask those other
reasons. A trade association suggested that the
[[Page 35306]]
Bureau allow financial institutions the discretion to choose whether to
report the data; however, that commenter also indicated that if the
Bureau were to require the denial reasons data point then the proposed
denial reasons did represent a full picture of the typical reasons for
denial. Other commenters suggested the Bureau follow the flexible
approach of financial institutions providing denial reasons in ECOA
adverse action notices. Two banks asked the Bureau to compare the
reporting requirement against other reporting regimes, such as HMDA and
CRA, to avoid duplicative and inconsistent reporting.
Some industry commenters opposed the Bureau's proposal to collect
denial reasons. A few commenters stated that these data are not tracked
or maintained. A bank said stated they will need to build a new and
independent tracking system if the data are mandated. A joint trade
association letter noted that in indirect vehicle financing
transactions, dealerships are not often provided and do not have access
to reasons why a third-party financing source denied a credit
application. A bank questioned what the Bureau intends to do with the
data and stated that it is not necessary to meet the goals and
requirements of section 1071. The bank further asserted that it would
eventually result in additional regulatory requirements that continue
to push small and mid-size lenders from the small business lending
market. Another bank raised concerns about reporting denial reason
data, asserting that there are multiple factors involved in the
decisions and the use of raw data without any other means to evaluate
the individual decisions made could lead to allegations of
discrimination against banks based solely upon data that reflect
disparate impact based on ethnicity, race, or gender. Another commenter
expressed a similar concern that requiring denial reasons under certain
categories could lead to damaging misinterpretations. A trade
association urged the Bureau to drop the denial reasons data point from
the final rule, stating that the requirement is drafted in a rigid
manner that is unlikely to produce accurate or reliable data. That
commenter also stated that the Bureau and other regulatory agencies
already have access to these data because financial institutions are
already providing denial reasons under the ECOA adverse action notice
requirement. In addition, commenters further noted that the proposed
denial reason data point is incompatible with the Bureau's flexible
approach to providing adverse action reasons in ECOA adverse action
notices.
Final Rule
For the reasons set forth herein, the Bureau is finalizing Sec.
1002.107(a)(11) and associated commentary with minor revisions. The
final rule requires that financial institutions collect and report, for
denied applications, the principal reason or reasons the financial
institution denied the covered application. The Bureau believes data
regarding denial reasons will further the fair lending and business and
community development purposes of section 1071. Data on denial reasons
will allow data users to better understand the rationale behind denial
decisions, help identify potential fair lending concerns, and provide
financial institutions with data to evaluate their business
underwriting criteria and address potential gaps as needed. Robust data
on application denial reasons across applicants, financial
institutions, products, and communities should help target limited
resources and assistance to applicants and communities, thus furthering
section 1071's business and community development purpose. Furthermore,
data on denial reasons will help data users analyze potential denial
disparities, and could facilitate more efficient and less burdensome
fair lending examinations. Therefore, pursuant to ECOA section
704B(e)(2)(H), the Bureau determines that collecting data on denial
reasons would aid in fulfilling the purposes of section 1071.
Final comment 107(a)(11)-1 explains that a financial institution
reports the principal reason or reasons it denied the application,
indicating up to four reasons and makes clear that the financial
institution reports only the principal reason or reasons it denied the
application. Final comment 107(a)(11)-1 also provides a list of denial
reasons from which financial institutions select the principal reason
or reasons for denying a covered application. In addition, final
comment 107(a)(11)-1 explains that a financial institution reports the
denial reason as ``other'' when none of the enumerated denial reasons
adequately describes the principal reason or reasons it denied the
application, and reports the denial reason or reasons as free-form
text. The Bureau believes that including the option to select ``other''
will facilitate compliance and that collecting such information will
enable the Bureau to observe trends and key developments in the small
business lending market. In addition, the Bureau may use the
information to inform any future iterations of the list.
The Bureau is making a revision in comment 107(a)(11)-1.iii to
change ``use of loan proceeds'' to ``use of credit proceeds'' to
reflect commonly understood categories of small business lending like
term loans or lines of credit. The Bureau is also making a
clarification in comment 107(a)(11)-1.iii to broaden the scope of the
``use of credit proceeds'' denial reason. Final comment 107(a)(11)-
1.iii explains that a financial institution reports the denial reason
as ``use of credit proceeds'' if it denies an application because, as a
matter of policy or practice, it places limits on lending to certain
kinds of businesses, products, or activities it has identified as high
risk. The Bureau is removing the example provided in the proposed rule
because the Bureau does not believe an example is necessary and
financial institutions know what they consider to be high risk to them.
Moreover, financial institutions may have different policies on credit
activities or products they consider high risk such that a high risk
activity or product to one financial institution may not be considered
high risk to another.
The Bureau is also making a minor revision in comment 107(a)(11)-
1.v to clarify that a denial reason based on collateral refers to
collateral that was insufficient or otherwise unacceptable to the
financial institution. The Bureau also removed the example that
appeared in proposed comment 107(a)(11)-1.vi.
The Bureau is making a minor change in comment 107(a)(11)-1.vii to
clarify that a denial reason based on ``government criteria'' refers to
government loan program criteria. Government loan program criteria for
this purpose refers to those loan programs backed by government
agencies that have specific eligibility requirements. Accordingly,
final comment 107(a)(11)-1.vii lists ``government loan program
criteria'' as a denial reason option.
The Bureau does not share the concerns raised by commenters that
denial reason data may lead to unjustified conclusions that do not
necessarily meet the goals and purposes of section 1071. Rather, as
explained above, the Bureau believes data on denial reasons can help
identify potential lending concerns and help data users analyze
potential denial disparities. In fact, the Bureau believes that
including denial reasons in 1071 data should reduce the risk of
inaccurate accusations of fair lending violations, as it would allow
financial institutions to point to potentially legitimate reasons for
disparities.
[[Page 35307]]
With respect to the comments that denial reasons are not currently
tracked or maintained, the Bureau believes that most financial
institutions already have information on denial reasons, or at least
should be prepared to provide the information. The Bureau understands
from commenters that there may be creditors that are not subject to the
adverse action notice requirements under Regulation B and such
institutions may face greater challenges in implementing the denial
reason data reporting requirement than those institutions that are
already subject to Regulation B requirements.\619\ Nevertheless, the
Bureau believes that data on denial reasons will further the fair
lending and business and community development purposes of section 1071
by helping to identify potential fair lending concerns and providing
financial institutions with data to evaluate their lending criteria and
address potential gaps. Moreover, data on denial reasons not only help
identify potential fair lending concerns, but are critical to
understanding the rationale behind a financial institution's decision
to deny credit, which can provide small business applicants the
information they need to be able to access capital.
---------------------------------------------------------------------------
\619\ Existing Sec. 1002.9(a)(3) requires creditors to provide
the specific reasons for adverse action taken or to notify business
credit applicants of their right to request the reasons for denying
an application or taking other adverse action.
---------------------------------------------------------------------------
For transactions involving indirect vehicle financing where the
dealership may not have the reasons why a third-party financing source
denied a credit application, the Bureau believes that the entity that
makes the final credit decision will be able to provide or obtain the
reasons for denying a credit application. See section-by-section
analysis of Sec. 1002.109(a)(3) for a discussion of which institutions
have a reporting obligation in transactions involving multiple
financial institutions.
With respect to the suggestion from a commenter that the Bureau
should allow financial institutions to report denial reason data
voluntarily, the Bureau believes optional reporting is not the
appropriate approach, given the need for consistent and meaningful data
to further the purposes of section 1071.
Regarding the suggestion that the denial reason data point in the
final rule should mirror the HMDA reporting requirements or other
reporting regimes, the Bureau's approach to the final rule is to
largely mirror the Regulation C reporting requirements but with
modifications that better reflect the business or agricultural lending
(rather than mortgage lending) context. The Bureau believes that
aligning closely to a known regulatory scheme, such as Regulation C,
will facilitate compliance. Regarding the suggestion that the Bureau
provide more flexibility so that financial institutions can report the
reasons that were provided in an adverse action notice, the Bureau
believes, and as a commenter noted, the denial reasons proposed and
finalized in this rule are a comprehensive list and represent a full
picture of the common denial reasons for small business credit. In
addition, the Bureau believes the inclusion of ``other'' as a reason
for denial and the free-form text field, which will enable financial
institutions to report a denial reason that is not otherwise listed,
will provide flexibility, and will facilitate compliance.
107(a)(12) Pricing Information
Proposed Rule
ECOA section 704B(e)(2)(H) authorizes the Bureau to require
financial institutions to compile and maintain ``any additional data
that the Bureau determines would aid in fulfilling the purposes of
[section 1071].'' The Bureau proposed, in Sec. 1002.107(a)(12), to
require financial institutions to report certain pricing information
for covered credit transactions. Specifically, proposed Sec.
1002.107(a)(12)(i)(A) would have required financial institutions to
report the interest rate that is or would be applicable to the covered
credit transaction; proposed Sec. 1002.107(a)(12)(ii) would have
required financial institutions to report the total origination charges
for a covered credit transaction; proposed Sec. 1002.107(a)(12)(iii)
would have required financial institutions to report the broker fees
for a covered credit transaction; proposed Sec. 1002.107(a)(12)(iv)
would have required financial institutions to report the total amount
of all non-interest charges that are scheduled to be imposed over the
first annual period of the covered credit transaction; proposed Sec.
1002.107(a)(12)(v) would have required financial institutions to
report, for merchant cash advances or other sales-based financing
transactions, the difference between the amount advanced and the amount
to be repaid; and proposed Sec. 1002.107(a)(12)(vi) would have
required financial institutions to report information about any
prepayment penalties applicable to the covered credit transaction.
Proposed comment 107(a)(12)-1 would have clarified that, for
applications that the financial institution reports as denied,
withdrawn by the applicant, or incomplete, the financial institution
reports pricing information as ``not applicable.'' Proposed Sec.
1002.107(a)(12) would have applied only to credit transactions that
either have been originated or have been approved by the financial
institution but not accepted by the applicant.
Comments Received
The Bureau sought comment on proposed Sec. 1002.107(a)(12) and its
commentary, including on additional information that could help reduce
misinterpretations of disparities in pricing, such as more information
about the nature of the collateral securing the credit. The Bureau also
sought comment on ways to reduce burden on financial institutions with
respect to overlaps or conflicts between State law disclosure
requirements and the Bureau's proposal. Numerous commenters addressed
the proposed pricing data point in their feedback. The Bureau addresses
feedback on proposed Sec. 1002.107(a)(12) generally in this section;
feedback on specific aspects of proposed Sec. 1002.107(a)(12)(i)
through (vi) is addressed in the section-by-section analyses that
follow.
Many commenters expressed views on whether the Bureau should
require financial institutions to report any pricing data. Some
commenters, including community groups, trade associations, a lender,
and a technology service provider, supported the inclusion of pricing
information. These commenters stated pricing information will help data
users understand not simply whether credit is available to certain
borrowers, but the terms of such credit. Several community groups said
that pricing information would help with fair lending analysis, with
one community group stating that academic research and mystery shopping
tests suggested the presence of discrimination in the small business
lending market. Other community groups said that pricing information
would allow users to identify unmet business needs. A community group
commented that lenders were already collecting much of the proposed
pricing data for SBA and CDFI programs, while a trade association
supported the proposal but noted that CDFIs would need more time to
comply than larger financial institutions.
Industry commenters generally opposed including pricing information
in the final rule. These commenters made several arguments in support
of their position. First, they asserted that the final rule should
include only data points specifically enumerated in the
[[Page 35308]]
statute. One commenter suggested that because pricing was not expressly
enumerated in the statute, Congress therefore did not intend for the
data collected and reported pursuant to section 1071 to include pricing
information. Other commenters said that pricing data (along with other
data points adopted pursuant to ECOA section 704B(e)(2)(H)) would
increase the burden on financial institutions because, for example,
pricing information can change throughout the application and
underwriting process. And several industry commenters who generally
objected to the inclusion of any data points pursuant to section
704B(e)(2)(H) claimed that lenders lack systems that can calculate or
collect all the proposed pricing data.
Second, these commenters stated that commercial financing is less
standardized than consumer financing, such that pricing is influenced
by a wide variety of factors that they believed would not be adequately
reflected in the 1071 data. Factors cited included the credit score of
the applicant, the nature and value of collateral, the loan purpose and
type, the presence of bundled services, the applicant's cash flow, the
type of business, the size of any down payment, the strength of any
guarantee, and debt service coverage ratio. Commenters elaborated on
certain factors specific to certain financial institutions or
transaction types. For example, a few commenters stated that community
banks might make loans with higher interest rates than other lenders to
comply with safety and soundness requirements. Some agricultural
lenders and a trade association commented that farm credit borrowers
periodically receive patronage dividends from lenders, which
effectively lowers the cost of credit. And a group of trade
associations representing the insurance premium financing industry
stated that the pricing of insurance premium financing is determined
almost entirely by the value of the unearned premiums, negating the
benefit of pricing data for these transactions.
The absence of information about these other factors affecting the
price of credit, commenters argued, would cause data users to draw
inaccurate conclusions when analyzing pricing in the 1071 data. As a
result, commenters claimed, financial institutions would suffer
reputational harm from erroneous accusations of fair lending violations
or other harmful pricing practices. However, a community group
commented that advocates knew how to responsibly use pricing data and
typically approach regulators or industry before publicizing pricing
discrepancies. Industry commenters also argued that misleading data
would reduce financial institutions' willingness to consider
individualized factors in the lending process, restricting the
availability of credit to small business applicants.
Many industry commenters also opposed the disclosure of any pricing
information because of competition and privacy concerns. These
commenters claimed that disclosure would reveal confidential
information that would put financial institutions at a disadvantage.
For example, competitors could attract borrowers with loans that were
cheaper but inferior in other respects. These commenters also asserted
that disclosure of pricing information would harm the privacy interests
of applicants, especially in small communities where users could re-
identify borrowers.
Instead of including pricing information in the final rule, several
industry commenters suggested that analysis of pricing data was more
appropriate in the supervision and examination context. One trade
association asserted that requiring pricing data in the rule would be
redundant of, or usurp, the supervisory activities of the prudential
regulators because those agencies also collect and use pricing
information in their exams. Another group of trade associations said
the Bureau could use information it gathers in the course of exercising
its supervision authority to determine whether pricing data could
further fair lending purposes before requiring such data in the rule.
In contrast to industry commenters, who generally objected to
reporting any pricing information, community groups requested
additional pricing information. Specifically, numerous community groups
and a minority business advocacy group, as well as some lenders and a
technology service provider, asked the Bureau to require financial
institutions to report the annual percentage rate (APR) for a covered
credit transaction. These commenters stated that APR was the only
easily understandable, uniform, and comprehensive single pricing
measure for comparing diverse transactions. These commenters generally
did not argue that the proposed pricing data point lacked value, but
that APR would provide additional information that was superior in
certain respects. For example, a cross-sector group of lenders,
community groups, and small business advocates asserted that the
diversity of transactions in the small business lending market
increased the value of APR, because comparing loan pricing would be
difficult without a single measure. This group further stated that
unlike the proposed pricing data, which lacked a time period, APR
standardizes the cost of a transaction over a year.
A few commenters believed that APR would make the pricing data
easier for data users to understand. Some stated that although
sophisticated data users might be able to estimate APR from the
proposed data points, the 1071 data should allow anyone to gain
information about small business loan pricing. Also, the cross-sector
group's comment discussed above noted that many small business owners
are familiar with APR from their consumer financing transactions.
Regarding burden, several of these commenters asserted that
calculating APR was feasible in the small business lending market, with
many noting that APR is a formula amenable to calculation through an
automated process using generally available software. For non-
traditional transactions such as merchant cash advances, commenters
suggested estimating the term length from repayment data or from the
term, if any, that the financial institution calculated during the
underwriting process. Indeed, some of these commenters also believed
that the market was evolving toward the use of APR for commercial
finance transactions. They cited the New York and California commercial
financing disclosure laws, as well as private disclosure initiatives
that include the APR, such as the SMART Box and Small Business
Borrower's Bill of Rights.\620\ A CDFI lender predicted that financial
institutions would eventually use a single disclosure to comply with
all State disclosure laws, which would resolve any issues with
differing APR methodologies among the states. A bank commented that if
the Bureau required pricing information, it should adopt only APR
because reporting APR was simpler than reporting multiple pieces of
pricing information.
---------------------------------------------------------------------------
\620\ See Cal. S.B. 1235 (Sept. 30, 2018), https://leginfo.legislature.ca.gov/faces/billTextClient.xhtml?bill_id=201720180SB1235; N.Y. S.B. S5470B (July
23, 2020), https://legislation.nysenate.gov/pdf/bills/2019/S5470B;
Innovative Lending Platform Ass'n, The SMART Box Model Disclosure--
In Depth, https://innovativelending.org/smart-box-model-disclosure-depth/ (last visited Mar. 20, 2023); Responsible Bus. Lending Coal.,
Small Business Borrower's Bill of Rights (2021), https://www.borrowersbillofrights.org/bill-of-rights.html.
---------------------------------------------------------------------------
A few commenters suggested alternatives if the Bureau did not adopt
APR, including requiring APR for a subset of transactions for which
[[Page 35309]]
calculating APR was feasible or having the Bureau calculate and publish
APR data itself.
Although industry commenters largely did not address APR, a few
offered arguments against its inclusion in the final rule. A group of
trade associations questioned the existence of a trend toward the use
of APR in commercial financing, noting that only California and
Virginia had adopted commercial financing disclosure laws at the time
of the NPRM. This group also speculated that Congress believed APR may
be inappropriate for the small business lending market because it did
not extend TILA to commercial credit in the Dodd-Frank Act. Other
commenters discussed the burden of reporting APR. Several banks stated
that lenders would need to change their systems to calculate APR for
small business loans. A State bankers association asserted that the
terms of small business loans did not allow APR to be calculated. And a
CDFI lender stated that APR calculations are infeasible for loans made
under the SBA's 7(a) program.\621\ Such loans, the commenter explained,
have fees that may vary based on the type or purpose of the loan, which
makes the APR difficult to determine accurately.
---------------------------------------------------------------------------
\621\ See Cong. Rsch. Serv., Small Business Administration 7(a)
Loan Guaranty Program, https://fas.org/sgp/crs/misc/R41146.pdf
(updated June 30, 2022) (discussing the SBA's flagship 7(a) loan
guarantee program).
---------------------------------------------------------------------------
Finally, some commenters directed their feedback to the scope of
the proposed pricing data point. Some community groups asked the Bureau
to require pricing information for all counteroffers because, they
asserted, such information would illuminate situations where lenders
are prepared to extend credit on less desirable terms than those
requested by the applicant. An industry commenter recommended limiting
the pricing information to originated transactions because it believed
pricing information for approved applications held no fair lending
value. But some community groups commented that including approved
applications in reported pricing data would further fair lending
purposes, such as allowing data users to evaluate whether financial
institutions are offering high-priced loans to minority applicants that
the applicants do not accept. A trade association commented that the
pricing information should include only interest rate and origination
charges but offered no explanation for its position.
Final Rule
For the reasons set forth herein, the Bureau is finalizing Sec.
1002.107(a)(12) and associated commentary with certain adjustments.
Final Sec. 1002.107(a)(12)(i) through (vi) require reporting of the
following for covered credit transactions that are originated or
approved by the financial institution but not accepted by the
applicant: interest rate; total origination charges; broker fees; the
total amount of all non-interest charges that are scheduled to be
imposed over the first annual period; for a merchant cash advance or
other sales-based financing transaction, the difference between the
amount advanced and the amount to be repaid; and information about any
applicable prepayment penalties. The details of final Sec.
1002.107(a)(12)(i) through (vi) are discussed in turn in the section-
by-section analyses that follow; the discussion here focuses on the
Bureau's overall approach to the pricing data point.
The Bureau is finalizing comment 107(a)(12)-1 as proposed, which
clarifies that, for applications that the financial institution reports
as denied, withdrawn by the applicant, or incomplete, the financial
institution reports pricing information as ``not applicable.''
As discussed in the NPRM, the Bureau believes that pricing data
will further both the fair lending purpose and the business and
community development purpose of section 1071. The majority of small
businesses are run by a single owner without extensive financial
experience or expert staff to navigate the commercial credit
marketplace, which lacks many of the Federal protections found in
consumer lending.\622\ Heightened risks to fair lending and small
business development may arise from different pricing for the same
products and the selective marketing of higher-priced or even predatory
and unsustainable products. Because price-setting is integral to the
functioning of any market, any analysis of the small business lending
market--including to enforce fair lending laws or identify community
and business development opportunities--would be less meaningful
without this information.
---------------------------------------------------------------------------
\622\ For example, TILA's standardized disclosure requirements
for residential mortgage loans and limits on linking compensation to
mortgage loan terms, including pricing, do not apply to business
loans. See, e.g., 15 U.S.C. 1639b, Regulation Z Sec. 1026.36
(TILA's prohibition on basing mortgage loan originator compensation
on loan terms).
---------------------------------------------------------------------------
Research conducted for the Department of Commerce has found that
minority-owned businesses tend to pay higher interest rates on business
loans than those that are not minority-owned,\623\ and a report by the
Federal Reserve Bank of Atlanta found that minority-owned firms more
frequently applied for potentially higher-cost credit products, and
were also more likely to report challenges in obtaining credit, such as
being offered high interest rates.\624\ In addition, research conducted
for the SBA has found that Black- and Hispanic-owned businesses were
less likely to have business bank loans and more likely to use more
expensive credit card financing.\625\ The 2020 Small Business Credit
Survey by a collaboration of Federal Reserve Banks found that small
business applicants to nonbank lenders, such as online lenders and
finance companies, were more likely to report high interest rates or
unfavorable terms than applicants to depository institutions.\626\ To
the extent that the recovery from the lingering economic disruptions
following the COVID-19 pandemic is still ongoing when covered financial
institutions begin collecting data under this final rule, and in regard
to emergencies affecting small business access to credit that may occur
in the future, tracking pricing in this segment of the market is
particularly important.
---------------------------------------------------------------------------
\623\ Minority Bus. Dev. Agency, U.S. Dep't of Com., Disparities
in Capital Access between Minority and Non-Minority-Owned
Businesses: The Troubling Reality of Capital Limitations Faced by
MBEs, at 3, 5, 21, 36-37 (2010), https://archive.mbda.gov/page/executive-summary-disparities-capital-access-between-minority-and-non-minority-businesses.html.
\624\ Fed. Rsrv. Bank of Atlanta, Report on Minority Owned
Firms: Small Business Credit Survey (Dec. 2019), https://www.fedsmallbusiness.org/-/media/project/smallbizcredittenant/fedsmallbusinesssite/fedsmallbusiness/files/2019/20191211-ced-minority-owned-firms-report.pdf.
\625\ Alicia Robb, Financing Patterns and Credit Market
Experiences: A Comparison by Race and Ethnicity for U.S. Employer
Firms, at 47 (2018) (prepared for Off. of Advocacy, Small Bus.
Admin.), https://advocacy.sba.gov/2018/02/01/financing-patterns-and-credit-market-experiences-a-comparison-by-race-and-ethnicity-for-u-s-employer-firms/.
\626\ However, the survey noted that online lenders tended to
receive applications with lower credit scores so applicant risk
could play a role in higher interest rates for nonbank lenders. See
2020 Small Business Credit Survey at 15.
---------------------------------------------------------------------------
The Bureau believes pricing data are important because they offer
useful insight into underwriting disparities and are necessary for data
users to examine predatory pricing or pricing disparities. For example,
they might show that a particular market segment is expanding and
apparently filling an important need, but the new credit offered might
be predatory in nature. Pricing information will allow the Bureau and
others to understand the situation more accurately. Data collection
without pricing information
[[Page 35310]]
could have the unintended consequence of incentivizing irresponsible
lending, as providers seeking to increase representation of underserved
groups could be encouraged to adopt high-cost models of lending.
Without information on pricing, data users would be unable to
screen for fair lending pricing risks, and regulators would be less
able to focus their enforcement and supervision resources appropriately
on situations of greater possibility for questionable activities. In
addition, if potential discriminatory conduct is monitored effectively
in regard to credit approvals, but not in regard to pricing, industry
compliance systems may focus solely on approvals and denials and ignore
potential pricing disparities. Having pricing data available will also
increase transparency and help demonstrate to lenders where business
opportunities exist to offer sustainable credit to underserved markets.
In addition, it could demonstrate to small businesses the availability
of more affordable credit.
Pricing information that is separately enumerated as the interest
rate and general categories of fees will allow data users to more
precisely analyze the components of a credit transaction's price. For
example, data users will be able to identify potentially discriminatory
price disparities within upfront fees charged to borrowers at
origination that may not be visible in a single pricing metric.
Similarly, information about which components of a transaction's price
may be relatively more expensive should allow data users to better
identify business and community development initiatives because they
will be able to target their initiative at the particular component,
such as the interest rate, that may be most responsible for the
relatively high price of the transaction. The Bureau's decision not to
require reporting of APR, as requested by some commenters, is discussed
in more detail below.
The Bureau disagrees with commenters who suggested the pricing data
point lacks congressional authorization. ECOA section 704B(e)(2)(H)
authorizes the Bureau to require financial institutions to compile and
maintain ``any additional data that the Bureau determines would aid in
fulfilling the purposes of [section 1071].'' This provision reflects
Congress's understanding that certain information not explicitly
identified in section 1071 may advance the statutory purposes. As
described herein, the pricing data point satisfies this standard.
The Bureau understands that the small business lending market is
flexible and tailored to the situations of small business applicants
and borrowers. For this reason, pricing for small business credit is
affected by numerous factors, some of which are not reflected in the
1071 data. For example, the final rule does not require financial
institutions to report applicants' credit scores, which would provide
useful information for explaining pricing differences between
transactions. But the Bureau believes that commenters have understated
the amount of information the final rule includes about factors
relevant to pricing. For example, the final rule includes information
about the existence and nature of collateral; \627\ the credit purpose
and type; \628\ the applicant's industry,\629\ size,\630\ and history;
\631\ the type of guarantee; \632\ and the type of the lender.\633\
This information will provide important context for pricing data.
---------------------------------------------------------------------------
\627\ See final Sec. 1002.107(a)(5) (indicating whether credit
is secured or unsecured); final Sec. 1002.107(a)(6) (suggesting,
along with the credit type data point, whether a loan is secured by
a dwelling).
\628\ See final Sec. 1002.107(a)(5) (credit type); final Sec.
1002.107(a)(6) (credit purpose). The Bureau also notes that
insurance premium finance transactions are not covered by the final
rule (see final Sec. 1002.104(b)(3)). Thus, the unique challenges
of interpreting pricing information cited by commenters for those
transactions will not affect data users.
\629\ See final Sec. 1002.107(a)(15) (NAICS code).
\630\ The gross annual revenue and number of workers data points
are related to the applicant's size. See final Sec. 1002.107(a)(14)
and (16).
\631\ See final Sec. 1002.107(a)(17) (time in business).
\632\ See final Sec. 1002.107(a)(5)(ii) (guarantees).
\633\ See final Sec. 1002.109(b) (financial institution
identifying information).
---------------------------------------------------------------------------
More broadly, the 1071 data need not reflect every determinant of
credit pricing to provide value to users. The pricing data will further
fair lending enforcement by allowing regulators to better understand
fair lending risks and allocate their resources accordingly. As
explained in the NPRM, HMDA data have long served a similar function.
Some commenters questioned the analogy to HMDA data, citing greater
standardization in the mortgage market. But the same basic utility--
signaling fair lending risk--exists even if the nature of the signal
differs. Indeed, with respect to entities it supervises, the Bureau
similarly uses pricing data, when available in small business
examinations, to help identify fair lending risk.
Regarding suggestions that the Bureau consult supervisory and
examination data before adopting any pricing data requirements, the
Bureau has relied on its experience in these areas while developing the
final rule. The Bureau does not believe this rule is redundant of the
supervision and examination activities of any Federal agency. Moreover,
confidential supervisory information available only to Federal
regulators is no substitute for a publicly available dataset.
Furthermore, comments that focus narrowly on comparisons between
applicants ignore the business and community development purpose of
section 1071. Data users can examine pricing data at a more general
level to further this purpose. For example, government entities could
develop loan programs designed to increase the availability of credit
to certain small businesses whose existing financing options carry high
prices.
Regarding comments about the harmful consequences of potentially
misleading data, the Bureau anticipates noting when disclosing the 1071
data that the data alone generally do not offer proof of compliance
with fair lending laws.\634\ And the Bureau expects community groups to
use the data responsibly, with knowledge of these limitations, which
such groups say they have. The Bureau does not believe, as suggested by
commenters, that pricing data would reduce the availability of credit
to small business applicants. Instead, by helping to reduce fair
lending risk and identify business and community development
opportunities, the pricing data will help expand access to credit.
Privacy and confidentiality concerns about the pricing data are
discussed in part VIII.B.6.x below.
---------------------------------------------------------------------------
\634\ For example, the FFIEC cautions users of HMDA data that
``HMDA data are generally not used alone to determine whether a
lender is complying with fair lending laws.'' CFPB, Summary of 2021
Data on Mortgage Lending (2022), https://www.consumerfinance.gov/data-research/hmda/summary-of-2021-data-on-mortgage-lending/.
---------------------------------------------------------------------------
The Bureau understands that many financial institutions will incur
costs to collect and report pricing information. The Bureau has
attempted to reduce the difficulty of collecting and reporting these
data in several ways. For example, final Sec. 1002.107(a)(12) is
limited to approved applications and originated transactions. These are
transactions for which financial institutions generally would have to
determine the price to approve (or originate) the transaction. Other
transactions--i.e., those that are denied, withdrawn by the applicant,
or incomplete--are likely to have pricing information that is subject
to change or that has not yet been determined. In addition, final Sec.
1002.107(a)(12) generally takes a broad, functional approach to the
reportability of pricing information, rather than defining
reportability according to complex factors such as how a fee is
[[Page 35311]]
denominated or the nature of the collateral securing a transaction. The
Bureau believes this will simplify the collection and reporting
process. Despite any remaining burden for financial institutions, the
Bureau believes that pricing data are important for achieving both of
section 1071's purposes.
Further reducing the potential difficulty of reporting pricing
data, the Bureau has decided against requiring financial institutions
to report APR at this time. Calculating and reporting APR across the
diverse types of commercial transactions covered by the final rule may
require complex estimates to generate necessary variables for the APR
formula. Many merchant cash advances, for example, lack a disclosed
periodic payment amount. Thus, financial institutions would have to
estimate this term, if they do not do so now, to calculate an APR.
Although financial institutions may estimate some of the necessary
information during underwriting, they may not estimate it according to
the same formula, and may not maintain such information in a system
designed for data reporting. The Bureau understands that many financial
institutions will calculate APR to comply with State commercial
financing disclosure laws.\635\ But many financial institutions are not
currently subject to such State laws, or are subject to State laws that
do not require APR disclosure.\636\ As noted in the NPRM, the Bureau
will continue to monitor regulatory developments in the small business
lending market. The Bureau considered requiring reporting of APR only
for transactions where it is less complex to calculate, as some
commenters suggested. But a limited-transaction APR reporting
requirement would negate two important benefits that commenters cited
for APR: using it to compare diverse types of transactions and to apply
a single intuitive pricing measure for nontraditional types of
financing.
---------------------------------------------------------------------------
\635\ Cal. Dep't of Fin. Prot. & Innovation, Commercial
Financing Disclosures (2022), https://dfpi.ca.gov/wp-content/uploads/sites/337/2022/06/PRO-01-18-Commercial-Financing-Disclosure-Regulation-Final-Text.pdf; N.Y. Dep't of Fin. Servs., Proposed
Disclosure Requirements for Certain Providers of Commercial
Financing Transactions (2022), https://www.dfs.ny.gov/system/files/documents/2022/09/rp_23nycrr600_text_20220914.pdf.
\636\ Utah Dep't of Fin. Insts., Commercial Financing
Registration and Disclosure Act (2022), https://le.utah.gov/xcode/Title7/Chapter27/C7-27_2022050420220504.pdf.
---------------------------------------------------------------------------
The Bureau understands commenters' concerns over the accessibility
and comparability of rate and fees versus APR. Final Sec.
1002.107(a)(5)(iii) requires financial institutions to report loan
term; the Bureau has added to final comment 107(a)(6)-8 a requirement
that financial institutions report, for merchant cash advances and
other sales-based financing, the loan term, if any, that the financial
institution estimated, specified, or disclosed in processing or
underwriting the application or transaction. This information will
provide important context for data users comparing the pricing of
different transactions and help address the criticism over the lack of
a time period for pricing data. Regarding accessibility, the Bureau
believes the pricing data will be generally understandable by data
users. Most of the pricing data are similar to information found on
existing consumer and commercial credit disclosures, including the
State commercial financing disclosures cited by commenters.
Additionally, the Bureau anticipates that government agencies,
researchers, press organizations, community groups, and others will
publish research and reports using the small business lending data,
just as they do now with HMDA data. These publications may render
pricing information in a form more accessible to other users.
Finally, the Bureau is not adopting modifications to the scope of
the pricing data point. As discussed above, limiting the pricing data
to approved and originated transactions reduces the difficulty of
reporting while providing important information about the pricing
decisions of financial institutions. The Bureau does not believe, as
suggested by a commenter, that approved but not accepted applications
lack value for fair lending analysis. Rather, these applications are
similarly valuable because they also reflect transactions for which the
lender has made a credit decision and set the pricing for the
transaction. Lastly, limiting final Sec. 1002.107(a)(12) to interest
rate and origination charges would deprive data users of the benefits
of other pricing information. The importance of each aspect of the
pricing data point is discussed in the section-by-section analyses that
follow.
107(a)(12)(i) Interest Rate
Proposed Rule
Proposed Sec. 1002.107(a)(12)(i)(A) would have required financial
institutions to report the interest rate that is or would be applicable
to the covered credit transaction. If the interest rate is adjustable,
proposed Sec. 1002.107(a)(12)(i)(B) would have required the submission
of the margin, index value, and index name that is or would be
applicable to the covered credit transaction at origination.\637\
---------------------------------------------------------------------------
\637\ It should be noted that not all covered credit
transactions include an interest rate. Final Sec.
1002.107(a)(12)(v) applies to certain covered credit transactions
that do not include an interest rate. The discussion of final Sec.
1002.107(a)(12)(iv) below also addresses other covered credit
transactions that may not include an interest rate.
---------------------------------------------------------------------------
Proposed comment 107(a)(12)(i)-1 would have clarified that if a
covered credit transaction includes an initial period with an
introductory interest rate, after which the interest rate adjusts, a
financial institution complies by reporting information about the
interest rate applicable after the introductory period. Proposed
comment 107(a)(12)(i)-2 would have explained that a financial
institution reports the interest rate applicable to the amount of
credit approved or originated reported in proposed Sec. 1002.107(a)(8)
if a covered credit transaction includes multiple interest rates
applicable to different credit features. Lastly, proposed comment
107(a)(12)(i)-3 listed a number of indices to report and directed that
if the index used does not appear on the list of indices provided, the
financial institution reports ``other'' and provides the name of the
index via free-form text field.
Proposed Sec. 1002.107(a)(12)(i)(B) would have provided that, for
adjustable interest rates based upon an index, a financial institution
must report the margin, index value, and index name that is or would be
applicable to the covered credit transaction at origination. Proposed
comment 107(a)(12)(i)-4 would have clarified that a financial
institution complies with proposed Sec. 1002.107(a)(12)(i)(B) by
reporting the index value at the time the application is approved by
the financial institution. The Bureau sought comment on whether the
index value should be reported based on a different time period or
whether the index value should be reported at the time of approval.
The Bureau sought comment on proposed Sec. 1002.107(a)(12)(i) and
its commentary, including whether a different measure of pricing would
provide more accurate data, whether additional information about
pricing (for example, amortization type or adjustment frequency) would
provide beneficial data to help ascertain fair lending risk and further
the business and community development purpose of section 1071, and
whether there are additional indices that should be included in the
list from which financial institutions choose to report the applicable
index on adjustable rate transactions. Lastly, the Bureau sought
[[Page 35312]]
comment on whether there may be covered credit transactions where the
interest rate may change after origination based on factors such as if
the borrower maintains an account at the financial institution or if
some other condition is met, and if so, whether additional commentary
would be helpful to provide more guidance on which rate to report in
that circumstance.\638\
---------------------------------------------------------------------------
\638\ The Bureau did not receive any comments on this
solicitation.
---------------------------------------------------------------------------
Comments Received
The Bureau received comments specifically regarding the collection
of interest rate from banks and trade associations, among others. While
some commenters supported the Bureau's proposal, several industry
commenters had questions regarding how the provision would work. The
community group stated that interest rate information is beneficial as
long as data users have access to both the initial interest rate and
the interest rate after a potential initial rate reset. An industry
commenter agreed that interest rate information would be helpful in
conducting fair lending analyses. In contrast, a bank commenter
asserted that interest rate information is of limited value.
Regarding the details of the Bureau's proposal to collect interest
rate, a bank commenter noted that commercial loans may have more than
one interest rate. With respect to indices for variable rate
transactions and the Bureau's solicitation of comment on whether the
index value should be reported based on a different time period or if
at approval is the most appropriate time to measure, a group of trade
associations asserted in their comment that the index value is often
not related to the timing of approval or origination, and will not
provide useful data, while a bank commented that it would be less
burdensome to report the index value used to establish the interest
rate rather than the value at the time of approval. A State bankers
association asserted that the index value at approval may not have any
connection to the price of the loan, providing the example of
agricultural lending where the rate and terms are set after the
financial institution approves the loan. Two industry commenters noted
that the index value could change between approval and origination.
Another bank requested that Constant Maturity Treasury (CMT) rate be
included in the list of indices. Two trade associations inquired as to
how to report an internal index used to set the rate on a variable rate
transaction, while a bank commenter stated that use of internal indices
that are unique to a financial institution would make interest rate
data difficult to interpret.
A bank requested clarification of the term ``introductory period.''
Another bank asserted that for a variable interest rate transaction
with a five-year introductory period, the interest rate data reported
at approval will be outdated and inaccurate when the period ends.
Finally, a trade association inquired as to how a financial institution
would report an interest rate that is unknown at origination, such as a
line of credit whose interest rate changes based on the amount
advanced.
Final Rule
For the reasons set forth herein, the Bureau is finalizing Sec.
1002.107(a)(12)(i) with one addition, as well as with other adjustments
and additions to the commentary to address comments received regarding
introductory interest rate periods and adjustable interest rates. Final
Sec. 1002.107(a)(12)(i) requires financial institutions to report the
interest rate that is or would be applicable to the covered credit
transaction. If the interest rate is adjustable, final Sec.
1002.107(a)(12)(i)(B) requires the submission of the margin, index
value, introductory rate period expressed in months (if applicable),
and the index name that is or would be applicable to the covered credit
transaction. As with all aspects of pricing within Sec.
1002.107(a)(12), this requirement applies to credit transactions that
either have been originated or have been approved by the financial
institution but not accepted by the applicant.
The Bureau believes that collection of the interest rate on the
covered credit transaction furthers both the fair lending purpose and
the business and community development purpose of section 1071 by
allowing regulators, small business advocates, and industry to conduct
fair lending reviews and monitor the market for emerging high-cost
products. In addition, the availability of this pricing metric will
provide pricing transparency and will encourage the development of
successful lending models because policymakers, community
organizations, investors, banks seeking partnerships, and others will
have better visibility into which business models are successful at
providing sustainable credit to minority-owned, women-owned, and other
underserved small businesses.
Furthermore, research has found that minority-owned businesses tend
to obtain, or be offered, higher interest rates on business credit than
non-minority-owned businesses.\639\ The collection of interest rate
(along with fees) will allow the Bureau, other government agencies, and
other data users to have insight into the existing market, monitor the
market for potentially troubling trends, and conduct fair lending
analyses that adequately take into account this important metric.
---------------------------------------------------------------------------
\639\ U.S. Dep't of Com., Minority Business Development Agency,
Disparities in Capital Access between Minority and Non-Minority-
Owned Businesses: The Troubling Reality of Capital Limitations Faced
by MBEs, at 3, 5, 21, 36-37 (2010), https://archive.mbda.gov/page/executive-summary-disparities-capital-access-between-minority-and-non-minority-businesses.html.
---------------------------------------------------------------------------
In general, interest rate information should be in or readily
determinable from the credit file, and thus available for reporting. To
the extent that it is not, the Bureau notes that certain State-level
commercial lending disclosures, notably those of California and New
York, require the disclosure of APR.\640\ Because the interest rate
must be known to calculate APR, the Bureau believes that final Sec.
1002.107(a)(12)(i) imposes little burden on financial institutions that
already include the interest rate on such disclosures required by State
law, as well as on the contract between the financial institution and
the applicant.
---------------------------------------------------------------------------
\640\ See N.Y. S.898, section 803(c) (signed Jan. 6, 2021)
(amending S.5470-B), https://legislation.nysenate.gov/pdf/bills/2021/s898; Cal. S.B. 1235 (Sept. 30, 2018), https://leginfo.legislature.ca.gov/faces/billTextClient.xhtml?bill_id=201720180SB1235.
---------------------------------------------------------------------------
As noted above, final Sec. 1002.107(a)(12)(i) remains largely the
same as proposed Sec. 1002.107(a)(12)(i). However, the Bureau has
added to final Sec. 1002.107(a)(12)(i)(B) a requirement that financial
institutions report the initial rate period expressed in months (if
applicable) (along with the margin, index value, and the index name
that is or would be applicable to the covered credit transaction, as
proposed). The Bureau agrees with commenters that for transactions with
a variable interest rate where there is an initial rate and the
interest rate resets after a certain period, at the time the financial
institution approves the transaction and sets the interest rate, the
financial institution will not know the future value of the index used
to create the interest rate. By collecting the number of months of the
initial period (if any), the rule will allow data users to determine
the accurate interest rate applicable to the transaction because they
will have the name of the index and the timing of the index value. For
example, as written in final comment 107(a)(12)(i)-2, if a
[[Page 35313]]
financial institution originates a covered credit transaction with a
fixed initial interest rate of 0 percent for six months following
origination, after which the interest rate will adjust according to a
Prime index rate plus a 3 percent margin, the financial institution
reports the 3 percent margin, the number ``6'' for the length of the
initial rate period, Prime as the name of the index used to adjust the
interest rate, and ``not applicable'' for the index value.
New comment 107(a)(12)(i)-1 clarifies that a financial institution
complies with Sec. 1002.107(a)(12)(i) by reporting the interest rate
applicable to the amount of credit approved or originated as reported
pursuant to final Sec. 1002.107(a)(8). The Bureau is adopting this
comment to address the issue raised by a commenter as to how a
financial institution would report an interest rate that is unknown at
origination or where the rate changes based on the amount advanced,
such as with some lines of credit.
The Bureau is adopting comment 107(a)(12)(i)-2 (renumbered from
107(a)(12)(i)-1 in the proposal) with several alterations. Final
comment 107(a)(12)(i)-2 clarifies that if a covered credit transaction
includes an initial period with an introductory interest rate of 12
months or less, after which the interest rate adjusts upwards or shifts
from a fixed to a variable rate, a financial institution complies with
the provision by reporting information about the interest rate
applicable after the introductory period. If a covered transaction
includes an initial rate period of more than 12 months after which the
interest rate resets, a financial institution complies with the
provision by reporting information about the interest rate applicable
prior to the reset period. Final comment 107(a)(12)(i)-2 also provides
two examples to illustrate these scenarios. The Bureau's revisions to
this comment address a commenter's request to clarify the term
``introductory period'' (which the Bureau has done by clarifying that
an introductory period includes an initial period of 12 months or less
after which the interest rate adjusts upward or shifts from a fixed to
a variable rate), as well as another commenter's concern that in a
transaction with a five-year introductory period, the interest rate
reported at approval will be outdated and inaccurate when the period
ends.
Final comment 107(a)(12)(i)-3 (renumbered from proposed comment
107(a)(12)(i)-2 with one non-substantive adjustment) clarifies that if
a covered credit transaction includes multiple interest rates
applicable to different credit features, a financial institution
complies with Sec. 1002.107(a)(12)(i) by reporting the interest rate
applicable to the amount of credit approved or originated reported
pursuant to final Sec. 1002.107(a)(8). The comment also provides an
example.
Final comment 107(a)(12)(i)-4 (renumbered from proposed comment
107(a)(12)(i)-3) includes a list of indices for reporting the
appropriate index for variable rate transactions, and also specifies
that a financial institution reports ``other'' and reports the index
name in free-form text if the applicable index is not listed. The
Bureau has added CMT to the list of indices in the comment, as
requested by a commenter. In response to requests from a number of
commenters for clarification as to how a financial institution should
report internal indices, the Bureau has also added ``Internal Index''
to the list of indices in the comment. The Bureau believes that
allowing financial institutions to choose ``other'' when an index used
does not appear on the provided list will facilitate compliance. In
addition, collecting this information on ``other'' indices will assist
the Bureau in monitoring trends in this area and key developments in
the small business lending market, which the Bureau could use to inform
any future iterations of the list.
Final comment 107(a)(12)(i)-5 (renumbered from proposed comment
107(a)(12)(i)-4) clarifies that a financial institution complies with
Sec. 1002.107(a)(12)(i) by reporting the index value used to set the
rate that is or would be applicable to the covered transaction.
Proposed comment 107(a)(12)(i)-4 would have required financial
institutions to report, for covered transactions with an adjustable
interest rate, the index value applicable at the time the application
was approved by the financial institution. Some commenters stated that
the index value at the time of approval may have no relationship to the
index value used to set the interest rate and that it would be less
burdensome to report the index value used to establish the interest
rate rather than the value at the time of approval. To address these
concerns, the Bureau has adjusted final comment 107(a)(12)(i)-5 to
require reporting of the index value used to set the rate that is or
would be applicable to the covered transaction. In most cases, this
will be the index value at the time of approval, because the financial
institution will set the pricing when the credit decision is made, but
in cases where there might be a difference, this comment as revised
will ensure that financial institutions are reporting the index value
actually used to establish the interest rate, rather than the value
that otherwise exists at the time of approval.
107(a)(12)(ii) Total Origination Charges
Proposed Rule
Proposed Sec. 1002.107(a)(12)(ii) would have required financial
institutions to report the total origination charges for a covered
credit transaction. Total origination charges are the total amount of
all charges payable directly or indirectly by the applicant and imposed
directly or indirectly by the financial institution at or before
origination as an incident to or a condition of the extension of
credit, expressed in dollars.
Proposed comment 107(a)(12)(ii)-1 would have clarified that charges
imposed uniformly in cash and credit transactions are not reportable.
Proposed comment 107(a)(12)(ii)-2 would have provided guidance on
reporting charges imposed by third parties. Proposed comment
107(a)(12)(ii)-3 would have clarified that broker fees are included in
the total origination charges.\641\ Proposed comment 107(a)(12)(ii)-4
would have provided guidance on reporting charges for other products or
services paid at or before origination. And proposed comment
107(a)(12)(ii)-5 would have listed examples of reportable charges.
---------------------------------------------------------------------------
\641\ For more information on broker fees, see the section-by-
section analysis of Sec. 1002.107(a)(12)(iii) below.
---------------------------------------------------------------------------
The Bureau sought comment on proposed Sec. 1002.107(a)(12)(ii) and
its commentary, including whether concepts and guidance adapted from
Regulation Z, such as proposed comment 107(a)(12)(ii)-1 on comparable
cash transactions, were applicable in the small business lending
context such that they should be incorporated as drafted. The Bureau
also sought comment on whether to enumerate certain types of charges
separately in the 1071 data, and whether to include or exclude certain
types of charges in the total origination charges.
Comments Received
The Bureau received comments specifically regarding total
origination charges from several banks and trade associations, along
with a community group and a joint letter from a cross-sector group of
lenders, community groups, and small business advocates.
A few industry commenters questioned the utility of information
about total origination charges. For example, several commenters
asserted that proposed Sec. 1002.107(a)(12)(ii) would not provide
useful data because the amount of origination charges may vary based on
factors not captured by
[[Page 35314]]
the 1071 data, such as geographical differences in appraisal fees. A
group of trade associations stated that including broker fees while
itemizing them separately in another data field would inflate the
amount of origination charges. And a bank preferred to report only
origination points but believed that such data would provide only
limited value. This commenter did not define origination points but the
Bureau understands the term to refer to one way that financial
institutions denote fees paid to the lender for originating the loan.
However, the cross-sector group commented that total origination
charges would be especially helpful for data users examining the cost
of merchant cash advances because these transactions include upfront
fees not otherwise captured in the pricing data.
A few commenters asserted that reporting total origination charges
would be burdensome. For example, several industry commenters stated
that calculating the finance charge under Regulation Z, which defines
certain charges similar to the proposed total origination charges data
field, is complex and not performed for commercial credit transactions.
And a trade association suggested that the proposed treatment of
certain charges, such as a borrower's premium for property insurance,
was unclear.
Several commenters addressed specific aspects of total origination
charges. For example, a community group stated that charges imposed
uniformly in cash and credit transactions should be reportable because,
they asserted, such charges are rare and the existence of such an
exclusion may encourage fee shifting. Conversely, a trade association
stated that any charge imposed uniformly on all applicants should be
excluded because such a charge could not be the source of a pricing
disparity. Several industry commenters stated that third-party charges
should be excluded because the imposition of such fees is often outside
a financial institution's control, while a group of trade associations
found the treatment of such charges confusing. Finally, another trade
association stated that aligning the definition of total origination
charges to Regulation C's definition of origination charges used to
report data under HMDA \642\ would provide helpful clarity because the
Regulation C definition is understood to include only charges retained
by the financial institution.
---------------------------------------------------------------------------
\642\ 12 CFR 1003.4(a)(18).
---------------------------------------------------------------------------
Final Rule
For the reasons set forth herein, the Bureau is finalizing Sec.
1002.107(a)(12)(ii) with additional clarifying commentary. Final Sec.
1002.107(a)(12)(ii) requires financial institutions to report the total
amount of all charges payable directly or indirectly by the applicant
and imposed directly or indirectly by the financial institution at or
before origination as an incident to or a condition of the extension of
credit, expressed in dollars. As with all aspects of pricing within
Sec. 1002.107(a)(12), this requirement applies to credit transactions
that either have been originated or have been approved by the financial
institution but not accepted by the applicant.
The Bureau is finalizing comments 107(a)(12)(ii)-1 through -5 as
proposed. In addition, the Bureau is adopting final comment
107(a)(12)(ii)-6, which clarifies the reporting of a net lender credit
provided by a financial institution to an applicant at origination.
As discussed in the NPRM, total origination charges provide
information about an important component of pricing for small business
credit: the upfront cost of originating and extending credit. This
relatively specific information enables insight into credit pricing
that would be obscured by more general information, such as the trade-
offs between the interest rate and the upfront charges. Indeed, new
comment 107(a)(12)(ii)-6 enhances users' ability to examine the
relationship between components of credit pricing by clarifying how to
report net lender credits provided to the applicant. For example,
without information about net lender credits, transactions where a
borrower accepted a lender credit at origination in exchange for a
higher interest rate would appear to have inflated prices. Moreover, by
generally covering all upfront fees and credits regardless of how they
are structured and denominated, final Sec. 1002.107(a)(12)(ii) limits
financial institutions' opportunity to shift fees to excluded charges
by giving similar fees different names. Thus, final Sec.
1002.107(a)(12)(ii) will enable users to better understand pricing
disparities and identify potential business and community development
opportunities.
The Bureau disagrees with commenters who claimed that information
about total origination charges would not have value. Although such
charges are affected by factors not included in the 1071 data, final
Sec. 1002.107(a)(12)(ii) will still provide insight into pricing in
the small business lending market. General information about upfront
charges will enable users to better understand fair lending
disparities, even if they cannot conclusively determine the existence
of unlawful disparities from the data alone. And users need not attempt
to make precise comparisons among individual applicants to identify
business and community development needs and opportunities. Regarding
broker fees, the Bureau believes that such charges are an important
component of the upfront cost of credit and notes that Regulation Z
also includes them in the finance charge.\643\ Also, broker fees are
separately itemized in final Sec. 1002.107(a)(12)(iii) so that users
who are concerned about the impact of including broker fees can deduct
them from the total origination charges.
---------------------------------------------------------------------------
\643\ Compare final comment 107(a)(12)(ii)-3, with Regulation Z
Sec. 1026.4(a)(3).
---------------------------------------------------------------------------
Regarding commenters' concerns about burden, the Bureau understands
that some financial institutions find calculation of the finance charge
in Regulation Z Sec. 1026.4--which is similar to final Sec.
1002.107(a)(12)(ii)'s description of total origination charges--to be
complex. But final Sec. 1002.107(a)(12)(ii) is simpler in several
important respects. First, final Sec. 1002.107(a)(12)(ii) excludes all
credit costs occurring after origination of a covered credit
transaction, such as interest and time-price differential. And final
Sec. 1002.107(a)(12)(ii) adopts a more inclusive approach to upfront
charges than Regulation Z's finance charge, which has numerous
provisions addressing specific fees.\644\ This simplified approach
should make the total origination charges less burdensome to calculate
than the finance charge. Regarding a commenter's question about the
treatment of a borrower's premium for property insurance, this charge
is handled using the general approach to charges for other products or
services described in comment 107(a)(12)(ii)-4: such charges are
included in the total origination charges only if the financial
institution requires the purchase of such other product or service as a
condition of or an incident to the extension of credit.
---------------------------------------------------------------------------
\644\ For example, the finance charge excludes application fees
charged to all applicants for credit, and numerous fees in
transactions secured by real property. See Regulation Z Sec.
1026.4(c)(1) (application fees) and (7) (real estate-related fees).
---------------------------------------------------------------------------
The Bureau is not making certain specific changes to the total
origination charges data field suggested by commenters. First, final
Sec. 1002.107(a)(12)(ii) maintains the
[[Page 35315]]
exclusion for charges imposed uniformly in cash and credit
transactions, similar to the exclusion in Regulation Z's finance
charge, because the Bureau believes that pricing data better serves
section 1071's statutory purposes when it focuses on the cost of credit
that the lender is imposing rather than capturing all costs that may be
associated with a particular transaction (whether financed or not).
Furthermore, the Bureau is not excluding charges simply because a
financial institution imposes them uniformly on all applicants for
credit. Even if such charges--given their uniformity--were to hold no
value for fair lending analysis, they would still be part of the
upfront cost of credit that data users may wish to examine in
identifying business and community development needs and opportunities.
Final Sec. 1002.107(a)(12)(ii) also adopts the proposal's treatment of
third-party charges, with such charges being reportable only if a
financial institution either requires the use of a third party as a
condition of or an incident to the extension of credit, even if the
applicant can choose the third party; or retains a portion of the
third-party charge, to the extent of the portion retained.\645\ This
approach focuses final Sec. 1002.107(a)(12)(ii) on those upfront
third-party charges that are effectively set by the lender as a cost of
credit. The Bureau believes this approach is consistent with that
requested by commenters who did not want third-party charges to be
reportable if they were outside of a financial institution's control.
Regulation Z's finance charge definition uses a similar standard for
third-party charges, and the Bureau is not aware of significant
confusion over its applicability. Finally, Regulation C's definition of
total origination charges, which is taken directly from the amount
disclosed to borrowers of closed-end consumer credit transactions
secured by real property,\646\ is limited in ways that the Bureau
believes would reduce the value of final Sec. 1002.107(a)(12)(ii) in
the small business lending context. For example, new comment
107(a)(12)(ii)-6 clarifies that financial institutions may report a
negative amount to reflect a net credit provided by the lender, but
such credits could not be included in Regulation C's total origination
charges data point.
---------------------------------------------------------------------------
\645\ See final comment 107(a)(12)(ii)-2.
\646\ Regulation Z Sec. 1026.38(f)(1).
---------------------------------------------------------------------------
107(a)(12)(iii) Broker Fees
Proposed Rule
Proposed Sec. 1002.107(a)(12)(iii) would have required financial
institutions to report the broker fees for a covered credit
transaction. Broker fees are the total amount of all charges included
in the total reportable origination charges that are fees paid by the
applicant directly to a broker or to the financial institution for
delivery to a broker, expressed in dollars. Proposed comment
107(a)(12)(iii)-1 would have provided an example of reporting different
types of broker fees. Proposed comment 107(a)(12)(iii)-2 would have
clarified that financial institutions would use a ``best information
readily available'' standard regarding fees paid directly to a broker
by an applicant.
The Bureau sought comment on proposed Sec. 1002.107(a)(12)(iii)
and its commentary, including on the knowledge that financial
institutions might have about direct broker fees and the challenges of
reporting such information.
Comments Received
The Bureau received comments specifically regarding broker fees
from several lenders, trade associations, and community groups. A
community group stated that information about broker fees would help
data users monitor for abusive practices. Conversely, a group of trade
associations asserted that the Bureau had not established that broker
fees were inflating the cost of credit in the small business lending
market. This commenter also speculated that Congress was unconcerned
with broker fees in this market because it had not extended certain
TILA protections to commercial transactions or explicitly identified
broker fees in section 1071.
Several commenters addressed the reporting of broker fees paid
directly to the broker. A trade association commented that the amount
of such fees may be difficult for a financial institution to obtain,
while a bank said that documenting efforts to verify direct broker fees
would be burdensome. A community group said that the Bureau's proposed
``best information readily available'' standard was reasonable, while a
joint letter from community groups and business advocacy groups asked
the Bureau to separately itemize indirect broker fees in order to
provide more information about charges that are imposed by the lender.
Final Rule
For the reasons set forth herein, the Bureau is finalizing Sec.
1002.107(a)(12)(iii) and associated commentary as proposed. As with all
aspects of pricing within Sec. 1002.107(a)(12), this requirement to
report broker fees applies to credit transactions that either have been
originated or have been approved by the financial institution but not
accepted by the applicant.
As discussed in the NPRM, loan brokers play an important role in
the small business lending market. The market has shifted to include
more nonbank and nontraditional lenders offering different types of
financial products, which creates opportunities for intermediaries,
such as brokers, who might assist applicants in navigating among
potential lenders or products.\647\ These intermediaries offer benefits
to applicants but also create risks for those applicants arising from
misaligned incentives.\648\ Indeed, the small business lending market
lacks certain substantive protections against misconduct that are found
in the consumer credit market, such as the prohibition on basing
certain loan originator compensation on the terms of a
transaction.\649\
---------------------------------------------------------------------------
\647\ See, e.g., 2022 Small Business Credit Survey (reporting
that 40 percent of respondents applied for credit at either an
online lender or a finance company in 2021).
\648\ See Fin. Stability Oversight Council, 2016 Annual Report,
at 126 (2016), https://home.treasury.gov/system/files/261/FSOC-2016-Annual-Report.pdf (discussing intermediaries in alternative lending
arrangements and explaining that ``[i]n other markets, business
models in which intermediaries receive fees for arranging new loans
but do not retain an interest in the loans they originate have, at
times, led to incentives for intermediaries to evaluate and monitor
loans less rigorously''). Because of the potential risks involved in
multi-party business arrangements, the FFIEC's Interagency Fair
Lending Examination Procedures emphasize the importance of
understanding the role that brokers play in a financial
institution's lending process. Fed. Fin. Insts. Examination Council,
Interagency Fair Lending Examination Procedures, at 3 (2009),
https://www.ffiec.gov/PDF/fairlend.pdf (instructing examiners to
consider an institution's organization of its credit decision-making
process, including identification of the delegation of separate
lending authorities and the extent to which discretion in pricing or
setting credit terms and conditions is delegated to various levels
of managers, employees, or independent brokers or dealers and an
institution's loan officer or broker compensation program).
\649\ Regulation Z Sec. 1026.36 (implementing TILA's
prohibition on basing residential mortgage loan originator
compensation on loan terms).
---------------------------------------------------------------------------
Information about broker fees will help data users better
understand the small business lending market in general and the impact
broker fees have on credit pricing in particular. Although broker fees
are included in final Sec. 1002.107(a)(12)(iii)'s definition of total
origination charges, separately enumerating the total broker fees will
allow data users to better understand the role that brokers play in the
price of
[[Page 35316]]
small business credit. For example, data users will be able to analyze
whether broker fees specifically appear to be creating fair lending
risk or higher-priced transactions for certain communities. Empowering
data users to engage in this level of analysis will aid in fulfilling
both the fair lending enforcement and business and community
development purposes of the statute.
The Bureau acknowledges the lack of data regarding the extent to
which broker fees may or may not be inflating the cost of credit. This
insufficiency, however, is exactly what 1071 data are intended to help
address. Moreover, final Sec. 1002.107(a)(12)(iii) is valuable to data
users even in the absence of any problematic pricing practices
regarding brokers because it will help shed light on an important
aspect of commercial financing arrangements. The final rule includes
numerous data points, including much of the pricing data point, that do
not capture information that about intrinsically or especially abusive
conduct, but that will help data users identify fair lending concerns
and identify business and community development needs and
opportunities. Regarding Congress's intent, the Bureau notes that
section 1071 expressly authorizes the Bureau to require financial
institutions to compile and maintain ``any additional data that the
Bureau determines would aid in fulfilling the purposes of [section
1071].'' \650\ As discussed herein, final Sec. 1002.107(a)(12)(iii)
satisfies this requirement.
---------------------------------------------------------------------------
\650\ ECOA section 704B(e)(2)(H).
---------------------------------------------------------------------------
The Bureau understands that financial institutions often may not
have complete access to information regarding the amount of broker fees
that an applicant pays directly to a broker. Thus, final comment
107(a)(12)(iii)-2 clarifies that a financial institution may rely on
the best information readily available to the financial institution at
the time final action is taken. Information readily available can
include, for example, information provided by an applicant or broker
that the financial institution reasonably believes regarding the amount
of fees paid by the applicant directly to the broker. The Bureau
believes commenters may be overestimating the burden associated with
this standard, which contemplates only consulting information
``readily'' available rather than performing a searching inquiry into
the amount of direct broker fees. As noted in the NPRM, the same
standard is used for reporting certain HMDA data under Regulation C,
and it does not appear to be unduly burdensome in that context.\651\
Additionally, many nonbank financial institutions will need to
determine the amount of broker fees in certain circumstances to comply
with State commercial financing disclosure laws.\652\
---------------------------------------------------------------------------
\651\ See Regulation C comments 4(a)(31)-4 and 4(a)(32)-5.
\652\ For example, California's commercial financing disclosure
law requires lenders to determine the finance charge, which includes
``any charge that would be a finance charge under 12 CFR part
1026.4.'' Cal. Code Regs. tit. 10, section 943(a)(1), https://dfpi.ca.gov/wp-content/uploads/sites/337/2022/06/PRO-01-18-Commercial-Financing-Disclosure-Regulation-Final-Text.pdf. In turn,
Regulation Z Sec. 1026.4(a)(3) generally includes fees charged by a
mortgage broker, whether paid directly or indirectly. California law
also requires separate disclosure of broker fees that are included
in the amount financed by the borrower. Cal. Code Regs. tit. 10,
section 956(a)(5).
---------------------------------------------------------------------------
Finally, the Bureau is not requiring separate itemization of
indirect broker fees at this time. Such fees could be imposed for a
variety of reasons and in a variety of ways; the Bureau believes that
additional information and stakeholder feedback would be beneficial
before adopting such a requirement.
107(a)(12)(iv) Initial Annual Charges
Proposed Rule
Proposed Sec. 1002.107(a)(12)(iv) would have required financial
institutions to report the total amount of all non-interest charges
that are scheduled to be imposed over the first annual period of the
covered credit transaction, expressed in dollars.
Proposed comment 107(a)(12)(iv)-1 would have provided an example of
how to calculate the amount to report. Proposed comment 107(a)(12)(iv)-
2 would have highlighted that a financial institution should exclude
interest expenses from the initial annual charges reported. Proposed
comment 107(a)(12)(iv)-3 would have noted that a financial institution
should not include any charges for events that are avoidable by the
applicant, including for example, charges for late payment, for
exceeding a credit limit, for delinquency or default, or for paying
items that overdraw an account. Proposed comment 107(a)(12)(iv)-4 would
have provided examples of initial annual charges that may be scheduled
to be imposed during the initial annual period, including monthly fees,
annual fees, and other similar charges. Finally, proposed comment
107(a)(12)(iv)-5 would have clarified that a financial institution
complies with the provision by reporting as the default the highest
amount for a charge scheduled to be imposed, and provides an example of
how to calculate the amount reported when the scheduled fee to be
imposed may be reduced based upon a specified occurrence.
The Bureau sought comment on proposed Sec. 1002.17(a)(12)(iv) and
its commentary, including whether to include or exclude certain types
of charges as reportable under initial annual charges. The Bureau also
sought comment on the likelihood that financial institutions would
schedule charges in the second year of a covered credit transaction and
beyond specifically in an effort to avoid reporting the charges for
purposes of section 1071. Finally, the Bureau sought comment on how it
should treat situations where the applicant has informed the financial
institution that it expects to regularly incur ``avoidable charges,''
and whether such charges should be reported as a scheduled charge.
Comments Received
The Bureau received comments specifically regarding the collection
of initial annual charges from lenders, trade associations, and
community groups.
A community group stated that the Bureau should finalize the
provision as proposed, but that the Bureau should conduct research to
determine if lenders are shifting fees beyond the first year. Several
community groups and a lender requested that the Bureau require
financial institutions to also report charges scheduled to be imposed
after the first year to avoid encouraging lenders to impose charges
disproportionately in the later years of the loan's term.
With respect to avoidable fees, a community group stated that the
Bureau should include all fees that could be imposed at the lender's
discretion in order to avoid evasion. A bank and a joint letter from
bank trade associations argued that including avoidable fees that the
applicant intends to incur would unfairly inflate the prices of some
loans and create documentation problems for lenders. One commenter
asserted that, for loans with terms shorter than one year, financial
institutions should not be made to speculate as to what constitutes the
initial period on short term loans and what could occur during the
initial annual period regarding charges.
A State bankers association expressed concern that the terms
``scheduled'' and ``initial period following origination'' were not
defined in the NPRM. That commenter and a bank asserted that many
charges that may be incurred during the first year may be uncertain,
[[Page 35317]]
such as an inspection fee for a construction project where the timing
of inspections is determined by events occurring after origination. The
State bankers association also stated that some loans may have multiple
transactions within a one-year period, such as a line of credit that
was originated and then increased, and asserted that it is unclear
whether associated charges would be reported twice or combined.
Final Rule
For the reasons set forth herein, the Bureau is adopting Sec.
1002.107(a)(12)(iv) and associated commentary with additions and
adjustments to commentary to address comments regarding speculative
charges and transactions with terms of less than one year. Final Sec.
1002.107(a)(12)(iv) provides that a financial institution reports only
charges scheduled to be imposed over the first annual period of the
covered credit transaction. The Bureau understands that there are a
variety of ways that small business credit transactions may be
structured. This includes, for example, whether there is an interest
rate imposed on the transaction, whether there are finance charges, and
whether there are a myriad of other fees that may be scheduled to be
paid or are contingent upon some occurrence. In addition, the Bureau
understands that scheduled fees may constitute a substantial part of
the cost of a covered credit product, and without knowledge of those
fees, the cost of the credit would be incomplete. The Bureau believes
that final Sec. 1002.107(a)(12)(iv) enables data users to have a more
accurate understanding of the cost of the covered credit transaction
than if the data lacked information about scheduled fees.
There may be small business credit transactions that do not include
an interest rate, but do include a monthly finance charge. If the
financial institution were only required to report the interest rate on
these types of transactions, the true cost of credit would be obscured
because the monthly finance charge would not be reported. In addition,
small business credit, like consumer credit, may include a number of
other fees, such as annual fees and other similar charges. The
information collected and reported under final Sec.
1002.107(a)(12)(iv) allows data users to have a more complete picture
of the cost of the covered credit transaction and promotes market
transparency, thus furthering the business and community development
purpose of section 1071. In addition, this pricing data furthers the
fair lending purpose of section 1071 as it enhances the ability to
understand the cost of credit and any disparities that may exist.
The Bureau believes that by requiring only scheduled charges to be
reported (rather than the submission of all potential charges, some of
which could be speculative), the data reported will be more accurate
than if a financial institution were to make an educated guess as to
what unscheduled charges will be imposed over the first annual period.
Final Sec. 1002.107(a)(12)(iv) does not require a financial
institution to itemize the charges reported thereunder. The Bureau also
believes that requiring charges to be itemized would add a considerable
amount of complexity for financial institutions in collecting and
reporting the initial annual charges, given the range of fees that
could be charged and the variations in how they might be imposed.
A financial institution complies with final Sec.
1002.107(a)(12)(iv) by not including charges for events that are
avoidable by the applicant; this restriction is explained more fully in
final comment 107(a)(12)(iv)-3 (unchanged from the proposal), which
provides examples of types of avoidable charges. As noted above, the
Bureau believes that the accuracy of the data reported is enhanced by
only including charges that are scheduled to be imposed and not
including potential charges that are contingent upon an action (or
inaction) by the borrower. The Bureau also believes that only requiring
financial institutions to report such charges for the first year, and
not the life of the loan, will reduce any burden associated with
reporting the data. This information should be included in the contract
and, at most, would require a simple calculation to arrive at the total
charges for the initial annual period. An example of how to calculate
the initial annual charges for the first annual period is found in
final comment 107(a)(12)(iv)-1. Additionally, to address comments
received regarding uncertain or speculative charges, the Bureau has
revised final comment 107(a)(12)(iv)-1 to state explicitly that, in a
transaction where there will be a charge in the initial annual period
following origination but the amount of that charge is uncertain at the
time of origination, a financial institution complies by not reporting
that charge as scheduled to be imposed during the initial annual period
following origination.
The Bureau is finalizing comments 107(a)(12)(iv)-2 (providing that
a financial institution complies with the provision by excluding any
interest expense from the initial annual charges reported) and -4
(providing examples of charges scheduled to be imposed during the
initial annual period) as proposed. The Bureau is also finalizing
comment 107(a)(12)(iv)-5 as proposed. This comment provides additional
explanation about what amount to report when the financial institution
provides a discount on the charge if certain conditions are met. The
Bureau understands that some financial institutions may provide a
discount on specific charges when certain conditions are met. For
example, a financial institution may provide a discount on a monthly
charge if the borrower maintains a checking account at the financial
institution. In such a circumstance, final Sec. 1002.107(a)(12)(iv)-5
requires the financial institution to report the non-discounted amount
to maintain consistency across the data that are reported by all
financial institutions.
The Bureau is adopting new comment 107(a)(12)(iv)-6 to clarify
that, for a transaction with a term less than one year, a financial
institution complies with the provision by reporting all charges
scheduled to be imposed during the term of the transaction. This
comment was added to address requests for clarification regarding how
to report the data for transactions with terms less than one year as
well as what is meant by initial annual period.
107(a)(12)(v) Additional Cost for Merchant Cash Advances or Other
Sales-Based Financing
Proposed Rule
Proposed Sec. 1002.107(a)(12)(v) would have required financial
institutions to report additional cost data for merchant cash advances
or other sales-based financing transactions. Specifically, this cost is
the difference between the amount advanced and the amount to be repaid,
expressed in dollars. Proposed comment 107(a)(12)(v)-1 would have
provided an example of the difference between the amount advanced and
the amount to be repaid for a merchant cash advance.
The Bureau sought comment on proposed Sec. 1002.107(a)(12)(v) and
its commentary, including whether to require additional pricing
information for merchant cash advances, and whether merchant cash
advances could be structured in ways that evade the proposed reporting
requirement, such as by omitting or making variable the amount to be
repaid.
Comments Received
The Bureau received comments specifically regarding this aspect of
the
[[Page 35318]]
proposal from several industry and community group commenters. Several
joint letters from community groups, community oriented lenders, and
business advocacy groups, as well as a trade association, asked the
Bureau to require reporting the loan term for merchant cash advances or
other sales-based financing transactions. These commenters stated that
the loan term was necessary to compare the pricing of merchant cash
advances, and offered potential methodologies for estimating unknown
loan terms, including those from State commercial financing disclosure
laws. A lender asked the Bureau to accommodate future transaction types
by allowing financial institutions to report amounts under Sec.
1002.107(a)(12)(v) even if the transaction is not a merchant cash
advance or other sales-based financing transaction. Finally, a cross-
sector group of lenders, community groups, and small business advocates
agreed that Sec. 1002.107(a)(12)(v), along with the other pricing
data, would capture the cost of merchant cash advances.
Final Rule
For the reasons set forth herein, the Bureau is finalizing Sec.
1002.107(a)(12)(v) and comment 107(a)(12)(v)-1 as proposed. Final Sec.
1002.107(a)(12)(v) requires financial institutions to report the
difference between the amount advanced and the amount to be repaid,
expressed in dollars, for merchant cash advances or other sales-based
financing transactions. As with all aspects of pricing within final
Sec. 1002.107(a)(12), this requirement applies to credit transactions
that either have been originated or have been approved by the financial
institution but not accepted by the applicant.
As discussed in the NPRM, some types of commercial financing
contain pricing terms that are difficult to reflect in data about
interest rate and fees. For example, under a typical merchant cash
advance, a merchant receives a cash advance and promises to repay it
(plus some additional amount) to the merchant cash advance provider.
Merchant cash advance providers generally do not provide an interest
rate, and while they may charge fees at origination or during the first
year, the majority of a merchant cash advance's cost to the merchant
comes from the additional amount repaid by the merchant on top of the
amount advanced. This additional amount may be expressed as a multiple
of the amount advanced in the form of a factor rate or percentage, or
it may be derived by comparing the total payback amount to the amount
actually advanced. This additional amount is typically not
characterized as interest, so it would not be reported under final
Sec. 1002.107(a)(12)(i). Nor is this additional amount characterized
as a fee charged at origination or scheduled to be imposed during the
first year after the transaction, so it would not be reported under
final Sec. 1002.107(a)(12)(ii) or (iv). Without an additional pricing
data field to capture this additional amount along with any other fees
the merchant cash advance provider charges, data users attempting to
analyze merchant cash advance pricing would miss most of the cost of
credit associated with these transactions. Therefore, the inclusion of
this data field aids in fulfilling both the fair lending enforcement
and business and community development purposes of the statute.
The Bureau believes that collecting and reporting this data will
impose relatively little burden on financial institutions, because they
can determine the additional amount repaid by computing the difference
between the amount of revenue purchased and the purchase price
typically found in the merchant cash advance contract. Commenters
generally did not make assertions to the contrary.
As discussed in the section-by-section analysis of Sec.
1002.107(a)(5) above, the Bureau is requiring, for merchant cash
advances and other sales-based financing transactions, that financial
institutions report the loan term, if any, that the financial
institution estimated, specified, or disclosed in processing or
underwriting the application or transaction. This information will
allow data users to better understand and use the information reported
pursuant to final Sec. 1002.107(a)(12)(v). However, the Bureau is not
adopting one commenter's suggestion regarding future transaction types
that may resemble merchant cash advances or other sales-based
financing, as the Bureau believes such transactions should be
adequately covered by the ``other sales-based financing'' label and
thus this information would be reportable for such transactions.
107(a)(12)(vi) Prepayment Penalties
Proposed Rule
Proposed Sec. 1002.107(a)(12)(vi)(A) would have required financial
institutions to report whether the financial institution could have
included a prepayment penalty under the policies and procedures
applicable to the covered credit transaction. Proposed Sec.
1002.107(a)(12)(vi)(B) would have required financial institutions to
report whether the terms of the covered credit transaction include a
charge imposed for paying all or part of the transaction's principal
before the date on which the principal is due. Proposed comment
107(a)(12)(vi)-1 would have provided additional information on how to
determine whether the applicable policies and procedures allow a
financial institution to include prepayment penalties in the loan
agreement.
The Bureau sought comment on proposed Sec. 1002.107(a)(12)(vi) and
its commentary, including whether to enumerate other types of
contingent charges separately in the 1071 data to more accurately
reflect the cost of covered credit transactions. The Bureau also sought
comment on whether there are alternative data that would provide
similar insight into whether certain borrowers are being steered into
covered credit transactions containing prepayment penalty terms or
other similar contingent terms.
Comments Received
The Bureau received comments regarding the reporting of prepayment
penalty information from lenders, trade associations, and community
groups. A number of community groups supported the proposal to collect
prepayment penalty information. One asserted that information on
prepayment penalties is important for data users to determine whether
such charges are targeting underserved borrowers. Another noted that
research by the Federal Reserve Board shows that many small business
borrowers do not expect the balloon finance charge that many merchant
cash advances and other transactions impose for prepayment.\653\ A
joint letter from community and business advocacy groups requested that
the Bureau ensure that financial institutions cannot evade the
reporting requirement by changing how prepayment penalties are
described.
---------------------------------------------------------------------------
\653\ Barbara Lipman & Ann Marie Wiersch, Bd. of Governors of
the Fed. Rsrv. Sys., Browsing to Borrow: ``Mom & Pop'' Small
Business Owners' Perspectives on Online Lenders and Products (June
2018), https://www.federalreserve.gov/publications/files/2018-small-business-lending.pdf.
---------------------------------------------------------------------------
A number of trade associations and banks questioned the necessity
of prepayment penalty data and claimed that it would be misleading. A
group of trade associations stated that the Bureau offered no evidence
that these penalties impact community development or are used in a
discriminatory fashion. The same commenter also asserted that nearly
all merchant cash advance providers collect a charge for prepaying the
amount advanced, but this charge would not be reflected in the proposed
[[Page 35319]]
prepayment penalty data point, leading to the data appearing to inflate
the apparent cost of non-merchant cash advance credit. A State bankers
association asserted that nondiscriminatory reasons exist for certain
loans to have prepayment penalties even if a lender's general policies
and procedures do not provide for them, so the reported data could not
be used to detect steering. A bank stated that the proposal would not
detect steering because it does not clarify whether the prepayment
penalty applies to the transaction requested or the transaction
approved.
Two trade association comments asserted that lending policies are
written in general terms and do not address prepayment penalties.
Another trade association commented that it is possible that every loan
``could'' have a prepayment penalty.
A number of commenters requested that the Bureau change the scope
of the data collection. A lender stated that the data collection should
be limited to a binary flag and not require details on the potential
penalties themselves. Two banks and a State bankers association stated
that the data collection should be limited to whether a prepayment
penalty was actually charged because a lender's policies might change
during the reporting year and are dependent on external factors, such
as the requirements of a third-party guarantor. A joint letter from
community and business advocacy groups asserted that the Bureau should
require reporting of the amount of any prepayment penalty and the term
over which the penalty could be imposed. Finally, a cross-sector group
of lenders, community groups, and small business advocates stated that
the data collection should be modified to capture the balloon finance
charge that nearly all merchant cash advances, and many other small
business loans, charge on prepayment. This commenter stated that,
because this charge is the finance charge that would be paid over the
original term of the loan, it would not be considered a ``penalty.''
Final Rule
For the reasons set forth herein, the Bureau is adopting final
Sec. 1002.107(a)(12)(vi) with one technical correction, adopting
comment 107(a)(12)(vi)-1 as proposed, and adding new comment
107(a)(12)(vi)-2 regarding charges that become due immediately on
prepayment. Final Sec. 1002.107(a)(12)(vi)(A) requires a financial
institution to report whether it could have included a charge to be
imposed for paying all or part of the transaction's principal before
the date on which the principal is due under the policies and
procedures applicable to the covered credit transaction
(notwithstanding whether such a provision was in fact included in this
specific credit transaction). Final Sec. 1002.107(a)(12)(vi)(B)
requires financial institutions to report whether the terms of the
covered credit transaction do in fact include such a charge. These
provisions allow data users to determine what percentage of covered
credit transactions could contain a prepayment penalty term, what
percentage of such transactions actually contain such a term, and,
together with other data points, the demographic profile of borrowers
whose contracts do and do not include the term. The two provisions work
together to allow data users to better determine whether certain
borrowers are being steered towards covered credit transactions
containing prepayment penalty terms.
Final comment 107(a)(12)(vi)-1 elaborates on the requirement to
report whether financial institutions could have included a prepayment
penalty in the covered credit transaction to clarify that the
applicable policies and procedures are those that the financial
institution follows when evaluating applications for the specific
credit type and credit purpose requested. The Bureau believes this
provision will ensure that similar credit products are being analyzed
together and reduces the possibility that potential fair lending risk
is incorrectly identified. In response to commenters who said that
financial institutions' policies may change during the reporting year,
the Bureau notes that comment 107(a)(12)(vi)-1 explains that the
relevant policies and procedures are those in effect at the time of the
covered credit transaction. A financial institution would not report
based on different policies and procedures that might be adopted later
in the reporting period.
New comment 107(a)(12)(vi)-2 explains that a financial institution
complies with final Sec. 1002.107(a)(12)(vi) by reporting as a
prepayment penalty any balloon finance charge that may be imposed for
paying all or part of the transaction's principal before the date on
which the principal is due and provides an example which illustrates a
balloon finance charge that should be reported. As explained above, one
commenter stated that most merchant cash advances and many other
transactions have finance charges that would be paid over the entire
term of the loan but that immediately become due on prepayment. The
Bureau agrees that it was not sufficiently clear that these balloon
finance charges would have been covered under the proposed description
of a prepayment penalty. In addition, another commenter asked the
Bureau to make clear that financial institutions cannot evade the
reporting requirement by changing how prepayment penalties are
described. New comment 107(a)(12)(vi)-2 was added to address both of
these concerns.
In response to commenters asserting that prepayment penalty data
are unnecessary or misleading, the Bureau notes that small business
loan contracts may include prepayment penalties and the penalties can
be sizable and structured as a percent of the remaining outstanding
balance. The Bureau also understands that there may be concern among
stakeholders, including community groups, that certain small business
applicants may be steered toward loans containing prepayment penalty
terms. The collection of data regarding which contracts contain a
prepayment penalty and whether a prepayment penalty could have been
imposed on specific contract types allows the data to be analyzed for
fair lending purposes to see if certain groups are more frequently
entering into contracts containing prepayment penalties. From a market
competition standpoint, financial institutions may want to know how
frequently their competitors are using prepayment penalties, and
collection of these data could improve market transparency and new
product development opportunities. The Bureau is not convinced by
commenters' assertions that the data will not be valuable nor that it
should require reporting of additional data related to prepayment
penalties. The Bureau believes the type of data required to be reported
pursuant to final Sec. 1002.107(a)(12)(vi) strikes the right balance
between collecting information helpful to analyze for the purposes
mentioned above and not requiring financial institutions to provide
information regarding prepayment penalties.
107(a)(13) Census Tract
Proposed Rule
Section 1071 requires financial institutions to collect and report
``the census tract in which is located the principal place of business
of the . . . applicant.'' \654\ This provision is similar to Regulation
C, which requires reporting of the census tract in certain
circumstances if the property securing the loan (or proposed to secure
the loan,
[[Page 35320]]
if the transaction was not originated) is in a county with a population
of more than 30,000.\655\ Under Regulation C, the financial institution
generally finds the census tract by geocoding using the address of the
property. Geocoding is the process of using a particular property
address to locate its geographical coordinates, and from those
coordinates one can identify the corresponding census tract.
---------------------------------------------------------------------------
\654\ ECOA section 704B(e)(2)(E).
\655\ Regulation C Sec. 1003.4(a)(9)(ii)(C). Regulation C also
requires reporting of the property address for all applications.
---------------------------------------------------------------------------
CRA reporting of business loans by depository institutions also
requires reporting of census tract. The Bureau understands that CRA
allows reporting of a census tract based on the address or location
where the proceeds of the credit will be principally applied.\656\
---------------------------------------------------------------------------
\656\ See 2015 FFIEC CRA Guide at 16.
---------------------------------------------------------------------------
The Bureau proposed Sec. 1002.107(a)(13) to require financial
institutions to collect and report the census tract data point using a
``waterfall'' approach. The proposed rule would have required a
financial institution to collect and report the census tract in which
is located: (i) The address or location where the proceeds of the
credit applied for or originated will be or would have been principally
applied; or (ii) If the information in (i) is unknown, the address or
location of the main office or headquarters of the applicant; or (iii)
If the information in both (i) and (ii) is unknown, another address or
location associated with the applicant. In addition, the proposed rule
would have required that the financial institution also indicate which
one of the three types of addresses or locations listed in (i), (ii),
or (iii) the census tract is based on. Although the proposed rule did
not specifically require it, the Bureau assumed that financial
institutions or their vendors would generally use a geocoding tool to
analyze the appropriate address to identify a census tract number.
The proposed approach would have required a financial institution
to report the census tract of the proceeds address if it was available
but would not have required a financial institution to ask about it
specifically. Financial institutions would have been able to apply the
waterfall approach to the addresses they were currently collecting;
they would not have been required to specifically ask for the proceeds
or headquarters addresses. In addition, the proposed method would have
allowed a financial institution to report that it was unsure about the
nature of the address if it had no information as to the nature or
function of the business address it possessed.
Proposed comment 107(a)(13)-1 would have provided general
instructions on using the waterfall reporting method, with examples for
guidance. The Bureau believed that this comment would facilitate
compliance and sought comment on whether any additional instructions or
examples would be useful.
Proposed comment 107(a)(13)-2 would have explained that a financial
institution would comply with proposed Sec. 1002.107(a)(13) by
identifying the appropriate address or location and the type of that
address or location in good faith, using appropriate information from
the applicant's credit file or otherwise known by the financial
institution. The comment would also have made clear that a financial
institution would not be required to investigate beyond its standard
procedures as to the nature of the addresses or locations it collects.
Proposed comment 107(a)(13)-3 would have explained that pursuant to
proposed Sec. 1002.107(c)(1) a financial institution would be required
to maintain procedures reasonably designed to collect applicant-
provided information, which would include at least one address or
location for an applicant for census tract reporting. However, the
comment would have further explained that if a financial institution
was nonetheless unable to collect or otherwise determine any address or
location for an application, the financial institution would report
that the census tract information was ``not provided by applicant and
otherwise undetermined.''
The Bureau proposed a safe harbor in Sec. 1002.112(c)(1)
(renumbered as Sec. 1002.112(c)(2) in the final rule), which would
have stated that an incorrect entry for census tract would not be a
violation of ECOA or subpart B if the financial institution obtained
the census tract by correctly using a geocoding tool provided by the
FFIEC or the Bureau. Proposed comment 107(a)(13)-4 would have cross-
referenced that provision. See the section-by-section analysis of Sec.
1002.112(c)(2) below for additional discussion of this safe harbor.
During the SBREFA process, some small entity representatives
explained that they generally collect the main office address of the
small business, which for sole proprietorships will often be a home
address, and were generally not aware of the proceeds address. The
Bureau's proposed waterfall approach would accommodate this situation
by allowing financial institutions to report census tract using the
address that they currently collect. While several small entity
representatives were already geocoding applicants' addresses, others
were concerned about the burden associated with geocoding for HMDA and
one expressed a preference for the CRA method of geocoding, as did
several other stakeholders. Accordingly, the Bureau sought comment on
the difference between geocoding for HMDA and for CRA, and any specific
advantages or disadvantages associated with geocoding under either
method. In regard to a small entity representative's request for a
Federal government tool capable of batch processing for geocoding of
addresses, the Bureau noted that it was considering the utility of such
a tool. As the SBREFA Panel recommended, the Bureau sought comment on
the feasibility and ease of using existing Federal services to geocode
addresses in order to determine census tract for section 1071 reporting
purposes (such as what is offered by the FFIEC for use in reporting
HMDA and CRA data).
The Bureau sought comment on its proposed approach to the census
tract data point. In addition to the specific requests for input above,
the Bureau noted that the waterfall method was intended to allow CRA
reporters to provide the same data for both reporting regimes, but
requested comment on whether the proposed method would achieve this
goal and, if not, whether and how this data point should be further
coordinated with CRA.
Comments Received
The Bureau received comments on this aspect of the proposal from
numerous lenders, trade associations, community groups, and others.
Several commenters supported the inclusion of the census tract data
point, and many specifically discussed and supported the proposed
waterfall approach to reporting. One CDFI lender stated that it
currently collects this information for the CDFI Fund. Several
community groups discussed the importance of knowing where loans were
made to combat redlining and ensure that socially disadvantaged farmers
and other small businesses can have appropriate access to credit. A
community group and a trade association agreed with the Bureau's
proposal that the waterfall method would allow section 1071 reporting
to match CRA requirements. Another trade association said that
financial institutions would be able to use an address provided by the
applicant and agreed that reporting of the proceeds address would allow
coordination with CRA, though it did not comment on the
[[Page 35321]]
proposed waterfall. Although they supported the waterfall approach, two
community groups requested that financial institutions be required to
ask for the location where the proceeds of the credit would be used,
stating that this method would allow for better coordination with CRA
and better fulfillment of the purposes of section 1071.
Several industry commenters stated that the census tract data point
would be confusing and difficult to report. One commenter pointed out
that multiple applicant addresses and address changes for applicants
would complicate reporting. A national auto finance trade association
stated that its members do not work with census tracts and that
technical and process changes would be necessary to deliver this data.
A trade association stated that geocoding will be a significant
burden for many credit unions, the vast majority of which do not
collect census tract information for small business loans. That
commenter further stated that although some CDFI credit unions collect
census tract information, many are completely unfamiliar with census
tracts--particularly credit unions that are not HMDA reporters. The
commenter also said that the FFIEC geocoder does not permit batch
inputs, which it said further slows application processes. Finally, the
commenter requested that the Bureau develop a free tool that permits
batch inputs and better enables efficient and cost-effective
compliance.
Two banks and a trade association commented that many banks that
are not HMDA reporters are unfamiliar with census tracts. Commenters
also stated that the FFIEC geocoder works efficiently for addresses in
and close to metro areas, but not as easily for more rural addresses,
and in relation to new subdivisions and developments. They further
pointed out that when an address is not ``matched'' in the FFIEC
system, it requires manual plotting, which is time-consuming and
difficult, and stated that a bank that makes strictly agricultural
loans might find many non-matching addresses. Finally, two of these
commenters suggested that reporting the State and county codes should
be sufficient when there is no match in the FFIEC geocoder.
Several industry commenters specifically objected to the waterfall
reporting method, which they stated was confusing and difficult, and
many suggested it should not be mandatory. Some of these commenters
requested clarification on how to report if there are multiple proceeds
addresses, or if the bank learns of a different proceeds address after
the loan closes. In addition, two commenters asked that the Bureau
clarify whether the census tract should match the mailing address of
the applicant or the physical address.
Numerous banks and trade associations stated that section 1071
reporting requirements, especially the census tract data point,
overlapped or conflicted with HMDA and CRA reporting requirements,
creating unnecessary difficulties. Most of these commenters asked that
the Bureau coordinate these requirements and provide a complete
exemption from section 1071, HMDA, or CRA for loans that overlap.
Commenters requesting exemptions did not explain why the use of the
proceeds address would not allow coordination between section 1071 and
CRA census tract reporting.
Some industry commenters expressed concern that census tract
information, especially when combined with the NAICS business type and
other reported data, could facilitate reidentification of small
business applicants. These commenters stated that this risk would be
greater in rural areas.
Comments addressing the Bureau's proposed safe harbor for use of
certain geocoders are addressed in the section-by-section analysis of
Sec. 1002.114(c)(1) below.
Final Rule
For the reasons set forth herein, the Bureau is finalizing Sec.
1002.107(a)(13) and associated commentary with a minor edit for
clarity. Final Sec. 1002.107(a)(13) requires that financial
institutions collect and report the census tract data point using the
``waterfall'' approach described above.
In regard to the comments expressing concern about the burden
associated with collecting and reporting census tract information using
a geocoder and by other means, the Bureau notes that census tract is
specifically enumerated as a data point in the statute. In addition,
the Bureau believes that its reporting method for the census tract data
point leverages existing industry information collection practices and
will result in useful information to further section 1071's purposes
while avoiding imposing much additional burden on financial
institutions. The waterfall method allows a financial institution to
report census tract using an address it already has, with no further
investigation; allows a financial institution to avoid further
investigation when it is unsure about the nature of the address
reported; and allows current CRA reporters to report the same address
for this rule as they do for CRA.\657\ In addition, the waterfall
method prioritizes the proceeds address, which the Bureau considers to
be particularly useful for both the fair lending and business and
community development purposes of section 1071.
---------------------------------------------------------------------------
\657\ As explained below, the current CRA rulemaking envisions
replacing small business and small farm CRA data collection with the
1071 data collection, but in the event CRA data is still reported
under the current regime for some period of time after compliance
with this rule is required, the Bureau believes that the ability to
report the same data in the interim should reduce any operational
difficulties related to census tract. See 87 FR 33884, 33997, 34005
(June 3, 2022).
---------------------------------------------------------------------------
The waterfall approach adopted in the final rule requires a
financial institution to report the census tract of the proceeds
address if it is available, but does not require a financial
institution to ask about it specifically. This provision is meant to
address potential concerns about reporters spending time on complex,
fact-specific questions and unintentionally misreporting this data
point, which could occur if financial institution staff have to
determine what kind of address they are reporting based on insufficient
information. The Bureau believes that this option will be particularly
helpful if the application is denied or withdrawn early in the
application process before the nature of any address provided by the
applicant is clear.
Requiring financial institutions to inquire as to the address where
the proceeds will be applied, as some commenters requested, might
result in slightly more proceeds addresses being reported. However, the
Bureau does not believe that the extra information reported in certain
instances would be worth the extra difficulty across all small business
applications. In addition, the Bureau believes that the waterfall
approach in collecting census tract data provides sufficient
flexibility; making use of the waterfall voluntary, as some commenters
suggested, would result in less useful information being collected
while only reducing difficulty by a small amount. In regard to the
comment asking whether the physical or mailing address or location
should be used, the Bureau notes that the credit proceeds will be
applied at a physical location, and the main office or headquarters of
a business will also occupy a physical location. The third option in
the waterfall, ``another address or location,'' does not suggest the
nature of such an address, but the financial institution will need to
have enough information to determine a census tract for that location.
As explained above, the Bureau understands that CRA currently
requests reporting of a census tract based on the
[[Page 35322]]
address or location where the proceeds of the credit will be
principally applied.\658\ The Bureau also believes that CRA reporting
on this data point is reasonably flexible, and a financial institution
will be able to coordinate the two compliance regimes to report the
same census tract. The commenters who stated that this data point would
conflict with CRA reporting did not explain why they believed this to
be so, and other industry commenters agreed that the census tract data
point for section 1071 would allow coordinated reporting with CRA. The
Bureau also notes that the recent CRA interagency proposed rule, if
finalized, would eventually replace CRA small business and small farm
data with data collected pursuant to section 1071, in which case this
issue would likely be moot.\659\
---------------------------------------------------------------------------
\658\ See, e.g., Off. of the Comptroller of Currency, Fed. Rsrv.
Sys., Fed. Deposit Ins. Corp., Community Reinvestment Act;
Interagency Questions and Answers Regarding Community Reinvestment;
Guidance, 81 FR 48506, 48551-52 (July 25, 2016).
\659\ See 87 FR 33884, 33997, 34005 (June 3, 2022).
---------------------------------------------------------------------------
Although the Bureau sought comment on the differences between HMDA
and CRA census tract reporting, no commenters provided information on
this issue. In regard to commenter concerns about overlaps or conflicts
with HMDA reporting, the Bureau notes that the final rule excludes
HMDA-reportable transactions from coverage, as discussed in the
section-by-section analysis of Sec. 1002.104(b)(2) above, so that
concern is now moot as well.
The Bureau notes that section 1071's description of the census
tract data point refers to the census tract for the applicant's
``principal place of business.'' \660\ The Bureau considers the
waterfall approach in final Sec. 1002.107(a)(13) to be a reasonable
interpretation of the undefined statutory term ``principal place of
business,'' which the Bureau understands not to have a standard
definition, and thus believes to be ambiguous. First, the Bureau
believes that the address or location of the main office or
headquarters of the applicant fits easily into one of the common
meanings of ``principal place of business.'' In addition, the Bureau
anticipates that, generally, the address where the loan proceeds will
be applied will also be the main office or headquarters address.\661\
The primary exception to this principle will be in the case of credit
intended for purchase, construction/improvement, or refinancing of real
property; under these circumstances, the Bureau reasonably interprets
the term ``principal place of business'' to mean the principal location
for business activities relating to the extension of credit at issue.
Although ``another address or location associated with the applicant''
might not always be the principal place of business of the applicant,
the Bureau considers this information to be the financial institution's
best option for reporting data on the principal place of business when
the nature of a location is unknown.
---------------------------------------------------------------------------
\660\ ECOA section 704B(e)(2)(E).
\661\ According to U.S. Census 2019 SUSB data, there are
6,081,544 firms with fewer than 500 employees (which will be used,
for this purpose, as a rough proxy for a ``small business''); those
firms collectively have 6,588,335 establishments (i.e., locations).
This means that, at most, approximately 8 percent of firms with
fewer than 500 employees could have more than one location. See U.S.
Census Bureau, 2019 SUSB Annual Datasets by Establishment Industry
(Feb. 2022), https://www.census.gov/programs-surveys/susb/data/tables.html. According to the U.S. Census Bureau's Non-employer
Statistics, there are 27,104,006 non-employer establishments
(regardless of revenue size). Non-employer firms account for fewer
than 4 percent of all sales, though, and the vast majority are sole
proprietorships. While not impossible, the Bureau believes it is
very unlikely that non-employer firms would have more than one
location. See U.S. Census Bureau, All Sectors: Nonemployer
Statistics by Legal Form of Organization and Receipts Size Class for
the U.S., States, and Selected Geographies: 2019 (2019), https://data.census.gov/cedsci/table?q=NONEMP2019.NS1900NONEMP&tid=NONEMP2019.NS1900NONEMP&hidePreview=true.
---------------------------------------------------------------------------
In the alternative, section 1071 authorizes the Bureau to include
any ``additional data that the Bureau determines would aid in
fulfilling the purposes of [section 1071].'' The Bureau has determined
that requiring reporting of the proceeds address will aid in fulfilling
both the fair lending and business and community development purposes
of section 1071 by providing more useful information on the location of
the activity financed for fair lending analysis and understanding where
the business and community development is occurring. Requiring
reporting of another address or location associated with the applicant
when both the proceeds address and the main office or headquarters
address are not available will provide location data when otherwise
none would be present, thus also aiding in fulfilling both the fair
lending and business and community development purposes of section 1071
by providing more useful information on location for fair lending
analysis and understanding where the business and community development
will likely be occurring. In addition, requiring data on the nature of
the address reported will aid in fulfilling both the fair lending and
business and community development purposes of section 1071 by
facilitating accurate analyses of the data reported. Also, in the
alternative, to the extent that ``the principal place of business of
the . . . applicant'' is understood to mean only ``main office or
headquarters address'' (which, as explained above, the Bureau does not
adopt as its interpretation of the statutory term) the Bureau believes
it is appropriate to use its exception authority under ECOA section
704B(g)(2) to provide that financial institutions in certain situations
may report the proceeds address or ``another address or location
associated with the applicant,'' because the Bureau believes those
addresses will carry out the purposes of section 1071 more
appropriately than requiring the main office or headquarters address in
every situation.
The Bureau is finalizing comment 107(a)(13)-1 through -4 with a
minor edit for consistency. Comment 107(a)(13)-1 provides general
instructions on using the waterfall reporting method, with examples for
guidance, which will facilitate compliance.
Final comment 107(a)(13)-2 explains that a financial institution
complies with Sec. 1002.107(a)(13) by identifying the appropriate
address or location and the type of that address or location in good
faith, using appropriate information from the applicant's credit file
or otherwise known by the financial institution. The comment also makes
clear that a financial institution is not required to investigate
beyond its standard procedures as to the nature of the addresses or
locations it collects. The Bureau believes that this guidance strikes
the right balance by allowing flexibility in reporting, and also
requiring appropriate good faith compliance in exercising that
flexibility, thereby yielding quality data. In regard to commenters'
concerns about reporting census tract when there are multiple proceeds
addresses, the Bureau notes that the rule requires reporting using the
address where the proceeds will be or would have been principally
applied, and allows for other addresses to be used if that address is
unknown. As final comment 107(a)(13)-2 makes clear, as long as a
financial institution determines which address to use in good faith, it
will be in compliance with the rule. The Bureau believes that including
detailed instructions on how to determine which proceeds address to
report would increase the difficulty of reporting while only marginally
enhancing the quality of the data reported. In regard to the comment
about what to report when the proceeds or other address changes,
because comment 107(a)(13)-2 requires that the address/location be
identified in good faith, an address that the financial institution
knows is no longer accurate
[[Page 35323]]
would not be appropriate to use in determining the census tract when a
more accurate address is available.
Final comment 107(a)(13)-3 explains that pursuant to final Sec.
1002.107(c)(1) a financial institution is required to maintain
procedures reasonably designed to collect applicant-provided data,
which includes at least one address or location for an applicant for
census tract reporting. However, the comment further explains that if a
financial institution is nonetheless unable to collect or otherwise
determine any address or location for an application, the financial
institution reports that the census tract information was ``not
provided by applicant and otherwise undetermined.'' Based on the
Bureau's understanding of financial institutions' application
procedures, the Bureau believes it is highly unlikely that a financial
institution will not obtain some type of address for the applicant.
Nonetheless, the Bureau permits financial institutions to report this
data point using the ``not provided by applicant and otherwise
undetermined'' response in order to facilitate compliance in those rare
instances when the financial institution does not have the data
requested. The reference in the comment to final Sec. 1002.107(c)(1)
makes clear, however, that a financial institution must maintain
procedures reasonably designed to collect at least one address. As with
the previous comment, the Bureau believes that this comment strikes the
right balance by facilitating compliance and also emphasizing the
requirement to collect appropriate data.
Final comment 107(a)(13)-4 cross-references a safe harbor the
Bureau is finalizing in Sec. 1002.112(c)(2), which states that an
incorrect entry for census tract will not be a violation of ECOA or
subpart B if the financial institution obtains the census tract by
correctly using a geocoding tool provided by the FFIEC or the Bureau.
See the section-by-section analysis of Sec. 1002.112(c)(2) below for
additional discussion of this safe harbor. In regard to commenters'
requests for a new Federal geocoding tool that allows for batch
processing, the Bureau continues to explore this option.
Finally, as discussed above, some commenters were concerned about
reidentification risk in regard to census tract reporting, especially
when combined with NAICS industry codes and other data, and especially
in rural areas. The Bureau appreciates concerns regarding the potential
re-identification risk posed by the publication of unmodified census
tract data. Accordingly, the Bureau believes that, if it decides to
publish census tract, modification may be appropriate to mitigate
potential re-identification risk to small business applicants and
related natural persons. The Bureau notes that it will consider
carefully what data will be publicly released, and will carefully
protect applicant privacy, while preserving the utility of the dataset.
See part VIII.B.6.xi below for discussion of this issue.
107(a)(14) Gross Annual Revenue
Proposed Rule
Section 1071 requires financial institutions to collect and report
``the gross annual revenue of the business in the last fiscal year of
the . . . applicant preceding the date of the application.'' \662\
---------------------------------------------------------------------------
\662\ ECOA section 704B(e)(2)(F).
---------------------------------------------------------------------------
Proposed Sec. 1002.107(a)(14) would have required reporting of the
gross annual revenue of the applicant for its preceding full fiscal
year prior to when the information is collected. The Bureau proposed to
require reporting of a specific value for gross annual revenue--rather
than a range--to simplify the reporting of gross annual revenue
information for financial institutions and because it believed that a
precise value would be more useful for data users, including the
Bureau.
Proposed comment 107(a)(14)-1 would have clarified that a financial
institution need not verify gross annual revenue information provided
by the applicant to comply with proposed Sec. 1002.107(a)(14), as some
small entity representatives and other stakeholders suggested. The
proposed comment would have explained that the financial institution
may rely on statements of or information provided by the applicant in
collecting and reporting gross annual revenue. The proposed comment
would have also stated, however, that if the financial institution
verifies the gross annual revenue provided by the applicant, it must
report the verified information. The Bureau believed that a requirement
to verify gross annual revenue could be operationally difficult for
many financial institutions, particularly in situations in which the
financial institution does not collect gross annual revenue currently.
The Bureau also did not believe that such a requirement was necessary
in fulfilling either of section 1071's statutory purposes. However, the
Bureau believed that reporting verified gross annual revenue when the
financial institution already possesses that information would not be
operationally difficult and would enhance the accuracy of the
information reported.
Proposed comment 107(a)(14)-1 would have also provided specific
language that a financial institution could use to ask about an
applicant's gross annual revenue and would have explained that a
financial institution could rely on the applicant's answer. The Bureau
believed this language would facilitate compliance for financial
institutions that currently do not collect gross annual revenue,
collect it only in limited circumstances, or would otherwise find its
collection challenging, as some small entity representatives and other
stakeholders suggested.
Overall, the Bureau believed that this approach in proposed comment
107(a)(14)-1--clarifying that a financial institution need not verify
applicant-provided gross annual revenue information and providing
language that a financial institution may use to ask for such
information--should reduce the complexity and difficulty of collecting
gross annual revenue information.
The Bureau believed that situations could arise in which the
financial institution has identified that an applicant is a small
business for the purposes of proposed Sec. 1002.106(b) through, for
example, an initial screening question asking whether the applicant's
gross annual revenue is below $5 million, but then the specific gross
annual revenue amount could not be collected. Therefore, the Bureau
proposed comment 107(a)(14)-2, which would have first clarified that
pursuant to proposed Sec. 1002.107(c)(1), a financial institution
shall maintain procedures reasonably designed to collect applicant-
provided information, including the gross annual revenue of the
applicant. The proposed comment would have then stated that if a
financial institution is nonetheless unable to collect or determine the
specific gross annual revenue of the applicant, the financial
institution reports that the gross annual revenue is ``not provided by
applicant and otherwise undetermined.'' The Bureau believed that
permitting this reporting flexibility would reduce the complexity and
difficulty of reporting gross annual revenue information, particularly
when an application has been denied or withdrawn early in the process
and the gross annual revenue could not be collected.
Proposed comment 107(a)(14)-3 would have clarified that a financial
institution is permitted, but not required, to report the gross annual
revenue for the applicant that includes the revenue of affiliates as
well. The proposed comment would have stated that, for example, if the
financial
[[Page 35324]]
institution does not normally collect information on affiliate revenue,
the financial institution reports only the applicant's revenue and does
not include the revenue of any affiliates when it has not collected
that information. The Bureau believed that permitting, but not
requiring, a financial institution to include the revenue of affiliates
will carry out the purposes of section 1071 while reducing undue burden
on financial institutions in collecting gross annual revenue
information. Proposed comment 107(a)(14)-3 would have concluded by
explaining that in determining whether the applicant is a small
business under proposed Sec. 1002.106(b), a financial institution may
rely on an applicant's representations regarding gross annual revenue,
which may or may not include affiliates' revenue. This approach
regarding affiliate revenue in proposed comment 107(a)(14)-3 was
consistent with the approach regarding affiliate revenue for purposes
of determining whether an applicant is a small business under proposed
Sec. 1002.106(b). The Bureau believed that this operational
equivalence between proposed Sec. 1002.107(a)(14) and proposed Sec.
1002.106(b) would facilitate compliance and enhance the consistency of
the data.
In the NPRM, the Bureau expressed skepticism regarding some small
entity representatives' suggestions to allow estimation or
extrapolation of gross annual revenue based on partially reported
revenue, noting, for example, that a seasonal business's bank
statements for its busy season would likely yield an inflated gross
annual revenue when extrapolated to a full year. The Bureau sought
comment on whether financial institutions should be permitted to
estimate or extrapolate gross annual revenue from partially reported
revenue or other information, and how such estimation or extrapolation
would be carried out. The Bureau also noted that estimation or
extrapolation of gross annual revenue would be sufficient for the
purposes of determining small business status under proposed Sec.
1002.106(b), subject to the requirement under proposed comment
107(a)(14)-1 that a financial institution must report verified gross
annual revenue information if available.
The Bureau sought comment on its proposed approach to the gross
annual revenue data point, as well as the specific requests for comment
above. As the SBREFA Panel recommended, the Bureau also sought comment
on how the timing of tax and revenue reporting can best be coordinated
with the collection and reporting of gross annual revenue. In addition,
the Bureau sought comment on the effect of cash flow versus accrual
accounting on reporting of gross annual revenue.
Comments Received
The Bureau received comments on its proposed approach to the gross
annual revenue data point from a range of lenders, trade associations,
and community groups. With the exception of several agricultural
lenders, industry commenters generally did not object to the Bureau's
proposal to require the collection and reporting of gross annual
revenue as required by ECOA section 704B(e)(2)(F) and three commenters
(two community groups and a lender) expressed support for the proposed
gross annual revenue data point. One of the community groups asserted
that the gross annual revenue of the small business is a critical data
element since research shows that smaller businesses are less likely to
receive loans and that this data point is needed to assess whether
banks are meeting credit needs of small businesses. The other community
group remarked that it was critically important to allow for analysis
looking at smaller buckets of small businesses based on gross revenue.
Several agricultural lenders, echoing comments from a major
agricultural credit trade association, argued that the Bureau should
not require the collection or reporting of gross annual revenue
information for agricultural credit and urged the Bureau to use its
exception authority to eliminate this data point for agricultural
credit. The commenters argued that collecting gross annual revenue
information would pose substantial challenges for them given the
prevalence of the ``non-standard'' agricultural borrower, including the
majority of farmers who only farm on a part-time basis, and because
many agricultural loans are currently decisioned with principal
reliance on credit scoring systems, without considering revenue from
farming or off-farm income. One agricultural lender explained that its
underwriting standards include personal W-2 and other off-farm income,
arguing that inclusion of that information in reporting this data point
would be misleading as to the size of the business applying for a loan
because off-farm income is not truly business income. The same
commenter asserted that if, on the other hand, the off-farm income is
not reported, the data would be misleading as they would show many
loans approved to farmers with low business revenue (where they have
sufficient personal income) and other loans denied to farmers with
higher business revenue (because of insufficient personal income).
Another commenter noted it was unclear how to calculate gross annual
revenue for many agricultural credit transactions because for both
estate planning and asset preservation purposes, many family farms are
set up using complex business entities consisting of multiple trusts,
corporations, partnerships, and limited liability entities, and that
this means that the applicant signing the note may differ from the
denoted mortgagors and guarantors, but all of whom are family members
or business entities they own. Many of these agricultural lenders
suggested that instead of gross annual revenue information, the
appropriate metric for agricultural credit should be ``gross sales of
agricultural or aquatic products'' as defined by the Farm Credit
Administration in the prior year.
Some bank commenters suggested the Bureau align with other
reporting regimes (such as HMDA and CRA) by adopting a definition of
gross annual revenue based on annual revenue relied upon to make the
credit decision. Several explained inconsistencies among regulatory
approaches to gross annual revenue, pointing out the Bureau's proposal
would require collecting gross annual revenue from the preceding fiscal
year, whereas HMDA reporting requires use of the income considered in
making the credit decision and the CRA utilizes gross annual revenue
used to make the credit decision. Several commenters asserted that
using a prior year's gross annual revenue would be problematic for many
small businesses that cannot produce usable financial statements,
including tax returns, immediately upon the close of a fiscal year. One
such commenter elaborated that tax returns, which are often the only
available income statements, may not be ready until September,
resulting in many lenders relying on a tax return from two years ago or
using a pro forma revenue outline. Another bank commenter asserted that
using similar, but differently defined, data points between section
1071 and CRA would complicate the reporting process and could be
avoided by aligning the definitions. One commenter recommended aligning
with CRA for originated loans by using gross annual revenue used to
make the credit decision, but for non-originated loans (which are not
reported under the CRA) using gross annual revenue information that has
been provided by applicants absent credit decisions (such as in cases
of some withdrawn or incomplete applications).
[[Page 35325]]
Some commenters provided market intelligence related to the
collection of gross annual revenue data. A trade association stated
that collecting gross annual revenue information can be complicated
because many small businesses have loan guarantors and co-borrowers.
Another trade association explained that in the vehicle financing
context, the borrower employee who is responsible for acquiring the
vehicle may not be familiar with the total revenue of the company and
the owner(s) of the company may not want to share this information with
all employees. A few industry commenters stated that there are many
instances where gross annual revenue information is not collected in
the normal course of business because underwriting may be based on
other factors such as a cash flow analysis, net income, or debt-to-
service ratio. For this reason, one of these commenters stated that it
should be clear that applicants have no obligation to provide gross
annual revenue information. Another asserted that where an applicant
declines to provide gross annual revenue information, the Bureau is
creating a significant regulatory challenge for the financial
institution by requiring it to submit application-level information
when it will not know for certain whether the business is a small
business nor have any reliable way of obtaining gross annual revenue
information absent a third-party provider, which do not exist for many
industries. Conversely, a community group stated that gross annual
revenue was likely to be collected as part of the underwriting process.
A number of industry commenters requested clarification regarding
how to report gross annual revenue information. A few commenters
requested guidance regarding appropriate sources for gross annual
revenue information. One bank commenter requested consistency in what
defines gross annual revenue and asked whether gross sales listed on a
tax return constitute an acceptable source for this information.
Another commenter asked the Bureau to delineate whether tax returns,
accountant prepared financial statements, or internal profit and loss
statements constitute acceptable source documentation.
Several industry commenters asked for guidance or made suggestions
regarding how to calculate gross annual revenue. One asked whether the
Bureau intends for gross annual revenue to be defined as the total of
all income (account credits) for the year before subtracting any
expenses (account debits). Another asked whether, in the case of a
business that uses a calendar year for its fiscal year and applies for
a loan early in the next fiscal year with many unknown numbers related
to the prior fiscal year, the applicant should provide an estimate or
whether the applicant should provide the information from the next
preceding fiscal year. Two commenters suggested that the Bureau clarify
that different business units within the financial institution may use
different methods to determine gross annual revenue, as long as the
methods are used consistently within each business unit. Another asked
if, in the case of an applicant that owns two or more businesses, the
financial institution should only collect and report the gross annual
revenue of the business being financed and not combined revenues of all
owned businesses.
A number of industry commenters asked for clarification and made
suggestions regarding how to report gross annual revenue for a startup
business, a new line of business, or a business with a change in
structure or ownership. A few commenters asked whether ``zero'' and/or
``not available'' is an acceptable response for a startup business. One
commenter urged the Bureau to define gross annual revenue in a
straightforward manner that does not impact credit opportunities (nor
compliance) for newly formed businesses that do not have historical
gross annual revenue. Another commenter suggested the Bureau address or
exempt new businesses from section 1071 reporting. Two commenters asked
whether ``zero'' or ``not provided by applicant and otherwise
undetermined'' should be reported when a borrower is establishing a new
line of business but already has revenue in other businesses; one also
asked if treatment should differ based on whether or not the new
business line was in the same industry as the existing businesses. A
bank commenter opined that for a start-up business, the financial
institution should use the actual gross annual revenue to date
(including the reporting of $0 if a new business has had no revenue to
date) and that pro-forma projected revenue figures should not be
reported since these figures do not reflect actual gross revenue.
Another bank commenter suggested the Bureau develop FAQs and other
documents that applicants can consult to help them determine what
number to supply for gross annual revenue, particularly when a business
is starting up or establishing a new business line. Another industry
commenter asked how to handle situations where there is a change in
structure or ownership of the business and it is unclear how the gross
annual revenue should apply to the applicant.
Two industry commenters specifically suggested changes related to
how to report the gross annual revenue of single purpose entities and
other real estate financing vehicles. Both suggested allowing a
financial institution to rely on the gross annual revenue generated by
the property or the applicant's projected gross annual revenue for
purposes of determining the small business status of the applicant. One
also suggested specific revisions to the commentary to incorporate its
suggestions.
The Bureau also received some general comments regarding the
treatment of gross annual revenue information from an applicant's
affiliate. A trade association expressed support for the Bureau's
proposal to clarify that a financial institution need not verify gross
annual revenue information provided by the applicant and is permitted--
but not required--to report the gross annual revenue for the applicant
that includes the revenue of affiliates as well. Two community group
comments urged the Bureau to require reporting on the gross annual
revenue of parent companies and beneficial owners of limited liability
companies in order to avoid obfuscating extensive property ownership.
Some industry commenters provided suggestions regarding how to
handle gross annual revenue information from the parent companies or
affiliates of applicants. A bank inquired whether revenue or income
relied upon from co-signers or guarantors that are not affiliates of
the borrower should be factored into the gross annual revenue
determination. A group of trade associations suggested specific
technical revisions to the commentary for clarity. Two bank commenters
noted there may be inconsistencies in the data where one institution
looks like it is lending more to small(er) businesses because it opts
not to include gross annual revenue of affiliates. Two other commenters
asked that reportable gross annual revenue be the gross annual revenue
of both the applicant and all of its affiliates. A bank recommended the
Bureau further explain how to handle situations where the applicant is
using multiple owned businesses/affiliates to support sufficient
cashflow, and whether there are repercussions for excluding/including
multiple revenues used in the credit decision. A group of trade
associations representing the commercial real estate industry asked
[[Page 35326]]
the Bureau to provide additional guidance on what types of entities may
be affiliates of an applicant, e.g., as a result of common ownership or
common control. Another trade association suggested that the Bureau
make minor revisions to commentary to clarify that a lender that does
not collect affiliate revenue in all transactions is not precluded from
collecting affiliate revenue in some transactions.
A few commenters specifically asked for clarity regarding the
treatment of real estate affiliate revenue. These commenters explained
that many of their loans are to real estate investors who often form
and apply through a single[hyphen]purpose limited liability company
that has no gross annual revenue (and therefore would meet the proposed
definition of a small business) but that may be affiliates of many
other single[hyphen]purpose limited liability companies and individual
owners. These commenters noted that they typically underwrite these
loans based on a schedule of other real estate in which the single
purpose entity (or its sponsor) has an ownership interest and by using
a global debt coverage calculation that considers the combined income
of the applicant and all affiliated businesses, which can often exceed
$5 million annually. A group of trade associations representing the
commercial real estate industry stated that under the SBA's general
principles of affiliation, the single purpose entities that own that
other real estate would be affiliates of the applicant single purpose
entity, because of the overlapping ownership interest. They also stated
that the single purpose entities on the schedule of real estate could
additionally be affiliates of the applicant single purpose entity where
one or more officers, directors, managing members, or partners controls
the board of directors or management of both the applicant single
purpose entity and the single purpose entities on the schedule of real
estate. A bank asked the Bureau to clarify that such businesses should
be determined to be ``small businesses'' for which data collection and
reporting is required only if the combined income of the business and
its related affiliates does not exceed the threshold set. The group of
trade associations suggested revisions to the commentary that, in the
case of single purpose entities, would allow a financial institution to
consider the owners of any real property listed on a schedule of real
estate as affiliates of the applicant and would also, under certain
circumstances, allow a financial institution to estimate the gross
annual revenue of any income-producing real property for purposes of
determining an applicant's small business status. They also suggested
that for an applicant that is a newly created single purpose entity, a
financial institution should be permitted to apply the $5 million gross
annual revenue threshold to either the gross annual revenue of the
property for its most recent fiscal year under its prior owner or the
single purpose entity's projected gross annual revenue.
Some commenters asked for guidance or argued in favor of using
estimates and extrapolations when exact gross annual revenue
information is unavailable. A bank asked if using an estimate was
permitted when the applicant does not have prior fiscal year
information completed. Another commenter suggested that when an
applicant does not provide information regarding its gross annual
revenue but that applicant's revenue is tracked through a technology
company's online platform (e.g., its sales on the company's online
marketplace), a covered financial institution should be able to report
gross annual revenue based on revenue information obtained from the
platform data. The commenter argued that permitting use of this
alternative data point would serve the purposes of section 1071 by
enabling technology companies to collect and report information on a
greater number of applications, while also reducing the compliance
burden for financial institutions. Two commenters argued that for
consistency, the Bureau should allow financial institutions to
extrapolate or estimate an applicant's gross annual revenue, claiming
that the Bureau proposed to allow institutions (not just applicants) to
rely on extrapolated or estimated revenue data for determining whether
or not a business is a small business.
Many industry commenters supported the Bureau's proposal to permit
financial institutions to rely upon gross annual revenue information
provided by the applicant without any requirement to verify. Many of
these commenters noted that they do not currently collect gross annual
revenue information with every application and even if it is collected,
they do not always verify the amount provided, as underwriting is often
based on other factors such as a cash flow analysis or debt-to-service
ratio. One commenter noted that the flexibility to use the gross annual
revenue provided by the applicant and without verification allows
financial institutions to continue using current, proven underwriting
practices and does not add to the compliance burden by requiring
additional revenue verification steps.
The Bureau received some general comments regarding its proposal to
not require verification of gross annual information but to require
reporting of verified information when available. Two banks requested
further clarification regarding the meaning of ``verification,'' one of
whom argued that neither the identification and assessment of income
figures (not the same as gross annual revenue) by a financial
institution during the underwriting and credit decision process nor the
post-origination independent testing and validation of the small
business data file should be considered ``verification.'' The other
bank stated that exact gross annual revenue information is not always
known until a tax return is completed and asked if the self-reported
gross annual revenue information should be reported or the information
found later on the tax return.
Two community groups urged the Bureau to require the verification
of gross annual revenue information. One noted that tax returns are
generally available and can be used to confirm the applicant's gross
annual revenue information. The other asserted that because the
accuracy of determining whether credit needs of small businesses are
being met hinges on the accuracy of collecting and reporting the
revenue size of the business and because using tax documents or cash
flow information makes it feasible for the lender to verify annual
revenue, the Bureau should require the verification of gross annual
revenue information. This community group argued that if affiliates are
not accounted for in data collection, the data could include businesses
that exceed the revenue limits established by the Bureau, thereby
reducing the efficacy of the data in reporting on the experiences of
small businesses in the lending marketplace. The commenter suggested
that the Bureau thus investigate this issue and determine whether there
are feasible methods a lender can use to identify the presence of
affiliates.
Some industry commenters suggested the Bureau provide a safe harbor
and/or remove its proposed requirement to report verified gross annual
revenue information. Commenters requested the Bureau specify that the
financial institution has no responsibility to verify the number
supplied by the applicant. A few commenters also suggested the Bureau
institute a safe harbor to ensure that whatever gross annual revenue
number is supplied by the applicant can be reported. Commenters urged
the Bureau to clarify that a financial institution is not liable
[[Page 35327]]
for misinterpretation in answering questions or providing information
to the applicant beyond the proposed gross annual revenue question. One
commenter suggested that if it is the lender's practice to revise the
application information in its system to reflect what it believes to be
a verified number, the Bureau should permit the lender to report the
verified number retained in its system, rather than requiring the
lender to maintain both numbers in its system. This commenter also
argued that a lender's verification of revenue should not result in the
lender being required to change the applicant's self-classification as
being a small business or not being a small business because the
determination of whether or not an applicant is a ``small business''
needs to be made by the applicant at the time of application.
Several community groups and a CDFI lender expressed support for
reporting gross annual revenue as a specific dollar amount rather than
in ranges. These commenters emphasized the importance of having precise
and accurate data on gross annual revenue because this information is a
fundamental determinant of whether a business is deemed to be small and
all of its attendant information is captured and collected as part of
the 1071 dataset. One commenter argued gross annual revenue in discrete
units rather than bands was needed to assess the availability of credit
to the smallest businesses, especially those owned by women and people
of color. Another commenter asserted that revenue categories should be
more detailed than those in the CRA small business loan data because
research revealed the inadequacies with the CRA classifications since
businesses with revenues below $500,000 had markedly less access to
loans than businesses with revenues above this amount. This commenter
argued in the alternative that should the Bureau adopt a range for
gross annual revenue, it should select the mid-point with $10,000
increments as a continuous variable as the most accurate for capturing
experiences of the range of small businesses in the lending
marketplace.
With regard to the time frame for usability of gross annual revenue
information, a bank stated that gross annual revenue information should
only be usable for one fiscal year. A trade association suggested that
financial institutions not be required to re-request gross annual
revenue for new credit applications when they can rely on their records
from previous transactions.
Final Rule
For the reasons set forth herein, the Bureau is finalizing Sec.
1002.107(a)(14) and associated commentary with revisions for clarity
and consistency. Final Sec. 1002.107(a)(14) requires reporting of the
applicant's gross annual revenue for its preceding fiscal year. The
Bureau is requiring that financial institutions report a specific value
for gross annual revenue--rather than a range--to simplify the
reporting of gross annual revenue information for financial
institutions and because it believes a precise value is more useful for
data users, including the Bureau. However, the Bureau has not yet
determined how it will publish gross annual revenue data in the
dataset. The Bureau will consider whether modification techniques, such
as ranges, may be appropriate after it conducts its full privacy
analysis. See part VIII below for further discussion about the privacy
analysis and public disclosure of data.
The Bureau is not categorically exempting agricultural credit from
the requirement to collect and report gross annual revenue, as
requested by some commenters. The Bureau understands, as noted by
commenters, that most farmers in this country farm on a part-time basis
and that the gross annual revenue data point may pose challenges given
the prevalence of ``non-standard'' agricultural borrowers such as
customers applying jointly despite having separate farming operations.
The Bureau also understands from commenters that many Farm Credit
System lenders decision applications without either considering off-
farm income or revenue from farming; instead, lenders rely principally
on credit scoring systems. Nevertheless, the Bureau believes that
omitting the gross annual revenue data point for agricultural credit
transactions would introduce inconsistency in data collected across
different industries and would not support section 1071's statutory
purposes. The Bureau notes that data users will be able to identify
agricultural credit transactions using the reported 3-digit NAICS code
and make any necessary adjustments in their analyses to account for
particularities unique to agricultural industries. The Bureau also
believes, as discussed below, that the suggested gross annual revenue
question in final comment 107(a)(14)-1 will facilitate compliance for
agricultural lenders that currently do not collect gross annual
revenue, particularly because the financial institution may rely on the
applicant's answer. As discussed above in the section-by-section
analysis of Sec. 1002.106(b), the Bureau does not believe that ``gross
sales of agricultural or aquatic products'' in the prior year would be
an appropriate metric for agricultural credit in this final rule, nor
that this should form the basis for a separate small business
definition for agricultural businesses.
The Bureau has considered the comments regarding the collection and
reporting of gross annual revenue and it believes its approach in final
comment 107(a)(14)-1--clarifying that a financial institution need not
verify applicant-provided gross annual revenue information, and
providing language that a financial institution may use to ask for such
information--will reduce commenters' concerns regarding complexity and
difficulty of collecting gross annual revenue information.
Final comment 107(a)(14)-1 clarifies that a financial institution
reports the applicant's gross annual revenue for the fiscal year
preceding when the information was collected. The Bureau believes this
will clarify the timing requirements for collection of the gross annual
revenue data point. The final comment provides specific language that a
financial institution may use to ask about an applicant's gross annual
revenue and explains that a financial institution may rely on the
applicant's answer (unless subsequently verified or updated), even if
the applicant's statements or information is based on estimation or
extrapolation. The Bureau believes this language will facilitate
compliance for financial institutions that currently do not collect
gross annual revenue, collect it only in limited circumstances, or
would otherwise find its collection challenging, as some commenters
suggested.
Final comment 107(a)(14)-1 also clarifies that a financial
institution need not verify gross annual revenue information provided
by the applicant to comply with final Sec. 1002.107(a)(14). The
comment explains that the financial institution may rely on the
applicant's statements or on information provided by the applicant in
collecting and reporting gross annual revenue. The comment also states,
however, that if the financial institution verifies the gross annual
revenue provided by the applicant it must report the verified
information. The Bureau understands, as noted by industry commenters,
that a requirement to verify gross annual revenue would be
operationally difficult for many financial institutions, particularly
in situations in which the financial institution does not currently
collect gross annual revenue. The Bureau does not believe that such a
[[Page 35328]]
requirement is necessary to fulfill either of section 1071's statutory
purposes. However, the Bureau believes that reporting verified revenue
when the financial institution already possesses that information will
not be operationally difficult and will enhance the accuracy of the
information collected. For the same reasons and for the reasons
outlined in its discussion of final comment 107(c)-5, the Bureau is
clarifying in final comment 107(a)(14)-1 that a financial institution
reports updated gross annual revenue data if it obtains more current
data from the applicant during the application process. The comment
states that if this updated information is on data the financial
institution has already verified, the financial institution reports the
information it believes to be more accurate, in its discretion.
With respect to the suggestions that the Bureau further clarify the
meaning of ``verify,'' the Bureau believes that additional specificity
in the rule itself could unnecessarily constrain financial
institutions. The Bureau interprets the word ``verification'' to mean
the intentional act of determining the accuracy of information
provided, in this case for the purpose of processing and underwriting
the credit application, and potentially changing that information to
reflect the determination. Gross annual revenue information that may or
may not be more accurate than applicant-provided data and is not part
of a financial institution's verification of the file's applicant-
provided data or used by the institution in processing or underwriting
the application need not be reported. The Bureau agrees with the
commenter who stated that post-origination independent testing and
validation of the small business data file does not constitute
``verification.'' In situations where a financial institution verifies
only a portion of the small business's provided gross annual revenue
figure (perhaps because the institution is relying on that portion for
its credit decision), the financial institution has not verified the
entire gross annual revenue amount provided by the applicant, and it
may continue to rely on the applicant's statement or information, and
it need not report the partially verified information.
The Bureau does not believe it would be appropriate to use a
definition of gross annual revenue for this rule based on the annual
revenue relied upon to make the credit decision. Given both the
statutory language requiring the collection and reporting of ``the
gross annual revenue of the business in the last fiscal year'' and
section 1071's statutory purposes, the Bureau believes that using the
small business's entire gross annual revenue, which may differ from
revenue relied upon in making the credit decision, is the better
approach to implement this data point in final Sec. 1002.107(a)(14).
Moreover, the Bureau notes that--unlike for this final rule--a
business's gross annual revenue is not determinative of either HMDA or
CRA coverage. Here, the Bureau believes it is important to obtain the
applicant's entire gross annual revenue for more accurate
identification of business and community development needs and
opportunities. The Bureau thus agrees with commenters that gross annual
revenue data are important to assess the availability of credit to the
smallest firms, especially those owned by women, minorities, and
LGBTQI+ individuals. Moreover, for credit transactions that are
underwritten without consideration or collection of a small business's
gross annual revenue, no information would be reported for this data
point under a relied-upon standard. Lastly, the Bureau believes it
important to ensure that the gross annual revenue figure used to
determine small business status is the same total figure as the gross
annual revenue reported for the data point. Using different figures
could create data discrepancies and disconnects and would ultimately
result in greater compliance risk for financial institutions.
In addition, the Bureau does not believe that financial
institutions need a safe harbor to ensure that whatever gross annual
revenue number is supplied by the applicant can be reported or that it
would be appropriate to remove the requirement to report verified gross
annual revenue information when the financial institution in fact
verifies it. Final comment 107(a)(14)-1 already clarifies that a
financial institution need not verify gross annual revenue information
provided by the applicant to comply with final Sec. 1002.107(a)(14)
and thus a safe harbor is not necessary to allow reporting of the gross
annual revenue number supplied by the applicant. As one commenter
explained, some financial institutions already revise application
information in their systems with a verified gross annual revenue
number and thus the Bureau does not believe that reporting verified
revenue when the financial institution already possesses that
information will be operationally difficult. In such situations, the
financial institution may report the verified number retained in its
system and is not required to maintain both numbers in its system.
Moreover, the Bureau agrees with the commenter who stated that the
accuracy of determining whether the credit needs of small businesses
are being met hinges on collecting and reporting the revenue size of
the business and thus the Bureau believes that reporting verified
revenue when available will enhance the accuracy of the information
collected.
With respect to requests for guidance from commenters regarding
acceptable sources of gross annual revenue information, the Bureau does
not believe it would be appropriate to require the use of any specific
documentation. However, the Bureau notes that gross annual revenue
information can be reasonably derived from a variety of sources
including tax returns, accountant-prepared financial statements,
internal profit and loss statements, cash flow analyses, or any type of
business income documentation that the financial institution reasonably
relies on in the normal course of business.
With respect to comments regarding how to calculate gross annual
revenue, the Bureau notes that the suggested applicant question in
final comment 107(a)(14)-1 states that gross annual revenue is the
amount of money the business earned before subtracting taxes and other
expenses. The comment further states that an applicant may provide
gross annual revenue calculated using any reasonable method. Different
business units within the financial institution may use different
methods to ascertain gross annual revenue, as long as the methods are
used consistently within each business unit.
The Bureau believes that situations could arise in which the
financial institution has identified that an applicant is a small
business for the purposes of final Sec. 1002.106(b) through, for
example, a screening question asking whether the applicant's gross
annual revenue is $5 million or less, but then the financial
institution is unable to collect or determine a specific gross annual
revenue amount. Therefore, the Bureau is finalizing comment 107(a)(14)-
2 substantively as proposed. The comment first clarifies that pursuant
to final Sec. 1002.107(c), a financial institution shall maintain
procedures reasonably designed to collect applicant-provided data,
including the gross annual revenue of the applicant. The final comment
then states that if a financial institution is nonetheless unable to
collect or determine the specific gross annual revenue of the
applicant, the financial institution reports that the gross annual
revenue is ``not provided by applicant and otherwise undetermined.''
The
[[Page 35329]]
Bureau believes that permitting this reporting flexibility will reduce
the complexity and difficulty of reporting gross annual revenue
information, particularly when an application has been denied or
withdrawn early in the process and gross annual revenue could not be
collected.
The Bureau is finalizing comment 107(a)(14)-3 with minor revisions
for clarity and consistency. The Bureau is adopting commenters'
suggestions to add a cross reference to comment 106(b)(1)-3 and to
remove an example provided in the proposed commentary for additional
clarity. This example would have provided that if the financial
institution does not normally collect information on affiliate revenue,
the financial institution reports only the applicant's revenue and does
not include the revenue of any affiliates when it has not collected
that information. The Bureau shares the commenter's concern that this
comment may be interpreted to preclude a financial institution that
does not collect affiliate revenue in all transactions from collecting
affiliate revenue in some transactions and believes the comment is
sufficiently clear without this example.
Final comment 107(a)(14)-3 also clarifies that a financial
institution is permitted, but not required, to report the gross annual
revenue for the applicant that includes the revenue of affiliates as
well. For example, if the financial institution has not collected
information on affiliate revenue, the financial institution reports
only the applicant's revenue and does not include the revenue of any
affiliates. The Bureau is adopting suggested revisions to comment
107(a)(14)-3 and additionally notes that a financial institution that
does not collect affiliate revenue in all transactions is not precluded
from collecting affiliate revenue in some transactions. The Bureau
believes this comment is responsive to one commenter's question about
how to report gross annual revenue for an applicant with two businesses
because it permits, but does not require, reporting of gross annual
revenue for an applicant that includes the revenue of affiliates, which
may include a business with common ownership. Final comment 107(a)(14)-
3 concludes by explaining that in determining whether the applicant is
a small business under proposed Sec. 1002.106(b), a financial
institution may rely on an applicant's representations regarding gross
annual revenue, which may or may not include affiliates' revenue. The
Bureau noted that final comment 106(b)-3 follows the same approach to
affiliate revenue for purposes of determining whether an applicant is a
small business under final Sec. 1002.106(b). The Bureau believes that
this operational equivalence between final Sec. 1002.107(a)(14) and
final Sec. 1002.106(b) will facilitate compliance and enhance data
consistency.
The Bureau recognizes, as noted by commenters, that there may be
inconsistencies in the data where one financial institution looks like
it is lending more to small(er) businesses as it opts not to include
gross annual revenue of affiliates versus another financial institution
that opts to include such revenue when it reports the gross annual
revenue of an applicant. However, the Bureau is not requiring reporting
of the gross annual revenue of both the applicant and all of its
affiliates, nor is it requiring reporting of revenue for parent
companies and beneficial owners of limited liability companies. The
Bureau believes that permitting, but not requiring, a financial
institution to include the revenue of affiliates will carry out the
purposes of section 1071 while reducing undue burden on financial
institutions in collecting gross annual revenue information. The Bureau
considered whether there are feasible methods to identify the presence
of affiliate revenue, as a commenter suggested, but ultimately has
determined that such an identifier could interfere with allowing a
financial institution to rely on an applicant's self-reported gross
annual revenue information and, in any case, would introduce additional
complexity into reporting. In response to a question about whether
revenue or income relied upon from co-signers or guarantors that are
not affiliates of the applicant should be factored into the gross
annual revenue determination, the Bureau notes that the final rule only
requires the collection and reporting of gross annual revenue of the
applicant.
The Bureau understands there may also be instances, as indicated by
one commenter, where the applicant may use multiple owned businesses/
affiliates to support sufficient cashflow, and in those instances, a
financial institution may rely on an applicant's representations
regarding gross annual revenue that include affiliates' revenue. For
additional guidance on what types of entities may be affiliates of an
applicant, e.g., as a result of common ownership or common control, see
the section-by-section analyses of Sec. Sec. 1002.102(a) and
1002.106(b).
The Bureau has considered the comments regarding the treatment of
real estate affiliate revenue, but is not adopting revisions to, in the
case of single purpose entities, allow a financial institution to
categorize all owners of any real property listed on an applicant's
Schedule Of Real Estate Owned as affiliates of the applicant. The
Bureau is likewise not adopting revisions to allow a financial
institution to estimate or project the gross annual revenue of any
income-producing real property for purposes of determining the
applicant's small business status. The Bureau agrees that under the
SBA's general principles of affiliation, ``common investments''
affiliation can be based on shared investments in or joint ownership of
real estate.\663\ Thus, the owners of real estate that is also owned by
the applicant may be affiliates of the applicant. However, the Bureau
is not adopting the suggested revisions to commentary because affiliate
determinations are inherently fact-specific and rebuttable,\664\ and
the Bureau does not believe it would be appropriate to categorize all
entities as affiliates based on a form listing.
---------------------------------------------------------------------------
\663\ See 13 CFR 121.103(f) (``Individuals or firms that have
identical or substantially identical business or economic interests
(such as family members, individuals or firms with common
investments, or firms that are economically dependent through
contractual or other relationships) may be treated as one party with
such interests aggregated.'') (emphasis added); Small Bus. Admin.,
Small Business Compliance Guide: A Guide to the SBA's Size Program
and Affiliation Rules (July 2020), https://www.sba.gov/sites/default/files/2020-10/AFFILIATION%20GUIDE_Updated%20%28004%29-508.pdf.
\664\ See, e.g., 13 CFR 121.103(f) (``Where SBA determines that
such interests should be aggregated, an individual or firm may rebut
that determination with evidence showing that the interests deemed
to be one are in fact separate.'').
---------------------------------------------------------------------------
The Bureau has considered the comments regarding whether financial
institutions should be permitted to estimate or extrapolate gross
annual revenue from partially reported revenue or other information,
and is making a minor revision in final comment 107(a)(14)-1 to
emphasize a manageable method for collecting full gross annual revenue
when a financial institution does not already do so. Specifically,
final comment 107(a)(14)-1 clarifies that a financial institution may
rely on the applicant's statements or on information provided by the
applicant in collecting and reporting gross annual revenue, even if the
applicant's statement or information is based on estimation or
extrapolation, and that an applicant may provide gross annual revenue
calculated using any reasonable method. As such, when an applicant does
not yet have fiscal year information completed (a hypothetical provided
by a commenter), the applicant may choose to provide its gross annual
revenue using any reasonable method, including
[[Page 35330]]
estimating or extrapolating based on a prior fiscal year's tax return.
The Bureau believes that this flexibility will help address concerns
from commenters that tax returns may not be immediately available upon
the close of a fiscal year. As noted by another commenter, an applicant
may alternatively wish to provide revenue figures generated by a
technology company's online platform (e.g., through sales on the
company's online marketplace). The Bureau notes that under final Sec.
1002.107(b), however, a financial institution must report verified
gross annual revenue information if available. Moreover, as provided by
new comment 107(c)-5, a financial institution reports updated
applicant-provided data if it obtains more current data during the
application process; if this updated information is on data the
financial institution has already verified, the financial institution
reports the information it believes to be more accurate, in its
discretion.
The Bureau also wishes to clarify some apparent confusion among
some commenters who claimed that the proposal would have allowed
financial institutions to extrapolate or estimate an applicant's
revenue to determine whether or not a business is a small business. The
proposal indicated that financial institutions could rely on
extrapolated or estimated revenue information provided by applicants.
The Bureau is making this position clear with final comment 107(a)(14)-
1. The Bureau sought comment on whether financial institutions should
be permitted to estimate or extrapolate gross annual revenue from
partially reported revenue or other information, and how such
estimation or extrapolation would be carried out. On this issue, the
Bureau does not believe that it would be appropriate to permit such
estimation or extrapolation for the identification of small businesses
about whom data collection and reporting is required, and thus
financial institutions' own extrapolation or estimation should likewise
not be used in reporting gross annual revenue in order to maintain
consistency.
With respect to comments asking how to report gross annual revenue
for a startup business, a new line of business, and/or a business with
a change in structure or ownership, the Bureau is adding new comment
107(a)(14)-4, which notes that in a typical startup business situation,
the applicant will have no gross annual revenue for its fiscal year
preceding when the information is collected because either the startup
existed but had no gross annual revenue or it simply did not exist in
the preceding fiscal year. In these situations, the financial
institution reports that the applicant's gross annual revenue in the
prior fiscal year is ``zero.'' The Bureau agrees with the commenter
that suggested, for a start-up business, the financial institution
should use the actual gross annual revenue for its preceding fiscal
year (including the reporting of $0 if a new business has had no
revenue to date) and that pro forma projected revenue figures should
not be reported since these figures do not reflect actual gross
revenue.
In situations where an applicant is establishing a new line of
business but already has revenue in other businesses, such as in the
case of a sole proprietor with an established in-home child-care center
who now seeks financing to start a new line of business offering house-
cleaning services, the Bureau notes that final comment 107(a)(14)-3
clarifies that a financial institution is permitted, but not required,
to report the gross annual revenue for the applicant that includes the
revenue of affiliates as well. This comment may also apply to
situations where there is a change in structure or ownership of the
business. In response to a question from a commenter, the Bureau does
not believe that treatment of affiliate gross annual revenue
information should differ based on whether or not the new business line
was in the same industry as the existing businesses. The Bureau notes
that according to the definition of affiliate provided in final Sec.
1002.102(a), which refers to the SBA's rules for determining
affiliation (13 CFR 121.103), affiliation is not limited to businesses
in the same industry. The Bureau also notes that final Sec.
1002.106(a) defines a business as having the same meaning as the term
``business concern or concern'' in 13 CFR 121.105, which expressly
provides that a firm will not be treated as a separate business concern
if a substantial portion of its assets and/or liabilities are the same
as those of a predecessor entity and that the annual receipts and
employees of the predecessor will be taken into account in determining
size. This successor-in-interest rule would apply to situations where a
business reorganized, and a new entity emerges with essentially the
same assets and liabilities as the old concern.\665\
---------------------------------------------------------------------------
\665\ See Size Appeal of Willowheart, LLC, SBA No. SIZ-5484, at
*4 (July 10, 2013).
---------------------------------------------------------------------------
The Bureau is not exempting new businesses from having application
data reported, as suggested by one commenter, because the Bureau
believes that doing so would contravene section 1071's statutory
purposes. The Bureau does not believe that the final rule will
disproportionately impact credit opportunities (or compliance) for
newly formed businesses that do not have the historical gross annual
revenue. However, as suggested by a commenter, the Bureau will track
questions related to collecting and reporting gross annual revenue
information and may develop FAQs or other materials as necessary to
help financial institutions help applicants determine what number to
supply for gross annual revenue, particularly when a business is
starting up or establishing a new business line.
The final rule does not permit financial institutions the option to
use the gross annual revenue figures provided by an applicant for up to
three years from the date of an application for which the information
was gathered, as requested by one commenter. However, under final Sec.
1002.107(d), discussed below, the Bureau is permitting financial
institutions to reuse previously collected gross annual revenue
information when the data were collected within the same calendar year
as the current covered application. The statutory requirement is for
the applicant's gross annual revenue in the last fiscal year preceding
the date of the application; the Bureau does not believe that revenue
information from years prior to the last fiscal year would satisfy this
requirement.
107(a)(15) NAICS Code
Proposed Rule
The SBA customizes its size standards on an industry-by-industry
basis using 1,012 6-digit NAICS codes.\666\ The first two digits of a
NAICS code broadly capture the industry sector of a business. The third
digit captures the industry's subsector, the fourth captures the
industry group, the fifth captures the industry code, and the sixth
captures the national industry. The NAICS code thus becomes more
specific as digits increase and the 6-digit code is the most specific.
---------------------------------------------------------------------------
\666\ See U.S. Census Bureau, North American Industry
Classification System, at 41 (2022) https://www.census.gov/naics/reference_files_tools/2022_NAICS_Manual.pdf. At the time of the
NPRM, there were 1,057 6-digit NAICS codes. See U.S. Census Bureau,
North American Industry Classification System, at 26 (2017) https://www.census.gov/naics/reference_files_tools/2017_NAICS_Manual.pdf.
---------------------------------------------------------------------------
ECOA section 704B(e)(2)(H) authorizes the Bureau to require
financial institutions to compile and maintain ``any additional data
that the Bureau determines would aid in fulfilling the purposes of
[section 1071].'' The Bureau proposed in Sec. 1002.107(a)(15) to
require that
[[Page 35331]]
financial institutions collect and report an applicant's 6-digit NAICS
code. Proposed comment 107(a)(15)-1 would have provided general
background on NAICS codes and would have stated that a financial
institution complies with proposed Sec. 1002.107(a)(15) if it uses the
NAICS codes in effect on January 1 of the calendar year covered by the
small business lending application register that it is reporting.
Proposed comment 107(a)(15)-2 would have clarified that, when a
financial institution is unable to collect or determine the applicant's
NAICS code, it reports that the NAICS code is ``not provided by
applicant and otherwise undetermined.''
The Bureau also proposed that financial institutions be permitted
to rely on NAICS codes obtained from the applicant or certain other
sources, without having to verify that information itself.
Specifically, proposed comment 107(a)(15)-3 would have clarified that,
consistent with proposed Sec. 1002.107(b), a financial institution may
rely on applicable applicant information or statements when collecting
and reporting the NAICS code and would have provided an example of an
applicant providing a financial institution with the applicant's tax
return that includes the applicant's reported NAICS code. Proposed
comment 107(a)(15)-4 would have provided that a financial institution
may rely on a NAICS code obtained through the financial institution's
use of business information products, such as company profiles or
business credit reports, which provide the applicant's NAICS code.
The Bureau believed that collecting the full 6-digit NAICS code (as
opposed to the 2-digit sector code) would better enable the Bureau and
other stakeholders to drill down and identify whether disparities arise
at a more granular level and would also enable the collection of better
information on the specific types of businesses that are accessing, or
struggling to access, credit. For example, a wide variety of
businesses, including those providing car washes, footwear and leather
goods repair, and nail salons, all fall under the 2-digit sector code
81: Other Services (except Public Administration). With a 2-digit NAICS
code, all of these business types would be combined into one analysis,
potentially masking different characteristics and different outcomes
across these business types.
To address concerns related to the complexity of determining a
correct NAICS code, the Bureau proposed a safe harbor to indicate that
an incorrect NAICS code entry is not a violation of subpart B if the
first two digits of the NAICS code are correct and the financial
institution maintains procedures reasonably adapted to correctly
identify the subsequent four digits (see proposed Sec.
1002.112(c)(2)). The proposed NAICS-specific safe harbor would have
been available to financial institutions in addition to the general
bona fide error exemption under proposed Sec. 1002.112(b).
The Bureau sought comment on its proposal to collect 6-digit NAICS
codes together with the safe harbor described in proposed Sec.
1002.112(c)(2). The Bureau also sought comment on whether requiring a
3-digit NAICS code with no safe harbor would be a better alternative.
Comments Received
The Bureau received comments from a wide range of lenders, trade
associations, community groups, and others regarding the reporting of a
6-digit NAICS code as proposed in Sec. 1002.107(a)(15). Numerous
community groups as well as a few lenders supported the Bureau's
proposal and urged collection of a 6-digit NAICS code. Several
commenters emphasized that 1071 data would adequately achieve a fair
lending purpose only if they contain key variables that are used in
underwriting and enable meaningful fair lending analysis. Commenters
stated that NAICS codes provide critical context to understanding
credit underwriting decisions and help ensure that fair lending
analysis is focused on similarly situated businesses. A few commenters
stated that these data must be reported so that lenders cannot hide
behind data not collected as the justification for their lending
disparities.
A bank and a bank trade association stated that NAICS code could
potentially be helpful in demonstrating a non-discriminatory basis for
credit decisions with respect to applicants in different industries.
The trade association stated that, at most, the Bureau should only add
limited data points pursuant to ECOA section 704B(e)(2)(H) that are
considered by the financial institution in the credit underwriting
process, citing NAICS code and time in business as examples.
Another trade association said that NAICS codes have the advantage
of being independently defined and available for reference. The
commenter stated that if a NAICS code is supplied by the applicant and
published by the Bureau only in the aggregate, the NAICS code can
contribute useful information without unduly burdening lenders.
Some commenters stated that a 2- or 3-digit NAICS code would be too
high a level of aggregation to facilitate fair lending analysis. A CDFI
lender stated that a 6-digit code will offer the most precise insight
into the industries that lenders serve, whereas a 3-digit NAICS code
will leave unnecessary ambiguity in the data. The commenter provided
the example of a dry cleaner sharing the same 3-digit NAICS code as a
mortuary and a parking lot.
Furthermore, a number of community groups and several lenders
stated that 6-digit NAICS codes are useful for identifying certain
industries' ability to access small business credit and to identify
areas of unmet need. For example, one community group asserted that the
ability to identify needs and opportunities for small businesses
requires the ability to compare lending by sector to the total number
of businesses in that sector based on other public data sources.
Moreover, some lenders and community groups said that it is already
standard practice for many small business lenders to collect NAICS
codes. For example, these commenters noted that lenders already collect
NAICS codes for SBA loans, Equal Employment Opportunity Commission
certifications, and CDFI loans.
In contrast, many industry commenters, along with several business
advocacy groups and other commenters, generally opposed the data points
proposed pursuant to ECOA section 704B(e)(2)(H), including NAICS code,
as discussed in the section-by-section analysis of Sec. 1002.107(a)
above. In addition, the majority of industry commenters to address this
issue specifically opposed collection of 6-digit NAICS codes. These
commenters expressed concerns about the burden on both lenders and
applicants and the complexity of determining the appropriate NAICS
code. Concerns raised by commenters included, for example, that
collecting NAICS codes would slow the loan application process; most
lenders are unfamiliar with NAICS codes or do not currently collect
them; lenders would have to change their operating procedures
significantly which would create strain on staff and resources; and it
would add more costs to the lending process which may be passed on to
small business borrowers.
Many industry commenters also voiced concern regarding accuracy and
data integrity, explaining that small businesses often do not know
their NAICS code or may operate in multiple NAICS sectors. Other
challenges cited by commenters included the business changing over
time; codes having overlapping definitions; and
[[Page 35332]]
classifications being prone to human error. For example, two trade
associations noted that their members who made Paycheck Protection
Program loans reported that many applicants were unfamiliar with NAICS
codes. Additionally, some industry commenters expressed concern about
verifying applicant-provided data and potential liability if the NAICS
code is incorrect. One commenter noted that NAICS code classifications
could be subject to change based on SBA rulemaking and thus financial
institutions would need to monitor such developments. A credit union
trade association stated that the identification of business and credit
needs can be accomplished without explicit reference to NAICS codes,
such as by leveraging already existing data sources and voluntary
surveys of business owners. In addition, the trade association asserted
that sector-specific analysis of business credit supply and demand is
best left to the SBA, which already collects NAICS information through
its lending programs.
Several commenters raised concerns that requiring NAICS codes would
add confusion to the lending process. A trade association argued that
requiring NAICS codes will create frustration for the small business
borrower, including delayed application processing, and additional time
and operational burden by banks to ensure the information is gathered
and entered. They asserted that while NAICS codes are generally
provided with some tax documents, lenders found borrower confusion when
making Paycheck Protection Program loans, particularly when certain
NAICS codes allowed for a more generous loan amount and certain small
businesses were unable to benefit from higher loan amounts for certain
sectors due to mismatched NAICS codes. Another commenter stated that
applicants may struggle to determine which code to report, especially
if the nature of the business changes over time or falls under multiple
categories.
A number of industry commenters also expressed concern regarding
privacy risks in collecting the 6-digit NAICS code. These commenters
highlighted the risk of borrower re-identification, particularly in
rural areas and smaller communities. Some commenters stated that NAICS
code combined with census tract would make it easy to re-identify a
small business. In addition, while a community group supported
collection of a 6-digit code, it stated that the public database should
provide only 4-digit NAICS codes to address privacy concerns.
In addition, a few commenters asserted that collecting NAICS codes
would not advance the purposes of section 1071, arguing that collecting
NAICS codes does not provide information that would inform fair lending
analysis. For example, one bank stated that NAICS code would be of
minimal value to fair lending analytics given the complexity of small
business lending, such as the scope and size of the business. Moreover,
several banks stated that they do not currently collect NAICS codes and
that NAICS codes are not used in underwriting or financial analysis
purposes.
A few industry commenters supported collection of a 2-digit NAICS
code, stating that this would achieve the intended policy goal without
creating unnecessary burdens and heightened costs, as well as protect
the privacy of market participants. A trade association for online
lenders supported collection of a 4-digit NAICS code, stating it would
provide sufficient information while mitigating risk of re-
identification and avoiding potential impacts and delays to the
borrower during the application process. A joint letter from community
and business advocacy groups urged the Bureau to permit the submission
of a 3-digit code where the applicant does not provide a 6-digit code.
Finally, one commenter suggested that the Bureau coordinate with the
U.S. Census Bureau to create a suffix to a business's NAICS code that
would identify its minority-owned or women-owned status. The commenter
stated that this would create efficiencies across organizations and
provide an easier and more neutral method of collecting demographic
information on applications. The commenter further noted that this
suffix could be easily masked when loans are sent to underwriters to
ensure it does not impact their decisions.
Final Rule
For the reasons set forth herein, the Bureau is revising Sec.
1002.107(a)(15) to require that financial institutions collect a 3-
digit NAICS code for the applicant. The Bureau is also finalizing
proposed comments 107(a)(15)-1, -2, and -5, with minor adjustments for
consistency. Final comment 107(a)(15)-1 explains what a NAICS code is,
and final comment 107(a)(15)-2 addresses what to report if a financial
institution is unable to collect or otherwise determine the applicant's
NAICS code. Proposed comments 107(a)(15)-3 and -4, which addressed a
financial institution's reliance on information from the applicant and
from other sources, have been removed as those issues are now addressed
in final comment 107(b)-1. Final comment 107(a)(15)-3 (proposed as
comment 107(a)(15)-5) cross-references the safe harbor in final Sec.
1002.111(c)(3) for incorrect 3-digit NAICS code entries. The Bureau has
considered commenters' concerns regarding the difficulties in obtaining
an accurate NAICS code as well as the importance of NAICS codes for
fair lending and community development analysis. The Bureau believes
that collecting the 3-digit NAICS code will achieve the right balance
between minimizing burden on financial institutions and small business
applicants, while also providing valuable data to analyze fair lending
patterns and identify industry subsectors with unmet credit needs.
The Bureau believes that NAICS code data will considerably aid in
fulfilling both section 1071's fair lending purpose and its business
and community development purpose, even if the NAICS code is not
necessary for determining whether an applicant is a small business.
While it will not provide the same level of detail as a 6-digit code,
the 3-digit code will still help ensure that fair lending analysts are
comparing applicants with similar profiles, thereby controlling for
factors that might provide non-discriminatory explanations for
disparities in underwriting and pricing decisions. Moreover, NAICS
subsector codes are useful for identifying business and community
development needs and opportunities of small businesses, which may
differ widely based on industry, even controlling for other factors.
For example, 3-digit NAICS codes will help data users identify
subsectors where small businesses face challenges accessing credit and
understand how small businesses in different industries use credit.
Furthermore, the Bureau believes that publication of NAICS codes
(subject to potential modification and deletion decisions by the
Bureau, as discussed in part VIII below) will help provide for some
consistency and compatibility with other public datasets related to
small business lending activity, which generally use NAICS codes. This
ability to synthesize 1071 data with other datasets may help the public
use the data in ways that advance both the business and community
development and fair lending purposes of section 1071. The Bureau
agrees with commenters' concerns that the 2-digit NAICS code would not
provide sufficiently detailed information to aid regulators and the
public in monitoring particular industries' access to small business
credit.
[[Page 35333]]
The Bureau recognizes that covered financial institutions not
currently using NAICS codes will need to gain familiarity with the
NAICS code system and refer to NAICS subsector classifications for all
relevant applications before reporting 3-digit NAICS codes to the
Bureau. To address concerns related to the complexity of determining a
correct NAICS code, particularly for covered financial institutions
that do not currently use NAICS codes, the Bureau is permitting a
financial institution to rely on applicable applicant information or
statements when compiling and reporting the NAICS code, as well as
permitting a financial institution to rely on a NAICS code obtained
through the financial institution's use of business information
products, such as company profiles or business credit reports (see
final comment 107(b)-1). In other words, a financial institution may
rely on oral or written statements from an applicant, other information
provided by an applicant such as a tax return, or third-party sources
such as business information products. The Bureau believes that being
able to rely on NAICS codes obtained from the applicant or third-party
sources significantly eases potential difficulties for financial
institutions in collecting and reporting a 3-digit NAICS code and
mitigates concerns about inadvertently reporting an inaccurate code.
In response to industry concerns regarding the accuracy of the
NAICS code and the burden of verifying applicant-provided data, the
Bureau emphasizes that financial institutions are permitted to rely on
NAICS codes obtained from the applicant or third-party sources, without
having to verify that information. Furthermore, the Bureau has expanded
the NAICS code safe harbor in final Sec. 1002.112(c)(3), which makes
clear that the safe harbor extends to financial institutions that rely
on an applicant's representations or on other information regarding the
NAICS code. Final Sec. 1002.112(c)(3) also provides a safe harbor for
incorrect 3-digit NAICS code entries, where the financial institution
identifies the NAICS code itself, provided that it maintains procedures
reasonably adapted to correctly identify a 3-digit NAICS code. The
Bureau has also removed the term ``appropriate'' from the regulatory
text of Sec. 1002.107(a)(15). The Bureau believes the term is
unnecessary, particularly in light of the revisions to the NAICS code
safe harbor in final Sec. 1002.112(c)(3), and removing it may help
avoid potential confusion regarding NAICS codes the financial
institution obtains from the applicant or other sources.
Additionally, the Bureau understands that multiple NAICS codes may
apply to a single business. While this may be more of a concern with 6-
digit codes, if more than one 3-digit code applies to a single
business, only one 3-digit NAICS code should be reported.
The Bureau acknowledges community groups' concern that collecting
anything less than 6-digit NAICS codes will result in less precise data
about industry classification. The Bureau nonetheless believes that its
final rule requiring collection and reporting of 3-digit NAICS codes
(along with the expanded safe harbor) strikes an appropriate balance in
addressing the concerns raised by industry and the importance of NAICS
code information in fair lending and community development analysis.
The Bureau will monitor the utility of the NAICS code data point and,
if warranted, may revisit the required number of digits in the future.
Although the Bureau will address re-identification concerns
generally by modifying or deleting data upon publication, the Bureau
notes that its shift to 3-digit NAICS codes will decrease the risk of
re-identification of small business borrowers and related natural
persons in rural areas and smaller communities. See part VIII below for
further discussion about the privacy analysis and public disclosure of
data.
107(a)(16) Number of Workers
Proposed Rule
ECOA section 704B(e)(2)(H) authorizes the Bureau to require
financial institutions to compile and maintain ``any additional data
that the Bureau determines would aid in fulfilling the purposes of
[section 1071].'' In the proposed rule, the Bureau stated that it
believed that data providing the number of persons working for a small
business applicant would aid in fulfilling the business and community
development purpose of section 1071. These data would allow users to
better understand the job maintenance and creation that small business
credit is associated with and help track that aspect of business and
community development.
Proposed Sec. 1002.107(a)(16) would have required financial
institutions to report the number of non-owners working for the
applicant.
Proposed comment 107(a)(16)-1 would have discussed the collection
of the number of workers. The proposed comment would have stated that
in collecting the number of workers from an applicant, the financial
institution would explain that full-time, part-time, and seasonal
workers, as well as contractors who work primarily for the applicant,
would be counted as workers, but principal owners of the business would
not. The proposed comment would have further stated that if the
financial institution was asked, it would explain that volunteers would
not be counted as workers. This treatment of part-time, seasonal,
contract, and volunteer workers would follow the SBA's method for
counting employees,\667\ with minor simplifications. The Bureau sought
comment on whether further modifications to the number of workers data
point were needed to facilitate this operational simplification.
---------------------------------------------------------------------------
\667\ See 13 CFR 121.106(a).
---------------------------------------------------------------------------
Proposed comment 107(a)(16)-1 would have also explained that
workers for affiliates of the applicant would only be counted if the
financial institution were also collecting the affiliates' gross annual
revenue.
The proposed comment would have further explained that the
financial institution could rely on statements of or information
provided by the applicant in collecting and reporting number of
workers, but if the financial institution verifies the number of
workers provided by the applicant, it must report the verified
information.
Proposed comment 107(a)(16)-1 would have also provided sample
language that a financial institution could use to ask about the number
of workers, if it does not collect the number of workers by another
method. The Bureau provided the sample language in the proposed
comment, which implements the simplified version of the SBA definition
referenced above. The Bureau sought comment on this method of
collection, and on the specific language proposed.
Proposed comment 107(a)(16)-2 would have first clarified that a
financial institution shall maintain procedures reasonably designed to
collect applicant-provided information, including the number of workers
of the applicant. The proposed comment would have then stated that if a
financial institution is nonetheless unable to collect or determine the
number of workers of the applicant, the financial institution reports
that the number of workers is ``not provided by applicant and otherwise
undetermined.''
The Bureau sought comment on its proposed approach to the number of
workers data point, as well as on the specific requests for comment
above.
[[Page 35334]]
The Bureau also sought comment on whether financial institutions
collect information about the number of workers from applicants using
definitions other than the SBA's, and how the collection of this data
point could best be integrated with those collections of information.
Comments Received
The Bureau received comments on its proposed number of workers data
point from lenders, trade associations, and community groups. A number
of commenters supported the Bureau's proposal. A few commenters urged
the Bureau to adopt the number of workers data point, suggesting that
it is important for business and community development purposes. A CDFI
lender and community group commenter said that the number of workers
data point will help provide a greater understanding of owner-operated
and microbusiness needs and accessibility to affordable credit. Another
community group commented that the data point provides insight into the
number of jobs created, retained and/or supported by access to credit.
This community group further noted that the data point would also
assist in analysis of whether businesses of various sizes fare
differently in the lending marketplace. Many community groups expressed
support for collecting data on the number of workers because they
believe it will help indicate whether smaller businesses of various
sizes will require more support and technical assistance when it comes
to credit access. A minority business advocacy group commented that the
data will help determine various levels of economic development and
impact across the country. A few commenters agreed with the Bureau's
proposed method of collecting the number of non-owner workers and
including part-time staff, seasonal staff, and contractors that work
primarily for the business.
A trade association commented that the important considerations are
that the Bureau provide language for lenders to provide to applicants
to help applicants correctly answer the question and that the Bureau
emphasize that financial institutions may rely on statements made by
the applicant without incurring risk. Another industry commenter
suggested that the final rule enable principal owners to count
themselves as workers because this method is more common in industry
and would avoid confusion. A bank recommended that the final rule
expressly permit covered financial institutions to collect required
data from applicants through a variety of means, including on the
application form, supplemental documents or forms, or the sample data
collection form. A CDFI lender suggested that the Bureau require
financial institutions to report the breakdown of full-time and part-
time workers.
The Bureau received many comments from industry opposing the
proposal to collect data on the number of workers. Some commenters
stated that data on the number of workers is not currently collected
and that some customers do not readily have this information available,
though several noted they had collected it for Paycheck Protection
Program loans. A trade association stated that the data are unfamiliar
to the applicant or difficult to obtain and will result in additional
complexity, confusion, and significant operational and regulatory
costs. Several commenters indicated that it is not a factor in the
credit decision. A bank stated that it is not in the banker's role to
determine this information and there is no reason to collect and
monitor this data point if the small business is a creditworthy
borrower.
A few industry commenters questioned the value of this data point,
arguing that it would not aid in fulfilling the fair lending purpose of
section 1071. Two asserted that without context (for example,
separating full-time versus part-time and contract workers) there seems
to be little value in collecting the information. One suggested that
collection is further complicated when the gross annual revenue of an
affiliate is considered, because then the number of workers for the
affiliate must be included. Several industry commenters also stated
that the proposed general exclusion of affiliate employees is
problematic because some of these employees may perform substantial
services for the applicant.
A bank commented that the CRA already considers the impact of
adding jobs through small business and community development loans.
Another bank commented that SBA uses either the gross annual revenue or
number of workers, depending on the type of business, to qualify
businesses as small and because the Bureau's proposal already contains
a gross annual revenue size test, it would be unnecessary to collect
the number of workers because it is irrelevant to the credit decision
and determining the size of the business.
Final Rule
For the reasons set forth herein, the Bureau is finalizing Sec.
1002.107(a)(16) with an addition and a minor revision to the associated
commentary. Pursuant to its authority under ECOA section 704B(e)(2)(H),
the Bureau believes that data on the number of workers will aid in
fulfilling the business and community development purpose of section
1071. Data on the number of persons working for a small business
applicant will provide data users and relevant stakeholders with a
better understanding of the job maintenance and creation that small
business credit provides.
In response to comments regarding the complexity and difficulty in
collecting information about the number of workers, the Bureau is
adding a new comment to require that financial institutions report the
number of workers using ranges rather than reporting the specific
number of workers. Final comment 107(a)(16)-1 provides that a financial
institution complies with Sec. 1002.107(a)(16) by reporting the number
of people who work for the applicant using the ranges prescribed in the
Filing Instructions Guide. The Bureau believes that reporting the
number of workers in ranges rather than a specific numerical value will
eliminate some of the collection difficulties expressed by commenters,
such as determining the exact number of employees when that number
varies throughout the year.
The Bureau is finalizing comment 107(a)(16)-2 (renumbered from
comment 107(a)(16)-1 in the proposed rule) with some revisions as well
as additional guidance on how a financial institution may collect
information about the number of workers in light of final comment
107(a)(16)-1. Specifically, a financial institution may collect the
number of workers from an applicant using the ranges specified by the
Bureau in the Filing Instructions Guide (as indicated in final comment
107(a)(16)-1) or as a numerical value. Final comment 107(a)(16)-2
retains from proposed comment 107(a)(16)-1 the discussion on collecting
the number of workers, including the sample language to provide to
applicants to ask about the number of workers and the statement that a
financial institution may rely on the applicant's response, but the
Bureau is making minor edits for clarity. The Bureau agrees with
commenters that these provisions are helpful, and is including them to
facilitate compliance.
The Bureau agrees with commenters' recommendations that financial
institutions should be able to rely on statements made by the applicant
and should be permitted to collect required data from applicants
through a variety of means. First, the rule does not limit the means by
which the number of workers data can be collected, and
[[Page 35335]]
though it provides optional language to use, it does not require the
use of that language. The Bureau believes that allowing financial
institutions to rely on applicant-provided data will sufficiently
safeguard accuracy such that the resulting data will aid in fulfilling
the purposes of section 1071. The Bureau also believes that reporting
the verified number of workers when the financial institution already
possesses that information will not be operationally difficult, and
will enhance the accuracy of the information collected. To facilitate
compliance with the regulation, the Bureau provides guidance related to
reliance on all applicant-provided data, including number of workers,
in final comment 107(b)-1. Generally, that comment permits reliance on
statements of the applicant or information provided by an applicant;
however, if a financial institution verifies information, it reports
the verified data. For more information on relying on statements made
by or provided by an applicant, see the section-by-section analysis of
Sec. 1002.107(b).
The Bureau is finalizing comment 107(a)(16)-3 (renumbered from
proposed comment 107(a)(16)-2) with a minor edit for clarity. Final
comment 107(a)(16)-3 cites to Sec. 1002.107(c), which provides that a
financial institution shall maintain procedures reasonably designed to
collect applicant-provided data, which includes the number of workers
of the applicant. Comment 107(a)(16)-3 further explains that a
financial institution reports that the number of workers is ``not
provided by applicant and otherwise undetermined'' if, despite such
procedures, the financial institution is unable to collect or determine
the information. The Bureau believes that allowing this response will
facilitate compliance when an applicant does not provide the requested
data.
The final rule does not require financial institutions to report
the distinction between various worker categories such as full time
versus part time, as recommended by some commenters. The Bureau
believes that requiring distinctions between various worker categories
could introduce unnecessary complexity and compliance challenges. The
final rule also does not include principal owners in the number of
workers, as recommended by a commenter. The final rule requires the
separate collection of the number of principal owners in final Sec.
1002.107(a)(20), and the Bureau believes that this differentiation will
improve the granularity and usefulness of the data collected.
The Bureau acknowledges comments noting that some financial
institutions do not collect or maintain data on number of workers nor
is the information used in their credit decisions. However, the Bureau
believes that number of workers is critical to further the business and
community development purpose of section 1071 and the Bureau does not
believe it will be particularly difficult for financial institutions to
obtain this information if they do not do so already. The Bureau has
also provided sample language in final comment 107(a)(16)-2 that a
financial institution may use to ask an applicant about the number of
workers.
With respect to questions from commenters about how the number of
workers data point meets section 1071's purposes, as discussed above
the Bureau believes the data will provide insight into small business
credit that contributes to job creation and maintenance, as well as
other trends in the small business market's ability to grow and
maintain workers, and the full set of data required to be collected and
reported under this final rule should provide sufficient context for
meaningful understanding of this data point. Regarding the comment that
the CRA already considers the impact of adding jobs through small
business and community development loans, the Bureau notes that data
collected under section 1071 vary from data collected under CRA and the
institutions subject to section 1071 are not necessarily subject to
CRA. Regarding the concerns raised by commenters that the number of
workers for an applicant's affiliates must be counted if the
affiliates' gross annual revenues are considered, the Bureau notes that
the applicant is already providing information on affiliate(s) in this
situation, and the financial institution can simply ask a question
regarding number of workers, perhaps using the language provided in
final comment 107(a)(16)-2, and tell the applicant to include affiliate
information.
107(a)(17) Time in Business
Proposed Rule
ECOA section 704B(e)(2)(H) authorizes the Bureau to require
financial institutions to compile and maintain ``any additional data
that the Bureau determines would aid in fulfilling the purposes of
[section 1071].'' In the proposed rule, the Bureau stated that it
believed that data providing the time in business of a small business
applicant would aid in fulfilling both the business and community
development and fair lending purposes of section 1071.
The Bureau proposed Sec. 1002.107(a)(17) to require a financial
institution to collect and report the time the applicant has been in
business, described in whole years, as relied on or collected by the
financial institution. Proposed Sec. 1002.107(a)(17) would have
required the data be reported in whole years, rather than ranges of
time, because a financial institution would have a definite number of
years if it collects this information presently, and the Bureau
believed that time in business reported in whole years would make the
data more granular and useful.
Proposed comment 107(a)(17)-1 would have provided guidance on how
to report one of the two methods (relied on or collected) for reporting
the time-in-business data point. The proposed comment would have
explained that, regardless of which method is used, the financial
institution must report the time in business in whole years, or
indicate if a business has not begun operating yet, or has been in
operation for less than a year. Proposed comment 107(a)(17)-1 would
have explained that when the financial institution relies on an
applicant's time in business as part of a credit decision, it reports
the time in business relied on in making the credit decision. However,
the comment would have further explained that proposed Sec.
1002.107(a)(17) would not require the financial institution to rely on
an applicant's time in business in making a credit decision.
Proposed comment 107(a)(17)-1 would have also explained that the
financial institution may rely on statements or information provided by
the applicant in collecting and reporting time in business; however,
pursuant to proposed Sec. 1002.107(b), if the financial institution
verifies the time in business provided by the applicant, it must report
the verified information. This guidance would have applied whether the
financial institution relies on the time in business in making its
credit decision or not, although the Bureau believed that verification
would be very uncommon when the financial institution is not relying on
the information.
Proposed comment 107(a)(17)-2 would have provided instructions on
how to report the time in business relied on in making the credit
decision. The proposed comment would have stated that when a financial
institution evaluates an applicant's time in business as part of a
credit decision, it reports the time in business relied on in making
the credit decision. For
[[Page 35336]]
example, the proposed comment would have further explained, if the
financial institution relies on the number of years of experience the
applicant's owners have in the current line of business, the financial
institution reports that number of years as the time in business.
Similarly, if the financial institution relies on the number of years
that the applicant has existed, the financial institution reports the
number of years that the applicant has existed as the time in business.
Proposed comment 107(a)(17)-2 would have then concluded by stating that
a financial institution reports the length of business existence or
experience duration that it relies on in making its credit decision,
and is not required to adopt any particular definition of time in
business.
Proposed comment 107(a)(17)-3 would have stated that a financial
institution relies on an applicant's time in business in making a
credit decision if the time in business was a factor in the credit
decision, even if it was not a dispositive factor. The proposed comment
would have provided the example that if the time in business is one of
multiple factors in the financial institution's credit decision, the
financial institution has relied on the time in business even if the
financial institution denies the application because one or more
underwriting requirements other than the time in business are not
satisfied.
Proposed comment 107(a)(17)-4 would have clarified that if the
financial institution does not rely on time in business in considering
an application, pursuant to proposed Sec. 1002.107(c)(1) it shall
still maintain procedures reasonably designed to collect applicant-
provided information, which includes the applicant's time in business.
The proposed comment would have explained that in collecting time in
business from an applicant, the financial institution complies with
proposed Sec. 1002.107(a)(17) by asking for the number of years that
the applicant has been operating the business it operates now. The
proposed comment would have further explained that when the applicant
has multiple owners with different numbers of years operating that
business, the financial institution collects and reports the greatest
number of years of any owner. Proposed comment 107(a)(17)-4 would have
then concluded by making clear that the financial institution does not
need to comply with the instruction if it collects and relies on the
time in business by another method in making the credit decision.
Proposed comment 107(a)(17)-5 would have explained that pursuant to
proposed Sec. 1002.107(c)(1) a financial institution shall maintain
reasonable procedures to collect information provided by the applicant,
which includes the time in business of the applicant, but if the
financial institution is unable to collect or determine the time in
business of the applicant, the financial institution reports that the
time in business is ``not provided by applicant and otherwise
undetermined.''
The Bureau sought comment on its proposed approach to this data
point. The Bureau also sought comment on whether time-in-business
information may be less relevant or collectable for certain products or
situations (such as retailer-branded credit cards acquired at point of
sale) and whether reporting ``not applicable'' should be allowed in
those instances. In addition, the Bureau sought comment on whether
there should be an upper limit on time in business--for example, to
allow reporting of ``over 20 years'' for any applicant of that
duration, rather than requiring reporting of a specific number of
years.
Comments Received
The Bureau received comments on its proposed time in business data
point from a number of lenders, trade associations, and community
groups. A number of commenters supported the Bureau's proposal to
collect time in business data with some pointing out the importance of
time in business for the fair lending and community development
purposes of section 1071. A trade association noted that time in
business data are potentially useful for lenders, policymakers,
regulators, and communities and that this is a common credit
consideration for the type of small business lending undertaken by
certain financial institutions. This trade association asserted that
the data can help explain differences in underwriting risk among small
business applicants and avoid misinterpretation of the dataset by
distinguishing potentially riskier new businesses from established
businesses. A community group stated that this data point is needed to
assess if access to credit is reasonably available and whether there
are geographical barriers that do not seem present in other areas based
on analysis of the data. This commenter further stated that such
analysis can help stakeholders identify and ameliorate any access to
credit barriers for younger firms.
A bank and a trade association commented that this data point could
be helpful in demonstrating a non-discriminatory basis for different
credit decisions and may provide helpful context for evaluating the
basis for credit decisions and conducting an accurate, fact-based fair
lending analysis. A community group stated that lenders already collect
or consider the number of years a small business has been in operation
as it is an element of loan risk and underwriting. This commenter
further stated that time-in-business data would allow the assessment of
whether businesses of similar duration are likely to receive credit at
comparable terms, such as by comparing Black-owned, Latino-owned, and
Asian-owned start-ups with white-owned start-ups. A number of
commenters noted in discussing data points, including time in business,
that fair lending analysis requires a robust set of key variables that
are used in underwriting. Relatedly, other commenters stated that data
collected under the Bureau's rule must be sufficient to allow data
users to understand the characteristics of applicants that are denied
credit so as to identify areas of unmet need and also to be able to
compare declined applicants with those who are approved for credit to
look for evidence of discrimination.
Commenters specifically pointed out the importance of collecting
information regarding whether a business is a start-up. A community
group noted start-ups and younger businesses generally have more
difficulties qualifying for credit, and other commenters pointed out
that it is well known that start-ups often struggle to access
financing.
In contrast, the Bureau received many comments from lenders and
trade associations generally opposing the Bureau's proposal to collect
time in business. One trade association questioned how asking how long
a company has been in operation furthers fair lending purposes. A few
banks stated that the information is not considered for underwriting
purposes or relevant to the creditworthiness of the applicant. An
agricultural lender asserted that time in business data can be unknown,
misleading, or not relevant. A few industry commenters asserted that
time in business data are not currently collected or maintained by
lenders. Some commenters said collecting time in business data would
impose compliance burden and one also said that it would add friction
to the application process. A bank stated that customers do not have
this type of information readily available when applying for a
commercial loan. Another bank noted that the data point adds a layer of
complexity, will not provide useful information that advances section
1071, and goes beyond what other laws,
[[Page 35337]]
such as HMDA, require financial institutions to collect. A trade
association commented that time in business is unfamiliar to the
applicant or difficult to obtain and will result in additional
complexity, confusion, and significant operational and regulatory
costs. Another trade association said this data point involves
complexities because many small businesses cannot provide an exact
amount of time in business due to name changes, mergers and
acquisitions, and other routine events that complicate this
calculation. A bank stated that its borrowers rarely keep good enough
records to properly state the date they began doing business. An
agricultural lender stated that time in business can be difficult to
determine for a farming operation that may have begun as a lifestyle
venture or arose from multiple generations of farming.
Some commenters expressed concerns with the data to be collected as
well as the method of reporting. A bank stated that it makes loans for
startup companies and relies on the applicant's experience in the given
industry rather than the length of time they have operated their
current business; however, underwriting for an established business
uses the length of time that specific business has been in operation.
Although the Bureau's proposal allows for the consideration of business
experience or business longevity, this commenter and several others
asserted that the resulting data gathered will not be comparable and
analysis of that data will be meaningless. Another bank stated that in
most cases, the credit decision is a combination of the number of years
the applicant has been in business and the number of years the
principals have been in the industry, but if one institution reports
the number of years the applicant has been in business and another
reports the number of years of experience of the principals, they would
not appear to be as similarly situated as they are; therefore, it will
be impossible to make comparisons or draw accurate conclusions with
respect to the information submitted. Another bank pointed out this
same issue and stated that the mixture of responses would lead to
unreliable information, unjustifiable conclusions, and unjustified
burden on applicants and financial institutions. Other banks and a
trade association also indicated that the credit decision can be based
on a combination of the number of years the applicant has been in
business and the number of years the principals have been in the
industry. Two of these commenters also said that the Bureau did not
provide guidance on how to report the data in these circumstances.
A bank trade association commented that many small business
borrowers create new entities for various reasons and expressed concern
that the data collected could suggest lenders are giving more favorable
treatment to new small businesses as opposed to existing ones. Another
trade association stated that collecting time in business using
management or owner experience rather than the age of the business
itself undercuts the Bureau's rationale that time in business could
explain the difference in underwriting risk among small business
applicants and avoid misinterpretation of data. This commenter
recommended that time in business be collected at the financial
institution's option. A bank was concerned that time in business data
may make it appear to discriminate against start-up businesses,
explaining that its practice has been to avoid providing financing for
start-up businesses unless it can secure government guaranties because
in distressed areas where the bank generally lends, start-up businesses
have historically been unable to sustain a repayment history for the
loan term due to business closure and liquidation. Therefore, the bank
explained, if comparing this information for fair lending, it will
appear that they are discriminating against start-up businesses when
there are studies showing that minority-owned businesses are under-
financed as start-ups.
Several commenters requested the Bureau provide clarification on
certain aspects of reporting the data point or made recommendations for
reporting the data. A bank suggested that the Bureau collect the time
the business has been active regardless of ownership experience or time
the current owners have owned this business. A community group
recommended that financial institutions be required to report the time
in business used when underwriting the loan because time in business
could refer to either the time period since the business was formally
incorporated or the time period of operation. A bank requested
clarification on temporary lapses in business and how to report
seasonal businesses. Several agricultural lenders and a trade
association suggested that if this data point is not dropped then the
Bureau should tie it to the established Farm Credit data point, ``Year
began Farming,'' because Farm Credit associations already collect
``Year began farming.'' These commenters reasoned that there would be
needless confusion in the context of agricultural credit if there were
separate and competing definitions of ``Time in business'' and ``Year
began farming.'' A bank recommended that the easiest way to report time
in business information is with a number in the column; however, it
suggested that for newer businesses, particularly for those with less
than one year in business, the number should be reported in ranges,
e.g., 0-6 months or 7-12 months. A community group said that credit
card lenders should not be able to routinely report ``not applicable''
for this data point because the information should not be too hard to
ask for on an application form. A bank and a trade association
requested that the Bureau allow all financial institutions to report
the applicant's time in business, whether used in credit underwriting
or collected from the applicant, and to rely on the information
provided by the applicant. These commenters also requested that the
Bureau include in the final rule a safe harbor from liability for
reporting the applicant-provided time in business. Another trade
association also recommended that the Bureau clarify that financial
institutions may rely on statements made by the applicant without
incurring risk.
A bank commented that putting an upper limit on years to report is
not a good idea and said that time in business should always be
reported as a specific number of years. The bank reasoned that there
are businesses that struggle at the 5 year mark, the 10 year mark, or
the 50 year mark. According to this bank, one should not assume that
applicants are ``fine'' because those years are above an arbitrary
number the Bureau has chosen.
Final Rule
For the reasons set forth herein, the Bureau is finalizing Sec.
1002.107(a)(17) with revisions to the regulatory text and commentary.
As explained below, financial institutions will be required to report
the time the applicant has been in business, but the Bureau has revised
the requirements to provide financial institutions more flexibility in
collecting the information. Pursuant to its authority under ECOA
section 704B(e)(2)(H), the Bureau determines that collecting data on
time in business will further the purposes of section 1071, as further
explained below.
The Bureau believes that time in business will advance both
statutory purposes of section 1071. Research illustrates the role that
start-ups and new businesses play in the business ecosystem and in
promoting important community development aims, such as
[[Page 35338]]
creating new jobs.\668\ Financial institutions often have special
credit policies regarding start-ups and other young businesses,
including whether the institution will extend credit to start-ups at
all, the type(s) of credit products start-ups and new businesses can
apply for, and the amount of credit for which they can be approved.
Studies generally show that start-ups experience greater difficulty in
accessing credit.\669\
---------------------------------------------------------------------------
\668\ See, e.g., Small Bus. Admin., 2018 Small Business
Profiles, at 1-2 (2018), https://www.sba.gov/advocacy/2018-small-business-profiles-states-and-territories?utm_medium=email&utm_source=govdelivery; John
Haltiwanger et al., Who Creates Jobs? Small versus Large versus
Young, 95(2) Review of Econ. & Stat., at 347-61 (2013), https://direct.mit.edu/rest/article/95/2/347/58100/Who-Creates-Jobs-Small-versus-Large-versus-Young.
\669\ For example, a Federal Reserve Bank of New York report,
based on data from the 2016 Small Business Credit Surveys that
included information from 12 Federal Reserve Banks, provides
statistics on how start-ups are less likely to receive credit as
compared to mature businesses, even with comparable credit scores.
See Fed. Rsrv. Bank of N.Y., Small Business Credit Survey: Report on
Start-up Firms, at iv (2017), https://www.newyorkfed.org/medialibrary/media/smallbusiness/2016/SBCS-Report-StartupFirms-2016.pdf.
---------------------------------------------------------------------------
Time in business data will benefit data users, including financial
institutions, policymakers, economic analysts, and communities by
allowing them to better identify the proportion of small businesses
seeking credit that are start-ups or relatively new businesses, the
type(s) of credit offered to these groups, the geographic setting of
these businesses, the types of financial institutions that are reaching
such businesses, and where communities might focus business development
efforts. The data may also aid policymakers in addressing issues
impacting the growth of small start-ups. The data, particularly as to
unmet demand, could help interested financial institutions identify
lending opportunities to reach more start-ups and new businesses,
promoting both business and community development. This data point will
also facilitate fair lending analyses by providing a useful control to
identify similarly situated applicants and eliminate some false
positives, while also allowing monitoring of potential disparate
treatment of relatively new minority- and women-owned small businesses.
The Bureau understands from commenters that there are complexities
associated with collecting time in business information from an
applicant for various reasons, including applicant difficulty providing
an exact time because of prior name changes, events that affected the
applicant's structure, multi-generational ownership, and others
discussed by commenters above. In light of the feedback received, the
Bureau has revised the requirements for reporting time in business
information, based on the financial institution's procedures. The
Bureau is also not finalizing this data point to include data as relied
on by the financial institution to make a decision. Rather, the final
rule requires financial institutions to report time in business as
collected or otherwise obtained. Although this requirement is similar
to reporting the time in business relied on, the new language makes
clear that the financial institution reports the time in business
collected or obtained regardless of whether it relied on that
information in underwriting the application. Commenters indicated that
they may base their credit decision on a combination of factors, such
as the time the applicant has been in existence and the time the owners
have been in the industry, while other commenters indicated that they
do not collect or use time in business for underwriting purposes. The
Bureau believes that standardizing the time in business data point to
be based on what the financial institution collects or obtains
streamlines the requirement and provides flexibility for the financial
institution to report time in business information based on its credit
policies or programs rather than having to select a time in business
method specifically for reporting pursuant to this rule. Accordingly,
the Bureau is not finalizing ``as relied on or collected by the
financial institution'' in the regulatory text. Final regulatory text
for Sec. 1002.107(a)(17) requires reporting of the time the applicant
has been in business; however, the Bureau is providing further details
guidance in commentary regarding time in business collection and
reporting, as explained below. As some commenters suggested, allowing
different methods for measuring time in business will have an effect on
the comparability of the data, but information about the time in
business actually collected by the financial institution for its own
purposes will be useful for fair lending analysis and will impose less
operational difficulty than requiring reporting based on a single
definition. For example, this method will allow a financial institution
to use the ``year began farming'' date, as suggested by some
commenters, to report time in business without further inquiry.
Final comment 107(a)(17)-1.i provides that a financial institution
reports time in business in whole years if, as part of its procedures,
it collects or obtains the number of years an applicant has been in
business. Final comment 107(a)(17)-1.i also provides guidance to make
clear that if the financial institution reports the number of whole
years, the financial institution rounds down to the nearest whole year.
Final comment 107(a)(17)-1.ii provides that if a financial institution
does not collect or obtain the number of years an applicant has been in
business, but as part of its procedures it determines whether or not
the applicant has been in business less than two years, then the
financial institution reports the applicant's time in business as
either less than two years or two or more years. Final comment
107(a)(17)-1.iii provides that if a financial institution does not
collect or obtain time in business, either as number of years or a
determination as to whether the applicant has been in business less
than two years, then the financial institution complies with the rule
by asking the applicant whether it has been in business less than two
years or two or more years. The Bureau is not finalizing the provision
in proposed comment 107(a)(17)-1.ii to require financial institutions
to indicate whether an applicant has not begun operating yet or has
been in operation less than a year. In addition, the Bureau is not
requiring that newer business applicants' time in business be reported
in ranges, as one commenter suggested. The Bureau believes that time in
business information reported in whole years or an indication of over
or under two years can provide data users with robust information
regarding start-ups and newer businesses as well as the maturity of
other businesses, thus furthering the purposes of section 1071 while
also simplifying collection and reporting. Issues such as whether to
report the time in business based on the time of incorporation or time
of business opening, lapses in business operation such as for a
seasonal business, and new business entities that do not actually
constitute a new enterprise should all be considered within the
financial institution's discretion in collecting time in business. The
Bureau does not believe that these scenarios will have a significant
effect on the quality of the data reported, but crafting a rule that
takes them into account could considerably increase the operational
difficulty of compliance.
Final comment 107(a)(17)-2 provides that a financial institution
that collects time in business as part of its procedures is not
required to collect or obtain time in business information pursuant to
a specific definition for the purposes of this rule. The comment
[[Page 35339]]
provides examples of how a financial institution may define time in
business, including by asking the applicant when the business started
or based on the owner's experience in the industry. As discussed above,
the Bureau understands from commenters that a financial institution may
collect and/or consider for underwriting both the number of years the
applicant has been in business and the number of years of experience an
owner has in the industry. In response to a comment requesting
clarification and to mitigate other commenter concerns, final comment
107(a)(17)-2 provides that if a financial institution collects the
number of years the applicant has existed as well as another measure of
time in business, such as the number of years of experience an owner
has in the industry, the financial institution reports the number of
years the applicant has existed as the time in business. The Bureau
believes that this method will result in more uniform and comparable
data on time in business and should not cause operational difficulty
because the financial institution will be reporting information that it
already collects.
Comment 107(a)(17)-3 (renumbered from proposed comment 107(a)(17)-
6) is finalized with minor clarifications. Final comment 107(a)(17)-3
provides that a financial institution is required to maintain
procedures reasonably designed to collect applicant-provided data,
which includes time in business; however, if the financial institution
is nonetheless unable to collect this information, then the financial
institution reports ``not provided by applicant and otherwise
undetermined'' for the time in business data point. The Bureau believes
that providing this reporting option will facilitate compliance.
The Bureau acknowledges commenters' arguments that time in business
is not collected by some financial institutions now nor used by such
institutions for underwriting purposes. However, other industry
commenters indicated that they do collect and use time in business for
underwriting (for example, commenters stated the credit decision is
based on a combination of the number of years the applicant has been in
business and the number of years the principals or owners have in the
industry).
Commenters also expressed concern with the burden associated with
collecting time in business information. The Bureau does not believe it
would be too difficult for financial institutions to collect this
information if they do not already do so, and the ability to merely ask
whether a business has existed for less than two years or two years or
more should reduce any complexity for applicants in providing the
information. The Bureau also believes that collection of time in
business will further the dual purposes of section 1071, as discussed
above. The final rule does not permit time in business information be
reported at the financial institution's option, as the Bureau believes
that if it made this data point optional, very little data would be
reported.
With respect to the concern raised by a commenter that reporting
time in business information may cause a financial institution to
appear to discriminate against start-up businesses because of its
policy to avoid providing financing to start-ups, the Bureau believes
that time in business information will help mitigate concerns of data
misrepresentation and help explain the credit decision made by a
financial institution. For example, data indicating that an applicant
is relatively new with little experience or financial history could
explain why the financial institution denied the application or
approved it for less than what was applied for.
With respect to the recommendation that the Bureau allow all
financial institutions to report the applicant's time in business
whether used in credit underwriting or collected from the applicant,
the final rule provides this flexibility for financial institutions.
The final rule also allows the financial institution to collect
applicant-provided data, including time in business information, from
appropriate third-party sources. See final Sec. 1002.107(b).
The Bureau is not adopting a safe harbor from liability for
reporting the applicant-provided time in business for the reasons
provided in the section-by-section analysis of Sec. 1002.112(c).
Guidance related to relying on information provided by an applicant and
appropriate third-party sources, including time in business
information, is provided in final comment 107(b)-1. (Similar content
was included in proposed comment 107(a)(17)-1.) That comment explains
that a financial institution needs report verified information only if
it verifies information from the applicant for its own business
purposes. Because the rule makes clear that a financial institution may
rely on statements made by or information from the applicant regarding
time in business and need not verify its accuracy, the Bureau does not
believe that a safe harbor is necessary. For more information on
relying on information provided by an applicant, see the section-by-
section analysis of Sec. 1002.107(b).
107(a)(18) Minority-Owned, Women-Owned, and LGBTQI+-Owned Business
Statuses Background
ECOA section 704B(b) requires financial institutions to inquire
whether applicants for credit are minority-owned and/or women-owned
businesses and to maintain a record of the responses to that inquiry
separate from the applications and accompanying information. Section
704B(c) provides that applicants for credit may refuse to provide
information requested pursuant to 704B(b). ECOA section 704B(e)(2)(H)
authorizes the Bureau to require financial institutions to compile and
maintain ``any additional data that the Bureau determines would aid in
fulfilling the purposes of [section 1071].'' The Bureau is finalizing
Sec. 1002.107(a)(18) to address how a financial institution would
collect and report an applicant's minority-owned and women-owned
business statuses, along with LGBTQI+-owned business status which the
Bureau believes would aid in fulfilling the purposes of section 1071.
The Bureau proposed appendix F to provide instructions to aid
financial institutions when collecting minority-owned business status
pursuant to proposed Sec. 1002.107(a)(18) and women-owned business
status pursuant to proposed Sec. 1002.107(a)(19). However, there was
some duplication between what was contained in proposed appendix F and
in proposed Sec. 1002.107(a)(18) and (19) and associated commentary.
As discussed further herein, final Sec. 1002.107(a)(18) differs
from proposed Sec. 1002.107(a)(18) in a number of ways, largely to
streamline the rule and facilitate compliance. First, the final rule
combines proposed Sec. 1002.107(a)(18) and (19) into final Sec.
1002.107(a)(18). Next, final Sec. 1002.107(a)(18) also requires
collection of LGBTQI+-owned business status. Finally, the commentary to
final Sec. 1002.107(a)(18) incorporates the information contained in
proposed appendix F.
Proposed Rule--Proposed Sec. 1002.107(a)(18) and (19)
In order to implement the section 1071 requirement that financial
institutions inquire whether applicants for credit are minority-owned
and/or women-owned businesses, the Bureau proposed Sec.
1002.107(a)(18) to address minority-owned business status, and Sec.
1002.107(a)(19) to address women-owned business status. The text of
these
[[Page 35340]]
proposed provisions was otherwise identical in their language. Proposed
Sec. 1002.107(a)(18) and (19) would have required financial
institutions to collect and report whether an applicant is a minority-
owned or women-owned business, respectively. Proposed Sec.
1002.107(a)(18) and (19) would also have required financial
institutions to collect and report whether minority-owned business
status or women-owned business status, respectively, was being reported
based on previously collected data pursuant to proposed Sec.
1002.107(c)(2). When the financial institution requests minority-owned
and women-owned business statuses from an applicant, the financial
institution would have been required to inform the applicant that the
financial institution cannot discriminate on the basis of the
applicant's minority-owned or women-owned business status, or on
whether the applicant provides this information. Finally, proposed
Sec. 1002.107(a)(18) and (19) would have referred to proposed appendix
F for additional details regarding how financial institutions are
required to collect and report minority-owned or women-owned business
statuses, respectively. Proposed appendix F would have included a
requirement that a financial institution inform an applicant that the
applicant is not required to respond to the financial institution's
questions regarding the applicant's minority-owned business status and
women-owned business status and inform the applicant of a prohibition
on financial institutions requiring applicants to provide this
information.\670\
---------------------------------------------------------------------------
\670\ Proposed appendix G would have included a similar
requirement to notify applicants that they are not required to
provide information regarding principal owners' ethnicity, race, and
sex and of a similar prohibition on financial institutions requiring
that applicants provide such information.
---------------------------------------------------------------------------
Proposed comments 107(a)(18)-1 and 107(a)(19)-1 would have
clarified that a financial institution would be required to ask an
applicant if it is a minority-owned business or women-owned business,
respectively, for each covered application unless the financial
institution is permitted to report minority-owned business status or
women-owned business status, respectively, based on previously
collected data. Additionally, the financial institution would have been
required to permit an applicant to refuse to answer the financial
institution's inquiry and to inform the applicant that it is not
required to provide the information. The financial institution would
have reported the applicant's response, its refusal to answer the
inquiry (such as when the applicant indicates that it does not wish to
provide the requested information), or its failure to respond (such as
when the applicant fails to submit a data collection form) to the
inquiry.
Proposed comments 107(a)(18)-2 and 107(a)(19)-2 would have
explained that a financial institution must inform the applicant that
the financial institution cannot discriminate on the basis of an
applicant's minority-owned business status or women-owned business
status, respectively, or on whether the applicant provides the
information. These proposed comments would also have clarified that a
financial institution may combine this non-discrimination notice
regarding minority-owned business status or women-owned business
status, respectively, with the similar non-discrimination notices that
a financial institution is required to provide when requesting women-
owned business status or minority-owned business status, respectively,
and a principal owner's ethnicity, race, and sex if a financial
institution requests such information in the same data collection form
or at the same time.
Proposed comments 107(a)(18)-3 and 107(a)(19)-3 would have
explained how, pursuant to proposed Sec. 1002.111(b), financial
institutions must record an applicant's response regarding minority-
owned business status and women-owned business status pursuant to
proposed Sec. 1002.107(a)(18) or (19), respectively, separate from the
application and accompanying information. These proposed comments would
have also provided examples of how responses could be recorded
separately from the application and accompanying information.
Proposed comments 107(a)(18)-4 and 107(a)(19)-4 would have stated
that pursuant to proposed Sec. 1002.107(c)(1), a financial institution
shall maintain procedures reasonably designed to collect applicant-
provided information, which includes the applicant's minority-owned
business status or women-owned business status, respectively. However,
if a financial institution did not receive a response to its inquiry,
the financial institution would have reported that the applicant's
minority-owned business status or women-owned business status,
respectively, is ``not provided by applicant.''
Proposed comments 107(a)(18)-5 and 107(a)(19)-5 would have stated
that notwithstanding proposed Sec. 1002.107(b) (regarding verification
of applicant-provided information), a financial institution would have
reported the applicant's response, its refusal to answer the inquiry,
or its failure to respond to the inquiry pursuant to proposed Sec.
1002.107(a)(18) or (19), respectively, even if the financial
institution verifies or otherwise obtains an applicant's minority-owned
business status or women-owned business status for other purposes.
Moreover, a financial institution would not have been required or
permitted to verify the applicant's responses to the financial
institution's inquiries pursuant to proposed Sec. 1002.107(a)(18) or
(19) regarding minority-owned business status or women-owned business
status, respectively.
Proposed comments 107(a)(18)-6 and 107(a)(19)-6 would have
clarified that a financial institution does not report minority-owned
business status or women-owned business status, respectively, based on
visual observation, surname, or any basis other than the applicant's
response to the inquiry that the financial institution makes to satisfy
proposed Sec. 1002.107(a)(18) or (19), respectively, or, if the
financial institution was permitted to report based on previously
collected data, on the basis of the applicant's response to the inquiry
that the financial institution previously made to satisfy Sec.
1002.107(a)(18) or (19), respectively.
Proposed comments 107(a)(18)-7 and 107(a)(19)-7 would have
clarified that a financial institution may report minority-owned
business status or women-owned business status, respectively, based on
previously collected data if the financial institution is permitted to
do so pursuant to proposed Sec. 1002.107(c)(2) and its commentary.
The Bureau sought comment on its proposed approach to these data
points, including the proposed methods of collecting and reporting the
data. The Bureau also requested comment on whether additional
clarification regarding any aspect of these data points is needed. In
particular, the Bureau sought comment on whether applicants are likely
to have difficulty understanding and determining the information they
are being asked to provide and, if so, how the Bureau may mitigate such
difficulties.
Proposed Rule--Proposed Appendix F
Proposed appendix F would have provided instructions to aid
financial institutions when collecting minority-owned business status
pursuant to proposed Sec. 1002.107(a)(18) and women-owned business
status pursuant to proposed Sec. 1002.107(a)(19).
The Bureau proposed appendix F pursuant to its authority under ECOA
[[Page 35341]]
section 704B(g)(1) to prescribe such rules and issue such guidance as
may be necessary to carry out, enforce, and compile data pursuant to
section 1071, in order to facilitate compliance with the statutory
requirements to collect minority-owned and women-owned business
statuses pursuant to 704B(b)(1). Further, the Bureau proposed appendix
F pursuant to its obligation in 704B(g)(3) to issue guidance to
facilitate compliance with the requirements of section 1071, including
assisting financial institutions in working with applicants to
determine whether the applicants are women-owned or minority-owned
businesses.
The Bureau sought comment on the proposed instructions, and
generally sought comment on whether additional clarification regarding
any aspect of the proposed instructions was needed. The Bureau further
requested comment on whether additional or different instructions were
needed for financial institutions that choose not to use a paper data
collection form to collect minority-owned business status or women-
owned business status, such as collecting such information using a web-
based or other electronic data collection form, or over the telephone.
The Bureau also sought comment regarding the challenges faced by both
applicants and financial institutions by the data collection
instructions prescribed in appendix F and specifically requested
comment on ways to improve the data collection of minority-owned
business status and women-owned business status.
Comments Received--Women-Owned and Minority-Owned Business Statuses
The Bureau received comments on proposed Sec. 1002.107(a)(18) and
(19) and appendix F from some industry and community group commenters.
Commenters uniformly supported the Bureau's proposal that the financial
institution would rely solely on the applicant to determine minority-
owned and women-owned business statuses, and that institutions should
not be required or permitted to verify an applicant's response. One
commenter requested that a financial institution not be required to
conduct any follow-up if an applicant fails to provide the information.
Another noted that owners and ownership status may change from day to
day. One said that the back-office functions of financial institutions
will need to ensure the data are being reported correctly and identify
any issues in the data, which will require an increase in staff.
A commenter asserted that applicants should be permitted to self-
report whether they have been certified by a third-party organization
as a minority- and/or women-owned business and the name of the
certifying organization, which it said would promote the objectives of
section 1071 by encouraging responses of relevant and verifiable
information. Another commenter suggested that the Bureau coordinate
with the U.S. Census to create a minority and women-owned business
suffix to a business's NAICS code which identifies their minority or
women-owned business status.
Regarding appendix F, some commenters supported the proposed
approach to collecting information. Several commenters requested that
the Bureau eliminate duplication and include all mandatory statements
in the rule text, rather than in the appendices.
Comments Received--LGBTQI+-Owned Business Status
As discussed in the section-by-section analysis of Sec.
1002.102(k) and (l) above, regarding the definitions for LGBTQI+
individual and LGBTQI+-owned business, the Bureau sought comment on
whether it should adopt a data point to collect an applicant's lesbian,
gay, bisexual, transgender, or queer (LGBTQ+)-owned business status,
similar to the way it proposed to collect minority-owned business
status and women-owned business status.
The Bureau received comments from several banks, individual
commenters, and community groups on this issue. Some commenters did not
support including such a data point in the final rule, generally
stating that asking for such information would be offensive, would be
considered an invasion of privacy, or would damage bank-customer
relationships. One commenter said that applicants are unlikely to
provide this information and that an applicant's LGBTQ+-owned business
status is not considered in the lending process and thus should not be
part of this data collection.
A few commenters also stated that asking for such information could
potentially further segregate and stigmatize LGBTQ individuals and
their businesses, when they already face bias and discrimination. These
commenters also raised concerns about the privacy and security of the
collected information, noting that storing it with financial
institutions and in a nationwide database exposes the information to
not only authorized persons but also potentially to hackers. These
commenters argued that although there is some protection in the Federal
employment law context due to the U.S. Supreme Court's opinion in
Bostock v. Clayton County,\671\ there are States where discrimination
against LGBTQ individuals is legal and thus inferences about one's
sexuality could have serious negative impacts. They also expressed
concern that this information could be used for unintended purposes.
One commenter also expressed a concern that previously collected
information about an applicant's LGBTQ+-owned business status could be
used inappropriately.
---------------------------------------------------------------------------
\671\ 140 S. Ct. 1731 (2020). See the section-by-section
analysis of Sec. 1002.107(a)(19), under Proposed Rule--Collecting
Sex, for a discussion of the Court's holdings in Bostock.
---------------------------------------------------------------------------
Other commenters supported inclusion of LGBTQ+-owned business
status in the final rule, generally asserting the collection of
information about a business' LGBTQ+-owned status is appropriate and
necessary under the law. One commenter stated that businesses owned by
LGBTQ+ individuals face discrimination and bias and urged the Bureau to
use its ECOA section 704B(e)(2)(H) authority to require the collection
of such information. Another commenter argued that data about lending
availability to LGBTQ-owned businesses will enhance the Bureau's
ability to enforce fair lending laws to protect them from
discrimination in credit, and identify their credit needs. Another
commenter stated that collecting applicants' LGBTQ+-owned business
status is necessary to ensure that LGBTQ+ small business owners are
being treated fairly by lenders and fulfill the purposes of section
1071. One commenter suggested that the Bureau include an inquiry to
identify businesses who have experienced impermissible sex
discrimination under ECOA without requiring information on the owners'
specifically held identities if they do not wish to disclose them. This
commenter suggested this would be consistent with the Bureau's proposal
regarding the collection of ethnicity and race.
A commenter also stated that there is public and congressional
support for the collection of LGBTQ+-owned business status information,
noting that H.R. 1443, the LGBTQ Business Equal Credit Enforcement and
Investment Act, would have amended ECOA to include a definition for
``LGBTQ-owned business'' and require the collection of LGBTQ-owned
business status.\672\
---------------------------------------------------------------------------
\672\ H.R. 1443, 117th Cong. (2021).
---------------------------------------------------------------------------
Commenters suggested that the Bureau adopt the same approach it
proposed using for collecting minority-owned and women-owned business
statuses, by providing applicants with a definition for LGBTQ-owned
business
[[Page 35342]]
status and allowing respondents to indicate whether they are or are not
such a business. Another commenter recommended that financial
institutions not be allowed to collect or report such information on
the basis of visual observation, surname analysis, or any method other
than applicant-provided responses. This commenter also stated that
financial institutions should not be permitted or required to verify an
applicant's LGBTQ+-owned business status.
Final Rule--Business Status in General
For the reasons set forth herein, the Bureau is adopting Sec.
1002.107(a)(18) with a number of changes to require collection of
minority-owned business status, to incorporate collection women-owned
business status (from proposed Sec. 1002.107(a)(19)) and to add
LGBTQI+-owned business status, along with a number of conforming
changes to the commentary. The Bureau has also incorporated information
from proposed appendix F into the commentary to final Sec.
1002.107(a)(18),\673\ added additional commentary for parity with final
Sec. 1002.107(a)(19) regarding collection of principal owners'
ethnicity, race, and sex, and updated a number of cross-references.
---------------------------------------------------------------------------
\673\ In certain instances where language in proposed appendix F
and commentary to proposed Sec. 1002.107(a)(18) and (19) were
similar, language in the final regulatory text or commentary has
been revised to improved clarity. In other instances, language from
proposed appendix F is imported wholesale to provide clarity and
streamline the rule.
---------------------------------------------------------------------------
Final Sec. 1002.107(a)(18) requires the collection of information
regarding whether the applicant is a minority-owned, women-owned, and/
or LGBTQI+-owned business. When requesting minority-owned, women-owned,
and LGBTQI+-owned business statuses from an applicant, Sec.
1002.107(a)(18) requires that a financial institution inform the
applicant that the financial institution cannot discriminate on the
basis of minority-owned, women-owned, or LGBTQI+-owned business
statuses, or on whether the applicant provides this information.
Final comment 107(a)(18)-1 clarifies that a financial institution
must ask an applicant whether it is a minority-owned, women-owned, and/
or LGBTQI+-owned business. A financial institution must permit an
applicant to refuse (i.e., decline) to answer the inquiries and must
inform the applicant that it is not required to provide the
information. The financial institution must report the applicant's
substantive responses, that the applicant declined to answer, or its
failure to respond to an inquiry, as applicable.
Final comment 107(a)(18)-2 clarifies that a financial institution
must provide the applicants with definitions of the terms minority-
owned business, women-owned business, and LGBTQI+-owned business when
inquiring about these business statuses. A financial institution
satisfies this requirement if it provides the definitions set forth in
the sample data collection form in appendix E.
Final comment 107(a)(18)-3 clarifies that a financial institution
may combine on the same paper or electronic data form the business
status questions along with the data requested in Sec. 1002.107(a)(19)
(principal owners' ethnicity, race, and sex) and Sec. 1002.107(a)(20)
(number of principal owners).
Final comment 107(a)(18)-4 (renumbered from comment 107(a)(18)-2 in
the proposal and incorporating additional information from proposed
appendix F) explains that a financial institution must inform the
applicant that the financial institution cannot discriminate on the
basis of an applicant's business statuses or on whether the applicant
provides the information. Under the final rule, a financial institution
must also inform the applicant that Federal law requires it to ask for
an applicant's minority-owned, women-owned, and LGBTQI+-owned business
statuses to help ensure that all small business applicants for credit
are treated fairly and that communities' small business credit needs
are being fulfilled (this disclosure would have been optional under the
NPRM). The Bureau believes that this notice should be compulsory,
rather than voluntary, to ensure that applicants receive information
about the data collection rule and its purposes. See the section-by-
section analysis of Sec. 1002.107(a)(19) for further explanation and
discussion of comments received on this issue.
Final comment 107(a)(18)-5 explains that a financial institution
must maintain the record of an applicant's responses to the financial
institution's inquiry separate from the application and accompanying
information.
Final comment 107(a)(18)-6 explains that if a financial institution
does not receive a response to the financial institution's inquiry for
purposes of Sec. 1002.107(a)(18), the financial institution reports
that the applicant's business statuses were ``not provided by
applicant.''
Final comment 107(a)(18)-7 explains that a financial institution
reports that the applicant responded that it did not wish to provide
the information about an applicant's business statuses if the applicant
declines or refuses to provide the information by selecting such a
response option on a paper or electronic form. The financial
institution reports an applicant's refusal to provide such information
in this way, if the applicant orally declines to provide such
information for a covered application taken by telephone or another
medium that does not involve providing any paper or electronic
documents.
Final comment 107(a)(18)-8 explains that if an applicant both
provides a substantive response to the financial institution's inquiry
regarding business status and also checks the ``I do not wish to
provide this information'' box or similar for that question, the
financial institution reports the applicable business status(es)
provided by the applicant (rather than reporting that the applicant
declined to provide the information).
Final comment 107(a)(18)-9 explains that, notwithstanding Sec.
1002.107(b) (regarding verification of applicant-provided data), a
financial institution must report the applicant's substantive
response(s), that the applicant declined to answer the inquiry, or the
applicant's failure to respond to the inquiry, even if the financial
institution verifies or otherwise obtains an applicant's business
statuses for other purposes, and provides an example of such a
situation.
With regard to commenters who asserted that applicants should be
able to rely upon minority-owned or women-owned business status
certifications received from a third-party organization, the Bureau
believes that the definitions of minority-owned or women-owned business
statuses from third-party organizations may not align with the
definitions found in section 1071 and codified in this rule, and thus
reliance on them would not be appropriate. As addressed above, final
comment 107(a)(18)-2 clarifies that a financial institution must
provide applicants with definitions of the terms minority-owned
business, women-owned business, and LGBTQI+-owned business, as provided
in this rule, when asking questions about these business statuses.
Final Rule--LGBTQI+-Owned Business Status
For the reasons set forth herein, the Bureau is exercising its
authority under ECOA section 704B(e)(2)(H) to require financial
institutions to request information about whether an applicant is a
LGBTQI+-owned business. The Bureau believes that the collection of this
information will further section
[[Page 35343]]
1071's statutory purposes. Specifically, the Bureau believes that the
collection of this information will help address an information gap
about small business lending and facilitate fair lending enforcement
and the identification of business and community development needs and
opportunities for small businesses.
Based on the limited information available, the Bureau believes
that LGBTQI+-owned businesses may experience particular challenges
accessing small business credit. For example, one report found that,
while LGBTQ businesses were equally likely to apply for financing, they
were less likely to receive it, with about 46 percent of LGBTQ-owned
businesses reporting that they had received none of the financing that
they had applied for in the past year, as compared to 35 percent of
non-LGBTQ businesses that applied for funding. The report noted that
LGBTQ-owned businesses were more likely than non-LGBTQ businesses to
explain their denial was due to lenders not approving financing for
``businesses like theirs'' (33 percent versus 24 percent), among other
reasons.\674\ The same report also found that LGBTQ-owned businesses
that applied for Paycheck Protection Program funding in 2021 were less
successful in receiving funding applied for than non-LGBTQ
businesses.\675\
---------------------------------------------------------------------------
\674\ Spencer Watson et al., Ctr. for LGBTQ Economic Advancement
& Research and Movement Advancement Project, LGBTQ-Owned Small
Businesses in 2021, 10-11 (July 2021), https://www.lgbtq-economics.org/research/lgbtq-small-businesses-2021 (analyzing 2021
data from Small Business Credit Survey administered by the Federal
Reserve Banks). As used in the report, the term ``LGBTQ-owned
business'' refers to businesses where individuals who identify as
lesbian, gay, bisexual, transgender, or queer own 50 percent or more
of the business. Id. at note a.
\675\ Id. at 8-9 (only 54 percent of LGBTQ-owned businesses
received all the Paycheck Protection Program funding they applied
for in 2021, and 17 percent received none of the funding applied
for, compared to 68 percent and 10 percent of all non-LGBTQ owned
businesses, respectively).
---------------------------------------------------------------------------
ECOA section 704B(e)(2)(H) provides the Bureau with broad
discretion to collect ``any'' additional data it determines would aid
in fulfilling the purposes of section 1071. As discussed, the Bureau
has determined that the collection of business applicants' LGBTQI+-
owned business status information, in addition to requiring information
on principal owners' specifically held sex/gender identity, as
discussed in the section-by-section analysis of Sec. 1002.107(a)(19)
below, will facilitate the purposes of section 1071 and is thus
exercising its authority under section 1071 to require its collection.
Similar to the proposed (and final) approaches for collecting
women-owned and minority-owned business statuses, financial
institutions are required to provide the definition of ``LGBTQI+-owned
business'' under Sec. 1002.102(l) when requesting information about an
applicant's LGBTQI+-owned business status as provided by final comment
107(a)(18)-2. Financial institutions are also required to provide the
same notices when requesting an applicant's LGBTQI+-owned business
status, such as the notice that the applicant is not required to
provide the information under final comment 107(a)(18)-1 and other
notices under final comment 107(a)(18)-4. Other provisions set out in
commentary for minority-owned and women-owned business statuses
likewise apply to LGBTQI+-owned business status; for example, a
financial institution reports only the applicant's response to the
inquiry about its LGBTQI+-owned business status, even if it verifies or
otherwise obtains an applicant's LGBTQI+-owned business status for
other purposes. See, e.g., comments 107(a)(18)-6, -7, and -9.
Final comment 107(a)(18)-5 also clarifies that an applicant's
responses about whether it is an LGBTQI+-owned business must be kept
separately from the small business's application form and accompanying
documents. ECOA section 704B(b)(2) requires a financial institution to
maintain a record of the ``responses to [the] inquiry'' required by
section 704B(b)(1) separate from the application and accompanying
information. As explained in part E.2 in the Overview to this part V,
the Bureau interprets section 704B(b)(2) to refer to an applicant's
responses to protected demographic information, which includes whether
the applicant is a minority-owned business and/or a women-owned
business, and the ethnicity, race, and sex of the applicant's principal
owners. This is because these data points require financial
institutions to request demographic information that has no bearing on
the creditworthiness of an applicant and that financial institutions
would not be otherwise able to request absent the data collection
requirements under section 1071 and the final rule as a result of
Regulation B's general prohibition on inquiring about the sex of an
applicant or any other person in connection with a credit
transaction.\676\ Likewise, the Bureau considers the LGBTQI+-owned
business status data point to be protected demographic information that
has no bearing on an applicant's creditworthiness, as also noted by
some commenters, and which financial institutions would be unable to
collect without the requirement to do so in final Sec.
1002.107(a)(18). As a result, the Bureau believes that it is necessary
to require a financial institution to maintain an applicant's response
to the inquiry about whether it is a LGBTQI+-owned business separately
from the rest of the business's application and accompanying
information under final Sec. 1002.111(b), similar to the requirement
with respect to responses about an applicant's minority-owned and
women-owned business statuses.
---------------------------------------------------------------------------
\676\ 86 FR 56356, 56386-87 (Oct. 8, 2021); id. at 56501-02. See
also 12 CFR 1002.5(b).
---------------------------------------------------------------------------
The Bureau acknowledges commenters' concerns that requesting
information as to whether applicants are LGBTQI+-owned businesses could
be offensive, be considered an invasion of privacy by applicants, or
damage bank-customer relationships. Final comment 107(a)(18)-4 provides
that a financial institution must inform the applicant that Federal law
requires it to ask for an applicant's minority-owned, women-owned, and
LGBTQI+-owned business statuses to help ensure that all small business
applicants for credit are treated fairly and that communities' small
business credit needs are being fulfilled. Sample language for this
notice, which provides a brief, plain language explanation of the
purpose of the data collection, appears in the sample data collection
form in appendix E. The Bureau believes providing such context will
help to mitigate negative reactions an applicant may have to a
financial institution's request for such information. Further, as
stated on the sample data collection form, applicants have the right to
refuse to provide this information, as provided under comment
107(a)(18)-1.
The Bureau acknowledges commenters' arguments that applicants are
unlikely to respond to the inquiry about LGBTQI+ status and that
therefore financial institutions should not be required to ask.
However, the Bureau and other data users are unable to conduct
comprehensive fair lending and business and community development
analyses without this data point, even as applicants are individually
entitled to refuse to provide it.
Some commenters expressed concern that LGBTQI+-owned business
status could be detrimentally used against LGBTQI+ individuals and
their businesses. As discussed in greater detail in part VIII below,
the Bureau acknowledges that an individual person's LGBTQI+ status
likely is sensitive personal information that could pose personal
privacy risks as well as other non-personal commercial
[[Page 35344]]
privacy risks. Part VIII also contains a more comprehensive analysis of
how privacy interests may be appropriately protected. In addition, the
Bureau is finalizing Sec. 1002.110(e), which prohibits financial
institutions and third parties from disclosing protected demographic
information except in limited circumstances.
107(a)(19) Ethnicity, Race, and Sex of Principal Owners
ECOA section 704B(e)(2)(G) requires financial institutions to
compile and maintain certain information, including the race, sex, and
ethnicity of an applicant's principal owners. However, section 1071
does not set out what categories should be used when collecting and
reporting this information. The Bureau proposed Sec. 1002.107(a)(20)
to address how a financial institution would collect and report the
ethnicity, race, and sex of an applicant's principal owners.
Proposed Sec. 1002.107(a)(20) would have required financial
institutions to collect and report the ethnicity, race, and sex \677\
of the applicant's principal owners as well as whether this information
is being reported based on previously collected data pursuant to
proposed Sec. 1002.107(c)(2). It would have also required financial
institutions to report, in certain circumstances, whether ethnicity and
race are being reported by the financial institution on the basis of
visual observation or surname analysis. Proposed Sec. 1002.107(a)(20)
would have required financial institutions to collect and report
ethnicity, race, and sex data as prescribed in proposed appendix G.
Proposed appendix G would have included a requirement that a financial
institution inform an applicant that the applicant is not required to
respond to the financial institution's questions regarding its
principal owners' ethnicity, race, or sex and would have also included
a prohibition on financial institutions requiring applicants to provide
this information. Proposed Sec. 1002.107(a)(20) would have also
required that when the financial institution requests ethnicity, race,
and sex information from an applicant, the financial institution must
inform the applicant that the financial institution cannot discriminate
on the basis of a principal owner's ethnicity, race, or sex, or on
whether the applicant provides this information. The Bureau also put
forth for public comment a sample data collection form in proposed
appendix E that financial institutions would be able use to collect
ethnicity, race, and sex information.
---------------------------------------------------------------------------
\677\ While ECOA section 704B(e)(2)(G) uses ``race, sex, and
ethnicity,'' the Bureau reordered them to ``ethnicity, race, and
sex'' for purposes of the proposal, so that they would appear
alphabetically and for consistency with how they appear in
Regulation C. The Bureau is using the same approach for this final
rule.
---------------------------------------------------------------------------
The Bureau is finalizing the statutory requirement to collect
principal owners' ethnicity, race, and sex in Sec. 1002.107(a)(19).
Below, the Bureau first discusses its general approach to collecting
principal owners' ethnicity, race, and sex. Second, the Bureau
discusses finalizing its proposal to collect ethnicity and race
information using certain aggregate categories and disaggregated
subcategories. Third, the Bureau discusses its approach to requiring
the collection of sex by applicant self-identification (using only a
free-form text field for a paper or electronic form, or by self-
description for applications taken orally) and without the use of
response categories. Finally, the Bureau discusses its decision not to
require collection of principal owners' ethnicity and race via visual
observation and/or surname analysis. The Bureau has incorporated
information from proposed appendix G into the commentary to final Sec.
1002.107(a)(19) \678\ and has updated a number of cross-references.
---------------------------------------------------------------------------
\678\ In certain instances where language in proposed appendix G
and commentary to proposed Sec. 1002.107(a)(20) were substantially
similar, language in the final regulatory text or commentary has
been revised to improve clarity. In other instances, language from
proposed appendix G is imported wholesale to provide clarity and
streamline the rule.
---------------------------------------------------------------------------
Proposed Rule--Collecting Ethnicity, Race, and Sex, In General
Proposed comment 107(a)(20)-1 would have clarified how a financial
institution collects ethnicity, race, and sex information. It would
have stated that unless a financial institution is permitted to report
ethnicity, race, and sex information based on previously collected data
pursuant to proposed Sec. 1002.107(c)(2), a financial institution must
ask an applicant to report its principal owners' ethnicity, race, and
sex for each covered application and that the financial institution
must permit an applicant to refuse to answer the financial
institution's inquiry. It would have required financial institutions to
inform the applicant that it is not required to provide the
information. Proposed comment 107(a)(20)-1 would have further clarified
that the financial institution must report the applicant's responses,
its refusal to answer the inquiries, or its failure to respond to the
inquiries, and explain that in certain situations, discussed in
proposed comments 107(a)(20)-7 and -8 and in proposed appendix G, a
financial institution may also be required to report one or more
principal owners' ethnicity and race (but not sex) based on visual
observation and/or surname analysis. Proposed comment 107(a)(20)-1
would have cross-referenced proposed appendix G for additional
instructions.
Proposed comment 107(a)(20)-2 would have explained that a financial
institution must inform the applicant that the financial institution
shall not discriminate on the basis of a principal owner's ethnicity,
race, or sex or on whether the applicant provides that information. It
would have also clarified that a financial institution may combine this
non-discrimination notice with the similar non-discrimination notices
that a financial institution would have been required to provide when
requesting minority-owned business status and women-owned business
status if a financial institution had requested minority-owned business
status, women-owned business status, and/or a principal owner's
ethnicity, race, and sex in the same data collection form or at the
same time.
Proposed comment 107(a)(20)-3 would have explained how, pursuant to
proposed Sec. 1002.111(b), financial institutions must record
applicants' responses regarding a principal owner's ethnicity, race,
and sex pursuant to Sec. 1002.107(a)(20) separate from the application
and accompanying information. This proposed comment would have also
provided examples of how responses could be recorded separately from
the application and accompanying information.
Proposed comment 107(a)(20)-4 would have clarified that a financial
institution is required to maintain procedures reasonably designed to
collect applicant-provided information pursuant to proposed Sec.
1002.107(c)(1), including the ethnicity, race, and sex of an
applicant's principal owners. However, if a financial institution is
nonetheless unable to collect the principal owners' ethnicity, race, or
sex from the applicant and if the financial institution is not required
to report the principal owners' ethnicity and race based on visual
observation and/or surname, the financial institution would have been
required to report that the principal owner's ethnicity, race, or sex
(as applicable) is ``not provided by applicant.''
Proposed comment 107(a)(20)-12 would have clarified that a
financial institution is neither required nor permitted to verify the
ethnicity, race, or sex information that the applicant
[[Page 35345]]
provides for purposes of proposed Sec. 1002.107(a)(20), even if the
financial institution verifies or otherwise obtains the ethnicity,
race, or sex of the applicant's principal owners for other purposes.
The Bureau also solicited comment on whether it would be useful to
expressly codify this application of the principle in the commentary.
Additionally, the proposed comment would have explained that, if an
applicant refuses to respond to the inquiry pursuant to proposed Sec.
1002.107(a)(20) or fails to respond to this inquiry, the financial
institution reports that the applicant declined to provide the
information or did not respond to the inquiry (as applicable), unless
the financial institution is required to report ethnicity and race
based on visual observation and/or surname analysis. Finally, the
proposed comment would have explained that the financial institution
does not report ethnicity, race, or sex pursuant to proposed Sec.
1002.107(a)(20) based on information that the financial institution
collects for other purposes.
Proposed comment 107(a)(20)-5 would have explained that generally
an applicant determines its principal owners and decides whether to
provide information about principal owners. It would have further
stated that, nonetheless, a financial institution may be required to
report ethnicity and race information based on visual observation and/
or surname analysis and may need to determine if a natural person with
whom the financial institution meets in person is a principal owner. It
would have explained how a financial institution determines who is a
principal owner in the event that the financial institution may be
required to report ethnicity and race information based on visual
observation and/or surname. It would have also provided examples of how
the financial institution can make that determination and noted that
the financial institution is not required to verify any responses
regarding whether a natural person is a principal owner.
The Bureau sought comment on those proposed general aspects of
collecting and reporting principal owners' ethnicity, race, and sex,
including comments on the challenges that financial institutions may
have implementing them.
Comments Received--Collecting Ethnicity, Race, and Sex, In General
The Bureau received comments regarding the collection of ethnicity,
race, and sex for applicants' principal owners, in general, from a wide
range of commenters including lenders, trade associations, community
groups, individual commenters, a software vendor, and others. Within
these general comments, commenters addressed a number of issues
including alignment with HMDA, lack of applicant responses,
verification of applicant-provided data, privacy issues, and concerns
related to burden and cost. These issues, and others, are discussed in
turn below.\679\
---------------------------------------------------------------------------
\679\ The Bureau also received comments about specific aspects
of the Bureau's proposal for collecting and reporting principal
owners' ethnicity, race, and sex information, including collecting
ethnicity and race using aggregate categories and disaggregated
subcategories; collecting sex; and collecting ethnicity and race via
visual observation and/or surname analysis in certain circumstances.
Such comments are discussed further below in this section-by-section
analysis of Sec. 1002.107(a)(19).
---------------------------------------------------------------------------
General support and concerns. The Bureau received comments from
lenders, trade associations, community groups, and others regarding its
proposal, at a general level, for collecting information about the
ethnicity, race, and sex of principal owners.
Many commenters supported the Bureau's proposal and the creation of
a comprehensive small business lending database. These commenters said
that collecting information about the ethnicity, race, and sex of small
business applicants' principal owners will help address a lack of such
information in existing lending data; facilitate enforcement of fair
lending laws; and enable stakeholders to understand and identify needs
and opportunities, remove barriers, and advocate for women-owned,
minority-owned, and small businesses. Some commenters also emphasized
generally that the data disclosure would shed light on racial and
gender gaps and discrimination, which they noted are long-standing
issues and which have been exacerbated by the COVID-19 pandemic. One
commenter characterized the collection of this information as long
overdue.
Many commenters expressing general support for the Bureau's
proposal emphasized that the demographic data collected under the final
rule must be robust, disaggregated, detailed, and include information
on underwriting criteria and on race, gender identity, sexual
orientation, and disability status in order to enable meaningful
analysis.
Several lenders and a business advocacy group stated that the data
would help lenders improve their lending practices. One commenter that
Congress's adjustments to the SBA's Paycheck Protection Program in the
program's second round, to prioritize minority-owned and women-owned
businesses and microbusinesses and set aside funds for CDFIs, could not
have happened without access to Paycheck Protection Program lending
data, including demographic data. Another commenter stated that the
small business lending data collection is necessary to gather critical
data on lending beyond what is collected by the SBA.
Some commenters emphasized that HMDA data, which include
demographic and socioeconomic information, have provided valuable
insight on racial and income disparities in the home mortgage lending
market and have been an important tool to hold lenders accountable as
well as to determine how to meet unmet credit needs. Several commenters
also emphasized that after Congress included demographic information as
part of the HMDA data collection, the number of mortgages to people of
color and people with modest incomes increased; these commenters
anticipate a similar outcome for small business lending after data
collected under this final rule are published.
One commenter stated that the collection of demographic data for
each of an applicant's principal owners would help provide the public
with a sense of the varying percentages of ownership by women or
minorities above or below the 50 percent threshold for minority-owned
or women-owned businesses and help determine if businesses with
different minority ownership levels have distinct borrowing
experiences.
The Bureau also received comments expressing generally applicable
concerns and requests for clarification about its proposal for
collecting ethnicity, race, and sex information. Several commenters
said that the Bureau's proposal includes duplicative content in the
proposed rule text, commentary, and appendices, which they said could
complicate compliance. These commenters recommended that any mandatory
requirements be in the final regulatory text, rather than spread out
among the regulation, commentary, and appendices. Another commenter
asserted that the proposed rules for collecting demographic information
are too complex.
Another argued that a significant hurdle in implementing the
Bureau's proposal is that while ECOA requires financial institutions to
be blind to factors such as ethnicity, race, and sex in lending, they
must collect and report information on those same factors under the
Bureau's proposed rule (including by visual observation and surname
[[Page 35346]]
analysis under certain circumstances). This commenter asserted that the
Bureau's proposal is irreconcilable with ECOA and cannot be reasonably
implemented without compromising the data collected. Another commenter
predicted that requiring financial institutions to collect ethnicity,
race, or sex information would lead to possible favoritism,
discrimination, and stereotyping. (Similar concerns were raised
specifically with respect to collection of ethnicity and race
information by visual observation and/or surname analysis; these
commenters are discussed separately below.)
One commenter asked the Bureau to clarify how a financial
institution should report an applicant's principal owners' ethnicity,
race, and sex information if a representative of a small business
applicant states they need to check with the principal owners for such
information, but the application is withdrawn or declined before the
information is provided. The commenter stated that because borrowers
may apply to many lenders for a loan, reporting on withdrawn
applications would skew collected loan data. The commenter also asked
for clarification about how to report under similar circumstances,
where an application has been approved, but still no information has
been provided. This commenter suggested the Bureau provide options for
a financial institution to report that an applicant ``declined to
answer'' for applicants that specifically refused to provide responses
and ``not available'' for other circumstances, including withdrawn
applications or applicant non-responsiveness.
Another commenter suggested that the Bureau should collect
demographic data for ``applicants,'' which it characterized as the
natural persons completing the application. This commenter argued that
such information would further the fair lending purposes of section
1071, because loan applicants may be subject to different treatment
based on factors such as their ethnicity, race, or gender, citing a
study finding that prospective loan applicants were subject to
differential treatment on the basis of their race and gender in the
pre-application stage.\680\
---------------------------------------------------------------------------
\680\ Nat'l Cmty. Reinvestment Coal., Racial and Gender Mystery
Shopping for Entrepreneurial Loans: Preliminary Overview (2020),
https://ncrc.org/wp-content/uploads/2020/02/NCRC-Mytery-Shopping-Race-and-Gender-v8.pdf.
---------------------------------------------------------------------------
An industry commenter asked whether a financial institution could
collect demographic information at a greater level of specificity than
proposed by the Bureau. Another asked whether a financial institution
is permitted to reconcile discrepancies or inaccuracies in self-
reported ethnicity or race data with the use of software or other
relevant information.
Alignment with HMDA. Some industry commenters urged the Bureau to
align the collection of principal owners' ethnicity, race, and sex
information under the final rule with the collection of such
information for mortgage applicants under Regulation C, whether exactly
or to the greatest extent possible. One commenter also suggested
alignment with existing Regulation B, which also requires the
collection of certain demographic information for certain
mortgages.\681\ These commenters said that consistency between the HMDA
and section 1071 data collections would reduce confusion for financial
institutions and applicants, facilitate efficient data collection such
as by allowing data to be collected only once for applications covered
by both HMDA and section 1071, facilitate compliance, reduce burden,
and make the collected data more usable across regulations.
---------------------------------------------------------------------------
\681\ Under existing Regulation B, a creditor is required to
collect applicant ethnicity, race, sex, marital status, and age
information for an application for credit primarily for the purchase
or refinancing of a dwelling occupied or to be occupied by the
applicant as a principal residence, where the extension of credit
will be secured by the dwelling. 12 CFR 1002.13(a). Regulation B
provides that the ethnicity and race information shall be requested
either by using specified aggregate ethnicity and race categories,
or the aggregate and disaggregated ethnicity and race categories set
forth under Regulation C. Id.
---------------------------------------------------------------------------
Several commenters identified issues that could arise for
applications reportable under both section 1071 and HMDA, if the data
collection requirements under the two regulatory regimes did not match.
They said that financial institutions could potentially be required to
collect data using different forms and to have systems capable of
maintaining separate sets of data for the same transaction under the
Bureau's proposal. Some also said that applicant confusion about the
differences between the two regimes may reduce applicants' willingness
to provide the requested information. (Commenters more specific
concerns about how overlapping data collection obligations would work
are discussed in more detail below.) Some commenters generally urged
the Bureau to either align the HMDA and section 1071 data collection
requirements or to exempt loans from one regime that are reportable
under the other to avoid such issues.
Concerns related to specific transactions or institutions.\682\
Some commenters expressed support for, or concerns about, the
collection of principal owners' ethnicity, race, and sex information in
the context of specific types of transaction or institutions.
---------------------------------------------------------------------------
\682\ The Bureau received a number of comments responding to the
Bureau's proposal regarding the collection of protected demographic
information vis-[agrave]-vis certain types of institutions and
transactions, many of which are discussed in the section-by-section
analyses of Sec. 1002.104 (covered transactions and excluded
transactions), Sec. 1002.105 (covered financial institutions and
exempt institutions), and Sec. 1002.107(c) (time and manner of
collection). The Bureau also received comments on specific aspects
of the Bureau's proposal to collect principal owners' ethnicity,
race, and sex information, in the context of specific types of
institutions and transactions. See the Bureau's discussion of such
comments in the referenced parts of this preamble for more detail.
---------------------------------------------------------------------------
Some commenters raised general concerns about the proposed
collection of ethnicity, race, and sex information by small banks or
community banks. A few commenters said that requesting ethnicity, race,
and sex information has the potential to negatively impact their
relationships with their customers. One stated that such inquiries
could make customers distrustful of their banks and raise privacy
concerns, and urged the Bureau to consider the impact that the
collection of such information may have on the relationship-based
banking model of community banks.
A number of commenters, including many agricultural lenders,
expressed general support for the collection of demographic data. One
commenter stated that the proposed collection of demographic
information would help reveal and prevent unfair agricultural lending
practices. Other commenters stated support for demographic data
collection, provided that the rule's definition of small business is
tailored for the agricultural credit context. One commenter expressed
concern about the burden for collecting and reporting demographic
information for agricultural lenders and farmers.
Some commenters emphasized particular difficulties for collecting
ethnicity, race, and sex information for credit applications taken in
retail environments (also referred to as ``point of sale''
applications/transactions). These commenters noted that credit
applications taken in retail store environments differ from those
typically taken at banks because customers expect speed and efficiency
in the application process, and expressed their concern that the
Bureau's proposal would add complexity and length to application
processes, due in part to detailed questions about ethnicity, race, and
sex.
[[Page 35347]]
These commenters also expressed concerns about having retail store
associates ask for this information. Commenters said that many
retailers may use oral, interview-style, in-store application
processes, and that retail store associates do not have the training to
make such inquiries or handle customer questions or reactions. Several
commenters also stated that small business applicants may feel
uncomfortable providing ethnicity, race, and sex information in public
retail spaces. Another commenter predicted that the majority of small
business credit applications submitted at the point of sale would lack
demographic information. Some of these commenters also urged the Bureau
to exempt private label and co-branded credit applications, along with
other types of credit originated at or facilitated through retailers
such as revolving lines of credit and installment loans (e.g., point of
sale credit), from the rule's requirements in various ways--such as by
exempting all such applications, or those for lines of credit below
$50,000, from the requirement to collect demographic information.
A group of trade organizations stated that insurance premium
finance transactions should not be included within the scope of the
final rule, in part because State insurance law generally prohibits or
discourages insurance agents from collecting information about race,
religion, national origin, or ethnicity of an insured business's owners
on behalf of lenders, and insurers do not collect such information as a
result.
Several other trade associations urged the Bureau to clarify how
the rule's data collection requirements apply to indirect vehicle
finance transactions. Beyond generally urging the Bureau to exempt such
transactions from the final rule, two trade associations stated a
survey of their automobile and truck dealer members reflected concerns
about training employees to collect ethnicity, race, and sex
information, particularly with respect to implementing the Bureau's
proposed visual observation and surname data collection requirement.
Lack of applicant responses. Several commenters raised concerns
about a potential lack of applicant responses to the proposed
demographic information questions.\683\ A bank stated that it
encounters difficulties in meeting the HMDA reporting requirements
because mortgage loan applicants are reluctant to provide demographic
information and it anticipates similar reactions from small businesses.
Other commenters argued that low demographic response rates in the
Paycheck Protection Program indicates that most small business
applicants will likely decline or fail to provide demographic
information. Thus, some commenters said, records with missing
demographic data will likely need to be either excluded from fair
lending analyses or data users will have to use proxies for the missing
information, asserting that this outcome calls into question the
benefits of the data collection versus the costs. Another commenter
said that the high number of applications for small business credit
made online, and situations where the person providing information for
a given application may be one of several owners or a company officer
and not an owner themselves, may also lead to a high percentage of
applicants who do not provide responses. One commenter asserted that
small business owners may react negatively to the amount of paperwork
associated with this rule's data collection requirements and as a
result decide not to provide their principal owners' information.
Finally, a commenter suggested that the Bureau require demographic
information to be collected after a credit decision has been made,
rather than before.
---------------------------------------------------------------------------
\683\ A number of commenters also expressed concerns about data
quality in the specific context of their comments about the Bureau's
proposal to require financial institutions to collect at least one
principal owners' race and ethnicity information via visual
observation and/or surname under certain circumstances. These
comments are discussed in more detail below.
---------------------------------------------------------------------------
Verification. Several industry commenters and a women's business
advocacy group argued that financial institutions should not be
required or permitted to verify applicant-provided data about a
principal owner's ethnicity, race, or sex. One commenter suggested that
the Bureau should determine if there are ways for it to verify if
reported data are accurate and correct. (Similar comments specifically
regarding collection of information via visual observation or surname
are discussed in more detail below.)
Reduced demand for traditional credit. Several industry commenters
asserted that the collection of principal owners' protected demographic
information could potentially make borrowing from traditional lenders
less attractive for small businesses due to applicant discomfort or
objections to inquiries for such information. One predicted that
applicants may, as a result, turn to credit cards, payday loans, or
nontraditional online financing for their credit needs.
Privacy. Several industry commenters stated that small business
customers may find the collection of protected demographic information
that could become public to be an invasion of privacy. They generally
expressed concern that such information could be used to re-identify
borrowers, which could in turn harm the reputation or image of a small
business applicant. A bank said this concern is particularly salient in
small communities, and that if public information is used to determine
the identities of a bank's customers and the pricing terms offered to
them, it could result in a competitive disadvantage for the bank versus
other lenders.
Burden and costs for collecting ethnicity, race, and sex
information. Several industry commenters raised concerns about the
burden or compliance costs for financial institutions associated
collecting principal owners' ethnicity, race, and sex information under
the proposal. Other commenters raised similar concerns in the context
of specific types of transactions or institutions, or related to
specific aspects of the Bureau's proposal for collecting this
information, which are discussed in the relevant parts of this section-
by-section analysis.
One commenter expressed concern that financial institutions may
need to increase the prices and fees for credit to cover increased
compliance costs related to the collection and storage of ethnicity,
race, and sex information. Another stated that collecting principal
owners' ethnicity, race, and sex information would require online
lenders to make system changes, which it said would be different from
those needed by traditional lenders. This commenter urged the Bureau to
allow lenders to report aggregate, as opposed to application level,
data to reduce this burden. Another commenter said that because does
not currently collect ethnicity information currently and its core
processing system does not include a field for this information, it
would need to collect this data field manually.
One commenter stated that collecting information for up to four
principal owners as proposed would be burdensome for both financial
institutions and applicants. A lender said that reporting such
information for all principal owners would take a large amount of space
on its small business lending application register. That commenter also
suggested that the Bureau require demographic information for only one
principal owner instead of all principal owners, asserting that this
would not impact the quality of the data because the
[[Page 35348]]
applicant's minority-owned and women-owned business statuses would
still be collected.
In contrast, another lender did not anticipate incurring
significant costs related to the collection of ethnicity, race, and sex
information because it already gathers such information or similar
information for other small business lending programs and funding
opportunities such as the SBA's 7(a) Loan Program; the Paycheck
Protection Program; the Wells Fargo Diverse Community Capital Program;
and the CDFI Fund. The commenter stated that adjusting to section 1071
data collection requirements will primarily entail updating software,
compliance training, and updating materials. The commenter anticipated
minimal ongoing costs that will be considered normal costs of doing
business and said it does not plan on raising fees or restricting
access to credit as a result. The commenter also urged the Bureau to
coordinate with the CDFI Fund to streamline section 1071 reporting
requirements.
Direct reporting to the Bureau or third parties, or use of other
data sources. A number of industry commenters suggested that protected
demographic information should be self-reported by applicants directly
to a central database or registry, whether maintained by the Bureau or
by third parties.
Some commenters urged the Bureau to work with Secretaries of State
so that demographic data generally or information about a business's
minority-owned, women-owned, and/or LGBTQI+-owned business statuses are
voluntarily registered at the same time that a small business registers
with its State. One commenter stated that this would allow small
businesses to provide information to a trusted entity and lenders could
then verify demographic data with the relevant State--thus avoiding
delays and confusion from applicants during the loan application
process.
Other commenters suggested that the Bureau provide ways for small
businesses to report their demographic information directly to the
Bureau. Several suggested the Bureau develop a form for the collection
of ethnicity, race, and sex information that could be sent directly to
the Bureau. Others suggested that the Bureau establish a tool, portal,
or online system for applicants to input their demographic information
or to certify their desire to not provide information. One commenter
stated that the regulatory trend has shifted from requiring collection
and reporting of beneficial ownership information by financial
institutions to having small businesses report directly to the
government. Generally, these commenters said that applicants should be
provided with a unique identifier, either by the Bureau or the
financial institutions, that could be used to match applicant
demographic information with loan information. Several commenters said
that the financial institution should also be given the ability to
match its records with the central database, to enable their internal
fair lending compliance monitoring efforts. Some commenters also
suggested the Bureau coordinate with other Federal agencies, such as
the SBA, U.S. Department of the Treasury, Internal Revenue Service, or
the U.S. Census Bureau, to develop the database, gather information for
other data points, or purge records as necessary.
Some of these commenters stated that direct reporting to the Bureau
would avoid the need for financial institutions to collect ethnicity
and race information via visual observation or surname analysis. These
commenters also stated that this would resolve privacy concerns
applicants may have in providing demographic information to their
lenders. Commenters also asserted that direct reporting would inform
applicants of the Bureau's role in the data collection, promote
applicant self-reporting of demographic information, and likely
increase response rates because it would provide applicants with
assurances of confidentiality and because applicants would not be
concerned that financial institutions would improperly use the data.
Several commenters argued that direct reporting to the Bureau would
have other benefits for financial institutions, including lessening or
eliminating the risk of inappropriate use of demographic data by
financial institutions; reducing a financial institutions' compliance
costs and burden; avoiding the need for financial institutions to
establish firewalls; lowering litigation and regulatory risk; reducing
the risk of reputational harm for asking for sensitive data; and
lowering barriers to entry in financial services. Commenters also
stated that direct reporting would be more efficient for applicants
because information would be maintained in one place and could be
updated as needed, as opposed to being provided for each application.
Commenters further suggested that the Bureau would benefit from
receiving real-time data on applicant demographics, which they claimed
would simplify and enhance analysis and publication and would allow the
Bureau to directly manage the collection, storage, and standardization
of the data.
Some commenters suggested that instead of requiring financial
institutions to collect data, the Bureau should coordinate with other
government agencies, like the Internal Revenue Service and the U.S.
Census Bureau, which already collect demographic and other data on
small businesses, to avoid burden to financial institutions and which
would result in the Bureau having better data to use for analyses. One
commenter suggested that the Bureau should use the demographic analysis
approach being used by the U.S. Census Bureau and develop educational
materials for financial institutions about the methodology. Another
commenter suggested the Bureau buy information from Google or Facebook.
Applicant and financial institution education and guidance. A range
of commenters urged the Bureau to provide education and guidance about
the final rule for applicants, the public, and financial institutions.
The commenters generally stated that the Bureau should engage in an
education and/or media campaign to explain the final rule and its
purposes to develop trust with small business communities and comfort
for applicants by explaining the role of the data collection for
facilitating fair lending and to encourage small businesses to provide
their protected demographic information.
Many of these commenters also suggested that the Bureau develop
guidance and materials such as frequently asked questions and
factsheets to explain the rule and its purposes. A few commenters
suggested developing materials for applicants regarding the ethnicity,
race, and sex data collection inquiries, such as how to respond if a
principal owner is multi-ethnic or multi-racial, so applicants can
accurately respond and financial institution employees are not asked to
interpret or clarify such requirements.
Commenters also recommended developing guidance materials for
financial institutions to use in explaining the final rule, including
training resources and disclosures to explain the reasons and purpose
for the data collection. They also suggested that such materials be
translated into the top ten languages spoken in the United States
according to the U.S. Census Bureau.
Final Rule--Collecting Ethnicity, Race, and Sex, in General
For the reasons set forth herein, the Bureau is finalizing the
requirement to collect principal owners' ethnicity, race, and sex with
certain changes. Among
[[Page 35349]]
other things, the Bureau is: (1) finalizing its proposed requirement
for financial institutions to collect ethnicity and race information
using aggregate categories and disaggregated subcategories, using the
specific categories and subcategories in the proposal; (2) finalizing
the requirement for financial institutions to collect information about
a principal owner's sex, which generally will permit an applicant to
respond to an inquiry about the principal owner's ``sex/gender''
through free-form text or self-description for oral applications; and
(3) not finalizing its proposed requirement to collect and report at
least one principal owner's ethnicity and race information on the basis
of visual observation and/or surname analysis under certain
circumstances. These three specific aspects of the final rule are each
discussed in detail below.
Final Sec. 1002.107(a)(19) (proposed as Sec. 1002.107(a)(20))
requires financial institutions to collect and report information about
the ethnicity, race, and sex of small business applicants' principal
owners. In line with the proposal, final Sec. 1002.107(a)(19) provides
that when requesting such information from an applicant, the financial
institution must inform the applicant that it cannot discriminate on
the basis of a principal owner's ethnicity, race, or sex, or on the
basis of whether the applicant provides this information (non-
discrimination notice).
The final rule does not require a financial institution to report
whether the reported ethnicity, race, and sex information was based on
previously collected data (as permitted by proposed comment 107(c)(2)-
7). This information would have provided additional context for the
Bureau and others when application method was reported as being other
than in-person but ethnicity or race information were reported as
collected through visual observation or surname. Because the Bureau has
decided not to require the use of visual observation and surname
analysis in the final rule, however, the Bureau does not believe that
capturing information about data reuse is still necessary and thus has
removed that requirement from final Sec. 1002.107(a)(19) to streamline
and facilitate compliance.
The Bureau acknowledges commenters' concerns about repetition
across the rule's regulatory text, commentary, and appendices, and has
made a number of changes to reduce duplication and otherwise streamline
this aspect of the final rule to facilitate compliance. In particular,
the Bureau has removed proposed appendix G, relocating unique content
into the commentary for final Sec. 1002.107(a)(19). The Bureau has
also adjusted the commentary accompanying final Sec. 1002.107(a)(19)
to reflect changes to the regulatory text described above, as well as
the addition of LGBTQI+-owned business status where women- and
minority-owned business statuses are mentioned.
Final comment 107(a)(19)-1 generally clarifies how a financial
institution must ask an applicant for its principal owners' ethnicity,
race, and sex. The financial institution must permit an applicant to
refuse to answer the financial institution's inquiries and must inform
the applicant that it is not required to provide the information. It
also establishes how a financial institution reports the applicant's
responses to its inquiries about ethnicity, race, and sex.
Final comment 107(a)(19)-2 (incorporating instruction 3 from
proposed appendix G) explains that a financial institution must provide
an applicant with the definition of principal owner in final Sec.
1002.102(o) and that a financial institution satisfies the requirement
if it provides the definition as set forth in the sample data
collection form in final appendix E.
Final comment 107(a)(19)-3 (incorporating instruction 2 from
proposed appendix G) explains that a financial institution may combine
on the same paper or electronic data collection form the questions
about a principal owner's ethnicity, race, and sex with the number of
the applicant's principal owners pursuant to Sec. 1002.107(a)(20) and
the applicant's minority-owned, women-owned, and LGBTQI+-owned business
statuses pursuant to Sec. 1002.107(a)(18).
Final comment 107(a)(19)-4 (based on proposed comment 107(a)(20)-2)
explains that the non-discrimination notice required when a financial
institution requests a principal owner's ethnicity, race, and sex may
be combined with the non-discrimination notice that is required when
requesting information about an applicant's minority-owned, women-
owned, and LGBTQI+-owned business statuses, when such information is
collected on the same form or at the same time. The comment has been
updated to reflect the addition of LGBTQI+ business status to final
Sec. 1002.107(a)(18), and to state that a financial institution must
(as opposed to ``may'' as proposed) inform an applicant that Federal
law requires it to ask for the principal owners' ethnicity, race, and
sex/gender to help ensure that all small business applicants for credit
are treated fairly and that communities' small business credit needs
are being fulfilled, for reasons discussed further below.
Final comment 107(a)(19)-5 (based on proposed comment 107(a)(20)-3)
provides that a financial institution must maintain the record of an
applicant's responses to inquiries pursuant to Sec. 1002.107(a)(19)
separate from the application and accompanying information, and cross-
references final Sec. 1002.111(b) and comment 111(b)-1.
Final comment 107(a)(19)-6 (based on proposed comment 107(a)(20)-4)
addresses reporting when information about a principal owner's
ethnicity, race, or sex is not provided by an applicant. While a
financial institution must maintain procedures reasonably designed to
collect applicant-provided data, the comment acknowledges that there
may be circumstances under which an applicant does not provide
ethnicity, race, or sex information. The final comment has also been
updated to include explanatory examples, including examples from
proposed appendix G (instruction 13).
Final comment 107(a)(19)-7 (adapted from instruction 12 in proposed
appendix G) addresses how a financial institution reports an
applicant's response that it declines to provide information about a
principal owner's ethnicity, race, or sex.
Final comment 107(a)(19)-8 (adapted from instruction 16 in proposed
appendix G) addresses how a financial institution reports an
applicant's conflicting responses for its principal owner's ethnicity,
race, or sex information, when the applicant selects a response option
indicating it does not wish to provide the information but also selects
an answer option providing a substantive response to the question at
issue.
Final comment 107(a)(19)-9 (based on proposed comment 107(a)(20)-
12) explains that a financial institution reports principal owners'
ethnicity, race, and sex information as provided by the applicant, even
if the financial institution verifies or otherwise obtains such
information for other purposes. This comment no longer references
collection of ethnicity and race via visual observation or surname.
Final comment 107(a)(19)-10 (substantially adapted from instruction
25 of proposed appendix G and proposed comments 107(a)(20)-6.iv, -7.iv,
and -8) addresses how to report ethnicity, race, and sex information
for an applicant with fewer than four principal owners.
Final comment 107(a)(19)-11 (substantially adapted from instruction
26 of proposed appendix G) explains that a financial institution
reports one or
[[Page 35350]]
more principal owners' ethnicity, race, or sex information based on
previously collected data under Sec. 1002.107(d), the financial
institution does not need to collect any additional ethnicity, race, or
sex information for other principal owners (if any).
Final comment 107(a)(19)-12 (substantially adapted from instruction
24 of proposed appendix G) explains that a guarantor's ethnicity, race,
and sex is not collected or reported unless they are also a principal
owner of the applicant.
General support and concerns. The Bureau agrees with commenters
that the statutorily required collection of detailed ethnicity, race,
and sex information about small business applicants' principal owners
will facilitate the stated purposes of section 1071 to assist in the
enforcement of fair lending laws and enable communities, governmental
entities, and creditors to understand and identify needs and
opportunities of women-owned, minority-owned, and small
businesses.\684\ The collection of ethnicity, race, and sex information
in the HMDA context under Regulation C, for example, is essential to
the Bureau's efforts to monitor financial institutions for fair lending
compliance in the home mortgage market and to efforts by the Bureau,
policymakers, and others to identify trends, gaps, and potential
solutions for addressing any issues uncovered by the data. Recent
changes to Regulation C to collect disaggregated ethnicity and race
data have also added to the Bureau's and others' understanding of the
home mortgage marketplace.\685\ The Bureau believes that the collection
of principal owners' ethnicity, race, and sex information will
similarly provide important insights into the small business lending
market and help enable the identification of potential discriminatory
lending.
---------------------------------------------------------------------------
\684\ See ECOA section 704B(a).
\685\ In 2015, the Bureau issued a final rule (2015 HMDA Rule)
amending Regulation C to incorporate several changes made under the
Dodd-Frank Wall Street Reform and Consumer Protection Act. See 80 FR
66128 (Oct. 28, 2015). One of the changes that was implemented was
the collection of mortgage applicants' race and ethnicity
information using aggregate categories and disaggregated
subcategories. Id. This data has been used by the Bureau, for
example, to examine how home buying experiences differ among Asian
American and Pacific Islander subgroups. See CFPB, Data Point: Asian
American and Pacific Islanders in the Mortgage Market (July 2021),
https://files.consumerfinance.gov/f/documents/cfpb_aapi-mortgage-market_report_2021-07.pdf.
---------------------------------------------------------------------------
The Bureau also agrees that in combination with other collected
information such as the number of an applicant's principal owners under
final Sec. 1002.107(a)(20) and whether the applicant is a minority-
owned, women-owned, and/or LGBTQI+-owned small business under final
Sec. 1002.107(a)(18), the collection of principal owners' ethnicity,
race, and sex information will help the Bureau and others to understand
lending market dynamics at different levels of ownership by individuals
of certain ethnicities, races, and/or sexual or gender population
subgroups. Transparency will not only help facilitate fair lending
enforcement, but reduce uncertainty for financial institutions and help
them to identify areas of unmet credit demand into which they could
consider increasing product availability. In turn, small business
owners will benefit from increased credit availability. The Bureau
believes that other information about a covered application is still
important for fulfilling section 1071's statutory purposes even when
the applicant has declined to provide any protected demographic
information. Such information can still provide insight into lending to
small businesses pursuant to section 1071's business and community
development purpose. Moreover, the lack of demographic information for
a covered application itself could be important information for the
Bureau and others to assess potential reasons for and solutions to
correct such information gaps in the future.
Regarding the comment its proposed rules for collecting demographic
data are too complex, and comments that suggested streamlining these
provisions, the Bureau notes that it is not finalizing the proposed
requirement to collect ethnicity and race via visual observation or
surname data. As a result, the Bureau has removed that provision, and
related requirements, from the final rule. The Bureau has also moved
all instructions and information about collecting and reporting
ethnicity, race, and sex information to the commentary for final Sec.
1002.107(a)(19). The Bureau believes these changes streamline and
simplify the ethnicity, race, and sex data collection requirements,
which will facilitate financial institutions' compliance with the final
rule.
Regarding a commenter's assertion that this data collection
requirement conflicts with ECOA, the Bureau notes that section 1071
amends ECOA to require the collection of the race, sex, and ethnicity
of the principal owners of small businesses. Moreover, ECOA also
provides that inquiries to collect data under section 1071 are not
considered discrimination under the statute.\686\ The final rule also
includes protections against the improper use of protected demographic
information, including the firewall requirement in final Sec.
1002.108, the provision restricting re-disclosure of protected
demographic information in final Sec. 1002.110(e), and the
recordkeeping requirements in final Sec. 1002.111(b).
---------------------------------------------------------------------------
\686\ 15 U.S.C. 1691(b)(5).
---------------------------------------------------------------------------
Regarding a commenter's request for clarification as to how a
financial institution should report these data if responses were
provided by an applicant's representative before action is taken on the
application, or that an applicant declined to provide the requested
information. As discussed above, final comments 107(a)(19)-1, -6, and -
7 clarify the various reporting options for reporting data collected
pursuant to final Sec. 1002.107(a)(19): financial institutions will be
required to report an applicant's responses to the ethnicity, race, and
sex inquiries; their selection of a response that they decline to
provide information (e.g., by selecting an answer option of ``I do not
wish to provide this information'' or similar); and a response of ``not
provided by the applicant'' if an applicant does not provide any
response. The final rule also requires an applicant to report the
action taken on an application under Sec. 1002.107(a)(9), including
whether originated or if the application was withdrawn by the applicant
or is incomplete. Given these provisions, the Bureau does not believe
it is necessary to include an option for a financial institution to
indicate that the applicant or a principal owner was not available, as
suggested by the commenter.
The Bureau is not requiring the collection of demographic
information for a natural person completing an application on behalf of
a small business, as suggested by a commenter. ECOA section
704B(e)(2)(G) specifically requires financial institutions to compile
and maintain information about the ethnicity, race, and sex of ``the
principal owners of the business.'' The statute does not require
financial institutions to collect such information for any other
individuals. The Bureau acknowledges the possibility of discrimination
occurring against an applicant's non-principal owner representative,
but in light of the statutory directive to collect demographic
information about the applicant' principal owners, and the associated
complexity that adding such a requirement could involve, the Bureau
does not believe that it would be appropriate to adopt such a
requirement at this time. The Bureau may, however, revisit at a later
date whether the collection of such information would aid in fulfilling
the purposes of section
[[Page 35351]]
1071 in the future as it enhances its understanding of the small
business credit marketplace.
Regarding a commenter's inquiry as to whether a financial
institution could collect more specific demographic data than required
by the rule. Final Sec. 1002.107(a)(19) establishes that financial
institutions must inquire about applicants' principal owners'
ethnicity, race, and sex and must permit applicants to provide certain
specified responses; certain responses include the option of providing
additional information via free-form text field.
One commenter asked whether a financial institution can reconcile
discrepancies or inaccuracies in applicants' self-reported ethnicity or
race data. Final comment 107(a)(19)-1 provides that the financial
institution is not permitted to report a principal owner's ethnicity,
race, or sex on any basis other than applicant-provided data, which may
include previously provided data pursuant to final Sec. 1002.107(d).
As a result, financial institutions must report applicant responses as
provided by the applicant, even if the institution perceives possible
discrepancies or inaccuracies.
Alignment with HMDA. The Bureau generally agrees with commenters
that some degree of alignment with the HMDA data collection
requirements under Regulation C would promote consistency and may
reduce potential confusion for financial institutions, applicants, and
data users. However, the Bureau does not believe that the collection of
data as to small business owners should necessarily be the same in each
aspect as it is for home mortgage applicants. Although the collection
of ethnicity, race, and sex data in both contexts serves related fair
lending purposes, Regulation C and this final rule are authorized under
different statutes and for different markets. Further, both Regulation
C and this final rule were developed in consideration of the
information available to the Bureau at the time of each rulemaking,
including comments received in response to the Bureau's proposals and
current research and standards as to the measurement of such factors.
As demographic data collection best practices and standards evolve, the
Bureau considers such information in its decision-making. The Bureau
refers readers to the relevant parts of this section-by-section
analysis for discussion of its rationale for its decisions on the
collection of ethnicity, race, and sex.
The Bureau notes that it is exempting HMDA-reportable transactions
from the data collection requirements of this final rule due to, in
part, to commenters' concerns about potentially duplicative and/or
inconsistent requirements for reporting ethnicity, race, and sex. See
the section-by-section analysis of Sec. 1002.104(b)(2) for additional
information.
Concerns related to specific transactions or institutions. The
Bureau is not adopting special rules for the collection of protected
demographic information for particular types of transactions or
lenders. The Bureau believes it is important to collect nationwide,
comprehensive ethnicity, race, and sex data for all covered
applications to fulfill the purposes of section 1071. However, the
Bureau acknowledges commenters' concerns about the potential challenges
in collecting such information in certain situations or for certain
types of lenders and appreciates, in particular, the importance of
trust in furthering important relationships between small businesses
and their local banks. For this reason, among others, the Bureau is not
finalizing its proposal to collect ethnicity and race information via
visual observation or surname analysis, as explained further in the
relevant part of this section-by-section analysis below.
To help applicants' understanding of the section 1071 data
collection, the Bureau has made edits to the sample data collection
form in final appendix E to include sample text that explains the
purpose of the rulemaking and clarifies that the inquiries on the form
for an applicant's status as a minority-owned, women-owned, and/or
LGBTQI+-owned small business and its principal owners' ethnicity, race,
and sex information are required under Federal law. The sample form, of
course, continues to note that applicants are not required to provide
any of the requested demographic information. The Bureau also
anticipates developing materials to help small businesses understand
the rule, as described at the end of part I above.
The Bureau does not believe that agricultural credit transactions
should be viewed or treated differently from other covered transactions
under the final rule, with regard to the collection of principal
owners' ethnicity, race, or sex information. As explained in the
section-by-section analysis of Sec. 1002.104, generally there is
insufficient information available about agricultural credit markets;
nevertheless, there is evidence that these markets are affected by
historical and/or continuing discrimination. Moreover, farms are an
important means of capital formation for families and communities.
Collecting principal owners' ethnicity, race, and sex information for
agricultural credit transactions will help facilitate the Bureau's and
others' understanding of the agricultural credit sector of the small
business lending marketplace and will help to further the enforcement
of fair lending laws for that part of the market. The Bureau also
anticipates that the collection of this information may increase access
to responsible and affordable agricultural credit for a diverse cross-
section of the population, by helping creditors and others identify
needs of and opportunities for small farms, including those that are
minority-, women-, and/or LGBTQI+-owned.
Likewise, the Bureau is not adopting separate rules or exemptions
for credit applications taken at point of sale. As explained further in
the section-by-section analysis of Sec. 1002.107(c), regarding the
time and manner of collection, the Bureau generally believes that the
same rules should apply across all covered credit transactions and
covered financial institutions, and that the arguments made by point of
sale providers are not unique in nature or can be addressed through
other means. Likewise, the Bureau does not believe there should be
special considerations for the collection of ethnicity, race, and sex
information for private label credit, for which commenters raised
similar concerns.
Because the Bureau is exempting insurance premium financing
transactions from coverage under the final rule in Sec.
1002.104(b)(3), commenters' concerns summarized above about collecting
protected demographic information for such transactions are rendered
moot.
With regard to comments raising concerns about collecting
ethnicity, race, and sex information in the context of indirect auto
finance transactions, the Bureau refers readers to its discussion at
the section-by-section analysis of Sec. 1002.109(a)(3). As discussed
there, the Bureau believes that auto dealers are generally unlikely to
be collecting 1071 data on behalf of covered financial institutions
because they are often the last entity with authority to set the
material credit terms of a covered credit transaction. But even in
situations where dealers are acting as conduits and are thus collecting
information on behalf of another financial institution, comment
5(a)(2)-3 to the Board's Regulation B states that persons such as loan
brokers and correspondents do not violate ECOA or Regulation B if they
collect information that they are otherwise prohibited from collecting,
where the purpose of collecting the information is to provide it to a
creditor
[[Page 35352]]
that is subject to HMDA or another Federal or State statute or
regulation requiring data collection.\687\ The Bureau also does not
believe that any specialized knowledge is necessary to collect 1071
data if dealers do collect such data.
---------------------------------------------------------------------------
\687\ This language aligns with comment 5(a)(2)-3 in the
Bureau's Regulation B, to which the Bureau is adding a reference to
subpart B for additional clarity.
---------------------------------------------------------------------------
Lack of applicant responses. The Bureau acknowledges concerns
raised by commenters about the potential for low applicant response
rates to the required inquiries for information about their principal
owners' ethnicity, race, and sex. As discussed in the NPRM, such
concerns motivated the Bureau's proposal to require financial
institutions to collect at least one principal owner's ethnicity and
race information through visual observation and/or surname analysis
under certain circumstances. The Bureau explained that the similar data
collection requirement for the HMDA data collection has been an
important tool in supporting response rates.
As discussed in more detail regarding the Bureau's proposal that
financial institutions collect principal owners' ethnicity and race via
visual observation or surname in certain circumstances, the Bureau
believes that such a requirement could help support response rates in
the right context. However, at this time, the Bureau has elected to
address concerns about applicants' potential unwillingness to
voluntarily provide their principal owners' ethnicity, race, and sex
information by providing further clarification as to the requirement
that an institution maintain procedures to collect applicant-provided
data at a time and in a manner that are reasonably designed to obtain a
response under final Sec. 1002.107(c). For example, final Sec.
1002.107(c)(2) sets forth minimum criteria when collecting applicant-
provided data directly from the applicant that must be included within
a financial institution's procedures to ensure they are reasonably
designed to obtain a response, including seeking to collect such
information before notifying an applicant of action taken on a covered
application, ensuring that the request for applicant-provided data is
prominently displayed or presented, ensuring the collection does not
have the effect of discouraging applicants from providing a response,
and ensuring that applicants can easily respond to a request for the
data. The Bureau also anticipates developing materials to educate small
business owners about the small business lending data collection and
its purposes, which may impact their willingness to provide demographic
information. Further, as discussed in the section-by-section analysis
of final appendix E, the sample data collection form will also include
language that explains, in plain language, the purpose for the
collection of demographic information under the final rule. At this
time, the Bureau believes that these measures will improve applicant
response rates to the protected demographic information inquiries under
the final rule. However, the Bureau will continue to assess whether and
what further measures may be needed to improve response rates.
The Bureau's decision not to change the timing for collecting
protected demographic information to after a credit decision has been
made, as suggested by a commenter, is discussed in the section-by-
section analysis of Sec. 1002.107(c).
Verification. Commenters urged the Bureau to provide that financial
institutions are not permitted or required to verify the ethnicity,
race, or sex of a principal owner and to codify this requirement in the
final rule. The Bureau agrees. Final comment 107(a)(19)-9 clarifies
that a financial institution may only report an applicant's responses
as to its principal owners' ethnicity, race, and sex, even if it
verifies or otherwise obtains the information for other purposes.
Reduced demand for traditional credit. The Bureau appreciates some
commenters' concerns that inquiries about their principal owners'
ethnicity, race, and sex information might discourage small businesses
from seeking credit with traditional lenders. The Bureau anticipates
that while there may be some period of initial hesitation by small
businesses to provide such information, small businesses will become
more familiar with the requests for their demographic information over
time and such requests will be considered a normal part of the process
for seeking business credit. Further, as described at the end of part I
above, the Bureau anticipates developing and distributing materials
about the final rule directed at small businesses. The Bureau also
expects that such materials, by furthering applicant understanding of
the 1071 data collection, will ease the compliance burden for financial
institutions in implementing the final rule.
Privacy. The Bureau received comments generally expressing concerns
that small businesses' owners' demographic information could be used to
identify the businesses and their owners. As discussed in greater
detail in part VIII below, after receiving a full year of reported
data, the Bureau will assess privacy risks associated with the data and
make modification and deletion decisions to the public application-
level dataset. The Bureau takes the privacy of such information
seriously and will be making appropriate modifications and deletions to
any data before making it public, and intends to continue engage with
the public about how to mitigate privacy risk.
With respect to concerns that small business applicants may find
the collection of protected demographic information to be an invasion
of privacy, in amending ECOA to require the collection of an
applicant's principal owners' ethnicity, race, and sex information,
Congress implicitly determined that the benefits of collecting such
information outweigh any invasion of privacy concerns. Nevertheless,
the Bureau notes that it has included sample language in the sample
data collection form in appendix E explaining the purpose of the data
collection, and, as noted, it anticipates developing materials to
further help small businesses understand the purposes of the rule. In
addition, the final rule provides safeguards for applicants' protected
demographic information by requiring that such information be kept
separately from their applications and accompanying information under
Sec. 1002.111(b), through the firewall requirement in Sec. 1002.108,
and in Sec. 1002.110(e) restricting financial institutions' re-
disclosure of protected demographic data to third parties.
Burden and costs for collecting ethnicity, race, sex information.
The Bureau appreciates that financial institutions will face some
initial costs and burden in implementing the final rule, such as from
making changes to its policies, procedures, systems, training programs,
and in other areas. However, as noted by one commenter, the Bureau
believes that for many financial institutions covered by the final
rule, there will be manageable ongoing costs related to the data
collection after an initial implementation period.
The Bureau does not believe it would be appropriate to permit
financial institutions to report only aggregate data, as opposed to
application-level data, as suggested by one commenter. First, the
statute clearly contemplates the collection of individual loan-level
information. Section 1071's information gathering requirement provides
that a financial institution is required to collect and maintain
information ``in the
[[Page 35353]]
case of any application to a financial institution . . .'' (emphasis
added).\688\ Further, the statute requires the financial institution to
compile and maintain ``a record of the information provided by any loan
applicant,'' including loan identifying information such as the number
of the application and the date on which the application was
received.\689\ Given this language, the Bureau believes that Congress
intended that financial institutions compile and maintain application-
level information and submit the information--compiled in that way--to
the Bureau.
---------------------------------------------------------------------------
\688\ ECOA section 704B(b).
\689\ ECOA section 704B(e)(2).
---------------------------------------------------------------------------
Second, the Bureau believes that it is necessary to have specific
ethnicity, race, and sex data for individual principal owners to allow
assessments of whether there are trends in the data, including for
businesses with different amounts of ownership by individuals of
certain ethnicities, races, or sex, which cannot be captured through
the minority-owned, women-owned, and LGBTQI+-owned business status data
points alone. As a result, the Bureau rejects a commenter's suggestion
that the Bureau require the collection of only one principal owner's
ethnicity, race, and sex information.
Direct reporting to the Bureau or third parties, or use of other
data sources. The Bureau is not, at this time, establishing a mechanism
by which small businesses might directly submit demographic information
to the agency. The Bureau notes, in this respect, that the statute
calls for financial institutions to collect these data and report them
to the Bureau. In addition, the mechanisms described by the statute do
not envision the Bureau ever knowing the identity of any small business
submitting data, which would occur if small businesses were to file
demographic data directly with the Bureau.
However, the final rule does not foreclose industry from developing
mechanisms to make demographic data collection and submission more
effective or efficient. For example, industry might seek to foster the
development of third-party mechanisms that would let financial
institutions collect and report demographic information in tokenized
form so that they themselves do not have access to that demographic
data. To the extent that industry stakeholders are interested in the
development of such mechanisms in connection with meeting their
obligations under the final rule, the Bureau is willing to engage with
them on these issues in order to ensure that any such developments
ensure appropriate data quality and protection, do not burden or create
obligations for applicants, and otherwise accord with the rule and the
statute; to the extent necessary and appropriate, the Bureau would also
need to adjust certain regulations and technical guidance. In
considering appropriate data quality and protection, the Bureau will
want to ensure that such a third-party system does not compromise
privacy or other important protections or create opportunities for the
sale of personal data.
Some commenters suggested that, as opposed to requiring financial
institutions to collect and report demographic data, the Bureau should
instead use data, for example, that is gathered by other Federal
agencies or buy it from outside sources. However, Congress's intent
with ECOA section 704B was to require financial institutions to collect
demographic information from applicants that would then be reported to
the Bureau. Gathering such information from other sources would not be
aligned with this intent. Further, the Bureau believes that requiring
financial institutions to collect demographic information during the
application process will help to ensure comprehensive, nationwide
demographic data collection about small business lending, which will in
turn help enable the identification of potential discriminatory lending
practices and identification of the needs and opportunities of small
businesses, including women-owned, minority-owned, and LGBTQI+-owned
businesses. Data that have been collected in other contexts and for
other purposes, and analyzed pursuant to those agencies' methods for
those other purposes, would not achieve what the Bureau believes is
necessary to meet section 1071's statutory objectives. Further, some of
the approaches suggested by commenters would not be feasible, such as
buying data from sources outside of the Federal government, because
they do not identify a small business applicant's principal owners. The
Bureau also notes that it has worked with other Federal regulators so
that they can tailor data collections in this area to take advantage of
data collected under this rule, thereby reducing burden on regulated
entities.
Applicant and financial institution education and guidance. With
respect to commenters' requests that the Bureau educate and explain the
final rule and its requirements to small business applicants, the
public, and financial institutions, and to provide translations of the
sample data collection form into other languages, the Bureau refers
readers to its discussion regarding compliance and technical assistance
at the end of part I above. Likewise, the Bureau agrees with commenters
that it is important to provide a disclosure to applicants to generally
explain the rule and its purpose. Instruction 4 to proposed appendix G
would have explained that a financial institution may inform applicants
that Federal law requires it to ask for the principal owners'
ethnicity, race, and sex to help ensure that all small business
applicants for credit are treated fairly and that communities' small
business credit needs are being fulfilled. In response to comments
about the importance of helping applicants to understand the reasons
for the data collection,\690\ under the final rule financial
institutions are required to provide such information (see final
comment 107(a)(19)-4); sample language effecting this provision is
included on the sample data collection form at appendix E.
---------------------------------------------------------------------------
\690\ This was reaffirmed in user testing. See CFPB, User
testing for sample data collection form for the small business
lending final rule at app. A (Mar. 2023), https://www.consumerfinance.gov/data-research/research-reports/user-testing-for-sample-data-collection-form-for-the-small-business-lending-final-rule/.
---------------------------------------------------------------------------
Proposed Rule--Collecting Ethnicity and Race Using Aggregate Categories
and Disaggregated Subcategories
The Bureau proposed that financial institutions request principal
owners' ethnicity and race using both aggregate categories as well as
disaggregated subcategories.
With respect to ethnicity data collection, the Bureau proposed
using the same aggregate categories (i.e., Hispanic or Latino and Not
Hispanic or Latino) and disaggregated subcategories as are used in
Regulation C. With respect to race data collection, the Bureau proposed
using the same aggregate categories as are used in Regulation C (i.e.,
American Indian or Alaska Native; Asian; Black or African American;
Native Hawaiian or Other Pacific Islander; and White). The Bureau also
proposed using the same disaggregated subcategories for the Asian race
category and the Native Hawaiian or Other Pacific Islander race
category, as well as with respect to the American Indian or Alaska
Native race category, including by inviting an applicant to provide the
name of a principal or enrolled tribe. In addition, the Bureau proposed
adding disaggregated subcategories for the Black or African American
race category, which are not used when
[[Page 35354]]
collecting data pursuant to Regulation C.
The Bureau explained that OMB has issued standards for the
classification of Federal data on ethnicity and race.\691\ OMB's
government-wide standards provide a minimum standard for maintaining,
collecting, and presenting data on ethnicity and race for all Federal
reporting purposes. These standards have been developed to provide ``a
common language for uniformity and comparability in the collection and
use of data on ethnicity and race by Federal agencies.''
\692\[thinsp]The OMB standards provide the following minimum categories
for data on ethnicity and race: Two minimum ethnicity categories
(Hispanic or Latino; Not Hispanic or Latino) and five minimum race
categories (American Indian or Alaska Native; Asian; Black or African
American; Native Hawaiian or Other Pacific Islander; and White). The
aggregate categories for ethnicity and race in Regulation C, which the
Bureau proposed to use in the section 1071 final rule, conform to the
OMB standards.
---------------------------------------------------------------------------
\691\ Off. of Mgmt. & Budget, Revisions to the Standards for the
Classification of Federal Data on Race and Ethnicity, 62 FR 58782,
58782-90 (Oct. 30, 1997) (OMB Federal Data Standards on Race and
Ethnicity).
\692\ See id.
---------------------------------------------------------------------------
The Bureau also explained that in addition to the minimum data
categories for ethnicity and race, the OMB's standards provide
additional key principles. First, self-identification is the preferred
means of obtaining information about an individual's ethnicity and
race, except in instances where observer identification is more
practical.\693\ Second, the collection of greater detail is encouraged
as long as any collection that uses more detail is organized in such a
way that the additional detail can be aggregated into the minimum
aggregate categories for data on ethnicity and race. More detailed
reporting, which can be aggregated to the minimum categories, may be
used at the agencies' discretion. Lastly, Federal agencies must produce
as much detailed information on ethnicity and race as possible;
however, Federal agencies shall not present data on detailed categories
if doing so would compromise data quality or confidentiality
standards.\694\
---------------------------------------------------------------------------
\693\ See id.
\694\ See id.
---------------------------------------------------------------------------
The Bureau noted that although OMB received comments requesting the
creation of a separate Arab or Middle Eastern ethnicity category prior
to the adoption of the OMB Federal Data Standards on Race and Ethnicity
in 1997, OMB accepted the Interagency Committee's recommendation not to
include one in the 1997 minimum standards for reporting of Federal data
on race and ethnicity. OMB stated that while it was adopting the
Interagency Committee's recommendation, it believed additional research
was needed to determine the best way to improve data on this population
group.\695\
---------------------------------------------------------------------------
\695\ Id. at 58782.
---------------------------------------------------------------------------
The Bureau further explained that in 2017, OMB requested comment on
the Federal Interagency Working Group for Research on Race and
Ethnicity's (Working Group's) proposals to update the OMB Federal Data
Standards on Race and Ethnicity.\696\ The Working Group proposed adding
a Middle Eastern or North African classification to the Federal Data
Standards on Race and Ethnicity and to issue specific guidelines for
the collection of detailed data for American Indian or Alaska Native,
Asian, Black or African American, Hispanic or Latino, Native Hawaiian
or Other Pacific Islander, and White groups.\697\ The Working Group
also considered whether race and ethnicity should be collected using
separate questions versus a combined question. The OMB Federal Data
Standards on Race and Ethnicity have not been updated, however, in the
time since OMB's 2017 request for comment.
---------------------------------------------------------------------------
\696\ 82 FR 12242 (Mar. 1, 2017).
\697\ See OMB Federal Data Standards on Race and Ethnicity.
---------------------------------------------------------------------------
The Bureau stated its belief that it is also important to consider
the data standards that the U.S. Census Bureau (Census Bureau) uses in
the Decennial Census. The definition of Hispanic or Latino origin used
in the 2010 and 2020 Census questionnaire refers to a person of Cuban,
Mexican, Puerto Rican, South or Central American, or other Spanish
culture or origin regardless of race.\698\ The 2010 and 2020 Census
disaggregated the Hispanic or Latino ethnicity into four categories
(Mexican, Mexican American, or Chicano; Puerto Rican; Cuban; and
Another Hispanic, Latino or Spanish origin) and included an area where
respondents could provide (i.e., write in) a specific Hispanic, Latino,
or Spanish origin group as additional information.\699\
---------------------------------------------------------------------------
\698\ See U.S. Census Bureau, 2010 Official Questionnaire,
https://www.census.gov/history/pdf/2010questionnaire.pdf (2010
Census Official Questionnaire), and U.S. Census Bureau, 2020
Official Questionnaire, https://www2.census.gov/programs-surveys/decennial/2020/technical-documentation/questionnaires-and-instructions/questionnaires/2020-informational-questionnaire.pdf
(2020 Census Official Questionnaire).
\699\ See 2010 Census Official Questionnaire and 2020 Census
Official Questionnaire.
---------------------------------------------------------------------------
The Bureau explained that the 2010 and 2020 Census questionnaires
listed three of OMB's five aggregate race categories (American Indian
or Alaska Native; Black or African American; and White). Although the
questionnaires do not list the aggregate race categories for Asian or
for Native Hawaiian or Other Pacific Islander, they do list the related
disaggregated subcategories for the Asian race category (i.e., Asian
Indian, Chinese, Filipino, Japanese, Korean, Vietnamese, Other Asian),
and for the Native Hawaiian and Other Pacific Islander race category
(i.e., Native Hawaiian, Chamorro,\700\ Samoan, Other Pacific Islander).
These questionnaires also included three areas where respondents could
write in a specific race: a specific Other Asian race, a specific Other
Pacific Islander race, or the name of an enrolled or principal tribe in
the American Indian or Alaska Native category.\701\ Additionally, the
2020 Census allowed respondents to write in a specific origin for the
White category and for the Black or African American category. For
respondents who did not identify with any of the five minimum OMB race
categories, the Census Bureau included a sixth race category--Some
Other Race--on the 2010 and 2020 Census questionnaires. Respondents
could also select one or more race categories and write-in
options.\702\
---------------------------------------------------------------------------
\700\ The questionnaire for the 2010 Census included ``Guamanian
or Chamorro,'' but the questionnaire for the 2020 Census included
only ``Chamorro.''
\701\ See 2010 Census Official Questionnaire and 2020 Census
Official Questionnaire.
\702\ See id.
---------------------------------------------------------------------------
The Bureau noted that on February 28, 2017, the Census Bureau
released its 2015 National Content Test: Race and Ethnicity Analysis
Report. This National Content Test provided the U.S. Census Bureau with
empirical research to contribute to the planning for the content of the
2020 Census' race/ethnicity questions. The report presented findings to
the Census Bureau Director and executive staff on research conducted to
assess optimal design elements that could be used in question(s) on
race and ethnicity. It noted that Americans view ``race'' and
``ethnicity'' differently than in decades past and that a growing
number of people find the current race and ethnicity categories
confusing, or they wish to see their own specific group reflected on
the Census questionnaire. The National Content Test's research found
that there have been a growing number of people who do not identify
with any of the official OMB race categories, and that an increasing
number of respondents have been racially classified as ``Some Other
[[Page 35355]]
Race.'' This was primarily because of reporting by Hispanics who did
not identify with any of the OMB race categories, but it also noted
that segments of other populations, such as Afro-Caribbean and Middle
Eastern or North African populations, did not identify with any of the
OMB race categories.\703\ The 2015 National Content Test: Race and
Ethnicity Analysis Report concluded that optimal design elements that
may increase reporting, decrease item non-response, and improve data
accuracy and reliability include: (1) a combined race and ethnicity
question with detailed checkbox options; (2) a separate ``Middle
Eastern or North African'' response category; and (3) instructions to
``Mark all that apply'' or ``Select all that apply'' (instead of ``Mark
[X] one or more boxes'').\704\
---------------------------------------------------------------------------
\703\ U.S. Census Bureau, 2015 National Content Test: Race and
Ethnicity Analysis Report, Executive Summary, at ix (Feb. 28, 2017),
https://www2.census.gov/programs-surveys/decennial/2020/program-management/final-analysis-reports/2015nct-race-ethnicity-analysis.pdf.
\704\ Id. at 83-85.
---------------------------------------------------------------------------
The Census Bureau did not ultimately incorporate these design
elements into the questionnaire for the 2020 Decennial Census, but
instead continued to ask about ethnicity and race in two separate
questions. While the questionnaire did not provide detailed check box
options for the White race category or for the Black or African
American race category, the questionnaire did add write-in options and
noted examples. For White, it noted examples of German, Irish, English,
Italian, Lebanese, and Egyptian. For Black or African American, it
noted examples of African American, Jamaican, Haitian, Nigerian,
Ethiopian, and Somali.\705\ Notwithstanding the approach used by the
Census Bureau for the 2020 Decennial Census, the Bureau requested
comment on whether the approach and design elements set forth in the
2015 National Content Test: Race and Ethnicity Report Analysis (whether
in whole or in part) would improve data collection that otherwise
furthers section 1071's purposes, improve self-identification of race
and ethnicity by applicants and response rates, or impose burdens on
financial institutions collecting and reporting this information.
---------------------------------------------------------------------------
\705\ See 2020 Census Official Questionnaire.
---------------------------------------------------------------------------
The Bureau proposed that financial institutions must permit
applicants to provide a principal owner's ethnicity and race using the
aggregate categories used for HMDA data collection, which conform to
the OMB standards. The Bureau believed that aligning the aggregate
ethnicity and race categories for this rule's data collection with the
HMDA data collection would promote consistency and could reduce
potential confusion for applicants, financial institutions, and other
users of the data.
The Bureau also proposed that applicants must be permitted to
provide a principal owner's ethnicity and race using the disaggregated
subcategories used in HMDA data collection, which also conform to one
of the key principles in the OMB standards: encouraging the collection
of greater detail as long as any collection that uses more detail is
organized in such a way that the additional detail can be aggregated
into the minimum aggregate categories for data on ethnicity and race.
With respect to ethnicity data collection, the Bureau proposed that
applicants must be permitted to provide a principal owner's ethnicity
using the disaggregated subcategories used in HMDA data collection. For
race data collection, the Bureau proposed that applicants must be
permitted to provide a principal owner's race using the disaggregated
subcategories for the Asian race category and the Native Hawaiian or
Other Pacific Islander race category. The Bureau also proposed that
applicants must be permitted to provide a principal owner's race using
disaggregated subcategories for the Black or African American race
category, which is not currently used in HMDA data collection. Lastly,
similar to HMDA, the Bureau proposed inviting an applicant to provide
the name of a principal or enrolled tribe for each principal owner with
respect to the American Indian or Alaska Native race category.
The Bureau explained that it was proposing use of disaggregated
subcategories for this rulemaking, in part, for general consistency
with existing HMDA reporting requirements. Further, collection and
reporting using disaggregated subcategories could be beneficial when
attempting to identify potential discrimination or business and
community development needs in particular communities. While
disaggregated data may not be useful in analyzing potential
discrimination where financial institutions do not have a sufficient
number of applicants or borrowers within particular subgroups to permit
reliable assessments of whether unlawful discrimination may have
occurred, disaggregated data on ethnicity and race may help identify
potentially discriminatory lending patterns in situations in which the
numbers are sufficient to permit such fair lending assessments. The
Bureau noted that additionally, as suggested in the 2015 National
Content Test: Race and Ethnicity Report Analysis, the use of
disaggregated subcategories may increase response rates.
The Bureau acknowledged, however, that including the disaggregated
subcategories for four principal owners may make data collection more
difficult in certain situations, such as for applications taken solely
by telephone or for paper applications taken at retail locations. Given
these concerns, the Bureau sought comment on whether an accommodation
should be made for certain application scenarios, for example by
permitting financial institutions to collect ethnicity and race
information using only the aggregate categories or to permit financial
institutions to collect ethnicity, race, and sex information on only
one principal owner in those scenarios. The Bureau also noted that
FinCEN's customer due diligence rule excludes from certain of its
requirements point-of-sale transactions for the purchase of retail
goods or services up to a limit of $50,000.\706\ The Bureau did not
propose this approach given the different purposes and requirements of
the customer due diligence rule (as well as FinCEN's related customer
identification program rule) \707\ and section 1071. Nonetheless, the
Bureau sought comment on whether covered applications taken at retail
locations, such as credit cards and lines of credit with a credit limit
under a specified amount (such as $50,000), should be excepted from
some or all of the requirement to obtain principal owners' ethnicity,
race, and sex information.
---------------------------------------------------------------------------
\706\ 31 CFR 1010.230(h)(1)(i). The customer due diligence
rule's exclusion for certain point of sale transactions is based on
the ``very low risk posed by opening such accounts at [a] brick and
mortar store.'' Fin. Crimes Enf't Network, U.S. Dep't of Treas.,
Guidance: Frequently Asked Questions Regarding Customer Due
Diligence Requirements for Financial Institutions, at Q 29 (Apr. 3,
2018), https://www.fincen.gov/sites/default/files/2018-04/FinCEN_Guidance_CDD_FAQ_FINAL_508_2.pdf.
\707\ FinCEN's customer identification program rule does not
contain a point of sale exclusion. While the rule permits
verification of customer identity information within a reasonable
time after an account is opened, the collection of required customer
information must occur prior to account opening. See 31 CFR
1020.220(a)(2)(i)(A) and (ii). For credit card accounts, a bank may
obtain identifying information about a customer from a third-party
source prior to extending credit to the customer. 31 CFR
1020.220(a)(2)(i)(C).
---------------------------------------------------------------------------
The Bureau also sought comment on its proposed use of the HMDA
aggregate categories, the HMDA disaggregated subcategories (including
the ability to provide additional information if an applicant indicates
that a principal owner is Other Hispanic or Latino, Other Asian, or
Other Pacific Islander), and the proposed addition of
[[Page 35356]]
disaggregated subcategories for the Black or African American category.
Additionally, the Bureau sought comment regarding whether it would be
helpful or appropriate to provide additional clarification or to pursue
a different approach regarding the ability of a principal owner to
identify as Other Hispanic or Latino, Other Asian, or Other Pacific
Islander or to provide additional information if a principal owner is
Other Hispanic or Latino, Other Asian, or Other Pacific Islander. The
Bureau also sought comment on whether any additional or different
categories or subcategories should be used for section 1071 data
collection, and whether the collection and reporting of ethnicity and
race should be combined into a single question for purposes of section
1071 data collection and reporting. The Bureau further sought comment
on whether an additional category for Middle Eastern or North African
should be added and, if so, how this category should be included and
defined. In addition, the Bureau sought comment on whether
disaggregated subcategories should be added for the aggregate White
category, and if so, what disaggregated subcategories should be added
and whether the applicant should be permitted to write in or otherwise
provide other disaggregated subcategories or additional information.
The Bureau also sought comment on whether the approach and design
elements set forth in the 2015 National Content Test: Race and
Ethnicity Report Analysis would improve data collection or otherwise
further section 1071's purposes, as well as whether it would pose any
particular burdens or challenges for financial institutions collecting
and reporting this information. Finally, the Bureau sought comment on
whether, similar to data collection pursuant to Regulation C, financial
institutions should be limited to reporting a specified number of
aggregate categories and disaggregated subcategories and, if so,
whether such a limitation should be described in the sample data
collection form.
Proposed comments 107(a)(20)-6 and -7 would have provided guidance
on collecting and reporting ethnicity and race information,
respectively. The proposed comments would have explained that
applicants must be permitted to provide a principal owner's ethnicity
or race using aggregate categories and disaggregated subcategories and
would have also listed the aggregate categories and disaggregated
subcategories that applicants must be permitted to use. The proposed
comments would have also explained that applicants must be permitted to
select one, both, or none of the aggregate categories and as many
disaggregated subcategories as the applicant chooses, even if the
applicant does not select the corresponding aggregate category. The
proposed comments would have stated that, if an applicant provides
ethnicity or race information for a principal owner, the financial
institution reports all of the aggregate categories and disaggregated
subcategories provided by the applicant, and the proposed comments
would have provided examples. The proposed comments would have stated
that a financial institution must also permit the applicant to refuse
to provide ethnicity or race information for one or more principal
owners and explain how a financial institution reports ethnicity or
race information if an applicant declines to provide the information or
fails to respond. Finally, the proposed comments would have explained
how a financial institution reports ethnicity or race information if an
applicant has fewer than four principal owners, and they would have
provided examples.
Comments Received--Collecting Ethnicity and Race Using Aggregate
Categories and Disaggregated Subcategories
The Bureau received comments from a range of commenters, including
lenders, trade associations, community groups, and a business advocacy
group, on its proposal to collect ethnicity and race using aggregate
categories and disaggregated subcategories.
Several banks and a group of trade associations opposed the
proposal to collect ethnicity and race information using disaggregated
subcategories. Specifically, these commenters asserted that the
disaggregated subcategories do not add value to fair lending reviews or
findings in the HMDA context because there is not enough disaggregated
subcategory data from which to draw fair lending conclusions, as
mortgage applicants do not often use the disaggregated subcategories.
Thus, they said, disaggregated subcategories should not be adopted for
this data collection. The group of trade associations also stated that
the Bureau's analysis of 2018 HMDA data shows that mortgage applicants
largely selected one ethnicity or race field and asserted that the
Bureau has not shown that small business credit applicants are likely
to behave differently. A small business owner also objected to the
Bureau's proposal on the grounds that applicants would not report the
ethnicity and race of their principal owners accurately and, if faced
with a long list of categories, would choose not to report. This
commenter also asserted that the Bureau's proposal does not align with
other government data collections and would hinder data analysis.
Two of those banks and the group of trade associations also
objected on the grounds that collecting disaggregated data in the HMDA
context has been burdensome and frustrating for applicants and lenders.
The trade associations also argued that including disaggregated
subcategories would impose more burden than under Regulation C because
ethnicity and race data would need to be collected for up to four
principal owners under the Bureau's proposal, whereas it would
generally be collected for only one or two applicants for the HMDA data
collection. This commenter also emphasized that for ethnicity and race
data collection under Regulation C, financial institutions are required
to read aloud all of the ethnicity and race disaggregated subcategories
when taking a mortgage application over the phone, which the commenter
asserted has been frustrating for mortgage applicants and would likely
be frustrating for small business applicants as well.
The group of trade associations and a bank further argued for use
of only the aggregate categories currently used in Regulation C and the
OMB Federal Data Standards on Race and Ethnicity, without any new
aggregate or disaggregated categories. As discussed above regarding
general comments about the Bureau's proposal for collecting ethnicity,
race, and sex, the Bureau also received some comments requesting that
demographic information collection generally (including on race and
ethnicity) for this rule should be the same, or similar to the greatest
extent possible, as for Regulation C.
In contrast, many community groups and a minority business advocacy
group, as well as some industry commenters, generally supported
collecting ethnicity and race using aggregate categories and
disaggregated subcategories as proposed by the Bureau. These commenters
stated that collecting detailed, disaggregated ethnicity and race data
on small business applicants' owners, and particularly for those of
color, will over time provide transparency as to the different
experiences of racial and ethnic subgroups in the small business
lending marketplace, further fair lending enforcement, and support the
objectives of section 1071. Several commenters emphasized that
disaggregated data will help capture
[[Page 35357]]
potential discrimination and allow for targeted support. One stated
that the proposal will add nuance to fair lending assessments and that
aggregate racial and ethnic categories mask economic disparities and
differences in social capital and experiences.
Many of these commenters highlighted that HMDA data has revealed
that racial and ethnic subgroups have different experiences in the home
buying market. These commenters argued that, similarly, disaggregated
ethnicity and race data are necessary to allow assessments in the small
business lending marketplace. Several of these commenters specifically
noted that research based on 2019 HMDA data shows that Asian American
and Pacific Islander communities and Hispanic/Latino subgroups fare
differently in the mortgage market. One commenter noted, as an example
of different experiences, that participants in its homebuying seminars
have stated that language barriers often create difficulties in the
home buying process. Other commenters noted the importance of
disaggregated data for business lending specifically, generally citing
findings in the Federal Reserve Banks' Small Business Credit Survey:
2021 Report on Employer Firms that firms owned by people of color were
less likely to receive the full of amount financing sought than white-
owned businesses.
Some commenters stated that they supported the Bureau's proposed
approach of generally aligning with HMDA's aggregate categories and
disaggregated subcategories for ethnicity and race and also adding new
disaggregated subcategories. Two commenters affirmed that the HMDA
ethnicity and race categories and subcategories are also relevant for
small business lending. A lender commented that this approach will
reveal different experiences in the small business lending market, but
also provide familiar reporting standards. Another lender stated that
aligning many of the ethnicity and race categories with those for HMDA
would promote consistency and reduce confusion. One community group
stated that based on the HMDA experience, it anticipates that
applicants will not have difficulty understanding the information being
requested regarding race as long as the sample form is clear for both
lenders and applicants to follow.
Many commenters also supported the specific ethnicity and race
aggregate categories and disaggregated subcategories proposed. Some
called out their support for particular groups of disaggregated
subcategories, for example for the Hispanic/Latino population, Asian,
and Native Hawaiian or Other Pacific Islander aggregate categories.
Some commenters noted that none of these communities are monoliths and
different subgroups have different experiences in seeking credit. One
commenter made a similar statement regarding African American and
African immigrant communities in the residential mortgage context.
A community group operating in New York City suggested adding
certain subgroups listed as examples in the Other Latino or Hispanic
disaggregated ethnicity subcategory and in the Other Asian
disaggregated race subcategory. The community group suggested adding an
ethnicity subcategory for Dominican, because in New York City
Dominicans make up a larger percentage of the population than Puerto
Ricans, one of the proposed disaggregated ethnicity subcategories. The
commenter also suggested adding Colombian, Ecuadorian, and Honduran
disaggregated ethnicity subcategories. This commenter further suggested
adding Bangladeshi and Pakistani disaggregated race subcategories,
under the Asian aggregate race category, stating that these populations
make up 6 percent and 8 percent, respectively, of the Asian population
in New York City.
Many commenters expressed specific support for the proposed
disaggregated Black or African American race subcategories. One
commenter stated that there are distinct differences in the experiences
and treatment of different subgroups and that many of these subgroups
have tight-knit communities and thus it is important that this data
collection captures such nuances, and another stated that
disaggregation generally has proven to have value in the HMDA context.
Regarding the American Indian or Alaska Native aggregate race
category, several commenters supported the Bureau's proposal to include
a write-in text field for an applicant to name a principal owner's
enrolled or principal tribe, though some also were concerned that there
would be insufficient information on indigenous small business owners
as a result of small sample sizes, which could mask the credit needs of
that community.
Some commenters supported adding an additional category for Middle
Eastern or North African in the final rule, in response to the Bureau's
request for comment. One commenter stated that individuals of Middle
Eastern or North African descent are often left with little choice but
to select White as their race, despite a long history of discrimination
in the United States, and that adding this category would meet the
spirit of section 1071. Several other commenters stated that a Middle
Eastern or North African category should be added to capture
discrimination against and barriers for applicants of Middle Eastern or
North African descent. A couple of commenters suggested that North
African and Middle Eastern could be addressed as its own category or as
disaggregated subcategories. However, a group of trade associations
argued against the proposal for a Middle Eastern or North African
category, noting that OMB never finalized its proposal to include such
a category in its Federal standards on race and ethnicity.
Regarding disaggregated ethnicity and race categories generally, a
joint letter from community groups and business advocacy groups
suggested that the Bureau provide in the final rule that the ethnicity
and race categories will be maintained and updated in alignment with
OMB's standards and that the specifications will be adjusted in filing
instructions that the Bureau issues from time to time.
Several commenters responded to the Bureau's request for comment on
whether to combine the proposed questions about ethnicity and race.
These commenters did not support combining the questions. A group trade
associations noted that while the Census Bureau's 2015 National Content
Test: Race and Ethnicity Report Analysis showed that many individuals
that select Hispanic or Latino as their ethnicity do not make any race
selections because they do not identify with the aggregate race
categories, the race and ethnicity questions were ultimately not
combined for 2020 Decennial Census. The commenter also reiterated that
the questions are separate for HMDA data collection purposes, and
stated that the same approach should be used for this rule to maintain
consistency across data collection rules and with the Census Bureau's
approach, reduce burden for financial institutions, and facilitate data
analyses.
One commenter urged the Bureau to allow applicants to provide an
additional disaggregated subcategory in addition to those specified in
the proposal beside ``other'' in a text field in the same manner that
American Indian or Alaska Natives can identify tribal affiliation. The
commenter stated this would allow applicants to write in responses such
as Nicaraguan or Hmong that may provide important additional
information for fair lending enforcement.
[[Page 35358]]
A bank asserted that for the ethnicity and race data collection
under Regulation C, when applicants select a disaggregated ethnicity or
race subcategory, the selection prevents the applications from being
associated with the corresponding aggregate category. The commenter
stated that this issue impacts how some lenders' application and
origination performance with specific communities appears and urged the
Bureau to fix the issue in the Regulation C data collection and ensure
it is not replicated for the section 1071 data collection.
Final Rule--Collecting Ethnicity and Race Using Aggregate Categories
and Disaggregated Subcategories
For the reasons set forth herein, the Bureau is finalizing its
proposal to collect information about the ethnicity and race of
principal owners using aggregate categories and disaggregated
subcategories generally as proposed. However, the Bureau has revised
the commentary related to the collection of ethnicity and race data to
reduce repetition among the appendices and the commentary and to
reflect other changes, as explained below.
The Bureau agrees with commenters that the disaggregated ethnicity
and race subcategories will provide meaningful data that will further
section 1071's purposes. Such data will be beneficial in identifying
potential discrimination or business and community development needs in
particular communities, including by providing insight into variations
in borrowing experiences by ethnicity and race across the small
business lending marketplace, even if not all applicants make ethnicity
or race disaggregated subcategory selections. For example, in the HMDA
context, the Bureau has used disaggregated race data collected under
Regulation C to find that some Asian American and Pacific Islanders
subgroups fare better than others in the mortgage market.\708\ Other
data users have been able to draw conclusions and make policy
recommendations to address differences and disparities in home lending
among subgroups in the Hispanic or Latino community using disaggregated
HMDA subcategories.\709\ The Bureau believes that disaggregated
ethnicity and race data in the section 1071 data collection will
similarly advance section 1071's purpose in enabling communities,
governmental entities, and creditors to identify business and community
development needs and opportunities of businesses with owners that are
members of ethnic and racial subgroups, regardless of whether those
businesses meet the definition of a minority-owned small business.
---------------------------------------------------------------------------
\708\ Bureau of Consumer Fin. Prot., Data Point: Asian American
and Pacific Islanders in the Mortgage Market (July 2021), https://files.consumerfinance.gov/f/documents/cfpb_aapi-mortgage-market_report_2021-07.pdf.
\709\ See Agatha So et al., Nat'l Cmty. Reinvestment Coal.,
Hispanic Mortgage Lending: 2019 HMDA Analysis (2019), https://www.ncrc.org/hispanic-mortgage-lending-2019-analysis/.
---------------------------------------------------------------------------
With respect to the fair lending enforcement purpose of section
1071, the Bureau recognizes that disaggregated data may not be useful
in analyzing potential discrimination where financial institutions do
not have a sufficient number of applicants or borrowers within
particular subgroups to permit reliable assessments of whether unlawful
discrimination may have occurred. However, the Bureau believes there
will be--as has proven to be the case in the HMDA data--situations in
which the numbers are sufficient to permit such fair lending
assessments. The Bureau also believes that the use of disaggregated
subcategories may increase ethnicity and race response rates by small
business applicants. Requiring the collection of disaggregated race and
ethnicity data also follows a key principle set forth in the OMB
Federal Data Standards on Race and Ethnicity to encourage applicants to
self-identify their principal owners' race and ethnicity, by providing
more inclusive options for applicant self-reporting.\710\
---------------------------------------------------------------------------
\710\ See 62 FR 58782, 58789 (Oct. 30, 1997).
---------------------------------------------------------------------------
The Bureau is not, at this time, adding additional disaggregated
ethnicity and race subcategories beyond those set forth in the NPRM.
While one commenter suggested adding a few disaggregated ethnicity and
race categories, such suggestions were based on the demographics of a
specific city and it is unclear whether they would provide useful data
in a nationwide data collection. The Bureau notes that if an
applicant's principal owner does not clearly identify with any of the
listed disaggregated ethnicity or race subcategories associated with a
specific aggregate ethnicity or race category, many of the aggregate
ethnicity and race categories have an associated ``Other''
disaggregated subcategory (e.g., ``Other Hispanic or Latino,'' ``Other
Asian,'' ``Other Black or African American,'' and ``Other Pacific
Islander'') that give the applicant opportunities to provide a specific
subcategory not listed or otherwise provide additional ethnicity or
race information.\711\
---------------------------------------------------------------------------
\711\ The exceptions are the ``American Indian or Alaska
Native'' aggregate race category, which provides applicants with an
opportunity to write in or provide additional information about
their principal owner's enrolled or principal tribe, the ``Not
Hispanic or Latino'' aggregate ethnicity category, and the ``White''
aggregate race category.
---------------------------------------------------------------------------
The Bureau also is not adding a separate, disaggregated subcategory
for applicants to write in ethnicity or race information, as suggested
by a commenter. The Bureau recognizes that some applicants may not
clearly identify with the Bureau's designated ethnicity and race
aggregate categories and disaggregated subcategories, despite the
``Other'' disaggregated ethnicity and race subcategories associated
with the aggregate ethnicity and race categories in the final rule. The
Bureau also notes that the 2020 Decennial Census and the Census
Bureau's American Community Survey include a separate ``Some Other
Race'' category, which provided respondents with the ability to write
in additional information.\712\ However, the Census Bureau's use of
this race category is statutorily required and the best practice for
Federal agencies is to not include a ``Some Other Race'' category
unless required by law.\713\ The Bureau believes it is important that
the race and ethnicity information be capable of being aggregated to or
associated with the five OMB aggregate categories for race and the two
aggregate categories for ethnicity in the OMB Federal Data Standards on
Race and Ethnicity to facilitate the Bureau's and others' ability to
analyze and use the collected data. As noted above, applicants will be
able to use the associated ``Other'' disaggregated subcategories
associated with many of the aggregate race and ethnicity categories to
provide their principal owners' information and, as clarified by final
comments 107(a)(19)-13 and -14, will also be able to make multiple
selections for their principal owners' race and/or ethnicity to
accurately reflect their racial and ethnic identities.
---------------------------------------------------------------------------
\712\ See 2020 Census Official Questionnaire; 2022 American
Community Survey Questionnaire.
\713\ See Chief Statistician of the U.S., Flexibilities and Best
Practices for Implementing the Office of Management and Budget's
1997 Standards for Maintaining, Collecting, And Presenting Federal
Data on Race and Ethnicity (Statistical Policy Directive No. 15),
n.32 (July 2022) (citing the Science, State, Justice, Commerce, and
Related Agencies Appropriations Act, 2006, Public Law 109-108, tit.
II, 119 Stat. 2289, 2308-09 (2005)), https://www.whitehouse.gov/wp-content/uploads/2022/07/Flexibilities-and-Best-Practices-Under-SPD-15.pdf; id. at 8-9.
---------------------------------------------------------------------------
The Bureau likewise is not combining the questions about ethnicity
and race at this point in time. Commenters generally did not support or
did not state a position on combining the ethnicity and race questions.
The Bureau notes that the 2020 Decennial
[[Page 35359]]
Census and the 2022 American Community Survey also do not combine the
questions.\714\
---------------------------------------------------------------------------
\714\ The 2020 Decennial Census and the 2022 American Community
Survey both ask separate questions for Hispanic, Latino, or Spanish
origin, and for race. See 2020 Census Official Questionnaire; U.S.
Census Bureau, 2022 American Community Survey Questionnaire, https://www2.census.gov/programs-surveys/acs/methodology/questionnaires/2022/quest22.pdf.
---------------------------------------------------------------------------
Some commenters expressed concern that the Bureau's proposal for
the American Indian or Alaska Native aggregate race category, which
does not have specifically listed disaggregated subcategories but
permits applicants to write in the name of a principal owner's enrolled
or principal tribe, would lead to small sample sizes and thus
insufficient information to make assessments about indigenous small
business owners and those communities. At this time, the Bureau is not
making any changes to its approach for the American Indian or Alaska
Native aggregate race category. The Bureau notes that the Census
Bureau's 2020 Decennial Census and 2022 American Community Survey
similarly listed American Indian or Alaska Native as an aggregate race
category, do not list specific disaggregated subcategories, and ask
respondents to ``Print [the] name of enrolled or principal tribe(s)''
along with suggested write-in options.\715\ As explained in the 2015
National Content Test: Race and Ethnicity Race Report Analysis, there
are hundreds of American Indian and Alaska Native tribes, villages, and
groups, and checkboxes for the largest groups would only represent a
small percentage of the American Indian and Alaska Native
population.\716\ Given this research, the Bureau believes that its
approach to the American Indian or Alaska Native aggregate race
category is appropriate and is thus not including a list of suggested
write-in examples at this time.
---------------------------------------------------------------------------
\715\ See 2020 Census Official Questionnaire; U.S. Census
Bureau, 2022 American Community Survey Questionnaire.
\716\ 2015 National Content Test: Race and Ethnicity Report
Analysis, at 52 (``[W]e know from Census Bureau research that there
are hundreds of very small detailed [American Indian and Alaska
Native] tribes, villages, and indigenous groups for which Census
Bureau data is collected and tabulated, and if we were to employ the
six largest American Indian groups and Alaska Native groups as
checkboxes, they would represent only about 10 percent of the entire
AIAN population.'').
---------------------------------------------------------------------------
The Bureau has also decided against specifically collecting data on
Middle Eastern or North African populations at this point in time,
whether as an aggregate ethnicity or race category, a disaggregated
ethnicity or race subcategory, or through some other inquiry, due to
uncertainty about how a Middle Eastern or North African category should
be defined. As detailed in the NPRM, the Census Bureau and OMB have
considered, over the course of years, whether to include a separate
Arab or North African, or alternatively Middle Eastern or North
African, classification in the Decennial Census and the Federal Data
Standards on Race and Ethnicity.\717\ But, despite a 2017
recommendation by a Federal interagency working group to add such a
classification to the OMB Federal Data Standards on Race and Ethnicity,
the standards have not been updated. And, although it was recommended
in the 2015 National Content Test: Race and Ethnicity Report Analysis
that a separate Middle Eastern or North African classification be
adopted for the 2020 Decennial Census, no Middle Eastern or North
African classification was included due to questions about whether the
information should be collected as an ethnicity or race category.\718\
Given the unsettled nature of how to best collect information about
Middle Eastern and North African populations, the Bureau is not
including a separate classification for Middle Eastern or North African
at this point in time. The Bureau notes, however, that OMB is currently
in the process of reviewing and revising the standards for collecting
data on race and ethnicity for the Federal government and may revise
the standards by the summer of 2024.\719\ The Bureau will be reviewing
OMB's efforts and other developments that may arise in the area of
ethnicity and race data collection and measurement.
---------------------------------------------------------------------------
\717\ 62 FR 58782 (Oct. 30, 1997); 82 FR 12242 (Mar. 1, 2017).
\718\ Hansi Lo Wang, No Middle Eastern or North African Category
on the 2020 Census, Bureau Says, Nat'l Pub. Radio (Jan. 29, 2018),
https://www.npr.org/2018/01/29/581541111/no-middle-eastern-or-north-african-category-on-2020-census-bureau-says. See also U.S. Census
Bureau, 2015 NCT, at xiii, 84-85.
The Bureau notes that after the NPRM was published, the U.S.
Department of the Treasury published an interim final rule in March
2022 related to data collection for its State Small Business Credit
Initiative (SSBCI) program, which establishes that recipients of
SSBCI funding must maintain and submit information about small
business program beneficiaries' principal owners' Middle Eastern or
North African ancestry, through a separate ancestry question. U.S.
Dep't of Treas., State Small Business Credit Initiative;
Demographics-Related Reporting Requirements, 87 FR 13628 (Mar. 10,
2022).
\719\ Off. of Mgmt. & Budget, Initial Proposals for Updating
OMB's Race and Ethnicity Statistical Standards, 88 FR 5375 (Jan. 27,
2023). Proposals and questions for which OMB is soliciting comment
include collecting race and ethnicity information using one combined
question, adding a Middle Eastern or North African minimum reporting
category, requiring the collection of detailed race and ethnicity
categories by default, and certain updates to terminology, among
others.
---------------------------------------------------------------------------
The Bureau is not committing at this time to updating the rule's
ethnicity and race aggregate categories and disaggregated subcategories
to align with future changes to OMB Federal Data Standards on Race and
Ethnicity. First, the data points the Bureau is finalizing under Sec.
1002.107(a)(18) and (19), regarding minority-owned business status and
the ethnicity and race of principal owners, are statutorily mandated.
Second, the Bureau notes that the OMB Federal Data Standards on Race
and Ethnicity establish only minimum standards for the collection of
race and ethnicity information, which the data collection under
Regulation C already expands upon.\720\ Third, it is unknown what the
changes to the Federal standards will be and whether the collection of
information based on any revised race and ethnicity aggregate
categories and/or disaggregated subcategories would further the
purposes of section 1071. The Bureau, however, will track forthcoming
developments as to the Federal government's standards for the
collection of race and ethnicity information. Regarding updates to data
point response options, see final comment 107(a)-4.
---------------------------------------------------------------------------
\720\ As explained by the Bureau in 2015, the race and ethnicity
disaggregated subcategories under Regulation C go beyond the minimum
categories set forth in the OMB Federal Data Standards on Race and
Ethnicity by adding subpopulations used in the 2000 and 2010
Decennial Census. See 80 FR 66128, 66190 (Oct. 28, 2015).
---------------------------------------------------------------------------
As supported by some commenters, the Bureau believes it is
important to collect information about principal owners that identify
with subgroups within the Black or African American community,
particularly as the Black or African American community in the United
States diversifies. The Bureau does not believe it is necessary to use
the exact same aggregate categories and disaggregated subcategories for
ethnicity and race as are used for data collection under Regulation C
(which would preclude the Black or African American race disaggregated
subcategories), as suggested by some commenters. Certainly, the
Bureau's experience with ethnicity and race data collection under HMDA
informed the Bureau's considerations for its proposals and for this
final rule. However, although the collection of ethnicity, race, and
sex data in both contexts serves related fair lending purposes,
Regulation C and this final rule are authorized under different
statutes and for different markets. The Bureau believes that the added
Black or African American race disaggregated subcategories it proposed
and is finalizing will provide additional
[[Page 35360]]
information that will further the purposes of section 1071, as
explained below.
According to a Pew Research Center report, while 4.6 million, or
one in ten, Black individuals in the United States were born in a
different country in 2019, it is projected that by 2060 the number will
increase to 9.5 million, or more than double the current level.\721\
Within this changing demographic, there are socio-economic differences
between Black immigrant-headed households and other immigrant
households in the United States, between Black immigrant-headed
households and U.S.-born Black American headed- households, and among
Black immigrant-headed households by region of origin. For example, the
report found that in 2019, poverty rates within the Black immigrant
population vary by region, with fewer than one-in-five African-born (16
percent) and Central American- or Mexican-born Black immigrants (16
percent) living below the poverty line, and 11 percent and 12 percent
of Caribbean- and South American-born Black immigrants,
respectively.\722\ The Bureau is not collecting immigrant status as
part of the section 1071 data collection. However, this research
indicates to the Bureau that there could be important distinctions
between subgroups of the Black or African American communities in the
small business lending marketplace. The Bureau believes that the
collection of information about small businesses whose principal owners
identify among the Black or African American subgroups will allow it
and others to better understand if there are distinct differences in
patterns in lending to small businesses with owners in these subgroups
and help fulfill the fair lending enforcement and business and
community development purposes of section 1071.
---------------------------------------------------------------------------
\721\ Christine Tamir & Monica Anderson, Pew Rsch. Ctr., One-in-
Ten Black People Living in the U.S. Are Immigrants, at 7 (Jan. 20,
2022), https://www.pewresearch.org/race-ethnicity/wp-content/uploads/sites/18/2022/01/RE_2022.01.20_Black-Immigrants_FINAL.pdf.
\722\ See id. at 28-31.
---------------------------------------------------------------------------
Based on its experience with Regulation C, the Bureau believes that
after some initial burden to implement the ethnicity and race reporting
requirements, there should be minimal ongoing burden for financial
institutions related to the collection and reporting of applicants'
self-provided responses regarding their principal owners' aggregate
category and disaggregated subcategory ethnicity and race selections.
However, the Bureau acknowledges the concern raised by one commenter
that, unlike in mortgage transactions where generally there are only up
to two applicants, under the Bureau's proposal, ethnicity and race
information could be collected for up to four principal owners. The
commenter generally noted that because of this potential for an
applicant to have up to four principal owners, for applications taken
over the phone, it could be frustrating for applicants and financial
institution employees and officers to read all of the ethnicity and
race aggregate categories and disaggregated subcategories out loud, as
is currently the practice under Regulation C. In consideration of this
issue, the Bureau has added a comment to provide clarification for
collecting ethnicity and race information orally, such as over the
phone. Final comment 107(a)(19)-16 generally clarifies that when
collecting ethnicity and race information orally, the financial
institution is not required to read aloud every disaggregated ethnicity
and race subcategory. Instead, a financial institution will be able to
orally present the lists of aggregate ethnicity and race categories,
followed by the disaggregated subcategories (if any) associated with
the specific aggregate ethnicity or race categories selected or
requested to be heard by the applicant. Comment 107(a)(19)-16 will also
clarify, among other things, that after the applicant has made its
selection(s) (if any), the financial institution must also ask if the
applicant wishes to hear any other lists of disaggregated
subcategories. The comment also provides that the financial institution
may not present the applicant with the option to decline to provide
ethnicity or race information without also presenting the applicant
with the specified ethnicity or race aggregate categories and
disaggregated subcategories. Comment 107(a)(19)-16 also generally
provides that if an applicant has more than one principal owner, a
financial institution will have the flexibility to ask for the
principal owners' ethnicity and race information in a way that reduces
repetition.
With regard to one commenter's request that the Bureau ensure that
an applicant's selection of a disaggregated ethnicity or race
subcategory does not prevent the application from being associated with
the corresponding aggregate ethnicity or race category, the Bureau does
not anticipate that the commenter's concern will be an issue for the
1071 data collection. The Bureau also notes that the commenter's issue
is not present for reporting under Regulation C, as stated by the
commenter. When reporting an applicant's disaggregated ethnicity or
race subcategory selections under Regulation C, the aggregate ethnicity
or race category is disclosed in the derived aggregate ethnicity or
race field in the publicly released data. To the extent the commenter
is referring to a concern about how an applicant may select a
disaggregated ethnicity or race subcategory, without also selecting the
associated aggregate category, the Bureau believes that allowing
applicants to make such a selection and requiring a financial
institution to report that selection as it was made, and recognizes
that individuals may have varying racial and ethnic identities.
To further this goal, final comment 107(a)(19)-1 states that
financial institutions report responses as provided by applicants.
Generally, this is the case even if they contain obvious discrepancies
and inaccuracies.\723\ Upon further review, however, the Bureau has
revised the commentary for final Sec. 1002.107(a)(19) to clarify that
if an applicant provides additional ethnicity or race information in a
write-in field on a paper or electronic data collection form but does
not select (e.g., by a check mark on a paper form) the corresponding
``Other'' disaggregated subcategory (e.g., ``Other Hispanic or
Latino,'' ``Other Asian,'' ``Other Black or African American,'' and
``Other Pacific Islander''), the financial institution is permitted,
but not required, to report the corresponding ``Other'' ethnicity or
race disaggregated subcategory as well. Similarly, if an applicant
provides the name of an enrolled or principal tribe but does not also
indicate that the principal owner is American Indian or Alaska Native
on a paper or electronic data collection form, the financial
institution is permitted, but not required, to report American Indian
or Alaska Native as well. This change aligns with the similar
instruction regarding such situations in Regulation C.\724\
---------------------------------------------------------------------------
\723\ The Bureau notes that comment 107(a)(19)-8 provides
clarification that in the specific situation where an applicant both
provides a substantive response to a request for a given principal
owner's ethnicity, race, or sex (by identifying the principal
owner's race, ethnicity, or sex) and also indicates that it does not
wish to provide the information (e.g., by selecting an option that
states ``I do not wish to provide this information'' or similar),
the financial institution reports the substantive response provided
by the applicant (rather than reporting that the applicant responded
that it did not wish to provide the information).
\724\ See, e.g., 12 CFR part 1002, appendix B, instruction 9.ii.
---------------------------------------------------------------------------
The Bureau has also made changes to the commentary specifically
regarding the collection of ethnicity and race information to
incorporate unique
[[Page 35361]]
content from the instructions for collecting ethnicity and race
information in proposed appendix G, which the Bureau is removing from
the final rule, as explained earlier in this section-by-section
analysis.\725\ These changes include updated numbering, added
references to the sample data collection form at final appendix E, and
further clarification regarding applicability of the instructions when
ethnicity and race information is requested on a paper or electronic
data collection form, versus orally (e.g., telephone applications). The
Bureau has also removed proposed clarification in each of the ethnicity
and race-related comments regarding ethnicity and race information that
an applicant has specifically indicated it is declining to provide,
which it did not provide, or which is not applicable, including because
the applicant has fewer than four principal owners.\726\ The Bureau has
either deleted such content where duplicative of similar content in
final comment 107(a)(19)-1 (``General'') or moved it to new, generally
applicable comments at final comments 107(a)(19)-6 (``Ethnicity, race,
or sex of principal owners not provided by applicant''), 107(a)(19)-7
(``Applicant declines to provide information about a principal owner's
ethnicity, race, or sex''), and 107(a)(19)-10 (``Reporting for fewer
than four principal owners'').
---------------------------------------------------------------------------
\725\ These comments were proposed comments 107(a)(20)-6 and
107(a)(20)-7. These proposed comments generally correspond with
final comments 107(a)(19)-13 and 107(a)(20)-14.
\726\ The clarification was originally at proposed comments
107(a)(20)-6.iv and -7.iv.
---------------------------------------------------------------------------
Proposed Rule--Collecting Sex
Proposed comment 107(a)(20)-8 would have clarified that a financial
institution is required to permit an applicant to provide a principal
owner's sex using one or more of the following categories: Male,
Female, the applicant prefers to self-describe their sex (with the
ability of the applicant to write in or otherwise provide additional
information), and also would have permitted the applicant to refuse to
provide the information. The sex categories would have also been on the
sample data collection form proposed as appendix E, in response to a
query about the principal owner's ``Sex,'' with a direction to ``Check
one or more.'' Instruction 6 of proposed appendix G would have
similarly required financial institutions to permit applicants to use
the sex categories as listed on proposed appendix E as responses for a
principal owner's sex.
In the NPRM, the Bureau stated that it was generally proposing that
financial institutions use the sex categories from Regulation C when
requesting that applicants provide the sex information of their
principal owners, but that it was also proposing the self-describe
response option. The Bureau explained that Federal, State, and local
government agencies have been moving to providing additional options
for designating sex. At the Federal level, the Bureau noted that, for
example, the Department of State had announced that it was planning to
offer the option of a new gender marker for non-binary, intersex, and
gender non-conforming persons for passports and Consular Reports of
Birth Abroad as an alternative to male or female.\727\ The Bureau also
noted that the Food and Drug Administration includes the gender options
of female, male, intersex, transgender, and ``prefer not to disclose''
on certain patient forms.\728\ The Bureau also discussed how a number
of States and the District of Columbia, as well as some local
governments, offer an alternative sex or gender designation to male and
female (e.g., ``X'') on government-issued documents and forms such as
drivers' licenses and identification cards, and in some cases birth
certificates.\729\
---------------------------------------------------------------------------
\727\ See U.S. Dep't of State, Proposing Changes to the
Department's Policies on Gender on U.S. Pass ports and Consular
Reports of Birth Abroad (June 30, 2021), https://www.state.gov/proposing-changes-to-the-departments-policies-on-gender-on-u-s-passports-and-consular-reports-of-birth- abroad/. The Department of
State subsequently made this option available in April 2022. See
U.S. Dep't of State, X Gender Marker Available on U.S. Passports
Starting April 11, 2022 (Mar. 31, 2022), https://www.state.gov/x-gender-marker-available-on-u-s-passports-starting-april-11/.
\728\ See U.S. Food & Drug Admin., MedWatch forms FDA 3500 and
3500A (Sept. 12, 2018) (approved under OMB No. 0910-0291), https://www.fda.gov/media/76299/download and https://www.fda.gov/media/69876/download.
\729\ See, e.g., Cal. S.B. 179, Gender identity: female, male or
nonbinary (Oct. 16, 2017), https://leginfo.legislature.ca.gov/faces/billTextClient.xhtml?bill_id=201720180SB179; State of California
Dep't of Motor Vehicles, Driver's License or ID Card Updates,
https://www.dmv.ca.gov/portal/driver-licenses-identification-cards/updating-information-on-your-driver-license-or-identification-dl-id-card/ (last visited Mar. 20, 2023); Colo. Dep't of Revenue, Change
of Sex Designation, https://drive.google.com/file/d/1PeYZd7U43ar6Flg8lFAT1Etg1EPdLVUy/view; State of Connecticut Dep't
of Motor Vehicles, Gender Designation on a License or Identification
Card, https://portal.ct.gov/-/media/DMV/20/29/B-385.pdf; District of
Columbia Dep't of Motor Vehicles, Procedure For Establishing or
Changing Gender Designation on a Driver License or Identification
Card (June 13, 2017), https://dmv.dc.gov/sites/default/files/dc/sites/dmv/publication/attachments/DC%20DMV%20Form%20Gender%20Self-Designation%20English.pdf, DC Driver License or Identification Card
Application (Jan. 2019), https://dmv.dc.gov/sites/default/files/dc/sites/dmv/publication/attachments/DMV%20BOE%20Application_2-25-19.pdf; Maine Bureau of Motor Vehicles, Gender Designation Form
(Nov. 4, 2019), https://www1.maine.gov/sos/bmv/forms/GENDER%20DESIGNATION%20FORM.pdf; State of Nevada Dep't of Motor
Vehicles, Name Changes, https://dmvnv.com/namechange.htm; State of
New Jersey Dep't of Health, Off. of Vital Statistics and Registry,
Request Form and Attestation (REG-L2) to Amend Sex Designation to
Reflect Gender Identity on a Birth Certificate--Adult (Feb. 2019),
https://www.nj.gov/health/forms/reg-l2_1.pdf; 2019 N.J. Sess. Law
Serv. ch. 271; New Mexico Motor Vehicle Div., Request for Sex
Designation Change, https://realfile.tax.newmexico.gov/mvd10237.pdf;
New Mexico Dep't of Health, Request to Change Gender Designation on
a Birth Certificate (Oct. 2019), https://www.nmhealth.org/publication/view/form/5429/; Virginia Dep't of Motor Vehicles,
Driver's License and Identification Card Application (July 1, 2021),
https://www.dmv.virginia.gov/webdoc/pdf/dl1p.pdf; Washington State
Dep't of Licensing, Change of Gender Designation (Nov. 2019),
https://www.dol.wa.gov/forms/520043.pdf; N.Y. City Dep't of Homeless
Servs., Off. of Policy, Procedures and Training, Transgender, Non-
binary, and Intersex Clients (July 15, 2019), https://www1.nyc.gov/assets/dhs/downloads/pdf/dhs_policy_on_serving_transgender_non_binary_and_intersex_clients.pdf
.
---------------------------------------------------------------------------
The Bureau further explained that the Supreme Court's 2020 opinion
in Bostock v. Clayton County had concluded that sex discrimination
encompasses sexual orientation discrimination and gender identity
discrimination, and that these forms of discrimination necessarily
involve consideration of sex.\730\ The Supreme Court reached this
conclusion in the context of title VII of the Civil Rights Act of 1964,
as amended,\731\ which prohibits sex discrimination in employment.\732\
Following the issuance of the Supreme Court's opinion, the Bureau
issued an interpretive rule clarifying that ECOA's and Regulation B's
prohibition on discrimination based on sex protects against
discrimination based on sexual orientation, gender identity, actual or
perceived nonconformity with sex-based or gender-based stereotypes, and
the sex of people associated with the applicant.\733\ The Bureau noted
that other Federal agencies have similarly clarified that other
statutes that protect against discrimination based on sex protect
against discrimination based on sexual orientation and gender
identity.\734\
---------------------------------------------------------------------------
\730\ See Bostock, 140 S. Ct. 1731.
\731\ 42 U.S.C. 2000e et seq.
\732\ Bostock, 140 S. Ct. 1731.
\733\ 86 FR 14363 (Mar. 16, 2021). See also Letter from CFPB to
Serv. & Advocacy for GLBT Elders (SAGE) (Aug. 30, 2016), https://files.consumerfinance.gov/f/documents/cfpb_sage-response-letter_2021-02.pdf.
\734\ See, e.g., 86 FR 32637 (June 22, 2021) (Department of
Education interpreting title IX of the Education Amendments of
1972); 86 FR 27984 (May 25, 2021) (Department of Health and Human
Services interpreting section 1557 of the Affordable Care Act);
Memorandum from Jeanine M. Worden, Acting Assistant Secretary for
Fair Housing and Equal Opportunity, Implementation of Executive
Order 13988 on the Enforcement of the Fair Housing Act (Feb. 11,
2021), https://www.hud.gov/sites/dfiles/PA/documents/HUD_Memo_EO13988.pdf (Department of Housing and Urban Development
interpreting the Fair Housing Act).
---------------------------------------------------------------------------
[[Page 35362]]
The Bureau additionally explained that some other Federal agencies
had also begun to re-consider how they collect information on sex by
including questions about sexual orientation and gender identity as
part of questions about sex. The Bureau cited the example of the Census
Bureau's Household Pulse Survey,\735\ which asks questions about sex
assigned at birth, current gender identity, and sexual
orientation.\736\ The Bureau also noted that other Federal agencies and
initiatives have encouraged sexual orientation and gender identity data
collection in health care settings.\737\
---------------------------------------------------------------------------
\735\ U.S. Census Bureau, Phase 3.2 Household Pulse Survey
(undated), https://www2.census.gov/programs-surveys/demo/technical-documentation/hhp/Phase_3.2_Household_Pulse_Survey_FINAL_ENGLISH.pdf. As of the date
of this document, the Household Pulse Survey is in Phase 3.7, which
started on December 9, 2022. See U.S. Census Bureau, Household Pulse
Survey Phase 3.7 (Dec. 9, 2022, updated Dec. 14, 2022), https://www.census.gov/newsroom/press-releases/2022/household-pulse-phase-3-7.html. The survey questionnaire used for Phase 3.7 includes the
same three questions noted by the Bureau in the NPRM. See U.S.
Census Bureau, Phase 3.7 Household Pulse Survey (undated), https://www2.census.gov/programs-surveys/demo/technical-documentation/hhp/Phase_3-7_Household_Pulse_Survey_ENGLISH.pdf.
\736\ Specifically, the Household Pulse Survey includes the
following three questions: (1) What sex were you assigned at birth,
on your original birth certificate? (A respondent could provide a
response of male or female.); (2) Do you currently describe yourself
as male, female or transgender? (A respondent also could provide a
response of ``none of these.''); (3) Which of the following best
represents how you think of yourself? (A respondent may select from
the following responses: (a) Gay or lesbian; (b) Straight, that is
not gay or lesbian; (c) Bisexual; (d) Something else; or (e) I don't
know.
\737\ See, e.g., Off. of Disease Prevention & Health Promotion,
Healthy People (2020), https://www.healthypeople.gov/2020/topics-objectives/topic/lesbian-gay-bisexual-and-transgender-health; Off.
of the Nat'l Coordinator of Health Info. Tech., 2021
Interoperability Standards Advisory (2021), https://www.healthit.gov/isa/sites/isa/files/inline-files/2021-ISA-Reference-Edition.pdf; Ctrs. for Disease Control & Prevention,
Collecting Sexual Orientation and Gender Identity Information (Apr.
1, 2020), https://www.cdc.gov/hiv/clinicians/transforming-health/health-care-providers/collecting-sexual-orientation.html.
---------------------------------------------------------------------------
The Bureau explained that in light of feedback it received during
the SBREFA process, among other matters, the Bureau was proposing to
add the option for ``I prefer to self-describe'' (with the ability of
the applicant to write in or otherwise provide additional information)
for the principal owner's sex in addition to the options currently used
on the HMDA sample data collection form.
Proposed comment 107(a)(20)-8 would have explained that a financial
institution would have been required to permit an applicant to provide
a principal owner's sex using one or more of the following categories:
Male, Female, and/or that the principal owner prefers to self-describe
their sex. It would have further explained that, if an applicant
indicated that a principal owner preferred to self-describe their sex,
the financial institution would have been required to permit the
applicant to provide additional information about the principal owner's
sex. The financial institution would have been required to report to
the Bureau the additional information provided by the applicant as
free-form text.
Proposed comment 107(a)(20)-8 would have stated that a financial
institution would be required to permit an applicant to select as many
categories as the applicant chooses and that the financial institution
would report the category or categories selected by the applicant,
including any additional information provided by the applicant, or
would report that the applicant refused to provide the information or
failed to respond. It would have clarified that a financial institution
would not have been permitted to report sex based on visual
observation, surname, or any basis other than the applicant-provided
information. Finally, proposed comment 107(a)(20)-8 would have
explained how a financial institution would report sex if an applicant
had fewer than four principal owners, would have provided an example,
and would have directed financial institutions to proposed appendix G
for additional information on collecting and reporting a principal
owner's sex.
The Bureau sought comment on its proposed approach to requesting
information about a principal owner's sex, including the opportunity
for self-identification (by allowing the applicant to write in or
otherwise provide additional information). The Bureau also sought
comment on whether the sample data collection form should list examples
from which the applicant could choose. The Bureau also sought comment
on whether, alternatively, sex should be collected solely via the ``I
prefer to self-describe'' option (with the ability of an applicant to
write in or otherwise provide additional information). The Bureau also
sought comment on whether applicants should be restricted from
designating more than one category for a principal owner's sex.
The Bureau also sought comment on whether financial institutions
should be required to ask separate questions regarding sex, sexual
orientation, and gender identity and, if so, what categories should be
offered for use in responding to each question. The Bureau also sought
comment on whether it should adopt a data point to collect an
applicant's lesbian, gay, bisexual, transgender, or queer plus
(LGBTQ+)-owned business status, similar to the way it proposed to
collect minority-owned business status and women-owned business status
under proposed Sec. 1002.107(a)(18) and (19).\738\ The Bureau also
sought comment on whether including such questions would improve data
collection or otherwise further section 1071's purposes, as well as
whether it would pose any particular burdens or challenges for
industry.
---------------------------------------------------------------------------
\738\ For a discussion of the comments received by the Bureau
with regard to its request for comment on whether to include a data
point to collect information about applicants' LGBTQ+-owned business
status, the Bureau refers readers to the section-by-section analyses
of Sec. Sec. 1002.102(k) (definition of LGBTQI+ individual),
1002.102(l) (definition of LGBTQI+-owned business), and
1002.107(a)(18) (minority-owned, women-owned, and/or LGBTQI+-owned
business status).
---------------------------------------------------------------------------
Finally, the Bureau also requested information on Federal, State,
and local government initiatives, as well as private sector
initiatives, involving questions regarding sexual orientation and
gender identity in demographic information.
Comments Received--Collecting Sex
The Bureau received comments from community groups, banks, trade
associations, and individuals on its proposal for collecting
information about principal owners' sex. Commenters addressed both
general issues as well as specific aspects of the proposal, including
whether to collect sexual orientation and gender identity data.
General comments. A couple of commenters opposed collecting
information about principal owners' sex. An individual commenter stated
that it does not make sense to collect such information because
society's view of gender is still evolving. A lender suggested removing
the sex of principal owners (along with several other data points) to
reduce the amount of detail in the rule.
One industry commenter supported the collection of sex data as
proposed; others supported the Bureau's proposal but suggested that the
Bureau use the term ``gender'' instead of ``sex'' to be consistent with
modern usage. One suggested that the Bureau also include sex category
options for transgender and nonbinary.
Another commenter said that sharing information about principal
owners' gender identity and sexual orientation should be voluntary for
applicants,
[[Page 35363]]
noting that individuals that are a part of the lesbian, gay, bisexual,
transgender, queer, intersex, and asexual (LGBTQIA) community are
concerned about harassment and should be protected.
Collection of sexual orientation and gender identity information.
Most of the comments received by the Bureau in response to its proposal
for collecting information about a principal owner's sex were in the
context of whether the Bureau should also collect information about
principal owners' sexual orientation and gender identity.
Several banks, trade associations, and individual commenters
opposed adding inquiries about principal owners' sexual orientation and
gender identity to the final rule. A few stated that bank employees
would feel uncomfortable requesting this information; that applicants
would refuse to provide the information or would be offended by the
questions; or that separate questions for sex, sexual orientation, and
gender identity would be invasive.
A few of these commenters stated that requiring financial
institutions to ask separate questions for sex, sexual orientation, and
gender identity could potentially further segregate and stigmatize
LGBTQ individuals and their businesses, when members of that community
already face bias and discrimination. These commenters also raised
concerns about the security of the collected information, noting that
storing it with financial institutions and in a nationwide database
exposes the information to not only a number of persons with authorized
access but also potentially to hackers. These commenters stated that
although there is some protection from employment discrimination under
Federal law due to Bostock, there are States where discrimination
against LGBTQ individuals in other forms is legal and inferences about
one's sexuality could have serious negative impacts. The commenters
also expressed concern that the information could be used for other
purposes, with one commenter additionally expressing a concern that
such previously collected data could be used for unintended purposes.
Another commenter stated that the information should be requested only
if information is also provided to applicants to allow them to make
informed decisions about providing the information, which includes a
warning that discrimination based on sexual orientation may be allowed
in certain States. Some commenters also opposed collecting information
on principal owners' gender identity and sexual orientation, on the
grounds that such information is not needed by financial institutions
to make loans and it should have no bearing on an applicant's ability
to qualify for a loan.
Several other industry commenters expressed concern that adding
more inquiries to a demographic data collection form would add
complexity to the collection process and increase the burden on
financial institutions. One urged the Bureau to not include inquiries
about such personal information in the business lending process without
more stakeholder input as to the benefits and burdens of collecting the
data and before publishing such sensitive information. These commenters
also suggested that the Bureau give financial institutions the option
of collecting the information.
Some commenters suggested that the Bureau should include only
``Male'' and ``Female'' categories as responses to a request for a
principal owner's sex information. One bank opposed the inclusion of
options for gender choices and free-form text, stating that there are
many possible gender categories and including those categories or a
write-in field could dilute the data and lead to inconclusive findings.
Several lenders also specifically urged use of only ``Male'' and
``Female'' categories as answer options in the final rule, for
alignment with sex categories used to collect HMDA data, on the grounds
that it would avoid confusion among financial institutions and
applicants, promote efficient implementation and reporting, reduce
administrative complexity, and facilitate compliance. One bank
expressed concern about use of the proposed self-describe sex response
option for applications reported under both HMDA and section 1071.
In contrast, a range of commenters, including many community
groups, research and advocacy groups, community-oriented lenders, and
individual commenters, urged the Bureau to require the collection of
more detailed and accurate information about gender identity and sexual
orientation than would be collected under the Bureau's proposal. These
commenters generally stated that more detailed information is necessary
to account for small businesses owned by people with intersectional
identities and orientations, to see if they experience discrimination,
enforce fair lending laws, and to allow policymakers and the public to
have a better understanding of and address gaps and community needs.
Several commenters asserted that to the final rule should reflect that
gender is not binary and be more inclusive. Others argued that
collecting principal owners' gender identity information will enhance
the Bureau's and the public's ability to enforce ECOA for transgender
individuals and gender minorities and collecting their sexual
orientation information will likewise facilitate the same as to
lesbians, gays, bisexuals, and other sexual minorities, consistent with
the purposes of section 1071. Another commenter stated that collecting
information about gender identity and sexual orientation would reduce
the burden of implementing future legislation requiring such
collection.\739\ Another commenter said that collecting data on gender
identity and sexual orientation would allow lenders, especially CDFIs,
to be more accountable to their mission of economic justice and
financial inclusion. Some commenters urged the Bureau to follow best
practices and directed the Bureau to resources made available and
research conducted by the Williams Institute at the University of
California Los Angeles School of Law.
---------------------------------------------------------------------------
\739\ The commenter cited the LGBTQ Business Equal Credit
Enforcement and Investment Act (H.R. 1443, 117th Cong. (2021)),
which sought to amend ECOA section 704B to require the collection of
an applicant's principal owners' sexual orientation and gender
identity, in addition to information about sex.
---------------------------------------------------------------------------
A number of these commenters urged the Bureau to not conflate lines
of inquiry for gender identity and sexual orientation, with some
specifically suggesting separate sets of questions, either in addition
to or in place of, the inquiry about principal owners' sex as proposed
by the Bureau.\740\
---------------------------------------------------------------------------
\740\ For example, some commenters suggested separate categories
for gender (Cis woman, Cis man, Trans woman, Trans man, Non-binary
or gender non-conforming, and Other (with a write-in text field))
and sexual orientation (straight/heterosexual, bisexual, and queer,
and other (with a write-in text field)).
---------------------------------------------------------------------------
One commenter stated that respondents are unlikely to consider
sexual orientation and gender identity to be sensitive and would likely
provide their information, citing a study as to the collection of such
information in health centers and another relating to attitudes of
sexual minorities responding to a 2020 survey administered by the
Census Bureau. Commenters also noted that other Federal surveys ask
questions about gender identity and sexual orientation, including the
Census Bureau and the Centers for Disease Control and Prevention, and
that questions to identify transgender respondents are included on
State and investigator-led surveys. One commenter asserted that the
proposal collects less information than other Federal agencies, citing
the example of the Census Bureau.
[[Page 35364]]
Commenters also noted that the Federal government has long
considered what best practices should apply for the measurement of
sexual orientation and gender identity information, such as through the
Federal Interagency Working Group on Improving Measurement of Sexual
Orientation and Gender Identity in Federal Surveys, and by
commissioning a study looking at the measurement of sex, gender
identity, and sexual orientation through the National Academies of
Sciences, Engineering, and Medicine (the National Academies).\741\
---------------------------------------------------------------------------
\741\ Since the comment period for the NPRM closed, the National
Academies published its report on the study. See Nat'l Acad. of
Scis., Eng'g, & Med., Measuring Sex, Gender Identity, and Sexual
Orientation (2022), https://www.ncbi.nlm.nih.gov/books/NBK578625/pdf/Bookshelf_NBK578625.pdf.
---------------------------------------------------------------------------
Legal authority. Several research and advocacy organizations argued
that the Bureau has the legal authority to collect information about
the gender identity and sexual orientation of principal owners.
Generally, these commenters stated that ECOA and section 1071 provide
the Bureau with a broad grant of authority to issue regulations
requiring the collection of gender identity and sexual orientation
data. The commenters also highlighted that unlawful discrimination
based on ``sex'' under ECOA includes discrimination based on sexual
orientation and gender identity, consistent with the U.S. Supreme
Court's decision in Bostock. As a result, they said, collecting sexual
orientation and gender identity data would facilitate the purposes of
section 1071 by enhancing the agency's ability to understand small
business lending discrimination based on sexual orientation and gender
identity, enforce fair lending laws, and identify business and
community development needs and opportunities of small businesses.
However, several industry commenters argued that the collection of
sexual orientation and gender identity information is not clearly
required. One stated that there is no indication in the statute that
Congress intended the term ``sex'' as used in section 1071 to encompass
sexual orientation and/or gender identity. Another emphasized that the
statute focuses on the collection and reporting of data about the
defined term ``women-owned businesses,'' and asserted it is thus not
apparent that the section 1071 data collection is meant to include such
data. Another commenter argued that neither Congress nor the Supreme
Court in Bostock has taken specific action to change the scope of the
prohibition against sex discrimination in ECOA to include
discrimination on the bases of sexual orientation and gender identity.
Need for information on gender identity and sexual orientation.
Some community groups and research and advocacy organizations generally
stated that data are needed to understand LGBTQI+ individuals' and
business owners' experiences in accessing small business credit. Some
emphasized that available Federal small business or fair lending data
do not currently include sexual orientation and gender identity
information. One commenter noted that the Federal data that exist on
LGBTQ individuals' access to credit are generally limited to the
population of cohabitating same-sex couples because such data are often
collected through a marital status question on Census Bureau surveys.
Nevertheless, these commenters stated that available research
suggests that sexual and gender minorities encounter discrimination
when attempting to access credit. The commenters cited research, based
on the 2019 Federal Reserve Board Survey of Household Economic
Decisionmaking, finding that LGBT individuals (and particularly LGBT
persons of color and depending on gender) are more likely to have their
applications for credit rejected and that they are more likely to be
approved for less credit than they wanted.\742\ The commenters stated
that studies based on HMDA data have also found that same-sex couples
are denied home loans more often and that the loans they do receive
have higher interest rates and fees than different-sex couples of
similar financial and credit quality. Similarly, loans made in
neighborhoods with a higher density of LGBTQI+ individuals generally
have higher interest rates and fees than neighborhoods with a lower
density.\743\ One commenter stated that the analysis likely understates
these disparities due to HMDA data limitations.\744\ A research and
policy organization focusing on gender identity and sexual orientation
issues also cited reports and analyses highlighting disparities in home
ownership between LGBT adults and non-LGBT adults, same-sex couples and
different-sex couples, and among sexual minorities versus heterosexual
individuals and also suggesting that home ownership among transgender
adults is particularly low.\745\ This commenter also stated that such
research noting disparities among LGBTQI+ persons based upon race, sex,
and sexual orientation suggests that the data collected under section
1071 should allow identification of individuals who may have
intersectional identities.
---------------------------------------------------------------------------
\742\ Spencer Watson et al., Ctr. for LGBTQ Econ. Advancement &
Rsch., The Economic Well-Being of LGBT Adults in the U.S. in 2019
(2021), https://lgbtq-economics.org/wp-content/uploads/2021/06/The-Economic-Well-Being-of-LGBT-Adults-in-2019-Final-1.pdf.
\743\ See Jason Richardson & Karen Kali, Nat'l Cmty.
Reinvestment Coal., Same-Sex Couples and Mortgage Lending (June 22,
2020), https://ncrc.org/same-sex-couples-and-mortgage-lending/; Hua
Sun & Lei Gao, Lending Practices to Same-Sex Borrowers, 116 Procs.
of the Nat'l Acad. of Sci. (PNAS) PROCs. NAT'L ACAD. SCI. 9293 (Mar.
16, 2019), https://doi.org/10.1073/pnas.1903592116.
\744\ See Jason Richardson & Karen Kali, Nat'l Cmty.
Reinvestment Coal., Same-Sex Couples and Mortgage Lending (June 22,
2020), https://ncrc.org/same-sex-couples-and-mortgage-lending/.
\745\ Studies cited by the commenters include, for example: Adam
P. Romero, Shoshana K. Goldberg, & Luis A. Vasquez, Williams Inst.,
LGBT People and Housing Affordability, Discrimination, and
Homelessness (2020), https://williamsinstitute.law.ucla.edu/wp-content/uploads/LGBT-Housing-Apr-2020.pdf; Kerith Conron, Williams
Inst., Financial Services and the LGBTQ+ Community: A Review of
Discrimination in Lending and Housing, Testimony Before the
Subcommittee on Oversight and Investigations (2019), https://williamsinstitute.law.ucla.edu/wp-content/uploads/Testimony-US-House-Financial-Services-Oct-2019.pdf; Freddie Mac, The LGBT
Community: Buying and Renting Homes (2018), https://www.freddiemac.com/fmac-resources/research/pdf/Freddie_Mac_LGBT_Survey_Results_FINAL.pdf; Kerith J. Conron,
Shoshana K. Goldberg, & Carolyn T. Halpern, Sexual Orientation and
Sex Differences in Socioeconomic Status: A Population-Based
Investigation in the National Longitudinal Study of Adolescent to
Adult Health, 72 J. Epidemiology & Cmty. Health 1016 (Nov. 2018),
https://pubmed.ncbi.nlm.nih.gov/30190439.
---------------------------------------------------------------------------
Commenters also noted that LGBTQI+ individuals and businesses are
key parts of the population and economy in this country, yet face
discrimination and disparities in a number of areas. They stated that
there are an estimated 11 million LGBT adults, which make up around 4.5
percent of the total U.S. adult population. They stated that high
numbers of LGBTQ adults have self-reported experiences with physical
and verbal abuse and violence, job loss, and workplace harassment and
discrimination. They also noted that prior to the COVID-19 pandemic,
LGBTQ individuals were more likely to report having experienced
economic hardship, from unemployment, homelessness, and in other areas.
The commenters also emphasized that studies show that during the
pandemic, LGBTQ adults, and particularly LGBTQ people of color and
gender minorities, have disproportionately experienced the negative
financial effects of the COVID-19 pandemic, including food insecurity,
job loss, and housing insecurity.\746\ One
[[Page 35365]]
commenter also highlighted that research shows that transgender
individuals are disadvantaged as compared to their cisgendered
counterparts across a number of socio-economic factors, such as
education levels and percentages living at or below the poverty level,
among others.\747\
---------------------------------------------------------------------------
\746\ See Thom File & Joey Marshall, U.S. Census Bureau,
Household Pulse Survey Shows LGBT Adults More Likely to Report
Living in Households With Food and Economic Insecurity Than Non-LGBT
Respondents (Aug. 11, 2021), https://www.census.gov/library/stories/2021/08/lgbt-community-harder-hit-by-economic-impact-of-pandemic.html; Brad Sears, Kerith J. Conron, & Andrew R. Flores,
Williams Inst., The Impact of the Fall 2020 COVID-19 Surge on LGBT
Adults in the US (Feb. 2021), https://williamsinstitute.law.ucla.edu/wp-content/uploads/COVID-LGBT-Fall-Surge-Feb-2021.pdf; Christy Mallory, Brad Sears, & Andrew R. Flores,
Williams Inst., COVID-19 and LGBT Adults Ages 45 and Older in the US
(May 2021), https://williamsinstitute.law.ucla.edu/wp-content/uploads/COVID-LGBT-45-May-2021.pdf; Kerith J. Conron & Kathryn K.
O'Neill, Williams Inst., Food Insufficiency Among Transgender Adults
During the COVID-19 Pandemic (Dec. 2021), https://williamsinstitute.law.ucla.edu/wp-content/uploads/Trans-Food-Insufficiency-Dec-2021.pdf; Movement Advancement Project, The Delta
Variant & the Disproportionate Impacts of COVID-19 on LGBTQ
Households in the U.S., Results from an August/September 2021
National Poll (Nov. 2021), https://www.lgbtmap.org/file/2021-report-delta-impact-v2.pdf.
\747\ See Kerith J. Conron & Kathryn K. O'Neill, Williams Inst.,
Food Insufficiency Among Transgender Adults During the COVID-19
Pandemic (Dec. 2021), https://williamsinstitute.law.ucla.edu/wp-content/uploads/Trans-Food-Insufficiency-Dec-2021.pdf.
---------------------------------------------------------------------------
One commenter cited a study estimating that about 7.7 million LGBT
adults live in States without explicit statutory protections against
discrimination on the basis of sexual orientation and gender identity
in credit.\748\ This commenter also noted research finding that while
30 States have laws analogous to ECOA, only about half explicitly
prohibit discrimination on the basis of sexual orientation or gender
identity, leaving a significant number of LGBT adults in the United
States without protection from credit discrimination under State
law.\749\ Further, this commenter stated that LGBTQ businesses may
generally have a particular need for credit, because they often lack
the family support other small business entrepreneurs may rely upon to
begin their businesses.
---------------------------------------------------------------------------
\748\ Kerith J. Conron & Shoshana K. Goldberg, Williams Inst.,
LGBT People in the US Not Protected by State Non-Discrimination
Statutes (Apr. 2020), https://williamsinstitute.law.ucla.edu/wp-content/uploads/LGBT-ND-Protections-Update-Apr-2020.pdf.
\749\ Christy Mallory, Luis A. Vasquez, & Celia Meredith,
Williams Inst., Legal Protections for LGBT People After Bostock v.
Clayton County (Aug. 2020), https://williamsinstitute.law.ucla.edu/wp-content/uploads/Bostock-State-Laws-Jul-2020.pdf.
---------------------------------------------------------------------------
Suggestions for collecting sexual orientation and gender identity
information. A number of commenters suggested specific modifications to
the Bureau's proposal, generally by either adding response categories
to the proposed (single) inquiry about a principal owner's sex; by
recommending two separate inquiries for the identification of a
principal owner's gender (as opposed to sex) and sexual orientation; or
by suggesting separate inquiries as to each of a principal owner's sex,
gender identity, and sexual orientation.
Generally, commenters who suggested additional response categories
suggested adding such options in the context of a single inquiry for
information about a principal owner's sex. Some commenters suggesting
adding an additional category, such as ``Other,'' to allow the Bureau
to analyze whether nonbinary individuals face discrimination from
lenders and urged the Bureau to avoid a data collection that forces
applicants to provide their principal owners' information on a strict
binary sex/gender basis. Several industry commenters suggested the
Bureau remove the self-describe option with a write-in text field with
a third category, such as ``non-binary.'' These commenters expressed
concern that the write-in text field may create data integrity problems
or add complexity to reporting standards.
Other commenters suggested specific sex categories for the Bureau's
consideration. A group of trade associations suggested adding sex
categories for transgender and nonbinary. A community group suggested
adding a ``non-binary'' sex category and any others according to best
practices, in order to bring transparency as to the treatment of that
population. Another suggested adding ``Non-binary,'' ``Transgender
Male,'' ``Transgender Female,'' stating that these categories are
widely accepted by the LGBTQ community, will provide more data, and
will be more inclusive. This commenter also supported allowing
applicants to select one or more options. A CDFI lender recommended
that the Bureau include a list of examples that an applicant could
refer to when self-describing, like intersex, non-binary, or
transgender. This commenter stated that providing examples for the
self-describe option would streamline the data collection and analysis.
A bank suggested that instead of requesting information from
applicants about their principal owners' sex, that the Bureau identify
a principal owners' information based on what is listed on the
principal owner's driver's license. The bank noted that some states,
like New York, allow residents who identify as nonbinary or intersex to
use an ``X'' marker on their State driver's licenses and stated that
beneficial owners' driver's licenses must be provided as a result of
FinCEN's customer due diligence rule when an account is opened. The
bank acknowledged that different states may not allow the use of an
``X'' marker and that some principal owners may not identify with the
gender marker on their driver's license but suggested that aligning the
data collection with this supporting documentation would remove the
potential for error and regulatory scrutiny.
Some commenters urged the Bureau to revise its proposal to include
two sets of inquiries, one addressing gender identity and the other
sexual orientation, each with multiple categories from which an
applicant could select. One community group suggested two separate
inquiries are necessary, to accurately measure disparities and
discrimination. The community group suggested that for the inquiry
about gender identity, response options could include ``Male,''
``Female,'' ``Transgender,'' and ``Do not identify as female, male, or
transgender.'' For the inquiry about sexual orientation, the community
group stated response options could include ``Straight,'' ``Gay or
lesbian,'' ``Bisexual,'' and ``Transsexual, or gender non-conforming.''
This commenter also suggested the Bureau consult experts on these
issues. Some other community groups suggested that, to reflect current
language around gender-identity and expression, categories for gender
should include ``Cis woman,'' ``Cis man,'' ``Trans woman,'' ``Trans
man,'' ``Non-binary or gender non-conforming,'' and ``Other'' (with a
write-in text field). For sexual orientation, the commenters suggested
``Straight/heterosexual,'' ``Bisexual,'' ``Queer,'' and ``Other'' (with
a write-in text field). One commenter noted that the answer options for
each inquiry should include those to allow the applicant to choose not
to state its response and an ``Other'' option (with a write-in text
field).
Several research and policy organizations focusing on gender
identity and sexual orientation issues generally stated that because
sex, sexual orientation, and gender identity are related but
intellectually distinct concepts, the Bureau should collect such
information through three separate inquiries addressing each concept
instead of through one question asking about a principal owner's sex. A
community group stated that the Bureau's proposal does not sufficiently
encompass gender, gender identity, and sexual orientation to address
fair lending concerns.
[[Page 35366]]
Research and policy organizations also suggested the Bureau take an
approach similar to that used in the Census Bureau's Household Pulse
Survey, which they characterized as taking a ``two-step'' approach to
asking about a respondent's sex, with one question about the
respondent's sex assigned at birth and a second question about their
current gender. They also recommended the Household Pulse Survey
approach in asking a separate question about sexual orientation, which
the commenters noted aligns with a recommendation from a 2009 Sexual
Minority Assessment Research Team report \750\ on best practices for
asking questions about sexual orientation on surveys. One also urged
the Bureau to examine a two-step approach to sex for the final rule,
noting that it was based on research and recommended by a panel of
experts known as the Gender Identity in U.S. Surveillance group,
through the Williams Institute at the University of California Los
Angeles School of Law, as one that is likely to have high sensitivity
and specificity in distinguishing transgender and gender minority
respondents from cisgender respondents.\751\ The commenter also
recommended that the Bureau consider if any refinements are necessary
in the context of section 1071, conduct user testing, and also
coordinate in the future with other Federal agencies to improve its
measurements of principal owners' sex.
---------------------------------------------------------------------------
\750\ Sexual Minority Assessment Rsch. Team (SMART), Williams
Inst., Best Practices for Asking Questions About Sexual Orientation
on Surveys (2009), https://williamsinstitute.law.ucla.edu/wp-content/uploads/Best-Practices-SO-Surveys-Nov-2009.pdf.
\751\ The GenIUSS Grp., Williams Inst., Best Practices for
Asking Questions to Identify Transgender and Other Gender Minority
Respondents on Population-Based Surveys (Sept. 2014), https://williamsinstitute.law.ucla.edu/publications/geniuss-trans-pop-based-survey/.
---------------------------------------------------------------------------
For the question about sexual orientation, research and policy
organizations recommended using the same or similar questions as
presented in the Census Bureau's Household Pulse Survey and the 2009
Sexual Minority Assessment Research Team report. A community group also
suggested that the Bureau adopt the Census Bureau's approach with the
Household Pulse Survey, but stated that more response categories may be
necessary to better capture the LGBTQIA+ community.
Selection of multiple responses. The Bureau received several
responses to the Bureau's question about whether applicants should be
restricted from designating more than one category for a principal
owner's sex. Two commenters supported the Bureau's proposal to allow an
applicant to select multiple sex categories, stating that limiting
applicants to one answer option may be viewed as marginalizing the
principal owner's personal characteristics for individuals whose gender
is fluid. Another suggested allowing the selection of just one response
category, which it said would streamline data collection. Two research
and policy organizations suggested that the Bureau limit applicants
from selecting more than one response to the inquiry about sex assigned
at birth because medical records in the United States generally allow
only male or female sex assignments. They also suggested that the
Bureau allow just one selection in response to a question about sexual
orientation. But for gender identity, the applicant suggested allowing
applicants to select multiple response options.
Self-describe response option. Several commenters supported the
Bureau's proposed ``I prefer to self-describe'' option (with the
ability to write in or otherwise provide additional information). A
business advocacy group stated that the information collected from the
option will bring attention to inequitable lending practices based on
gender identity. As noted above, one commenter supported the proposed
answer option, but suggested that the Bureau include a list of
examples. The commenter opposed, however, the use of the option as the
only way to collect information about principal owners' sex. Another
commenter supported having the ``I prefer to self-describe'' option as
the only way used to collect sex information, stating that this
approach would promote diversity and acceptance and that the Bureau's
proposal may make applicants feel uncomfortable expressing their true
gender identity.
However, several industry and research and policy organization
commenters opposed the proposed ``I prefer to self-describe'' option.
One commenter said it would be confusing for applicants and bank
employees, and recommended having the Bureau's data collection for
principal owners' sex match that under Regulation C. Other commenters
generally cited data quality concerns related to potential write-in
field responses. Two such commenters noted that in the HMDA free-form
ethnicity and race data, they commonly see responses that would fit
into an existing category and expressed concern that similar issues
would arise under the Bureau's proposal. Two industry commenters also
noted that the write-in field could diminish the accuracy and utility
of collected data, because fewer responses would be reported for other
listed categories. One industry commenter also noted that a write-in
field may add complexity to reporting standards. Another stated that
the Bureau may encounter varying spellings and misspellings, which
would create reporting burdens and diminish the accuracy of the
information received by the Bureau.
A research and policy organization stated that because the Bureau
will not be including write-in responses in what is released to or
analyzed for the public, write-in responses allowing applicants to
self-describe their principal owners' sex, sexual orientation, or
gender identity would prevent respondents from being included in the
data for analysis. The commenter suggested that the Bureau assess the
performance of questions as to gender identity and sexual orientation
first and then make revisions as needed. The commenter also stated that
it also did not recommend including the proposed ``I prefer to self-
describe'' option as a way to capture individuals with intersex traits,
and noted that it is not generally recommended that researchers capture
information on intersex status through a question on sex.
Other research and policy organizations stated a concern that free-
form text responses would require substantial effort by the Bureau and
others to distinguish transgender individuals and gender minorities
from respondents using the ``I prefer to self-describe'' option, even
though female or male responses would have been appropriate. This
commenter noted that analysis of free-form text fields can be time-
intensive and responses challenging to categorize, leading to discarded
data, reduced sample sizes, lessened statistical power, and potentially
errors in classification. The commenter also noted that although a
write-in response for gender identity to capture the many gender
identities and communities that exist may work in some circumstances,
it does not recommend it for a data collection of the anticipated size
and complexity of the effort under section 1071. With regard to sexual
orientation, the commenter noted that most people with same-sex
attraction are likely to choose the terms gay, lesbian, or bisexual if
they are the only terms provided, and thus a self-describe option would
just reduce the number of identifiably lesbian, gay, and bisexual
principal owners in the section 1071 data collection and reduce the
usefulness of the data.
[[Page 35367]]
Intersex status. Research and policy organizations suggested that
the Bureau add a specific inquiry regarding variations of sex
characteristics in the final rule or in the future, to identify
intersex business owners and their experiences. They emphasized that
people with variations in sex characteristics may comprise as much as
1.7 percent of the population. And, although little population-based
data exists, according to the commenter, intersex people face
documented social and health disparities. This in turn, they said,
could affect their economic opportunities. Moreover, according to the
commenter, the increased visibility of intersex individuals could also
make small business owners with intersex traits more vulnerable to
discrimination. They also stated that the Department of Justice's Title
IX Legal Manual rationale--finding that title IX's prohibition on sex
discrimination includes discrimination based on sex characteristics,
including intersex traits--should also apply to ECOA. They noted that a
consensus study from the National Academies had recommended that the
Federal government develop and evaluate measures to identify intersex
populations and recommended that the Bureau review another pending
National Academies study with recommendations on this area.\752\
---------------------------------------------------------------------------
\752\ See Nat'l Acads. of Scis., Eng'g, & Med., Understanding
the Well-Being of LGBTQI+ Populations (2020), https://nap.nationalacademies.org/catalog/25877/understanding-the-well-being-of-lgbtqi-populations. The National Academies has issued the
report anticipated by the commenter. See Nat'l Acads. of Scis.,
Eng'g, & Med., Measuring Sex, Gender Identity, and Sexual
Orientation for the National Institutes of Health (2022), https://www.ncbi.nlm.nih.gov/books/NBK578625/pdf/Bookshelf_NBK578625.pdf.
---------------------------------------------------------------------------
Final Rule--Collecting Sex
For the reasons set forth herein, the Bureau has revised its
proposal regarding the collection of information about the sex of the
principal owners of a small business applicant. Under final comment
107(a)(19)-15, if collecting the information using a paper or
electronic form, the financial institution must make the request using
the term ``sex/gender'' and must permit applicants to respond by using
free-form text. If collecting the information orally, the financial
institution must inform the applicant of the opportunity to provide
each principal owner's sex/gender and record the response. As with
other protected demographic information, the applicant can refuse to
provide the requested information. Unlike the Bureau's proposal, the
final rule does not use specific sex categories, such as ``Male'' and
``Female,'' for a principal owner's sex/gender. The Bureau has made
conforming changes, removed duplicative content, and updated cross-
references, in comment 107(a)(19)-15 and other comments that relate to
collection of principal owners' sex.
As an initial matter, the Bureau believes that collecting
information about a principal owner's sex, gender identity, and sexual
orientation is within section 1071's mandate. Following the Supreme
Court's holding in Bostock, even though the term ``sex'' is not defined
in ECOA or in Regulation B, the Bureau interprets ECOA's and Regulation
B's prohibitions against discrimination on the basis of ``sex'' to
include discrimination based on sexual orientation and gender
identity.\753\ As stated by the Court, sex discrimination encompasses
sexual orientation discrimination and gender identity discrimination,
as those forms of discrimination necessarily involve consideration of
sex.\754\ Because section 1071 is an enumerated provision of ECOA and
the final rule is part of Regulation B, this interpretation as to what
is included within the scope of the term ``sex'' necessarily applies to
the collection of information about a principal owner's ``sex'' under
section 1071 as well.
---------------------------------------------------------------------------
\753\ Bostock, 140 S. Ct. 1731; 86 FR 14363 (Mar. 16, 2021).
\754\ See Bostock, 140 S. Ct. 1731.
---------------------------------------------------------------------------
The Bureau believes further that available research, including that
cited by commenters and discussed above, showing disparities in access
to credit across gender identity and sexual orientation supports the
importance of collecting gender identity and sexual orientation small
business lending data.\755\
---------------------------------------------------------------------------
\755\ See, e.g., Ctr. for LGBTQ Econ. Advancement & Rsch., The
Economic Well-Being of LGBT Adults in the U.S. in 2019 (June 2021),
https://lgbtq-economics.org/research/lgbt-adults-2019/ (LGBT adults
more likely than non-LGBT adults to report being turned down by
lenders and to be offered credit at rates higher than desired); Hua
Sun & Lei Gao, Lending practices to same-sex borrowers, Proceedings
of the Nat'l Acad. Sci. of the U.S. of Am. (May 2019), https://doi.org/10.1073/pnas.1903592116 (finding same-sex couples more
likely to be denied a mortgage than different-sex couples); J.
Shahar Dillbary & Griffin Edwards, An Empirical Analysis of Sexual
Orientation Discrimination, 86 U. Chi. L. Rev. 1 (2019), https://lawreview.uchicago.edu/publication/empirical-analysis-sexual-orientation-discrimination (finding that same-sex male home loan co-
applicants were less likely to have their loan applications accepted
compared to white, different-sex co-applicant pairs; male same-sex
pairs with Black applicants had significantly worse acceptance
outcomes).
---------------------------------------------------------------------------
There was no clear consensus among commenters as to how information
about the sex of small businesses' principal owners should be
collected. As described above, the Bureau received a diverse array of
comments recommending a range of response options to the proposed
inquiry about a principal owner's sex and suggesting questions in
addition to, or instead of, the Bureau's proposed query about a
principal owner's sex. The Bureau notes that at the Federal level,
there is wide variance in data collection approaches, question
phrasing, and answer options, and that the Federal government's
approach is in flux.\756\ For example, on January 11, 2023, shortly
before this rule was issued, OMB released new recommendations for
agencies on the best practices for the collection of sexual
orientation, gender identity, and sex characteristics data on Federal
[[Page 35368]]
statistical surveys, including strategies to preserve data privacy and
safety.\757\ The Bureau also notes the consensus study from the
National Academies cited by a commenter that indicates that the terms
used to describe individuals who identify as or exhibit attractions and
behaviors that do not align with heterosexual or traditional male-
female binary gender norms are evolving.\758\
---------------------------------------------------------------------------
\756\ See 86 FR 56356, 56482 (Oct. 8, 2021) (discussing approach
used by the Census Bureau's Household Pulse Survey, asking separate
questions for sex assigned at birth, current gender identity, and
sexual orientation); id. at 56482 n.686 (discussing other Federal
agency approaches in health care settings). See also 31 CFR
35.28(h), (i) (in annual reports by participants in the U.S.
Treasury's State Small Business Credit Initiative (SSBCI) program,
requiring information about program beneficiaries' principal owner's
gender (using categories: female; male; nonbinary; prefer to self-
describe, with an option to write in information; prefer not to
respond; or that the business did not answer) and sexual orientation
(using categories: gay or lesbian; bisexual; straight, that is, not
gay, lesbian, or bisexual; something else; prefer not to respond; or
that the business did not answer); 2020 Census Official
Questionnaire (inquiring as to each person's sex (e.g., ``What is
Person 1's sex? Mark (x) ONE box.''), with answer options: ``Male''
and ``Female'' and asking about the relationships with other
household members (e.g., ``How is this person related to Person 1?
Mark (X) ONE box.''), with answer options including, inter alia,
``opposite-sex husband/wife/spouse'', ``opposite-sex unmarried
partner, ``same-sex husband/wife/spouse'', and ``same-sex unmarried
partner''); Soc. Sec. Admin., How do I change the sex identification
on my Social Security record? (KA-01453) (last updated Oct. 25,
2022), https://faq.ssa.gov/en-us/Topic/article/KA-01453 (individuals
can provide sex identification evidence that is binary or non-
binary, but stating that SSA record systems currently require a sex
designation of female or male); U.S. Dep't of State, X Gender Marker
Available on U.S. Passports Starting April 11, 2022 (Mar. 31, 2022),
https://www.state.gov/x-gender-marker-available-on-u-s-passports-starting-april-11/; U.S. Equal Emp. Opportunity Comm'n, EEOC Adds X
Gender Marker to Voluntary Questions During Charge Intake Process
(June 27, 2022), https://www.eeoc.gov/newsroom/eeoc-adds-x-gender-marker-voluntary-questions-during-charge-intake-process; Admin. for
Children & Fams., U.S. Dep't of Health & Hum. Servs., Proposed
Information Collection Activity; Domestic Victims of Human
Trafficking Program Data (OMB #0970-0542), 87 FR 45107 (July 27,
2022) (proposing changes to collection of participant demographics
for Domestic Victims of Human Trafficking Services and Outreach
Program grant programs); Admin. for Children & Fams., U.S. Dep't of
Health & Hum. Servs., Proposed Information Collection Activity; SOAR
(Stop, Observe, Ask, Respond) to Health and Wellness Training (SOAR)
Demonstration Grant Program Data (New Collection), 87 FR 52386 (Aug.
25, 2022) (indicating that data to be collected with regard to the
SOAR program will include client sex, gender identity, sexual
orientation.)
\757\ Off. of Mgmt. & Budget, Off. of the Chief Statistician of
the U.S., Recommendations on the Best Practices for the Collection
of Sexual Orientation and Gender Identity Data on Federal
Statistical Surveys (Jan. 11, 2023), https://www.whitehouse.gov/wp-content/uploads/2023/01/SOGI-Best-Practices.pdf.
\758\ Nat'l Acads. of Scis., Eng'g, & Med., Understanding the
Well-Being of LGBTQI+ Populations 1-2. See also Nat'l Acads. of
Scis., Eng'g, & Med., Measuring Sex, Gender Identity, and Sexual
Orientation 1-4 to 1-5 (discussing terms and identities associated
with the concepts of gender, sex, and sexual orientation).
---------------------------------------------------------------------------
As a result of these factors, the Bureau believes that an approach
that allows principal owners to designate their sex/gender with the
ability to write-in or provide additional information (such as in a
free-form field on a paper or electronic form) will encourage applicant
self-identification using terminology that may change over time. To
increase applicants' autonomy to provide responses they feel best
characterize their principal owners, the final rule does not include
additional sex category responses suggested by commenters nor does it
require a financial institution to provide a list of example responses
when requesting that an applicant provide its principal owners' sex.
This approach mitigates the concern of some commenters that a list of
disaggregated categories would be difficult for some lender staff to
ask and for some applicants to be asked.
In partial response to the several commenters who urged that the
Bureau use the term ``gender'' instead of ``sex,'' the Bureau is
requiring financial institutions to use the term ``sex/gender'' when
requesting information about principal owners' sex. As explained above,
the Bureau interprets ECOA's and Regulation B's prohibitions against
discrimination on the basis of ``sex'' to also include, inter alia,
discrimination based on gender identity; this interpretation as to what
is included within the scope of the term ``sex'' necessarily also
applies to the collection of information about a principal owner's
``sex'' under section 1071.\759\ The Bureau believes that requiring
financial institutions to ask for information about ``sex/gender'' will
provide principal owners with the flexibility and autonomy to use terms
that they prefer.
---------------------------------------------------------------------------
\759\ 86 FR 14363 (Mar. 16, 2021).
---------------------------------------------------------------------------
Although some commenters requested that the Bureau require the
collection of principal owners' sexual orientation information and
intersex status in addition to the collection of information about
their gender identity, the final rule does not include these specific
inquiries. The Bureau believes that such specific inquiries about
individuals would likely be perceived as more invasive than a general
request as to ``sex/gender'' and, as explained above, the overall
LGBTQI+-ownership status of the business. Accordingly, the Bureau is
concerned that questions to this effect could impact the overall
willingness of applicants to provide demographic information, as noted
by some commenters.
Some commenters expressed concerns that collecting data via write-
in text fields may lead to data analysis issues. The Bureau anticipates
that its review of responses to the sex/gender inquiry will result in
data that could be used by the Bureau and other regulators and, once
grouped into categories, publicly released subject to any necessary
modifications or deletions for privacy purposes.
The Bureau believes that principal owners' sex/gender and
applicants' LGBTQI+-owned business status data points together strike a
balance that respects for small business owners' autonomy in self-
identification, while also providing the Bureau and the public with
information needed to further section 1071's statutory purposes.
The Bureau recognizes that the way financial institutions will
collect data about sex under the final rule differs from the collection
of information about the sex of home mortgage applicants under
Regulation C/HMDA.\760\ Although the collection of ethnicity, race, and
sex data in both contexts serves related fair lending purposes, the two
regulations have different legal authorities, cover different markets,
and were developed at different times. The Bureau has specifically
tailored the collection of sex data under this final rule implementing
section 1071 for the small business lending context, in consideration
of the comments received and of continuing developments in Federal
government's approach to collecting information about sex, gender
identity, and sexual orientation.
---------------------------------------------------------------------------
\760\ As the Bureau is exempting HMDA-reportable transactions
from the data collection requirements of the final rule, in Sec.
1002.104(b)(2), strict consistency between reporting categories is
unnecessary.
---------------------------------------------------------------------------
The Bureau has also considered commenters' statements that small
business applicants may feel uncomfortable and have privacy concerns
about providing sensitive information to lenders related to the sex of
their principal owners. As discussed in greater detail in part VIII
below, after receiving a full year of reported data, the Bureau will
assess privacy risks associated with this data and on that basis, make
appropriate pre-publication modification and deletion decisions. The
Bureau takes the privacy of such information seriously and intends to
make appropriate modifications and deletions.
Commenters also included suggestions for whether to allow
applicants to select only one or multiple response categories in
response to questions related to a principal owner's sex. As explained
above, the Bureau has decided to include only a self-describe response
option in response to the question about a principal owner's sex/gender
at this time, rendering these comments moot.
One commenter stated that providing information about a principal
owner's sexual orientation and gender identity should be optional for
the applicant. The Bureau agrees, and applicants have a right to refuse
to provide responses to questions about protected demographic
information. As explained in final comment 107(a)(19)-1, financial
institutions must permit an applicant to refuse to answer the financial
institution's inquiry and must inform the applicant that it is not
required to provide the information.
With regard to some commenters' suggestion that questions about a
principal owner's gender identity and sexual orientation should be
optional for financial institutions, the Bureau is not requiring
separate questions for sex, gender identity, and sexual orientation for
the reasons above. Thus, these commenters' suggestion is moot.
The Bureau does not believe it would be appropriate, however, to
remove the requirement to collect principal owners' sex, suggested by
some commenters. As discussed above, the collection of information
about sex is required under section 1071.
The Bureau is not requiring financial institutions to report what
sex or gender is indicated on a principal owner's State driver's
license, as requested by one commenter. As the commenter acknowledged,
State requirements differ as to what residents may select as to their
sex and/or gender on their State government-issued identification and
the available selections may not be adequate as to a principal owner's
self-
[[Page 35369]]
identified sex and/or gender. As noted above, the Bureau believes that
the collection of principal owners' sex information under this rule
should be based solely on an applicant's self-identification. However,
as the commenter also pointed out, some governmental authorities allow
individuals to indicate their sex as ``X'' in government-issued
documents. Nothing in this rule would interfere with a principal owner
choosing to designate their sex in that way in the self-describe
response option.
With regard to one commenter's statement that the Bureau should not
allow the use of previously collected information due to concern about
misuse of such data, the final rule specifies how previously collected
information may be used, as discussed further in the section-by-section
analyses of Sec. Sec. 1002.107(d) and 1002.110(e) below.
Regarding a commenter's suggestion that the Bureau should consult
further with stakeholders before finalizing any publication of
information about sexual orientation and gender identity of principal
owners, the Bureau intends to engage further with stakeholders before
publishing data, as discussed in part VIII below.
Proposed Rule--Collecting Ethnicity and Race via Visual Observation or
Surname in Certain Circumstances
The Bureau proposed that financial institutions be required to
collect and report at least one principal owner's ethnicity and race
based on visual observation and/or surname in certain circumstances.
This would have been required if the financial institution met in
person with one or more of the applicant's principal owners and the
applicant did not provide ethnicity, race, or sex information for at
least one principal owner in response to the financial institution's
inquiry pursuant to proposed Sec. 1002.107(a)(20).
The Bureau noted that demographic response rates in the SBA's
Paycheck Protection Program data are much lower when compared to
ethnicity, race, and sex response rates in HMDA data.\761\ The Bureau
reasoned that without a visual observation and/or surname collection
requirement, meaningful analysis of principal owner ethnicity and race
data could be difficult, significantly undermining section 1071's
purposes. Historically, one challenge under HMDA has been the
reluctance of some applicants to voluntarily provide requested
demographic information, such as ethnicity and race. The Bureau
explained that the requirement in Regulation C to collect race, sex,
and ethnicity on the basis of visual observation or surname is an
important tool to address that challenge, and that it believes that the
requirement has resulted in more robust response rates in the HMDA
data.
---------------------------------------------------------------------------
\761\ Small Bus. Admin., Paycheck Protection Program Weekly
Reports 2021, Version 11, at 9 (effective Apr. 5, 2021), https://www.sba.gov/sites/default/files/2021-04/PPP_Report_Public_210404-508.pdf. Paycheck Protection Program data were taken from 2021 loans
for which the collection form for principal owner demographics was
included in the application itself and, for most of that time, was
featured on the first page of the application.
---------------------------------------------------------------------------
Accordingly, the Bureau proposed that financial institutions
collect at least one principal owner's ethnicity and race (but not sex)
on the basis of visual observation and/or surname in the circumstances
described above. Under the Bureau's proposal, a financial institution
would not have been required to collect ethnicity and race via visual
observation and/or surname if the applicant provided any demographic
information regarding any principal owner. For applicants with multiple
principal owners, the financial institution may not be able to
determine whether the applicant had provided the demographic
information of the principal owner who met in person with the financial
institution or for another principal owner. The Bureau sought comment
on this proposed approach. The Bureau also sought comment on whether a
financial institution should be required to collect a principal owner's
ethnicity and/or race via visual observation and/or surname if the
applicant has only one principal owner, the applicant does not provide
all of the principal owner's requested demographic information, and the
financial institution meets in person with the principal owner. The
Bureau noted that in this situation, the financial institution would be
able to ``match'' any demographic information that the applicant
provides with the correct principal owner because there is only one
principal owner.
Proposed comment 107(a)(20)-9 would have explained that a financial
institution would be required to report ethnicity and race based on
visual observation and/or surname in certain circumstances. It would
have further explained that a financial institution would not be
required to report based on visual observation and/or surname if the
principal owner only meets in person with a third party through whom
the applicant is submitting an application to the financial
institution.
Proposed comment 107(a)(20)-10 would have clarified that a
financial institution meets with a principal owner in person if an
employee or officer of the financial institution or one of its
affiliates has a meeting or discussion with the applicant's principal
owner about an application and can visually observe the principal
owner. The proposed comment would have also provided examples of
situations where the financial institution meets in person with a
principal owner and where it does not. The Bureau requested comment on
this approach and whether there should be additional or different
examples.
Proposed comment 107(a)(20)-11 would have clarified that a
financial institution uses only aggregate categories when reporting
ethnicity and race based on visual observation and/or surname and would
have directed financial institutions to proposed appendix G for
additional information on collecting and reporting ethnicity and race
based on visual observation and/or surname. The Bureau requested
comment on whether to permit, but not require, financial institutions
to use the disaggregated subcategories as well when reporting ethnicity
and race based on visual observation and/or surname.
In addition to the specific matters identified above, the Bureau
sought comment on its proposed approach to this data point, the
proposed methods of collecting and reporting the data, and on whether
additional clarification regarding any aspect of this data point is
needed.
Comments Received--Collecting Ethnicity and Race via Visual Observation
or Surname in Certain Circumstances
General comments. The Bureau received comments from many banks,
trade associations, community groups, members of Congress, small
business owners, service providers, and others on its proposal that
financial institutions be required to collect at least one principal
owner's ethnicity and race on the basis of visual observation and/or
surname under certain circumstances. A community group, a joint letter
from community and business advocacy groups, and a CDFI lender
supported the proposed requirement, emphasizing that demographic data
collection via visual observation and surname analysis has been
required by Regulation C for many years. The community group also
commented that ethnicity and race information, including information
collected via visual observation and/or surname as proposed, will allow
data users to assess how the experiences of small businesses differ by
approximate amount of minority ownership in the
[[Page 35370]]
business, particularly when combined with information about an
applicant's number of principal owners under proposed Sec.
1002.107(a)(21).
Many commenters objected to the proposed requirement. A number of
industry commenters stated that the Bureau should require only the
reporting of applicant-provided data. A number of agricultural lenders,
a trade association, a service provider, a community group, and a
business advocacy group stated that while they support the collection
of demographic information and the need for robust data, they do not
support the proposed requirement. A few industry commenters said that
the Bureau should only require best efforts to collect demographic
information.
Use of visual observation and surname to collect sex. A number of
commenters, including banks, trade associations, community groups, and
LGBTQI+ advocacy groups, supported the Bureau's proposal to not require
the use of visual observation and/or surname to report a principal
owner's sex. Several LGBTQI+ advocacy groups commented that visual
observation of the gender expression of principal owners would
inevitably rely upon sex stereotypes and lead to inaccurate
determinations of sex, gender identity, or sexual orientation. A
community group similarly stated that it would not be possible in some
cases to use visual observation to accurately identify gender. Several
industry commenters stated that requiring financial institutions to
determine the sex of principal owners would make employees
uncomfortable and potentially offend applicants who had declined to
provide this information.
In contrast, some banks requested that the visual observation and
surname requirement for this rule be aligned with Regulation C and thus
apply to data on sex as well as for ethnicity and race. These
commenters said that alignment with Regulation C would reduce reporting
errors and financial institutions' compliance burden because financial
institutions would not need to use additional resources to understand
and implement different data collection requirements.
Data accuracy and related concerns. Many commenters, including a
range of lenders, trade associations, community groups, several members
of Congress, business advocacy groups, and others, were concerned that
the proposed requirement would yield unreliable ethnicity and race
data.
Some commenters argued that such a requirement would introduce
error, bias, and subjectivity into the data collection process, leading
to inaccurate or distorted data. Several said that such purported bias
should not be part of the underwriting process or that section 1071 was
intended to combat this type of bias. One commenter said that banks do
not consider the ethnicity, race, or gender of small business
applicants and argued that they should not be required to guess such
information. Other commenters asserted that inaccuracies in the
collected data would not support rigorous analysis, would not serve the
purposes of section 1071, and would be inconsistent with congressional
intent to collect reliable data on small business credit. Several other
commenters similarly stated that data collected via visual observation
or surname would impair analyses, conclusions, and policies based on
such data.
Several commenters asserted that data collected pursuant to the
proposed requirement would be inaccurate because the process would be
based on or encourage the use of racial stereotypes or assumptions.
Several other commenters asserted that ethnicity and race
determinations made by visual observation have been prone to error or
unreliable, with some citing materials on own-race bias, other-race
effect, and similar issues. Some commenters predicted that the proposed
requirement may cause some lenders to rely on surname alone to avoid
determining ethnicity and race based on visual observation. Others said
that the proposed requirement should not be finalized because it could
risk perpetuating discrimination and insert racial stereotyping into
application processes, posing risks to applicants and financial
institutions alike. A community group stated that the proposed data
collection method raises fair lending concerns. With respect to
reporting ethnicity and race based on surname, several commenters
asserted that surname analysis was unreliable and obsolete.
Commenters also identified specific circumstances that they said
could lead to inaccurate ethnicity and race determinations based on
visual observation and surname. Some commenters argued that the
provision does not account for situations such as adoption, surname
changes, and multi-ethnic or multi-racial identities. Other commenters
alleged that visual observation and surname analysis would likely be
inaccurate or unreliable as a result of increasing demographic
diversity. Several asserted that racial and ethnic identities are
personal, influenced by a number of different factors, and should be
confirmed only by the applicant. Another commenter likewise stated that
the Bureau should only require lenders to report based on applicant-
provided data to promote accuracy and inclusivity. Several commenters
noted that a principal owner's ethnicity and race could be reported
differently by different lenders under the proposed requirement.
Some commenters said that loan officers and bank employees lack the
expertise or training to make ethnicity and race determinations, and
that the proposed requirement would lead to guessing. Another commenter
said the proposed requirement would create training and other
employment hurdles without producing meaningful information.
Several commenters noted that the proposed requirement would result
in inaccurate data when the person filling out the application is not a
principal owner of the business, but rather an employee. Commenters
also asserted that data would be misleading when the ethnicity and race
of the principal owner meeting with the bank is not representative of
the other principal owners of the business. One commenter asserted that
the proposed requirement could subject lenders to liability because
they do not always interact with principal owners.
Some commenters opposed the proposed requirement on the grounds
that data collected using this method would be, they said, generally
unrepresentative of small business applicants. They predicted low
response rates to inquiries about ethnicity and race for this rule,
based on the experience of the Paycheck Protection Program, and argued
that ethnicity and race data would be based on visual observation and
surname analysis for a disproportionate number of applications, which
these commenters posited would result in inaccurate data. Several
commenters stated that, as a result, inaccuracies attributable to the
use of visual observation and surname analysis would be magnified,
making the data collected unrepresentative of the applicant population
and not useful for any analyses. Others commented that ethnicity and
race data reported based on visual observation or surname would be both
inaccurate and unrepresentative because of the increased use of digital
application processes with no visual component. A trade association
anticipated low applicant response rates to the demographic questions
based on its members' experience that customers express anger or are
reluctant to provide ownership information as required by FinCEN's
customer due diligence rule. This commenter expected that
[[Page 35371]]
applicants would not want to provide demographic information due to
concerns that it would be used in the credit process, despite any
assurances to the contrary on the sample data collection form.
Customer relationships. Many commenters asserted that the proposed
requirement would impair customer relationships, citing small business
lending as more relationship-dependent than other forms of credit. A
number of commenters stated that it would make bank employees and
applicants uncomfortable, with some suggesting specifically that this
could occur when in-person applicants witness employees filling out
demographic information that the applicants declined to provide. A
number of commenters likewise said it would negatively impact customer
relationships. One argued that because banks are more likely to have
ongoing interactions with a small business owner than someone seeking a
mortgage, offense taken from visual observation or surname analysis
would be more detrimental.
Several agricultural lenders expressed concern that the disclosure
on the proposed sample data collection form informing applicants about
the obligation of lenders to report ethnicity and race information
through visual observation and/or surname analysis would be negatively
received by applicants, stating that applicants might perceive the
notice as an indication that the lender intends to or must contradict
the applicant's wishes. A trade association suggested that applicants
would feel uncomfortable providing their demographic information if
they receive notice that such information would not be subject to a
firewall, which would lead to a greater use of visual observation and
surname analyses.
Right to refuse. A range of commenters opposed the proposal on the
grounds that applicants have a right to decline to provide demographic
information. One commenter said that the proposed requirement would
further damage the public's confidence in financial institutions and
heighten privacy concerns, because it would contradict an applicant's
decision to not provide the requested information. Several cited the
high percentage of Paycheck Protection Program loan applicants that did
not report demographic data as showing applicant concerns about privacy
and the importance of voluntary reporting.
Some commenters stated that the proposal is inconsistent with, or
that it inappropriately circumvents, section 1071's provision that an
applicant may refuse to provide protected demographic information and
urged the Bureau to respect that right. One commenter said that section
1071 is structured to require financial institutions to make inquiries
for their customers' information and to allow applicants to refuse to
provide such information; given this framework, the commenter
questioned whether requiring collection would be permissible under the
statute when an applicant has already refused to provide the
information. One commenter said that applicants may not understand that
if they decline to answer demographic inquiries that lenders will
determine and report their ethnicity and race anyway. Several
commenters highlighted that HMDA, in contrast to section 1071, does not
provide a comparable right of refusal.
Burden and cost. A few commenters objected to the proposed
requirement on the grounds that it would impose significant costs on
some lenders. One commenter identified costs to create and maintain
policies and procedures, apply these consistently, conduct ongoing
training, and audit compliance, while another said the proposal would
require substantial changes to its loan processes, systems, and
compliance protocols to implement. A commenter said that reliance on
proxying, inference, or visual observation would impose a number of
cost and compliance concerns. Several commenters asserted that lenders
may face substantial costs to train employees to make determinations;
one said this training could be complex for front-line employees who
are currently taught that ECOA and other laws prohibit the collection
of ethnicity and race information. A CDFI lender stated that the
proposed requirement would impose less burden on larger banks and
online lenders, either because they will have a higher number of online
loan applications or because they already report demographic
information on the basis of visual observation and surname under HMDA.
Response rates. Several commenters disputed that the higher
responses rates in HMDA data, compared with lower response rates in
Paycheck Protection Program data, could be attributed to HMDA's visual
observation and surname requirement, and also disputed that this
proposed requirement could improve response rates for financial
institutions complying with the small business lending rule. Some
suggested that the Bureau's concern with low response rates based on
the Paycheck Protection Program experience is misplaced, arguing that
those response rates were attributable to the program's emergency
nature, and the rush by all parties to submit and process applications.
Commenters also noted that Paycheck Protection Program may not inform
the likely response rates under this rule because that program covered
a wider range of businesses than the Bureau's proposal.
Purported conflicts with ECOA and Regulation B. Some commenters
raised concerns about conflicts between the proposed requirement and
subpart A of Regulation B and ECOA. One commenter stated that the
proposed requirement is prohibited by 12 CFR 202.5, which provides that
a creditor may not inquire about the race, color, religion, national
origin, or sex of an applicant or any other person in connection with a
credit transaction. Several commenters said that the proposed
requirement would require bank employees to consider factors that ECOA
prohibits creditors from considering. Commenters also generally stated
that the proposed requirement conflicts with the fair lending training
provided to bank employees and will insert race as a factor in the
credit application process.
Several commenters said that a visual observation and surname
requirement would not align with, or would violate, the statutory
firewall requirement, noting that the lenders would have to determine a
borrower's ethnicity and race but then have to ``forget'' and isolate
the information when making credit decisions. One requested that
information collected via visual observation and/or surname not be
subject to the firewall provision because of the difficulty in
maintaining the firewall requirements for data collected this way.
In-person meetings. A number of commenters raised concerns that the
proposed requirement would damage the relationships that community
banks, traditional banks, or small- to mid-sized banks have with their
customers. One asserted that in-person interactions are important for
community lenders, such as CDFI banks, to understand customers, to make
customers feel comfortable, and to identify products and services
responsive to the needs of lower income and other underserved
communities. Others emphasized that such lenders value and rely on
repeated, in-person interactions with customers, saying that the
proposed requirement would disproportionately affect them, but would
favor large banks and online lenders that did not see applicants and
thus would not have to employ the visual observation or surname
analysis. One commenter suggested that all lenders should be subject to
the
[[Page 35372]]
proposed requirement, because online lenders can still conduct surname
analyses. Another said that the proposed requirement would
disproportionately subject CDFI lenders to the risks of reporting
inaccurate data, including reputational damage, and greater operational
and compliance burden. A commenter urged that the Bureau exempt
community banks from the proposed requirement.
In contrast, some commenters suggested that the proposed
requirement would not generate much data as a result of a shift away
from in-person interactions, thus limiting or negating its value. One
such commenter predicted that much small business lending will likely
be through credit cards, which it said would not provide an opportunity
to implement the requirement, and as a result data collected via visual
observation and surname would be associated with certain loan types
that may be received by higher revenue applicants.
Some commenters suggested that lenders, their employees, and
applicants would try to avoid visual observation and surname analysis.
Several said that the proposed requirement would discourage loan
officers and applicants from meeting in person or by video call. Others
stated that some banks may shift applications online, impairing the
personal interaction some banks have with their communities. One
commenter predicted that the proposed requirement would discourage
small business applicants from seeking credit.
Another commenter argued that the proposed requirement is
unnecessary because financial institutions do not always meet with the
principal owners of a business. Several commenters said that ethnicity
and race determinations from visual observation and surname analysis
may not be representative of the applicant population, would be
inconsistent, and would not be comparable to other data.
One commenter said that the requirement would be difficult to apply
because a financial institution may not know if the principal owner's
demographic information had already been collected to assess if the
visual observation and surname requirement applies, such as in the
context of a brief interaction that is later determined to be an in-
person meeting that would trigger the proposed requirement. Others
asked for clarity on whether the proposed requirement would be
triggered if any bank employee met in person with a principal owner,
even if not involved with the credit application (for example when
signing closing documents). Another commenter stated that financial
institutions should not be required to determine if an individual is a
principal owner, a necessary condition to collect data on a principal
owner's ethnicity and race via visual observation and surname analysis,
if the small business applicant chooses not to disclose its ownership
structure.
Litigation and compliance risk. Some commenters were concerned that
the proposed requirement would subject financial institutions and their
employees to enforcement actions or litigation if they erred in
determining a principal owner's ethnicity or race. Several stated that
despite good faith efforts, such errors could subject lenders to
examiner scrutiny, litigation, negative media, and erroneous
discrimination claims by third parties, or subject them to customer
complaints. One commenter stated that regulators could use financial
institutions' best-guess, but erroneous determinations to pursue
disparate impact cases, or customers could bring discrimination cases,
if they are able to reverse engineer the inadvertently incorrect
ethnicity or race determinations made by financial institutions. A
community group suggested that financial institutions would avoid
reporting ethnicity or race at all to avoid litigation risk.
Several business advocacy groups suggested that certain lenders may
use this provision to fabricate ethnicity and race data in order to
make their lending practices appear more equitable, accessible, and
unbiased.
Implementation and other comments. A number of commenters offered
specific suggestions regarding particular aspects of the proposal,
notwithstanding other objections they may have raised regarding whether
it should be finalized at all. Several urged the Bureau to provide
guidance materials and sample disclosures, and to engage in education
efforts to encourage applicants to self-report their demographic
information, with some suggesting these options in place of the
proposed provision. Some said the Bureau should develop guidance that
lenders could use to avoid questions of interpretation and to learn
about resources they can use to make ethnicity and race determinations
on the basis of a principal owner's surname. Several suggested that the
Bureau provide a uniform surname classification standard.
One commenter requested an exemption from the proposed requirement
(and the collection of ethnicity and race generally) for retail credit,
on the grounds that many applicants will decline to provide demographic
information about their principal owners given the sensitivity of the
information. Other commenters stated that automobile and truck dealers
had expressed concerns about the proposed requirement and did not think
it would be possible to report detailed demographic information based
on visual observation. Another commenter recommended that the Bureau
exempt sole proprietors from the proposed requirement, noting that sole
proprietor transactions are unique and may not provide meaningful data
on the commercial credit market served by small, non-bank lenders.
Several commenters opposed the proposed requirement, arguing that
the use of visual observation and surname is outdated. Two commenters
stated that these methods employed in Regulation C were implemented
many years ago, and that the Bureau should follow more current
government agency practices, citing a 2021 policy memo from USDA \762\
rescinding the use of visual observation to determine ethnicity or race
for certain Federal food programs. One commenter stated that, as with
participants in the USDA programs, some small business owners may not
want their ethnicity or race determined by others, may perceive
discriminatory treatment, and may avoid applying for credit.
---------------------------------------------------------------------------
\762\ U.S. Dep't of Agric., Collection of Race and Ethnicity
Data by Visual Observation and Identification in the Child and Adult
Care Food Program and Summer Food Service Program--Policy Recission
(May 17, 2021), https://www.fns.usda.gov/cn/Race-and-Ethnicity-Data-Policy-Rescission.
---------------------------------------------------------------------------
One commenter stated that the scope of the proposed requirement was
unclear, noting that the NPRM preamble and proposed commentary provided
that a financial institution would have to identify at least one
principal owner by visual observation or surname if the applicant does
not provide the ethnicity and race of at least one principal owner,
even though institutions are obligated to collect the ethnicity, race,
and sex of each of the small business applicant's principal owners.
Several commenters requested that financial institutions should only be
required to collect aggregate ethnicity and race categories.
One commenter suggested the use of an automated proxy analysis of
surnames as an alternative to the proposed requirement. Another said
that the Bureau could determine ethnicity and race with the data
reported by lenders based on surname analysis.
Several commenters urged that, if the proposed requirement is
finalized, demographic data should note when they are collected via
visual observation or surname.
[[Page 35373]]
Final Rule--Collecting Ethnicity and Race via Visual Observation or
Surname in Certain Circumstances
The Bureau is not finalizing its proposed visual observation and/or
surname analysis requirement for the reasons set forth below. Final
Sec. 1002.107(a)(19) (proposed as Sec. 1002.107(a)(20)) no longer
includes references to the reporting of ethnicity and race based on
visual observation and surname. The Bureau is likewise not adopting
proposed comment 107(a)(20)-9, regarding reporting based on visual
observation and/or surname; proposed comment 107(a)(20)-10, regarding
meeting in person with a principal owner; and proposed comment
107(a)(20)-11, regarding the use of aggregate categories when reporting
using visual observation or surname. The Bureau has also removed other
references to the collection of ethnicity and race data via visual
observation and/or surname from other locations in the final rule.
In making this decision, the Bureau carefully considered the
numerous comments it received, the statute, the history of the use of
visual observation and surname analysis under HMDA, and the recent
history of the collection of demographic information related to the
Paycheck Protection Program. The Bureau believes, based on its
expertise and the longstanding use of visual observation and surname
analysis in HMDA, that collection of demographic information via visual
observation or surname analysis has the capacity to improve response
rates for demographic information--without particular risk to data
accuracy,\763\ introduction of bias or racial stereotyping into the
underwriting process,\764\ increased litigation/compliance risk, or
violations of existing ECOA/Regulation B,\765\ as suggested by some
commenters. The Paycheck Protection Program experience also suggests
that there may be benefits in such a requirement.
---------------------------------------------------------------------------
\763\ While some commenters suggested that data inaccuracies
from visual observation and surname analysis would have limited the
usefulness, integrity, reliability, or quality of the collected data
and conclusions or policies based upon the data, the Bureau has not
found this to be the case in HMDA and would not expect it to be so
here either. A loan officer reporting their perception of an
applicant's ethnicity and race could not do so ``incorrectly''
(other than by intentionally mis-reporting their perception); in
fact, a loan officer's perception of an applicant's protected
demographic information may be more important for fair lending
analyses than how the applicant self-identifies.
\764\ Collecting lenders' perceptions of the ethnicity and race
of applicants, whether or not such perceptions are what the
applicant would consider ``accurate,'' could have enabled an
analysis of potential bias by lenders. But the mere recordation of
those perceptions is unlikely to create bias on the basis of those
perceptions.
\765\ Inquiring about an applicant's ethnicity and race (or
collecting such information via visual observation or surname, if
the Bureau were finalizing that aspect of the proposal) will not, in
fact, violate Regulation B's prohibition on inquiring about certain
protected characteristics of an applicant in connection with a
credit transaction, nor is doing so under HMDA/Regulation C a
violation. Regulation B implements ECOA, of which section 1071 is a
part. Section 1002.5 of Regulation B, and its amendments under this
final rule, make clear that the collection of ethnicity and race
pursuant to this rule would not violate Regulation B.
---------------------------------------------------------------------------
Nonetheless, the Bureau believes that a requirement to collect
principal owners' ethnicity and race via visual observation or surname
could pose particular challenges for small business lending that are
not present in mortgage lending. For example, applicants and co-
applicants are clearly identified as such in mortgage applications--
making it obvious whose demographic information has, or has not, been
self-reported. In contrast, this final rule--as mandated by section
1071--requires a record of the applicant's responses to a request for
protected demographic information to be kept separate from the
application, and prohibits inclusion of personally identifiable
information in records compiled and maintained pursuant to this rule.
This could make tracking whose information has, or has not, been self-
reported by the applicant particularly challenging. As commenters
pointed out, a financial institution might be interacting with a
representative of a small business who is not a principal owner, or the
institution may not know--particularly early in the application
process--if a particular person is a principal owner.
In addition, the Bureau is mindful, consistent with the comments it
received, that much of the lending to small businesses in smaller
communities and in underserved and rural areas occurs through
relationship banking that involves more frequent and more personal
contact with applicants. The Bureau is also mindful of concerns raised
by lenders that rely on in-person engagement that their customer
relationships may be negatively impacted by customer discomfort with a
visual observation and surname data collection requirement,
particularly during initial implementation of this final rule. The
Bureau also acknowledges the concerns expressed by commenters that bank
employees may feel uncomfortable making ethnicity and race
determinations on the basis of visual observation or surname. On the
other hand, the Bureau acknowledges comments that the prevalence of
online lending processes and use of credit cards in small business
lending could mean few opportunities for in-person or video-enabled
meetings and thus for the collection of ethnicity and race via visual
observation or surname.
The Bureau's decision not require financial institutions to collect
principal owners' ethnicity and race information via visual observation
or surname at this time renders moot the comments about implementation
of such a requirement, as well as those suggesting alternatives to the
proposal.
The Bureau intends to actively monitor financial institutions'
response rates to inquiries regarding demographic data to ensure that
applicants are not being discouraged in any way from providing their
demographic data pursuant to this final rule and to determine whether
any future adjustments to the rule may be warranted.
107(a)(20) Number of Principal Owners
Proposed Rule
Proposed Sec. 1002.107(a)(21) would have required financial
institutions to collect and report the number of the applicant's
principal owners. Proposed comment 107(a)(21)-1 would have explained
that a financial institution would be able to collect an applicant's
number of principal owners by requesting the number of principal owners
from the applicant or by determining the number of principal owners
from information provided by the applicant or that the financial
institution otherwise obtains. If the financial institution asks the
applicant to provide the number of its principal owners, proposed
comment 107(a)(21)-1 explained that the financial institution would
have been required to provide the definition of principal owner set
forth in proposed Sec. 1002.102(o). The proposed comment also
clarified that, if permitted pursuant to proposed Sec. 1002.107(c)(2),
a financial institution could report an applicant's number of principal
owners based on previously collected data.
Proposed comment 107(a)(21)-2 would have clarified the relationship
between the proposed requirement to collect and report the number of
principal owners in proposed Sec. 1002.107(a)(21) with the proposed
requirement to report verified information in proposed Sec.
1002.107(b). The proposed comment would have stated that the financial
institution may rely on an applicant's statements in collecting and
reporting the number of the applicant's principal owners. The financial
institution would not have been required to verify the number of
[[Page 35374]]
principal owners provided by the applicant, but if the financial
institution did verify the number of principal owners, then the
financial institution would report the verified number of principal
owners.
Proposed comment 107(a)(21)-3 would have stated that pursuant to
proposed Sec. 1002.107(c)(1), a financial institution would be
required to maintain procedures reasonably designed to collect
applicant-provided information, which includes the applicant's number
of principal owners. However, the proposed comment would have explained
that if a financial institution is nonetheless unable to collect or
determine the number of principal owners of the applicant, the
financial institution would report that the number of principal owners
is ``not provided by applicant and otherwise undetermined.''
In addition to seeking comment on its proposed approach to the
collection and reporting of the number of principal owners generally,
the Bureau also sought comment on whether to instead, or additionally,
require collection and reporting of similar information about owners
(rather than principal owners). The Bureau raised, as an example,
whether financial institutions should be required to collect and report
the number of owners that an applicant has that are not natural
persons.
Comments Received
The Bureau received comments on this aspect of the proposal from a
number of lenders, trade associations, and community groups. Two
lenders and a community group supported the Bureau's proposal for
collecting and reporting the number of an applicant's principal owners.
The community group stated that the information would help determine
whether experiences in the small business lending marketplace are
different if an owner is a woman or minority, even if a small business
does not meet the criteria for a minority-owned or women-owned
business. Further, knowing the number of a business's principal owners
would help data users identify businesses with varying percentages of
ownership by women or minorities above or below the 50 percent
threshold for minority-owned or women-owned businesses. One lender
stated that the number of principal owners data point, along with
others proposed by the Bureau, would provide insight on the quality of
capital being accessed by small businesses, assist in showing how
financial institutions compare across different metrics, and help
determine if an institution is engaged in equitable lending. This
commenter also stated that in its experience, there are a number of
small business lending programs and funding opportunities that require
similar data. Thus, this commenter stated its expectation that the
reporting requirements in the Bureau's final rule would satisfy
requirements across a number of such programs and reduce administrative
burden. Specifically, the commenter noted that it had gathered similar
data on owners for Paycheck Protection Program loans it originated.
A number of lenders and trade associations opposed the Bureau's
proposal to collect information about the number of an applicant's
principal owners. Two such commenters stated that the information does
not serve the purposes of section 1071, unless it is to allow second
guessing of applicant-provided responses as to their minority-owned or
women-owned status or the Bureau intends to require the collection of
ethnicity, race, and sex data for all of an applicant's principal
owners. One bank stated that the proposed number of principal owners
data point would not offer any insight into lending patterns, as it is
not considered in the underwriting process. Another bank argued that
the data point is not necessary because there is no evidence that
lenders use an applicant's number of principal owners as a basis for
discrimination. One bank questioned the benefit of collecting such
information, stating that a business's ownership and principals may
change on a day-to-day basis. Another commenter stated that the
information collected may inadequately or erroneously describe an
applicant's ownership structure, particularly where the legal structure
of the applicant's ownership may make such determinations difficult.
Several commenters also stated that the data point is unnecessary,
because similar information is already collected in other contexts
(such as under FinCEN's customer due diligence rule) and regulators
already examine banks for fair lending compliance.
Several commenters cited costs and burden as the basis for their
objections. Two banks stated that it would be expensive to collect the
information, with one also noting that the costs would be passed down
to customers and communities. Another bank stated that because it does
not collect information about the number of an applicant's principal
owners currently, the proposed requirement would entail changes to its
operating procedures and suggested that the Bureau could obtain this
information from the Internal Revenue Service instead. With regard to
indirect vehicle financing transactions, a trade association stated
that information about the number of principal owners is not part of
the data transmitted between dealers and finance companies and is not
used for business purposes, thus technical and process changes would be
needed to collect and report the data.
A few industry commenters objected to the collection and reporting
of the number of an applicant's principal owners on the basis of
privacy, stating that the data point could be used to identify
applicants. One said that this concern was particularly relevant for
small communities with limited numbers of small businesses. Two others
urged the Bureau to not publish the data point publicly to protect
applicants' privacy.
An agricultural lender said it was unclear how financial
institutions should report the number of principal owners for family
farmers. This lender emphasized that the ownership of many family farm
businesses is complex and may involve multiple business entities for
risk management purposes, with separate entities for different farm
operations. The commenter provided as an example a situation where a
person owns only one farm parcel but works several farm parcels that
are owned by a parent through multiple business entities and trusts.
Some industry commenters objected to this proposed data point as
part of their general objection to the Bureau's data points proposed
pursuant to ECOA section 704B(e)(2)(H). These commenters generally
argued that such data points, including the number of an applicant's
principal owners, do not add value or advance the purposes of achieving
fair lending or of ECOA; are not used or collected for underwriting or
financial analysis; go beyond what other laws require financial
institutions to collect; add unnecessary complexity and detail to the
rule; and would add to the burden and costs for implementing the rule,
especially for small covered financial institutions.
Two industry commenters objected to the data point on the grounds
that in the absence of other information about an applicant's
ownership, such as the number of owners or percentages of ownership,
the information could lead to incorrect assumptions about the ownership
structure of a small business applicant. For example, the commenters
noted that if demographic data are reported for one individual, it
could lead to a conclusion that the applicant has only one principal
owner, when the applicant has several owners, but only
[[Page 35375]]
one with more than a 25 percent ownership share.
Two commenters urged the Bureau to provide a regulatory safe harbor
for reporting information about an applicant's number of principal
owners, as part of a global safe harbor for all applicant provided
data, or a safe harbor similar to that in proposed Sec. 1002.112(c).
Several community groups suggested additional data points related
to ownership. One such commenter suggested that the Bureau require
financial institutions collect and report the percentage amount of a
principal owner's ownership. This information, argued the commenter,
would enable the Bureau to refine its data and reveal specific
disparities in lending by ownership composition. Another commenter
suggested that the Bureau require financial institutions to ask
applicants for the number of individuals who own less than 25 percent
of the applicant, to provide more insight on the distribution of small
businesses and their experiences. One other commenter instead suggested
that the Bureau add additional data points to measure the percentage of
ownership by women and by people of color, to further enable
evaluations of access to credit based on the proportion of ownership
and control by such individuals.
A joint letter from community and business advocacy groups
requested that the Bureau clarify proposed comment 107(a)(21)-3, which
stated that if a financial institution is unable to collect or
``otherwise determine'' an applicant's number of principal owners, the
financial institution should report it as unknown. The community groups
asked the Bureau to clarify the meaning of the phrase ``otherwise
determine,'' and specifically whether financial institutions may limit
its investigation to documents obtained from the applicant in the
normal course of an application, or if they have an obligation to
conduct a due diligence investigation of corporate records.
Final Rule
For the reasons set forth herein, the Bureau is finalizing the
requirement for financial institutions to collect and report the number
of an applicant's principal owners, renumbered as Sec.
1002.107(a)(20), and its associated commentary. In consideration of the
comments received, the Bureau is doing so pursuant to its authority
under ECOA section 704B(g)(1) to prescribe such rules and issue such
guidance as may be necessary to carry out, enforce, and compile data
under section 1071 and under ECOA section 704B(e)(2)(H), which
authorizes the Bureau to require financial institutions to compile and
maintain ``any additional data that the Bureau determines would aid in
fulfilling the purposes of [section 1071].''
The Bureau believes that the information will provide important
context for other information collected and reported under the rule and
thus serve the purposes of section 1071. The Bureau acknowledges that,
as argued by commenters, the number of an applicant's principal owners
may not be information considered by financial institutions in the
underwriting process or, by itself, serve as the basis of
discrimination. However, as noted by other commenters, information
about the number of small businesses' principal owners will help data
users, including the Bureau, understand how small business applicants'
experiences in the lending marketplace differ on the basis of the
demographic composition of their ownership and identify business and
community development needs and opportunities. Thus, even if an
applicant is not a women-owned, minority-owned, or LGBTQI+-owned
business under Sec. 1002.107(a)(18), through the number of principal
owners data point, data users will still have some insight into what
proportion of the small business's ownership has the demographic
characteristics provided by the applicant.
The Bureau acknowledges some commenters' concerns that the number
of principal owners data point would not provide a comprehensive
picture of an applicant's ownership structure. Final Sec. 1002.102(o)
defines a principal owner as an individual who directly owns 25 percent
or more of the equity interests of a business. As a result, the
requirement to collect information about the number of an applicant's
principal owners will not account for individuals with either indirect
ownership or less than 25 percent ownership in the business. However,
the Bureau believes that this supports, rather than counsels against,
inclusion of this data point in the final rule.
The Bureau also is not adding other data points related to
ownership to the final rule. The Bureau considered the general
likelihood that an individual responding for the applicant would know
the information being requested in formulating its proposal. The Bureau
believes that applicants are likely to know the number of its principal
owners and will be willing to provide that information. Overall, the
Bureau believes that the number of principal owners data point,
particularly in combination with information about an applicant's
business statuses under Sec. 1002.107(a)(18), strikes a balance so
that the Bureau is likely to receive useful data that will allow it and
others to develop a nuanced understanding of small business lending
practices generally, even if it does not present a complete picture of
each applicant's ownership structure.
The Bureau does not believe that the fact that some applicants have
complicated ownership structures necessitates removal of this data
point from the final rule. Although some small business applicants,
such as family farmers, may have ownership structures where there are
many owners and/or where ownership is through various business
entities, the rule's definition for principal owner means that
applicants would be required to identify only individuals, and not
entities or trusts, with direct ownership in the business and would not
need to trace ownership through multiple business entities or provide
information about individuals with small equity shares in the business.
Under comment 107(a)(20)-1, this definition would be provided to an
applicant in conjunction with the request for the number of its
principal owners. The Bureau believes that the straightforward
definition in Sec. 1002.102(o) will assist applicants in providing
this information.
Further, the Bureau believes the information about the number of an
applicant's principal owners will be useful and facilitate the purposes
of section 1071, even if a specific applicant's ownership changes over
time. Under the Bureau's proposal, as with the final rule, applicants
are asked for information in relation to individual, covered
applications to allow data users, in the aggregate, to ascertain
lending patterns at the institution or community levels. The data meets
the final rule's purposes if it is accurate at the time the data are
collected. Identifying changes in ownership over time will also further
the business and community development and fair lending purposes of
section 1071.
Some commenters suggested that the number of principal owners data
point should not be required under the final rule because similar
information is collected in other contexts. However, the definition of
principal owner under Sec. 1002.102(o) has been specifically tailored
by the Bureau to meet the purposes of section 1071. Information about
differently defined owners under different regulatory regimes, reported
to other regulatory authorities, does not facilitate section 1071's
purposes of fair lending enforcement and identification of business and
community
[[Page 35376]]
development needs and opportunities, nor could such data be matched to
a particular covered application reported under section 1071.
With respect to commenters' arguments that the additional burden
and costs that would result from the number of principal owners data
point warrant its removal from the final rule, the Bureau notes first
that commenters did not identify any specific costs or burdens with
reporting the number of principal owners data point in particular, as
much as concern about the costs and burden of reporting data points
adopted pursuant to the Bureau's statutory authority in ECOA section
704B(e)(2)(H) generally. The Bureau acknowledges that financial
institutions will experience some initial expenses and burden in
implementing new regulatory data collection requirements. However, the
Bureau understands that financial institutions already collect and
maintain information about the ownership of certain businesses under
FinCEN's customer due diligence rule. The Bureau does not believe that
there will be significant costs and burden associated with collecting
and reporting information about applicants' principal owners
specifically, as opposed to generally as part of a new data collection
regime. The Bureau considers the data points it is adopting pursuant to
section 704B(e)(2)(H)--including the number of an applicant's principal
owners and the corresponding costs and burden to implement their
collection--necessary to facilitate the purposes of section 1071.
The Bureau does not believe that a specific safe harbor is
necessary for reporting the number of an applicant's principal owners,
as urged by commenters. As provided in final comment 107(a)(20)-2
(proposed as comment 107(a)(21)-2), a financial institution is entitled
to rely on the statements provided by the applicant in collecting and
reporting the information provided by the applicant. As a result, any
such good faith reporting by a financial institution of the number of
an applicant's principal owners that the financial institution has no
reason to believe is inaccurate will not be a violation of the
regulation's requirements.
In response to commenters' concerns that information about an
applicant's number of principal owners may be used to identify
applicants, the Bureau will review the data received to complete the
full privacy analysis to determine the privacy risks associated with
the publication of the application-level data as discussed in part
VIII, below. The Bureau takes the privacy of such information seriously
and will be making appropriate modifications and deletions to any data
before making it public.
With respect to commenters' request that the Bureau clarify
financial institutions' obligation to determine the number of an
applicant's principal owners, the Bureau believes that the proposed
commentary is sufficiently clear and does not need to be revised. The
Bureau's intent in proposed comment 107(a)(21)-3 that a financial
institution report that the number of principal owners is ``not
provided by the applicant and is otherwise undetermined'' was to refer
to the possibility that a financial institution may not know the number
of the applicant's principal owners if, despite maintaining reasonably
designed procedures to obtain the information, the applicant does not
provide the information and the financial institution does not
otherwise verify such information. The Bureau has also revised comment
107(b)-1 to clarify what information may be used to verify information.
Given these other statements in the commentary, the Bureau does not
believe that further clarification of financial institutions'
obligation to determine the number of an applicant's principal owners
is necessary.
As explained in the section-by-section analysis of Sec.
1002.102(o), the Bureau has changed the definition of principal owner
to use the term ``individual'' instead of ``natural person'' for
comprehensibility reasons. Accordingly, the commentary for final Sec.
1002.107(a)(20) has likewise been updated to refer to individuals and
not natural persons.
To streamline the commentary, the Bureau has revised comment
107(a)(20)-1 (proposed as 107(a)(21)-1) to remove the first sentence as
to requesting the number of an applicant's principal owners from the
applicant or determining such information from other information, as
duplicative of content in comment 107(b)-1, which applies to the number
of principal owners data point. For similar reasons, it has removed the
last sentences of comments 107(a)(20)-1 and -2, regarding the use of
previously collected data and about verification, as straightforward
applications of final Sec. 1002.107(d) and (b), respectively, that
would not provide any new content. Otherwise, the Bureau is
substantially finalizing the commentary for Sec. 1002.107(a)(20) with
changes to reflect updated numbering for the data point and also
updating and adding cross-references to other parts of the final rule.
107(b) Reliance on and Verification of Applicant-Provided Data
Proposed Rule
ECOA section 704B(e)(1) provides that ``[e]ach financial
institution shall compile and maintain, in accordance with regulations
of the Bureau, a record of the information provided by any loan
applicant pursuant to a request under [section 704B(b)].'' \766\
Section 1071 does not impose any requirement for a financial
institution to verify the information provided by an applicant.
---------------------------------------------------------------------------
\766\ ECOA section 704B(e)(1).
---------------------------------------------------------------------------
During the SBREFA process, a number of small entity representatives
urged the Bureau to require collection and reporting of a number of
data points based only on information as provided by the
applicant.\767\ No small entity representatives stated that they
thought verification should be generally required. The industry
stakeholders who commented on this issue asked that the Bureau not
require verification of applicant-provided information. The Bureau did
not receive any comments on this issue from community group
stakeholders during the SBREFA process.
---------------------------------------------------------------------------
\767\ SBREFA Panel Report at 26.
---------------------------------------------------------------------------
The Bureau proposed in Sec. 1002.107(b) that unless otherwise
provided in subpart B, the financial institution would be able to rely
on statements of the applicant when compiling data unless it verified
the information provided, in which case it would be required to collect
and report the verified information. The Bureau believed that requiring
verification of collected data would greatly increase the operational
burden of the rule. Proposed comment 107(b)-1 would have explained that
a financial institution could rely on statements made by an applicant
(whether made in writing or orally) or information provided by an
applicant when compiling and reporting applicant-provided data; the
financial institution would not be required to verify those statements.
Proposed comment 107(b)-1 would have further explained, however, that
if the financial institution did verify applicant statements for its
own business purposes, such as statements relating to gross annual
revenue or time in business, the financial institution would report the
verified information. The comment would have gone on to explain that,
depending on the circumstances and the financial institution's
procedures, certain applicant-provided data could be
[[Page 35377]]
collected without a specific request from the applicant. For example,
gross annual revenue could have been collected from tax return
documents. In addition, the proposed comment would have made clear that
applicant-provided data are the data that are or could be provided by
the applicant, including those in proposed Sec. 1002.107(a)(5) through
(7), and (13) through (21).
The Bureau sought comment on its proposed approach to verification
of the 1071 data points, including the specific guidance that would
have been presented in comment 107(b)-1. The Bureau also sought comment
on whether financial institutions should be required to indicate
whether particular data points being reported have been verified or
not.
Comments Received
The Bureau received comments on this aspect of the proposal from
numerous lenders, trade associations, community groups, and a business
advocacy group. Several lenders and trade associations supported the
proposed provision, agreeing with the Bureau that requiring
verification of collected data would greatly increase the operational
burden of the rule. These commenters did not object to reporting
verified information when a financial institution verifies applicant
statements for its own business purposes. Several of these commenters
did, however, object to the possible inclusion of a provision requiring
financial institutions to flag whether or not they had verified
reported data, a question that the NPRM had sought comment on. Although
these commenters did not discuss reasons for objecting to the
verification flag, the context suggests that they were concerned about
the operational difficulty of carrying out such a provision.
Several banks and trade associations supported the ability to rely
on unverified applicant-provided data, but objected to the requirement
to report verified information when the financial institution verifies
applicant statements for its own business purposes. Some of these
commenters pointed out that verification may happen after the initial
application, different lenders have different methods of verification,
and updating the information for reporting would be operationally
difficult. One of these commenters stated that the verification may be
carried out by different staff using different platforms, and section
1071 does not mention verification. Other commenters suggested that the
term ``verification'' was not sufficiently clear, and sometimes a
financial institution would collect documents such as tax forms that
contain information that conflicts with applicant statements, for
example a different NAICS number, even though the financial institution
is not ``verifying'' that data point. Other commenters expressed
concern about how reporting information verified later would affect use
of the ``firewall.'' A group of trade associations stated that
collecting the verified information would provide little benefit and
the already difficult implementation of the rule would be made even
more onerous by this provision. In addition, one commenter stated that
the verification provision was similar to HMDA, which they considered
to be very onerous.
A community group and a women's business advocacy group suggested
that the final rule should require additional verification. The
community group stated that verification of a few key data points that
are generally verified by lenders now, such as gross annual revenue, or
that can be easily checked, such as the NAICS code, should be required.
A business association urged the Bureau to look into ways to verify
that the correct information is offered and reports are accurate.
Final Rule
For the reasons set forth herein, the Bureau is finalizing Sec.
1002.107(b) with additional language making clear that a financial
institution may rely on information from appropriate third-party
sources as well as the applicant, and other edits for clarity. Final
Sec. 1002.107(b) provides that unless otherwise provided in subpart B,
the financial institution may rely on information from the applicant,
or appropriate third-party sources, when compiling data. Section
1002.107(b) further states that if the financial institution verifies
applicant-provided data, however, it shall report the verified
information.
The Bureau is also finalizing associated comment 107(b)-1 with
phrasing edits similar to those in the regulation text, and revised and
additional cross-references to facilitate compliance. Final comment
107(b)-1 explains that a financial institution may rely on statements
made by an applicant (whether made in writing or orally) or information
provided by an applicant when compiling and reporting applicant-
provided data; the financial institution is not required to verify
those statements or that information. Comment 107(b)-1 further
explains, however, that if the financial institution does verify
applicant statements or information for its own business purposes, such
as statements relating to gross annual revenue or time in business, the
financial institution reports the verified information. The comment
also makes clear that when collecting certain applicant-provided data,
depending on the circumstances and the financial institution's
procedures, a financial institution may collect and rely on information
from appropriate third-party sources without requesting it from the
applicant. The comment then provides further guidance on collection and
verification of applicant-provided data, including a list of applicant-
provided data points. In order to facilitate compliance, final comment
107(b)-1 also adds references to two comments that explain restrictions
regarding verification of certain data points.
The Bureau believes that requiring verification of applicant-
provided data points would greatly increase the operational burden of
the rule, and that relying on applicant-provided data, whether directly
from the applicant or through appropriate third-party sources, will
ensure sufficient accuracy to carry out the purposes of section 1071.
As explained above, section 1071 does not speak to verification; rather
it refers only to compiling and maintaining a record of certain
information provided by an applicant. However, the Bureau believes that
requiring financial institutions to collect and report (for this final
rule) information that they have already verified will only add slight
operational difficulty, and will enhance the accuracy and usefulness of
the data, thereby furthering the purposes of section 1071. The Bureau
is implementing this requirement pursuant to its authority under ECOA
section 704B(g)(1) to prescribe rules in order to carry out, enforce,
and compile data pursuant to section 1071, and as an interpretation of
the statutory phrase ``compile and maintain'' in ECOA section
704B(e)(1). In the Bureau's view, the fact that the statute does not
use the specific word ``verification'' is not relevant to this issue
because the verification that the financial institution chooses to
carry out is a standard part of compiling and maintaining the
information provided by the applicant. The Bureau also believes that
this requirement will improve the quality and usefulness of the
resulting dataset, thereby furthering the purposes of section 1071.
In regard to the possibility of the final rule requiring financial
institutions to report whether or not certain data points have been
verified, the Bureau notes that no commenters expressed support for
this idea, while several opposed it.
[[Page 35378]]
The Bureau believes that such a requirement would impose considerable
operational difficulty, and it is not clear that any uses of this
information would justify the increased burden. Consequently, the final
rule does not include this provision.
As discussed above, several commenters suggested that verification
might occur at different times on different platforms and be carried
out by different personnel. Although credit processing is complex, the
Bureau anticipates that financial institutions will report data using
the applicant's whole credit file in order to provide accurate
information, as is done with HMDA. Although implementing the final rule
so that verified information can be reported will add operational
difficulty, such difficulty should be greatly reduced once the rule is
implemented and the gathering of data is standardized within the
financial institution. In addition, the fact that different financial
institutions have different processes should not cause a problem
because each financial institution can implement the rule to coordinate
with its own processes. As explained above, the Bureau believes that
requiring reporting of the verified information when the financial
institution verifies for its own purposes will benefit data users in
carrying out the purposes of section 1071 by enhancing the quality of
the data reported.
Several commenters were concerned about how the term
``verification'' would be interpreted in relation to unused information
in the credit file that might conflict with applicant-provided data.
The Bureau interprets the word ``verification'' to mean the intentional
act of determining the accuracy of information provided, in this case
for the purpose of processing and underwriting the credit applied for,
and potentially changing that information to reflect the determination.
Loan file information that may or may not be more accurate than
applicant-provided data and is not part of a financial institution's
verification of the file's applicant-provided data or used by the
institution in processing or underwriting the loan need not be
reported. For example, a financial institution that uses a tax form to
verify gross annual revenue, but does not consider or use the NAICS
information on the tax form, may continue to rely on the applicant-
provided NAICS information. However, if a financial institution
believes the tax form information to be more accurate and chooses to
report it instead of the applicant-provided data, it may do so.
The Bureau does not believe that requiring the reporting of data
that is later verified will interfere with the final rule's firewall
provision, which exists to protect against disclosure of protected
demographic information for which verification is not allowed. For
further discussion of the firewall provision see the section-by-section
analysis of Sec. 1002.108 below.
The Bureau does not believe it would be appropriate, as suggested
by some commenters, require financial institutions to verify applicant-
provided data when they do not already do so for their own business
purposes. As stated by several commenters and explained above,
requiring verification merely for the purpose of data collection would
impose significant operational difficulty and expense on reporters.
107(c) Time and Manner of Collection
Proposed Rule
Although the definition of ``application'' triggers a financial
institution's duty to collect 1071 data, the application definition
does not necessarily govern when that data must be collected. The
language and structure of section 1071--which applies to
``applications'' from ``applicants''--indicates that the data must be
collected sometime during the application process, but does not provide
further detail.\768\
---------------------------------------------------------------------------
\768\ See, e.g., ECOA section 704B(b) (``[I]n the case of any
application to a financial institution . . . .'') and 704B(c) (``Any
applicant . . . may refuse to provide any information requested . .
. .'') (emphases added)).
---------------------------------------------------------------------------
Proposed Sec. 1002.107(c)(1) would have required a covered
financial institution to maintain procedures to collect applicant-
provided data under proposed Sec. 1002.107(a) at a time and in a
manner that is reasonably designed to obtain a response. The Bureau
believed there would be benefits to providing a flexible approach
concerning when applicant-provided data must be collected during the
application process. Given the variety of application processes in the
small business lending space, the Bureau believed that requiring data
collection to occur within a narrow window could affect data quality
and disrupt financial institution practices. On the other hand, the
Bureau believed that safeguards would be necessary to ensure that
financial institutions are not evading or delaying their obligation to
collect data in a manner that detrimentally affects response rates.
Proposed comments 107(c)(1)-1 and -2 would have clarified the
meaning of financial institution ``procedures'' and would have
emphasized a financial institution's latitude to establish procedures
concerning the time and manner that it collects applicant-provided
data, provided that those procedures are reasonably designed to collect
the applicant-provided data in proposed Sec. 1002.107(a). Proposed
comment 107(c)(1)-3 would have clarified what constitutes ``applicant-
provided data'' in proposed Sec. 1002.107(c)(1).
Proposed comment 107(c)(1)-4 would have provided additional
guidance on financial institutions' procedures that are reasonably
designed to obtain a response. Proposed comment 107(c)(1)-4 would have
provided that a financial institution shall assess on a periodic basis
whether its procedures are reasonably designed. Proposed comment
107(c)(1)-4 would have explained that one way a financial institution
may be able to assess whether its procedures are reasonably designed
would be, once 1071 data are made publicly available, to compare its
response rate with similarly situated financial institutions (for
example, those that offer similar products, use a similar lending
model, or are of a similar size).
Proposed comments 107(c)(1)-5 and -6 would have provided examples
of procedures that generally are and are not reasonably designed to
obtain a response. Proposed comment 107(c)(1)-5 would have provided
that, although a fact-based determination, a procedure reasonably
designed to obtain a response is one in which a financial institution
requests applicant-provided data at the time of a covered application;
the earlier a financial institution seeks to collect applicant-provided
information, the more likely the timing of collection is reasonably
designed to obtain an applicant response. Conversely, proposed comment
107(c)(1)-6 would have provided that, as a general matter, a procedure
is not reasonably designed to obtain a response if a financial
institution requests applicant-provided data simultaneous with or after
notifying an applicant of action taken on the covered application.
Proposed comment 107(c)(1)-6 would have provided that depending on the
particular facts, however, these procedures may be reasonably designed
to obtain a response; for example, if the financial institution has
evidence or a reason to believe that under its procedures the response
rate would be similar to or better than other alternatives.
Proposed comment 107(c)(1)-7 would have explained that a financial
institution reports updated applicant-provided data if it obtains more
current
[[Page 35379]]
data during the application process. Proposed comment 107(c)(1)-8 would
have provided guidance in the event a financial institution changes its
determination regarding an applicant's status as a small business.
The Bureau sought comment on proposed Sec. 1002.107(c)(1) and
associated commentary.
Comments Received
The Bureau received comment on proposed Sec. 1002.107(c)(1) from a
number of lenders, trade associations, and community groups. Commenters
expressed a range of views.
General comments related to proposed Sec. 1002.107(c)(1). A number
of commenters, mainly from industry, supported the flexibility provided
in proposed Sec. 1002.107(c)(1), including provisions that would have
allowed financial institutions leeway to establish data collection
procedures that best fit within their processes and business models. A
CDFI lender emphasized that lenders have varying intake processes.
Similarly, a trade association noted that while it anticipates most
CDFIs will collect 1071 data as early in the application process as
possible, including at the time an application is triggered, lenders
should have flexibility to respond to market concerns. Trade
associations representing automobile dealers urged the need for
flexibility, for example, to accommodate the different methods by which
data is collected (online and in-person) and the different parties
involved in a credit transaction. A CDFI lender argued that the
application and timeline often depends on the applicant themselves,
further supporting the need for flexibility. A number of commenters
argued for flexible collection, pointing out that small business
lending, unlike mortgage lending, does not involve highly regimented
application procedures. Trade associations representing automobile
dealers further argued that flexibility would facilitate compliance
without diminishing the information reported.
Commenters representing community banks similarly stressed the need
for flexibility. A trade association asked the Bureau to provide
community banks with flexibility in how and when to collect 1071 data
during the lending process and latitude to determine what are
reasonable collection practices. The commenter emphasized the iterative
nature of small business lending, noting that the application process
can span weeks or months to complete. The commenter urged the Bureau to
avoid designating a prescriptive point in time when sufficient data has
been gathered to trigger reporting. They further stated that community
banks are good at satisfying regulatory requirements, do not need to be
second-guessed in how or when they accomplish data collection, and that
the Bureau should not be concerned about community banks' ability to
maintain data quality and completeness. Even with the proposed
flexibility, a community bank generally opposed proposed Sec.
1002.107(c)(1), stating that the requirements are similar to HMDA,
which are very onerous and unduly burdensome on small and mid-size
institutions.
Comments related to the reasonably designed standard. As described
above, proposed comments 107(c)(1)-4 through -6 would have provided
additional guidance and examples of reasonably designed procedures. The
Bureau received numerous comments concerning proposed comments
107(c)(1)-4 through -6 from a range of stakeholders.
The Bureau received a number of comments on its general approach in
proposed comments 107(c)(1)-4 through -6 to provide examples of
procedures that are and are not reasonably designed to obtain a
response. A CDFI lender and a trade association representing CDFIs
supported the proposed commentary and the description of ``reasonably
designed'' procedures for collecting applicant-provided data. The trade
association noted that the examples were helpful to identify what
lenders should avoid and agreed that it is important to have safeguards
to ensure the data are collected in a manner reasonably designed to
obtain a response.
In contrast, other commenters argued that proposed Sec.
1002.107(c)(1) and associated commentary are ambiguous or incomplete
and urged the Bureau to provide further guidance. A trade association
representing online small business lenders expressed concern that
financial institutions would have increased compliance costs to avoid
unintentional non-compliance. For example, financial institutions may
believe they are required to compare response rates at different parts
of the loan application cycle, compare results similar to an A/B
testing scheme, or otherwise consistently seek to ascertain the best
ways to obtain 1071 applicant-provided data. The commenter suggested
the Bureau provide additional guidance so that financial institutions
can ensure they meet the reasonableness standard. Another commenter
similarly requested that the Bureau provide more guidance on the
reasonableness standard, and in particular clarify that financial
institutions have flexibility to design self-assessment methods best
suited to their products, processes, and business models.
Among the proposed examples of reasonably designed procedures, the
Bureau received the most comments related to the timing of collection.
The comments spanned a range of positions, with some commenters
advocating for a more restricted time period for collection of
applicant-provided data while other commenters sought a more flexible
approach. For example, some community groups argued that financial
institutions should be required to collect applicant-provided data at
the time of a covered application. One of these commenters said that
requiring collection at the time of application would increase the
likelihood of successfully receiving the requested information, and
that the benefits of early collection outweigh the costs. Another
commenter similarly asserted that collection at the time of a covered
application would maximize responses and urged the Bureau to make it a
requirement, rather than merely a suggestion, as set forth in the
proposal. A credit union also said that if a customer does not provide
1071 data with an application, it will be challenging for a financial
institution to accurately collect and report the required data.
In contrast, a number of industry commenters took issue with
proposed comment 107(c)(1)-6, which would have provided that collection
of applicant-provided data simultaneous with or after notifying an
applicant of action taken is generally not reasonably designed to
obtain a response. Many of these commenters argued that financial
institutions should have flexibility to collect applicant-provided data
after decisioning an application. A few commenters went further,
arguing that collection should be permitted or required to occur after
finalizing credit documents, after a credit decision is made, or during
closing. One commenter stated that although the proposed rule asserts
to provide flexibility for financial institutions, proposed comments
107(c)(1)-5.i and -6.i (identifying procedures concerning the timing of
collection of applicant-provided data that generally would and would
not be reasonably designed to obtain a response) claw back that
flexibility by expressing a clear preference that would discourage
financial institutions from collecting 1071 data at any time except
early in the application process. The commenter suggested the Bureau
instead clarify that a financial institution has flexibility to
[[Page 35380]]
sequence collection at a time it determines is reasonable for its
business and products, subject to the self-assessment process
articulated in proposed 107(c)(1)-4.
Commenters advanced several arguments for why financial
institutions should be permitted to collect applicant-provided data
after a credit decision is made on a covered application. First, a
couple of commenters stated that it would minimize friction during the
application process; they asserted that mandating 1071 data collection
while the application is pending would frustrate the application
process, create additional obstacles, and increase the likelihood of
abandoned applications. Several technology providers and a trade
association representing technology providers said that the application
process is already lengthy enough given existing legal and underwriting
requirements. The commenters further stated that the streamlined and
user-friendly application experience that technology companies have
sought to establish would be further frustrated if 1071 data is
required to be collected early in the application process. Some of the
commenters argued that sequencing of 1071 data collection involves a
tradeoff between getting small businesses to respond to 1071 data
requests and getting small businesses to apply for credit at all.
Another trade association similarly emphasized the need for
flexibility, particularly for fast-paced processes that render a
decision in minutes.
Several of the commenters argued that collection of applicant-
provided data early in the process could cause an applicant to believe
that such information would be considered as part of the credit
decision, therefore potentially discouraging an applicant from applying
for credit. A group of technology providers stated that collection of
demographic information before a credit decision is made may invite the
perception of bias in the application process, especially if an
applicant is later denied credit. The commenters cited a Federal
Reserve Banks survey, which they stated showed that minority-owned
businesses were more likely than white-owned businesses to report that
they did not apply for financing because they either believed they
would be turned down or found the application process too difficult or
confusing.\769\ The commenters argued that requiring collection of
applicant-provided data before a credit decision is made would
exacerbate identified concerns of discouragement and undermine the
purposes of section 1071. Similarly, a couple commenters expressed
concerns about discouragement if demographic information is collected
early in the application process. Two CDFI lenders stated that they had
received feedback from applicants that providing demographic data early
in the application process felt intrusive and raised concerns for the
applicant that their responses would negatively affect their
application. As a result, one said that it had moved collection of
demographic information from the loan application stage to the loan
closing stage.
---------------------------------------------------------------------------
\769\ Citing Fed. Rsrv. Bank of Atlanta et al., Small Business
Credit Survey: 2021 Report on Firms Owned by People of Color, at 25
(Apr. 15, 2021), https://www.fedsmallbusiness.org/survey/2021/2021-report-on-firms-owned-by-people-of-color.
---------------------------------------------------------------------------
A couple of commenters challenged the Bureau's assertion that
applicants will be less likely to respond to requests for the action
taken. One commenter noted that the proposed rule improperly places the
burden on the financial institution that wants to collect 1071 data
after action is taken on an application to show that response rates
would be similar to or better than alternative collection methods.
Another asserted that Paycheck Protection Program data demonstrate that
applicants are less likely to answer a question about their race on a
credit application. A trade association representing equipment and
leasing finance companies similarly asserted that post-decision
collection would improve response rates.
Commenters advanced several other arguments for why applicant-
provided collection should be permitted or required to occur after
decisioning an application. A trade association representing equipment
and leasing finance companies predicted that collecting applicant-
provided data with the credit application would lead applicants to
provide little information given the speed of the transaction, which is
often completed in minutes. The commenter also asserted that the person
initially completing the application is often not the business owner or
familiar with the owner, and so would lack the requisite knowledge to
provide certain 1071-required information. If, on the other hand, the
financial institution can follow-up electronically or through other
means with the business, the commenter asserted that the request could
be directed to the person in the best position to provide the
information. The commenter further stated that collecting 1071 data
during the application stage would be particularly problematic for
vendor finance transactions because the vendor collecting application
information has no regulatory requirement to do so, and so would
unlikely take the time to gather the required information. Another
commenter asserted that post-decision collection would also ensure that
underwriters would not have access to an applicant's responses related
to ethnicity, race, and sex. The commenter asserted that financial
institutions could ensure data is collected by making it part of the
closing procedures for approved loans and as part of remediation
efforts for non-approved loans.
In addition to seeking comment related to the timing of collection,
the Bureau sought comment on proposed Sec. 1002.107(c)(1) and
associated proposed commentary generally, including on the other
examples in proposed comments 107(c)(1)-5 and -6 of procedures that
generally would and would not be reasonably designed to obtain a
response. The Bureau further asked commenters whether it would be
useful to provide additional examples. In response, commenters raised a
number of issues related to the commentary on reasonably designed
procedures in proposed comments 107(c)(1)-4 through -6.
Several commenters weighed in on the provision in proposed comment
107(c)(1)-4 that financial institutions shall ``reassess on a periodic
basis'' whether its procedures are reasonably designed to obtain a
response. One commenter stated that it would be appropriate for
financial institutions to conduct periodic reassessments of their
collection procedures, but urged that procedures should not need to be
reexamined more frequently than once every three years. The commenter
suggested an additional safeguard would be to encourage consistent
collection across individual institutions and small business lending
sectors. Another commenter urged the Bureau to provide greater clarity
on how frequent ``periodic'' testing must occur so that financial
institutions can allocate resources accordingly, and encouraged the
Bureau to take into account different products and resources among
financial institutions. A business advocacy group urged the Bureau not
to treat an applicant's decision to not to provide 1071 data as
evidence that a lender lacks reasonably designed procedures.
A couple of commenters provided feedback on the use of response
rates. A community group and a minority
[[Page 35381]]
business advocacy group asked the Bureau to reconsider guidance in
proposed comment 107(c)(1)-4 that a financial institution may assess
the reasonableness of its procedures by, for example, comparing its
response rate with similarly situated financial institutions. The
commenters argued that peers may also not be making a reasonable effort
to collect the data, and that it would be better to have a concrete
metric, for example, based on other data collection efforts with good
response rates.
A handful of commenters asked the Bureau to take other actions
related to proposed Sec. 1002.107(c)(1), including to provide
additional clarifications and guidance. First, a trade association
asked the Bureau to clarify that lenders need only request 1071-
required data once. Next, a group of trade associations asked for
clarification on proposed comment 107(c)(1)-7, which would have
provided that a financial institution reports updated applicant-
provided data if it obtains more current data during the application
process. The commenter said that the requirement to ``update''
information is ambiguous, and inquired whether a financial institution
would be required to update information if an applicant supplies
updated data without a request from the financial institution. The
commenter also asserted that it was unclear how proposed comment
107(c)(1)-7 relates to proposed Sec. 1002.107(b) related to the
reporting of verified information where obtained. A network of
financial institutions specializing in agricultural lending stated that
certain lenders use the information included in scoring models to
determine whether the applicant business is a ``small business,'' and
so would not be able to identify applications involving a small
business for which demographic information must be collected, until
after a credit decision is made. The commenter argued that because ECOA
and the Fair Credit Reporting Act require a timely decision be made and
communicated, it would be a direct conflict of the regulations to delay
communicating a credit decision to a customer solely to acquire data
for demographic reporting purposes.
Several commenters asked the Bureau to provide additional guidance
on the manner in which applicant-provided data can be collected,
including disclosures and sample forms for collection. A CDFI lender
asked the Bureau to share best practices on disclosures or assurances a
lender can provide applicants when collecting demographic information
to allay concerns about how the data will be used. A community bank and
a community group urged the Bureau to provide a data collection form
for financial institutions to use when collecting 1071 data from
applicants. The community bank asserted that use of a data collection
form would increase borrower response rates, as demonstrated by
Paycheck Protection Program statistics. The commenter also argued that
absent a uniform CFPB-issued form, collection will be flawed and the
data useless. A community group stated that the Bureau may want to
create a sample application form with all required data elements in
order to facilitate data collection. Finally, a bank and a trade
association urged the Bureau to expressly permit covered financial
institutions to collect required data from applicants through a variety
of means, including on an application form, on supplemental documents
or forms, or on the proposed sample data collection form. The
commenters stated that certain applicant-provided data points, such as
number of workers, time in business, and NAICS code, are not on the
sample data collection form. The commenters stated that except for data
points required to be collected on the sample data collection form and
kept separate, financial institutions should be permitted to collect
the other data points through various means or forms.
Comments requesting special treatment for particular transactions
or financial institutions. Several commenters urged the Bureau exempt
particular types of transactions or lenders from coverage under the
rule, primarily due to concerns about the specific characteristics of
these application processes and the particular difficulty of collecting
demographic information in light of these characteristics.\770\ As
discussed in the NPRM, the proposed rule would not have made any
exceptions concerning the time and manner of collecting 1071 data for
point of sale transactions.\771\ In response to the Bureau's request
for comment on point of sale transactions, two trade association
commenters and a community group stated that such transactions should
be provided special treatment or exceptions. The two trade
associations, one representing industry and another representing
retailers, opposed rule coverage for private label applications,
focusing particularly on point of sale transactions. One stated that
credit applications are taken at the point of sale or at a customer
service desk using interview-style or interactive processes. The
commenters asserted that customers would feel uncomfortable answering
questions related to their race, sex, and ethnicity in such a public
place, without the necessary privacy accommodations. They also argued
that collecting applicant-provided data would significantly lengthen
the application process, frustrating retailers' focus on speed,
efficiency, and limiting time spent in the checkout line. The
commenters further asserted that requiring 1071 data collection at the
point of sale would impede the availability of commercial credit
applications in-store, both because businesses would not want to apply
for credit and because retailers would no longer offer in-store private
label credit. One also argued that point of sale transaction data would
be of reduced data quality: the data may be collected from persons who
are not the principal owners of a business and may therefor lack the
relevant knowledge, the environment is not conducive to collecting
detailed information, and the data would reflect the retailer's, rather
than a financial institution's, clientele. The commenter also said that
retail staff are unable to manage sensitive demographic information and
that retailers will not appreciate allegations of discrimination if an
application is left pending or denied. A few commenters suggested that
if the Bureau were to include private label or co-branded transactions
(which often occur as point of sale transactions) in the final rule, it
should exempt transactions under $50,000 to mitigate the impact of
inclusion and provide consistency with FinCEN's customer due diligence
rule. Similarly, a trade association stated that if point of sale
transactions are included, credit lines below $50,000 should be
excepted from the requirement to obtain demographic information.
---------------------------------------------------------------------------
\770\ See also the section-by-section analysis of Sec. 1002.104
(covered credit transactions) concerning additional comments related
to private-label credit and insurance premium finance transactions,
and the section-by-section analysis of Sec. 1002.105 (covered
financial institutions and exempt institutions) concerning indirect
lending.
\771\ 86 FR 56356, 56487-88 (Oct. 8, 2021).
---------------------------------------------------------------------------
In contrast, a community group urged the Bureau not to provide
special treatment for point of sale transactions, arguing that point of
sale transactions should follow a similar procedure as other covered
transactions. The commenter voiced agreement for the Bureau's
suggestion in the proposed rule that retail stores can use the sample
data collection form (printed or online) for point of sale
transactions.
Next, a trade association representing insurance premium finance
lenders and insurance agents and brokers similarly argued that the
Bureau's rule should not apply to insurance premium finance
[[Page 35382]]
lenders, asserting that such lenders cannot collect 1071 data until
after funding. Comments regarding insurance premium finance are
discussed in the section-by-section analysis of Sec. 1002.104(b)(3).
Finally, one trade association argued for the exemption of captive
vehicle finance lenders, based in part on concerns about the collection
of small business lending data. The commenter argued that because
indirect lenders do not interact with the applicant, they cannot gather
certain data required by section 1071, and therefore the motor vehicle
dealer would be the only party capable of requesting the applicant's
protected demographic information. However, the commenter asserted, the
dealer is outside the CFPB's authority and is currently prohibited by
ECOA from gathering this information. The commenter stated that the
proposal would put pressure on dealers to collect otherwise protected
information. The commenter further noted that the employee acquiring
the vehicle may not be familiar with the requested data, such as total
revenue or ownership structure. In addition, the commenter voiced
concerns about purportedly having to collect data at each stage of the
process, potentially by multiple covered financial institutions. The
commenter argued that requiring collection of 1071 data (such as
ethnicity, race, and sex information) at multiple points in the process
would be unnecessary, costly, and duplicative, and could expose
financial institutions to liability.
Final Rule--Overview of Final Sec. 1002.107(c)
For the reasons set forth below, the Bureau is finalizing Sec.
1002.107(c)(1) to require a covered financial institution to not
discourage an applicant from responding to requests for applicant-
provided data under final Sec. 1002.107(a) and to otherwise maintain
procedures to collect such data at a time and in a manner that are
reasonably designed to obtain a response. The Bureau is adopting new
Sec. 1002.107(c)(2) to identify certain minimum components when
collecting data directly from the applicant that must be included
within a financial institution's procedures to ensure they are
reasonably designed to obtain a response. The Bureau is also adopting
new Sec. 1002.107(c)(3) to provide the additional safeguard that a
covered financial institution must maintain procedures to identify and
respond to indicia that it may be discouraging applicants from
responding to requests for applicant-provided data, including low
response rates for applicant-provided data. Finally, new Sec.
1002.107(c)(4) provides that low response rates for applicant-provided
data may indicate that a financial institution is discouraging
applicants from responding to requests for applicant-provided data or
otherwise failing to maintain procedures to collect applicant-provided
data that are reasonably designed to obtain a response. The Bureau is
finalizing Sec. 1002.107(c) pursuant to its authority in ECOA section
704B(g)(1) to prescribe such rules and issue such guidance as may be
necessary to carry out, enforce, and compile data pursuant to section
1071. For the reasons discussed below, final Sec. 1002.107(c) is
necessary to collect 1071 data from applicants and prevent financial
institutions from discouraging or influencing an applicant's response.
Final Sec. 1002.107(c) seeks to provide a balance between
flexibility and ensuring data collection occurs without discouragement
and otherwise in a time and manner likely to generate a robust
response. On the one hand, the Bureau believes there are benefits to
preserving some flexibility concerning the time and manner in which
applicant-provided data are collected. As noted by a number of
commenters, there are benefits to providing a flexible approach given
the variety of application processes in the small business lending
space. The Bureau believes that financial institutions may need
latitude to adjust data collection practices to fit within their own
processes and business models; requiring data collection at a single
point in time, or only through a particular method, may affect data
quality and disrupt financial institutions' practices.
On the other hand, the Bureau believes that collection of
applicant-provided data is essential to fulfilling the purposes of
section 1071. The Bureau therefore believes that substantial safeguards
are necessary to ensure that financial institutions do not discourage
applicants from responding to requests for applicant-provided data or
otherwise evade or delay their obligation to collect 1071 data in a
manner that detrimentally affects response rates.
The Bureau is also implementing revisions to final Sec.
1002.107(c) to provide additional clarity to covered financial
institutions concerning the reasonably designed standard and minimum
requirements. These changes are responsive to feedback from commenters
that proposed 1002.107(c)(1) and associated commentary would have been
ambiguous and potentially inconsistent, and requesting further clarity
and guidance. The revisions to final Sec. 1002.107(c) and responses to
commenter feedback are discussed in depth below.
Final Rule--Sec. 1002.107(c)(1) in General
Final Sec. 1002.107(c)(1) requires a covered financial institution
to not discourage applicants from responding to requests for applicant-
provided data under Sec. 1002.107(a) and to otherwise maintain
procedures to collect such data at a time and in a manner that are
reasonably designed to obtain a response. As discussed above, the
Bureau believes this general standard provides flexibility to
accommodate various small business lending models while also imposing a
general duty to maintain procedures concerning the collection of
applicant-provided data that are reasonably designed to obtain a
response, including not discouraging applicant responses. In general,
reasonably designed procedures will seek to maximize collection of
applicant-provided data and minimize missing or erroneous data, and
procedures cannot be reasonably designed if they permit financial
institutions to engage in conduct that discourages applicants from
responding to requests for applicant-provided data. While the Bureau
believes that reasonably designed procedures to collect applicant-
provided data inherently must not discourage applicants from
responding, in response to comments seeking additional clarity on the
Bureau's understanding of reasonably designed procedures, the Bureau is
now clearly articulating the prohibition against discouragement.
Comments 107(c)(1)-1 and -3 are finalized with minor revisions for
clarity and consistency. Final comment 107(c)(1)-2 is revised to affirm
a financial institution's flexibility to establish procedures
concerning the time and manner that it collects applicant-provided
data, provided that its procedures otherwise meet the requirements of
final Sec. 1002.107(c).
New comment 107(c)(1)-4 (part of which was proposed as part of
comment 107(c)(1)-3) clarifies that applicant-provided data can be
obtained without a direct request to the applicant and can be based on
other information provided by the applicant or through appropriate
third-party sources.
The Bureau is revising comment 107(c)(1)-5 (proposed as comment
107(c)(1)-7) to clarify that a financial institution reports updated
data if it obtains more current data from the applicant during the
application process. In response to a commenter's
[[Page 35383]]
request for additional guidance on whether a financial institution must
update data if the applicant provides the information without a request
from the financial institution, the Bureau notes that final comment
107(c)(1)-5 requires a financial institution to report data updated by
the applicant regardless of whether the financial institution solicits
the information. The commenter also asked how proposed comment
107(c)(1)-7 differs from proposed Sec. 1002.107(b), which would have
permitted a financial institution to rely on statements of the
applicant when compiling data, unless verified information was
available. Both final comment 107(c)(1)-5 and final Sec. 1002.107(b)
require reporting of updated information where available; the former is
focused on data provided by the applicant, while the latter is focused
on data verified by the financial institution. Thus, no matter the
source, a financial institution should report updated data where
available. To the extent a financial institution receives updates from
the applicant on data the financial institution has already verified,
final comment 107(c)(1)-5 is revised to clarify that a financial
institution reports the information it believes to be more accurate, in
its discretion.
Final Rule--Sec. 1002.107(c)(2) Applicant-Provided Data Collected
Directly From the Applicant
The Bureau is adopting new Sec. 1002.107(c)(2), which provides
that for data collected directly from the applicant, procedures that
are reasonably designed to obtain a response must include four specific
components, which are further described below. The Bureau is adopting
new Sec. 1002.107(c)(2) to provide financial institutions additional
clarity on minimum criteria the Bureau believes are necessary for a
financial institution's procedures to be ``reasonably designed'' to
obtain a response. Although proposed comments 107(c)(1)-4 through -6
would have provided examples of procedures that generally were and were
not reasonably designed, as discussed above, the Bureau received
feedback that proposed Sec. 1002.107(c)(1) and associated comments
would have been ambiguous, been incomplete, or increased compliance
burdens on financial institutions seeking to avoid unintentional non-
compliance. The Bureau also believes that greater clarity will increase
compliance and help ensure financial institutions put such safeguards
into place.
New comment 107(c)(2)-1 provides general guidance on what are
reasonably designed procedures and the minimum criteria required under
final Sec. 1002.107(c)(2). Comment 107(c)(2)-1 clarifies that whether
a financial institution's procedures are reasonably designed is a fact-
based determination that may depend on a number of factors, and that
procedures that are reasonably designed to obtain a response may
therefore require additional provisions beyond the minimum criteria set
forth in Sec. 1002.107(c)(2). In general, reasonably designed
procedures will seek to maximize collection of applicant-provided data
and minimize missing or erroneous data.
The specific components that must be included within a financial
institution's procedures pursuant to final Sec. 1002.107(c)(2) are
each discussed in turn below.
Provisions primarily related to the timing of collection. The
Bureau is adopting new Sec. 1002.107(c)(2)(i), which requires covered
financial institutions to maintain procedures that provide for the
initial request for applicant-provided data to occur prior to notifying
an applicant of final action taken on a covered application. The Bureau
believes this requirement strikes the right balance between providing
financial institutions some flexibility to time the initial collection
of applicant-provided data at a point that works for their business
models, while also putting in place a guardrail to ensure that
applicant-provided data is not collected so late in the process that it
jeopardizes the likelihood of receiving a response from an applicant.
Unlike proposed Sec. 1002.107(c)(1), which did not set forth any
concrete timing deadlines for the collection of applicant-provided
data, final Sec. 1002.107(c)(2)(i) requires financial institutions to
initially seek to collect applicant-provided data, at the latest,
before notifying the applicant of final action taken on a covered
application. The Bureau is adopting this revision for several reasons,
described below.
Foremost among them, the Bureau believes that initial attempts to
collect applicant-provided data after notifying an applicant of action
taken on an application--particularly if the action taken is a denial--
are likely to result in higher rates of missing data. This view is
unchanged from the Bureau's initial position at the NPRM stage, which
similarly encouraged collection early in the process and before
notifying the applicant of action taken on the application.\772\ Not
only will late collections miss withdrawn or incomplete applications--
information about which is essential to the purposes of section 1071--
but it will also likely jeopardize the probability of responses from
declined applicants. Unlike originated applications, which have
continuous touch points between an applicant and a lender, the Bureau
believes it is highly unlikely that an applicant will continue to
engage in any information gathering process after being denied a
request for credit. Significantly, no commenter provided a viable
solution for ensuring collection of 1071 data after an application is
denied.
---------------------------------------------------------------------------
\772\ As discussed above, proposed comment 107(c)(1)-5 would
have provided that although a fact-based determination, a procedure
reasonably designed to obtain a response is one in which a financial
institution requests applicant-provided data at the time of a
covered application. Conversely, proposed comment 107(c)(1)-6 would
have provided that a procedure is generally not reasonably designed
to obtain a response if a financial institution requests applicant-
provided data simultaneous with or after notifying an applicant of
action taken on the covered application.
---------------------------------------------------------------------------
Next, final Sec. 1002.107(c)(2)(i) provides a bright line point in
the application process before which financial institutions must
initially seek to collect applicant-provided data, therefore responding
to certain commenter feedback that the proposed standard would be
ambiguous. As noted by one commenter, although the proposal asserted to
provide flexibility for financial institutions to collect applicant-
provided data at any point during the application process, so long as
the procedures are reasonably designed, the proposed commentary clawed
back that flexibility by expressing a clear preference for collection
before notifying an applicant of the outcome of its application. The
Bureau agrees this fluid framing may cause confusion, and believes
providing a defined time frame early enough in the process when
applicant-provided data must be collected will assist financial
institutions with compliance.
Finally, other changes in the final rule counsel in favor of
adopting a more concrete timing standard for the collection of
applicant-provided data. Unlike the proposal, which would have included
a requirement in certain circumstances for financial institutions to
collect information about an applicant's ethnicity and race based on
visual observation and/or surname analysis if the applicant did not
itself provide such information, as discussed in the section-by-section
analysis of Sec. 1002.107(a)(19) above, the final rule does not
include such a requirement. As
[[Page 35384]]
a result, financial institutions might be less motivated to obtain
demographic information early enough in the process, when the applicant
is still actively engaged and more likely to respond to data requests.
As described above, some commenters urged the Bureau to tighten the
timing requirement to require collection in a narrow timeframe, while
others asked the Bureau to expand the timing requirement to widely
permit collection even after notifying an applicant of action taken on
a covered application. The Bureau is not adopting either approach.
Although the Bureau agrees with commenters who argued that collection
at the time of a covered application will likely increase applicant
responses rates in most instances, given the fluid and heterogenous
nature of small business lending, the Bureau believes designating a
narrow time-frame may be overly restrictive.
On the other hand, the Bureau is also not permitting financial
institutions to attempt the initial collection of applicant-provided
data after notifying an applicant of action taken on an application.
Industry commenters' principal argument was that collection of
sensitive applicant-provided data before decisioning an application
could lead to discouragement: applicants may be concerned that the
information will be used against them in the credit decision and thus
will either not provide the information or not proceed with the credit
transaction altogether. Industry commenters also raised the concern
that financial institutions could be accused of bias if an applicant is
ultimately denied credit after providing protected demographic
information.
The Bureau does not believe that early collection will discourage
applicants from disclosing certain demographic information and does not
believe this concern expressed by commenters outweighs the benefits of
early data collection. Initially, concerns of discouragement may be
mitigated by the mandatory disclosure language set forth in final
comments 107(a)(18)-3 and 107(a)(19)-3, and included on the sample data
collection form in appendix E, which explains to applicants the reason
the information is being collected and that the information cannot be
used to discriminate against the applicant. If, however, an applicant
remains concerned about providing applicant demographic information,
the applicant can always choose to not provide any requested
information (e.g., by selecting ``I do not wish to provide this
information'' or similar for any of the demographic information
inquiries). As set forth in final comments 107(a)(18)-1 and 107(a)(19)-
1, a financial institution must permit an applicant to refuse or
decline to answer inquiries regarding the applicant's protected
demographic information and must inform the applicant that the
applicant is not required to provide the information. These protections
ensure that any applicant who does not feel comfortable providing a
response to the demographic inquiries, is not required to do so.
Similarly, the Bureau does not believe that requiring an initial
collection attempt before notifying an applicant of action taken will
result in fewer applicants voluntarily providing certain demographic
information. The Bureau notes that financial institutions regularly
collect, at the time of application, demographic information required
by Regulation C without issue. Although certain commenters cited to the
Paycheck Protection Program as evidence that the collection of
demographic information at the time of application results in low
response rates, the demographic response rates for Regulation C are
significantly higher than for the Paycheck Protection Program, with
only 14.3 and 14.7 percent of HMDA respondents not providing a response
for race and ethnicity, respectively.\773\ Thus, the lower response
rate for Paycheck Protection Program applicants is likely due to
independent factors. Moreover, to the extent that a financial
institution believes that applicants may be reluctant to provide
demographic data before an application is decisioned, new Sec.
1002.107(c)(2)(i) only requires a financial institution to make an
initial collection attempt before notifying an applicant of action
taken; nothing prevents a financial institution from making another
attempt to collect data required by this rule after the application is
decisioned.
---------------------------------------------------------------------------
\773\ See 86 FR 56356, 56483 (Oct. 8, 2021) (noting that
demographic response rates in the SBA's Paycheck Protection Program
data are ``much lower when compared to ethnicity, race, and sex
response rates in HMDA data. For instance, roughly 71 percent of
respondents in the [Paycheck Protection Program] data did not
provide a response for race, compared to only 14.7 percent in the
HMDA data. Roughly 66 percent of respondents in the [Paycheck
Protection Program] data did not provide a response for ethnicity,
compared to only 14.3 percent in the HMDA data.'') (citing Small
Bus. Admin., Paycheck Protection Program Weekly Reports 2021,
Version 11, at 9 (effective Apr. 5, 2021), https://www.sba.gov/sites/default/files/2021-04/PPP_Report_Public_210404-508.pdf.
---------------------------------------------------------------------------
Ultimately, any applicant reluctance to provide demographic (or
other applicant-provided data) pre-decision is not outweighed by the
commonsense conclusion that applicants will be unwilling and
unmotivated to provide information after being denied a request for
credit. After a denial, an applicant will have no independent reason to
continue discussions with the lender, much less respond to new requests
for information. In this respect, 1071 data collection is distinct from
current collection efforts by CDFIs that generally seek to collect
demographic information for originated loans, but not denied loans.
While CDFI commenters' practice of collecting demographic data at loan
closing may make sense for other regulatory regimes, it would not be
effective at capturing data on denied, incomplete, or withdrawn
applications.\774\ Although some commenters asserted that response
rates would be better if demographic information is collected post-
decision, significantly, none of the commenters were able to provide
persuasive evidence in support of their assertion, to rebut the belief
that applicants are unlikely to respond to information requests once
they are no longer involved in the application process, or to offer a
workable solution to ensure robust data collection post-decision. While
one commenter suggested that financial institutions could collect
applicant-provided data ``as part of remediation efforts for non-
approved loans,'' the commenter provided no specifics as to what this
would entail, or how or why it would be effective.
---------------------------------------------------------------------------
\774\ See, e.g., 12 CFR 1805.803 (identifying data collection
and reporting requirements for the CDFI program, which provides that
a financial institution recipient shall ``compile data on gender,
race, ethnicity, national original, or other information on
individuals that utilize its products and services . . . .'')
(emphasis added).
---------------------------------------------------------------------------
Next, commenters stated that permitting post-decision collection
would minimize friction in the application process. These commenters
argued that streamlining the application process is of paramount
importance to their business, and any additional delay could frustrate
the application process and lead to abandoned applications. The Bureau
agrees that new Sec. 1002.107(c)(2)(i) may require financial
institutions to take some minimal additional steps during the
information gathering stage of the application process, but believes
that these additional minimal steps are necessary to fulfill the
purposes of section 1071 and should not impact meaningfully the rate of
abandoned applications. Moreover, as discussed in the section-by-
section analysis of Sec. 1002.107(d), the Bureau has provided
flexibilities for financial institutions to reuse some applicant-
provided data under certain circumstances, which may alleviate the
[[Page 35385]]
need for repeated collections. In response to an industry commenter's
argument that applicants are unlikely to respond to 1071 data requests
given the speed of certain application processes, the Bureau notes that
the applicant is less likely to respond if the data is requested post-
decision when the applicant is no longer engaged in the process at all.
Given the relatively limited time it would take to collect 1071 data,
the Bureau also rejects commenters' assertion that requesting 1071 data
will negatively impact whether a small business applies for credit at
all. No commenter provided persuasive evidence that applicants will
avoid seeking credit because of data collection under this rule.
Commenters raised a handful of additional arguments. In response to
a commenter's argument that the person initially completing the
application may not be the business owner or have the requisite
knowledge, the Bureau notes that new comment 107(c)(2)-2.v permits a
financial institution to follow-up with additional attempts to collect
the information through different means or at another time. Moreover,
given that approximately 82 percent of small businesses are non-
employer firms,\775\ the Bureau believes in most instances the
individual completing the form will have the relevant information.
---------------------------------------------------------------------------
\775\ White Paper at 8; see also U.S. Small Bus. Admin., Off. of
Advocacy, 2022 Small Business Profile, at 2 (2022), https://cdn.advocacy.sba.gov/wp-content/uploads/2022/08/30121338/Small-Business-Economic-Profile-US.pdf (identifying 33,185,550 small
businesses, of which 27,104,006 have no employees).
---------------------------------------------------------------------------
Next, in response to a comment that post-decision collection would
ensure underwriters do not have access to protected demographic
information, the Bureau agrees, but does not believe that such
considerations trump the importance of ensuring data are collected in
the first place. Indeed, the fact that ECOA section 704B(d)(2)
contemplates that underwriters and other employees involved in making a
credit determination may have access to applicant-provided data
demonstrates that Congress envisioned that financial institutions may
collect 1071 data before decisioning an application. In any event,
concerns about access to demographic information are adequately
addressed by the firewall provision in final Sec. 1002.108, as well as
the general prohibition from discriminating on a prohibited basis in
any aspect of a credit transaction in existing ECOA and Regulation B.
Finally, one commenter indirectly took issue with the requirement
to collect applicant-provided data in advance of notifying an applicant
of action taken by noting that certain lenders would use decision
scoring models to also determine whether the applicant is a ``small
business,'' such that demographic information could only be collected
after a decision is made on the application. Initially, the Bureau
notes that nothing prevents a financial institution from inquiring
whether the applicant is a ``small business,'' and if so, seeking
applicant-provided data before decisioning the covered application.
Indeed, as discussed in final comment 107(c)(2)-2.i, the earlier in the
application process the financial institution initially seeks to
collect applicant-provided data, the more likely the timing of
collection is reasonably designed to obtain a response. The Bureau also
does not agree that delaying communicating a credit decision to an
applicant in order to acquire demographic or other applicant-provided
data would violate ECOA and the Fair Credit Reporting Act. The Bureau
does not believe there is a conflict between the laws; any delay would
be minimal, would not affect the timeframes under existing Regulation B
to provide required notices when decisioning a credit application,\776\
and could be avoided by collecting applicant-provided data in advance,
as discussed above.\777\
---------------------------------------------------------------------------
\776\ Existing Regulation B Sec. 1002.19(a)(1) requires a
creditor to notify an applicant of action taken within 30 days after
receiving a completed application.
\777\ See Epic Sys. Corp. v. Lewis, 138 S. Ct. 1612, 1624 (2018)
(``When confronted with two Acts of Congress allegedly touching on
the same topic, this Court is not at `liberty to pick and choose
among congressional enactments' and must instead strive `to give
effect to both.' '' (citation omitted)).
---------------------------------------------------------------------------
For the reasons discussed above, including that collection
occurring post-final action would undermine the purposes of section
1071, the Bureau is requiring financial institutions to maintain
procedures to collect applicant-provided data before notifying the
applicant of final action on the application.\778\ The Bureau is also
adopting new comment 107(c)(2)-2.i, which provides additional guidance
concerning when financial institutions must initially seek to collect
1071 applicant-provided data. New comment 107(c)(2)-2.i clarifies that
Sec. 1002.107(c)(2) requires that under no circumstances may the
initial request for applicant-provided data occur simultaneous with or
after notifying an applicant of final action taken on a covered
application.\779\
---------------------------------------------------------------------------
\778\ Although final Sec. 1002.107(c)(2)(i) requires collection
before notifying an applicant of final action on an application, the
Bureau anticipates that in the vast majority of cases financial
institutions will also collect applicant-provided data before
decisioning an application. The Bureau is requiring collection based
on when an applicant is notified of final action on the application,
however, given the concerns noted above (particularly related to the
applicant's willingness to stay engaged) and because a financial
institution may have an easier time controlling when an applicant is
notified, versus when an application is decisioned.
\779\ Nor may a financial institution seek to evade Sec.
1002.107(c)(2)(i) by initially seeking to collect applicant-provided
data after it has signaled to the applicant that its application has
been decisioned and the likely outcome, even if the financial
institution has not yet formally notified the applicant of action
taken on the covered application. Such conduct would not constitute
procedures reasonably designed to obtain a response, as required
pursuant to Sec. 1002.107(c)(1).
---------------------------------------------------------------------------
Although new Sec. 1002.107(c)(2)(i) requires a financial
institution to make an initial collection attempt prior to notifying an
applicant of action taken, new comment 107(c)(2)-2.v clarifies that a
financial institution has latitude to make additional requests for
applicant-provided data, including after notifying the applicant of
action taken. In response to a trade association's request that the
Bureau clarify how many times a financial institution must request 1071
data, new comment 107(c)(2)-2.v clarifies that a financial institution
is permitted, but not required, to make more than one attempt to obtain
applicant-provided data if the applicant does not respond to an initial
request. For example, a financial institution may decide to make
multiple requests if it is concerned that applicants may not be as
forthcoming early in the process, if it has multiple opportunities to
request 1071 data that work well within its business processes, or as
another method to encourage greater applicant response.
Provisions primarily related to the manner of collection. New Sec.
1002.107(c)(2)(ii) through (iv) sets forth provisions that financial
institutions must incorporate into their procedures for collecting
applicant-provided data directly from the applicant to ensure that such
procedures are reasonably designed to obtain a response and do not
discourage a response. New Sec. 1002.107(c)(2)(ii) requires financial
institutions to maintain procedures that provide the request for
applicant-provided data is prominently displayed or presented. New
comment 107(c)(2)-2.ii provides further guidance on the requirement,
clarifying that a financial institution must ensure an applicant
actually sees, hears, or is otherwise presented with the request for
applicant-provided data, and that if the request is obscured or likely
to be overlooked or missed by the applicant, it is not reasonably
designed. For example, a financial institution
[[Page 35386]]
seeking to collect 1071 data in connection with a digital application
likely does not have reasonably designed procedures if it uses a
bypassable hyperlink for 1071 data collection while other data are
requested through click-through screens.
New Sec. 1002.107(c)(2)(iii) requires that the financial
institution's procedures must not have the effect of discouraging
applicants from responding to a request for applicant-provided data.
New comment 107(c)(2)-2.iii clarifies that a covered financial
institution that collects applicant-provided data in a time or manner
that directly or indirectly discourages or obstructs an applicant from
responding or providing a particular response violates the rule. The
comment also provides further guidance on procedures that may avoid the
effect of discouraging a response. For example, comment 107(c)(2)-
2.iii.B explains a covered financial institution avoids discouraging a
response by requiring an applicant to provide a response in order to
proceed with a covered application, including, as applicable, a
response of ``I do not wish to provide this information'' or similar.
While optional, requiring an applicant to provide a response,
particularly for the collection of demographic applicant information,
may be one of the most effective methods a financial institution can
use to maximize collection of such data.
The Bureau notes that other aspects of this final rule are
similarly directed at ensuring applicants are not discouraged from
providing a response. For example, in response to a commenter's request
that the Bureau provide potential disclosure language and sample
collection forms financial institutions can use with applicants to
allay concerns about how data will be used, the Bureau notes that the
final rule provides for such required disclosure language and a sample
disclosure form. For instance, final comments 107(a)(18)-4 and
107(a)(19)-4, concerning collection of applicant demographic
information, require financial institutions to inform the applicant
both that a financial institution cannot discriminate on the basis of
the applicant's responses to data collected pursuant to Sec.
1002.107(a)(18) and (19) and that Federal law requires them to ask for
an applicant's demographic information to help ensure that all small
business applicants for credit are treated fairly and that communities'
small business credit needs are being fulfilled. The Bureau believes
such explanations, which are included in the sample data collection
form in appendix E, are important to inform applicants why the request
is being made and to assure them that financial institutions may not
use the information collected for a discriminatory purpose.\780\
---------------------------------------------------------------------------
\780\ In response to a community group's suggestion that the
Bureau create a sample form with all required data elements, the
Bureau notes that, except for collection of certain demographic
information, many financial institutions already collect some or all
of the data required by this final rule, or may opt do so in a
myriad of ways. See the section-by-section analysis of appendix E
for further discussion of why the Bureau is not adopting sample or
model forms for the collection of other types of data required by
this rule.
---------------------------------------------------------------------------
Finally, new Sec. 1002.107(c)(2)(iv) requires that the financial
institution's procedures include provisions that ensure applicants can
easily respond to a request for applicant-provided data. New comment
107(c)(2)-2.iv provides additional guidance and examples of procedures
that would and would not make it easy for an applicant to provide a
response. The comment further clarifies that a financial institution
complies with Sec. 1002.107(c)(2)(iv) if it requests the applicant to
respond to inquiries made pursuant to Sec. 1002.107(a)(18) and (19)
through a reasonable method intended to keep the applicant's responses
discrete and protected from view. For example, if an applicant is
completing a paper application form, a financial institution may
request that the applicant return a paper data collection form
requesting demographic data in a sealed envelope provided by the
financial institution.
In response to a commenter's suggestion that the Bureau permit
financial institutions to collect applicant-provided data through a
variety of means, the Bureau notes that nothing requires a financial
institution to request applicant-provided data in a single format or
manner, and indeed new comment 107(c)(2)-2.iv expressly contemplates
that a financial institution may use multiple methods to collect
applicant-provided data.
Final Rule--Sec. 1002.107(c)(3) Procedures To Monitor Compliance
The Bureau is adopting new Sec. 1002.107(c)(3) to require that a
covered financial institution maintain procedures designed to identify
and respond to indicia of potential discouragement, including low
response rates for applicant-provided data. The Bureau is adopting new
Sec. 1002.107(c)(3) in order to provide greater clarity and safeguards
on the type of infrastructure financial institutions are expected to
have in place in order to ensure compliance with final Sec.
1002.107(c)(1) and (2). Although the Bureau anticipates that the
particular components of a financial institution's procedures will vary
from institution to institution, to provide regulatory clarity, new
comment 107(c)(3)-1 provides a list of procedures the Bureau generally
expects financial institutions will maintain in order to identify and
respond to indicia of potential discouragement.\781\
---------------------------------------------------------------------------
\781\ The Bureau acknowledges that financial institutions may
not have all the necessary data to conduct a robust peer analysis of
response rates until after 1071 data collection has been in effect
for some period of time, and that the availability and robustness of
a peer analysis will also depend on the extent to which 1071 data
are made publicly available. In the meantime, the Bureau still
expects financial institutions to monitor response rates internally
and in comparison to public data, as available.
---------------------------------------------------------------------------
In response to commenters' request for additional guidance on
proposed comment 107(c)(1)-4, which would have required financial
institutions to reassess on a periodic basis, based on available data,
whether its procedures are reasonably designed to obtain a response,
the Bureau notes that new Sec. 1002.107(c)(3) and comment 107(c)(3)-1
clarify the type of monitoring expected of financial institutions. In
response to a commenter's question about whether a financial
institution is permitted or required to engage in testing beyond peer
analysis, such as A/B testing or other methods, the Bureau notes that
nothing in the final rule requires a financial institution to do so.
While a financial institution is certainly free to experiment with
different procedures to see which are most effective for its business
model, a financial institution may typically comply with final Sec.
1002.107(c) by following the minimum factors and guidelines set forth
in final Sec. 1002.107(c)(1) through (3) and associated commentary. In
response to a commenter's request for further guidance on what
constitutes ``periodic'' peer testing, the Bureau notes initially that
the term ``periodic'' does not appear in new Sec. 1002.107(c)(3) or
its associated commentary. The Bureau does anticipate, however, regular
monitoring under new Sec. 1002.107(c)(3) in order to identify and
respond to indicia of potential discouragement. There is no designated
number or time frame for how often that monitoring must occur; rather,
the precise cadence and scope will vary depending on the financial
institution's procedures for collecting applicant-provided data, its
business model, and other relevant factors.
Final Rule--Sec. 1002.107(c)(4) Low Response Rates
The Bureau is adopting new Sec. 1002.107(c)(4) to provide that a
low
[[Page 35387]]
response rate for applicant-provided data may indicate discouragement
or other failure by a covered financial institution to maintain
procedures to collect applicant-provided data that are reasonably
designed to obtain a response. Similar to proposed comment 107(c)(1)-4,
which would have provided that a financial institution may compare its
response rate to peer institutions as a method to assess whether its
procedures are reasonably designed, final Sec. 1002.107(c)(4)
identifies the importance of response rates as a method to assess
whether a financial institution has reasonably designed procedures. The
Bureau anticipates that in many instances, a low response rate may
indicate a failure to comply with final Sec. 1002.107(c)(1) and (2).
The Bureau is adopting Sec. 1002.107(c)(4) in order to provide covered
financial institutions clarity on the type of information that may be
used to assess a financial institution's procedures.
The Bureau is adopting new comment 107(c)(4)-1 to provide further
guidance on how to assess response rates. The comment clarifies that
``response rate'' generally refers to whether the financial institution
has obtained some type of response to requests for applicant-provided
data (including, as applicable, a response from the applicant of ``I do
not wish to provide this information'' or similar). However,
significant irregularities in a particular response (for example, very
high rates of ``I do not wish to provide this information'' or similar)
may also indicate that a financial institution does not have reasonably
designed procedures. In particular, significant irregularities may
indicate the financial institution is somehow steering, improperly
interfering with, or otherwise discouraging or obstructing an
applicants' preferred response. New comment 107(c)(4)-1 further
clarifies that response rates may be measured, as appropriate, as
compared to financial institutions of a similar size, type, and/or
geographic reach, or other factors, as appropriate.
In response to commenters' concern that peer comparisons may not be
an effective method to assess the reasonableness of a financial
institution's procedures if all peers are not making reasonable
efforts, the Bureau agrees that peer comparisons alone are not
determinative. Comparing a financial institution's response rates to
its peers is just one possible indicator of whether a financial
institution has procedures reasonably designed to obtain a response.
Even if a financial institution maintains a response rate commensurate
with its peers, if all peers have low response rates overall or
maintain procedures not reasonably designed to obtain a response, the
financial institution may still violate Sec. 1002.107(c). The Bureau
does not believe it would be appropriate at this time, however, to set
a specific percentage or metric for response rates, as suggested by
some commenters, as the appropriate response rate may depend on a
number of factors, differ from institution to institution, and change
over time, for example, as financial institutions refine their
collection methods.
Requests for Special Treatment for Particular Types of Transactions or
Types of Financial Institutions
The Bureau is not adopting exceptions concerning the time and
manner of collection of demographic information for particular types of
transactions or by particular financial institutions, as requested by
some commenters. For the reasons described below, the Bureau believes
the same time and manner rules should apply across all covered credit
transactions and all covered financial institutions.
Initially, the Bureau believes that point of sale transactions
should follow the same rules as all covered credit transaction types,
and thus does not believe that an exemption for such transactions, as
suggested by some commenters, would be appropriate. The Bureau
understands that many (though not all) point of sale applications,
particularly those for smaller credit amounts or to purchase particular
goods in a store, are submitted on-site at the point of sale and
decisioned in real time. Many of the commenters' arguments for
exclusion of point of sale transactions were identical to the arguments
set forth by commenters above for why financial institutions should be
permitted to collect 1071 data after decisioning an application,
including arguments based on the speed and fast-paced nature of the
application process, that applicants would be discouraged from
responding or proceeding with the transaction, and that the person
completing the application may lack the requisite knowledge. For the
same reasons discussed above, the Bureau likewise does not believe that
an exemption would be appropriate for point of sale transactions.
In response to commenters' concerns that applicants will not feel
comfortable answering questions related to their ethnicity, race, and
sex in a public place, the Bureau believes that financial institutions
can develop procedures to accommodate collection in this setting,
including by using the sample collection form developed by the Bureau
(in paper or electronic format) or creating more private locations for
the collection of data in-store. The Bureau also does not believe that
specialized knowledge is necessary to collect these data, and believes
that retailers and their employees can collect and maintain data with
the necessary precautions to safeguard applicant information, as they
do with other sensitive data provided in connection with a credit
application. As to a commenter's argument that retailers will have
limited motivation to collect small business lending data, the Bureau
notes that a financial institution that retains a third party to offer
its financial products has significant control and responsibility over
how its products are offered, including the power and responsibility to
require third-party partners to seek to collect required data and
otherwise comply with applicable law. In response to a commenter's
argument that data collected on point of sale transactions will reflect
the retailer's, rather than the financial institution's, footprint, the
Bureau notes that a financial institution chooses its retail partners.
Finally, although some commenters asserted that the collection of 1071
data will deter applicants from seeking credit or retailers from
providing in-store private label credit, they provided no evidence to
support this claim.
Several commenters requested that if the Bureau includes point of
sale or similar transactions in the final rule, the Bureau should
nonetheless exempt such transactions under $50,000 or except such
transactions from the requirement to obtain demographic data. These
commenters stated that such an exemption would be consistent with
FinCEN's customer due diligence rule, which excludes from certain of
its requirements point of sale transactions to provide credit products
solely for the purchase of retail goods/services up to a limit of
$50,000. The Bureau is not adopting such an approach here, given the
different purposes and requirements of the customer due diligence rule
and section 1071. The purpose of FinCEN's rule is to improve financial
transparency and prevent criminals and terrorists from misusing
companies to disguise their illicit activities and launder their ill-
gotten gains.\782\ The
[[Page 35388]]
customer due diligence rule's exclusion for certain point of sale
transactions is based on the ``very low risk posed by opening such
accounts at [a] brick and mortar store.'' \783\ While the customer due
diligence rule focuses on accounts (including certain originated
loans), obtaining data on denials is essential to section 1071's
purposes. Moreover, unlike FinCEN's rule, which requires covered
financial institutions to collect certain essential information,
section 1071 only requires that financial institutions seek to collect
applicants' protected demographic information, and permits applicants
to refuse to provide that information. Given these key differences, the
Bureau is not adopting an exclusion for point of sale applications
below $50,000. See also the section-by-section analysis of Sec.
1002.104, which discusses requests for minimum transaction amount
thresholds.
---------------------------------------------------------------------------
\782\ See Fin. Crimes Enf't Network, Information on Complying
with the Customer Due Diligence (CDD) Final Rule, https://www.fincen.gov/resources/statutes-and-regulations/cdd-final-rule
(last visited Mar. 20, 2023).
\783\ Fin. Crimes Enf't Network, Guidance, at Q 29 (Apr. 3,
2018), https://www.fincen.gov/sites/default/files/2018-04/FinCEN_Guidance_CDD_FAQ_FINAL_508_2.pdf.
---------------------------------------------------------------------------
Next, trade associations representing insurance premium finance
lenders and insurance agents and brokers similarly argued that the
Bureau's rule should not apply to insurance premium finance lenders, in
part because such lenders cannot collect 1071 data until after funding.
New Sec. 1002.104(b)(3) excludes insurance premium financing,
therefore resolving these commenters' concerns.
Finally, the Bureau does not believe it would be appropriate to
categorically exclude captive vehicle finance lenders should be
excluded from coverage. The commenter's request was primarily based on
the argument that dealers--who primarily interact with applicants--are
currently prohibited by ECOA from gathering certain protected
demographic information. As further discussed in the section-by-section
analysis of Sec. 1002.109(a)(3), Regulation B issued by the Board of
Governors of the Federal Reserve System (12 CFR part 202) and
applicable to dealers provides in comment 5(a)(2)-3 that ``[p]ersons
such as loan brokers and correspondents do not violate the ECOA or
Regulation B if they collect information that they are otherwise
prohibited from collecting, where the purpose of collecting the
information is to provide it to a creditor that is subject to [HMDA] or
another Federal or State statute or regulation requiring data
collection.'' In response to the commenter's concern that dealers may
not be familiar with all required data under section 1071, such as
gross annual revenue or ownership structure information, the Bureau
first notes that dealers are often the last entity with authority to
set the material credit terms of the covered credit transaction, and so
are generally unlikely to be collecting 1071 data on behalf of other
reporting financial institutions. Second, even in situations where the
dealer is acting as a mere conduit, and thus may be collecting
information on behalf of another financial institution, the Bureau
expects that the dealer can request 1071 data from the applicant, just
like a covered financial institution would do. Finally, the commenter's
concerns that data must be collected at each stage of the process,
potentially by multiple covered financial institutions, may be
misplaced; nothing in the proposed or final rule would require a
financial institution (or a third party collecting data on its behalf)
to collect data multiple times in connection with a single covered
application.
107(d) Previously Collected Data
Proposed Rule
Proposed Sec. 1002.107(c)(2) would have permitted, but not
required, a financial institution to reuse previously collected data to
satisfy proposed Sec. 1002.107(a)(13) through (21) if the data were
collected within the same calendar year as the current covered
application and the financial institution had no reason to believe the
data are inaccurate. The Bureau believed that, absent a reason to
suspect otherwise, recently collected 1071 data are likely to be
reliable.
Proposed comments 107(c)(2)-1 through -7 would have provided
additional guidance and examples of when certain data can be reused by
a financial institution, including what data can be reused, when
information is considered collected in the same year, when a financial
institution may have reason to believe data are inaccurate, and when a
financial institution may reuse data regarding minority-owned business
status, women-owned business status, and data on the principal owners'
ethnicity, race, and sex.
The Bureau sought comment on Sec. 1002.107(c)(2) and associated
commentary.
Comments Received
The Bureau received comment on proposed Sec. 1002.107(c)(2) from a
range of lenders, trade associations, and community groups. A few
commenters noted that it is commonplace for lenders to receive multiple
applications from a borrower. For example, a community bank stated that
it is typical for borrowers to submit numerous loan requests during the
year, and expressed concern about what it referred to as ``repetitive
completion'' of data points. A trade association similarly noted that
financial institutions often have customers with multiple facilities,
which may have been obtained all at once or over time.
Some commenters generally supported a provision that would allow
financial institution to reuse certain data for some period of time. A
community group supported allowing lenders to use previously collected
data if an application is continued at a later date. However, the
commenter urged against permitting reuse beyond a year, noting that the
characteristics of the small business may change (such as revenue
size).
In response to the Bureau's request for comment on the issue, a
number of commenters urged the Bureau to adjust the time frame for
reuse. A CDFI lender urged that, at a minimum, the Bureau update the
time frame to ``within 12 months,'' rather than the same calendar year,
noting that there is no reason to believe data are inaccurate for
applications submitted close in time, but that fall between two
calendar years. A trade association urged the Bureau to permit reuse
for ``the same or prior calendar year.'' The commenter argued that
permitting reuse of data would reduce applicant burden and that it
would be unnecessarily restrictive to require financial institutions to
collect anew previously obtained data that is still likely to be
accurate. The commenter further noted that a financial institution can
repopulate previously provided data, and the applicant can certify that
the data are still accurate or update the data. A community bank argued
that a one-year period was too short considering that its agricultural
clients often annually reapply for draw down lines of credit (used to
purchase crop inputs for the year), during which period a borrower's
small business and principal owner status are unlikely to change.
A couple of community banks and group of trade associations urged
the Bureau to permit reuse for a 24-month or two-year period. One of
the banks stated that it is common for businesses to obtain a new
product from a financial institution in the first three years, rather
than the first year alone. Another trade association argued for a
three-year reuse period. The commenter also argued that reuse should be
permitted for any data the financial institution does not normally
gather in connection with credit applications, such as data regarding
minority-owned business status, women-owned business status,
[[Page 35389]]
and data on the principal owners' ethnicity, race, and sex, as well as
gross annual revenue information if not typically collected. A
community bank argued that if there are no changes to the data, a
financial institution should be permitted to reuse data indefinitely.
Finally, a community bank asserted that prior collected data should be
reusable for the same amount of time across all data points, unless
there is a reason to believe they are inaccurate. However, the
commenter continued, reuse of gross annual revenue data should be
updated every fiscal year and gender should be updated every year given
that gender identity may change. The commenter asserted that ethnicity
and race information about the principal owner(s) should not change
absent a change in principal owner(s).
In contrast, a community groups, community-oriented lenders, and
business advocacy groups, as well as an individual commenter opposed
reuse of prior collected data in certain circumstances. The joint
letter and the minority business advocacy group specifically opposed
reuse of information about a principal owner's ethnicity, race, and sex
information if the business previously responded ``I do not wish to
provide this information.'' The commenters asserted that opinions may
shift, which may make a person more likely to provide the requested
information. The commenters further noted that it is not a big burden
on financial institutions to attempt to gather the information again
and doing so goes to the purposes of section 1071. An individual
commenter argued that the proposed reuse of previously collected data
about an applicant's sex, sexual orientation and gender identification
would have a negative impact on members of the LGBTQ community. The
commenter was concerned that information collected for one purpose
would be used for a non-intended purpose, such as to classify and
segregate LGBTQ members applying for a small business loan. The
commenter stated that by collecting data on an applicant's sex, sexual
orientation, and gender identification, LGBTQ members are at risk that
their data may be used for unintended purposes outside 1071 data
collection.
In response to the Bureau's request for comment on whether
financial institutions should be required to notify applicants that
information they provide may be reused for subsequent applications, one
community bank suggested the Bureau add a disclosure on the sample data
collection form noting that the information may be reused, and if the
information has changed, to inform the applicant's lender.
A community bank asked how the reuse provision could be implemented
in light of the proposed firewall provision. The commenter noted that
because the firewall provision prohibits review by underwriters of
demographic information, it is unclear how a financial institution can
reasonably rely on data collected in the same calendar year if that
data is inaccessible to the lender. Another commenter asked for
clarification whether data (specifically demographic data) collected in
prior years could be reused, and what to do if there are multiple
collections. Specifically, the commenter gave the example of an
applicant that provides demographic information for one application,
and then chooses not to provide demographic information for a
subsequent application, and asking which collection should be reported.
Final Rule
For the reasons set forth herein, the Bureau is finalizing Sec.
1002.107(d) (proposed as Sec. 1002.107(c)(2)) to permit, but not
require, a financial institution to reuse previously collected data to
satisfy Sec. 1002.107(a)(13) through (20) if (a) the data were
collected within the 36 months preceding the current covered
application (except that to satisfy Sec. 1002.107(a)(14), on gross
annual revenue, the data must be collected within the same calendar
year as the current covered application) and (b) the financial
institution has no reason to believe the data are inaccurate. As
discussed above, the majority of commenters to weigh in on this issue
supported reuse of data for some period of time, with many commenters
urging the Bureau to extend the time period for reuse from the same
calendar year to multiple years. As noted by one bank, it is common for
businesses to seek a new product within three years of a prior
origination, with fewer requests occurring within one year. Allowing
reuse will also reduce the need for applicants to repeatedly provide
the same information over a short period of time, as noted by some
commenters. The Bureau also believes permitting reuse will reduce
burden on financial institutions, particularly those with an
established relationship with a business. In addition, the Bureau
believes that permitting reuse will assist in fast-paced transactions,
such as requests for additional credit amounts on an existing account.
Based on these reasons and the feedback from commenters, the Bureau now
believes that 36 months strikes the appropriate balance of permitting
reuse for a short enough period of time that the data are likely to be
reliable, while also permitting a long enough period of reuse to avoid
a financial institution from having to make repeated information
requests to returning customers.
In response to a commenter's concern that characteristics of a
small business may change during a time period greater than a year, the
Bureau notes that any dramatic shifts will likely be known to a
financial institution considering a new covered application. In those
circumstances, the financial institution either will have already
collected updated information (in which case the updated information
would be reported pursuant to final comment 107(d)-4) or the financial
institution will have reason to believe certain data are inaccurate, in
which the case the financial institution cannot reuse that data
pursuant to final Sec. 1002.107(d)(2). Indeed, the Bureau believes
that final Sec. 1002.107(d)(2), the provision prohibiting reuse of
data if the financial institution has reason to believe the prior
collected data are inaccurate, will identify the majority of situations
where the data are no longer reliable. For example, as set forth in
final comment 107(d)-6, a financial institution may have reason to
believe data are inaccurate if it knows that the applicant has had a
change in ownership or a change in an owner's percentage of ownership.
Similarly, a financial institution may also have reason to know data
are inaccurate if the business indicates that is has opened several new
store locations recently. In that case, the financial institution may
have reason to ask for updated data on gross annual revenue, number of
workers, and potentially other data points.
Some commenters raised concerns about reuse of data regarding a
principal owner's race, sex, and ethnicity information, particularly if
the business previously responded ``I do not wish to provide this
information.'' Another commenter stated that identities, and
particularly gender identity, may shift, and so the information should
be collected at least every year. The Bureau understands that how an
applicant wishes to identify may shift over time. However, as noted
above, the Bureau believes that a 36-month period provides the right
balance of permitting reuse for a period of time to reduce repetitive
collections, but also require financial institutions collect the data
anew once a substantial amount of time has passed. Although the final
rule permits reuse of applicant demographic data pursuant to final
Sec. 1002.107(d), final comment 107(d)-9 provides that a financial
institution may not reuse data
[[Page 35390]]
to satisfy Sec. 1002.107(a)(18) and (19) unless the data were
collected in connection with a prior covered application pursuant to
subpart B. The Bureau believes that reuse of applicant demographic data
should be limited in this manner to ensure that data reported were
collected in a manner that aligns with the protections and selection
options set forth in final Sec. 1002.107(a)(18) and (19).
Although the Bureau is finalizing Sec. 1002.107(d) to permit reuse
of certain data collected within a 36-month period, the Bureau notes
that a financial institution may--at any time, even outside a three-
year period--use reasonable procedures to reaffirm data previously
collected. The Bureau understands that many financial institutions have
years of experience serving a particular small business's credit needs
and so may seek to streamline new credit requests to avoid duplicative
or unnecessary collection efforts. In this respect, it is important to
note that the final rule does not prevent a financial institution from
identifying efficient ways to gather 1071 required data, including by
leveraging prior 1071 data to streamline the collection process. For
example, even if it has been more than three years since a business
submitted an application for credit, a financial institution may
reaffirm prior collected data about whether the business is minority-
owned, women- owned, and LGBTQI+-owned, and the ethnicity, race, and
sex of the principal owners of the business by, for example, providing
the applicant with a data collection form pre-populated with its prior
responses and confirming with the applicant that the information
remains accurate or making any changes noted by the applicant. Methods
that reaffirm prior collected data may be particularly useful in
faster-paced transactions, such as requests for additional credit
amounts.
A bank asked how the reuse provision can be implemented in light of
the proposed firewall provision, noting that because the firewall
provision prohibits review by underwriters of demographic information,
it is unclear how a financial institution can reasonably rely on
previously collected data if it is inaccessible to the lender. The
Bureau does not believe that the firewall provision in final Sec.
1002.108 will conflict or render unusable the reuse provisions in final
Sec. 1002.107(d), as suggested by some commenters. Initially, the
Bureau notes that the firewall provision only applies to information
regarding whether the applicant is a minority-owned business, a women-
owned business, or an LGBTQI+-owned business under Sec.
1002.107(a)(18) and regarding the ethnicity, race, and sex of the
applicant's principal owners under Sec. 1002.107(a)(19), but not other
applicant-provided data. In any event, if an employee or officer is
typically tasked with collecting data required under Sec.
1002.107(a)(18) and (19), and is otherwise not involved in making any
determination concerning a covered application, providing that employee
with access to an applicant's prior responses to data requests under
Sec. 1002.107(a)(18) and (19) would not violate the firewall. Thus,
final comment 108(a)-1(ii)(f) provides the example that reviewing
previously collected data to determine if it can be used for a later
covered application pursuant to Sec. 1002.107(d) is not an activity
that constitutes being involved in making a determination regarding a
covered application. Finally, if a financial institution determines
that it is not feasible to limit an employee's or officer's access to
an applicant's prior responses to the financial institution's inquiries
under final Sec. 1002.107(a)(18) and (19) and provided the notice
required under final Sec. 1002.108(d) to the applicant at the time the
data were collected, the financial institution can permit that employee
or officer to reuse the collected data for a 36-month period as set
forth in final Sec. 1002.107(d).
In response to a commenter's question concerning what previously
reported data can be used, and how to resolve conflicting answers
provided at different times, the Bureau notes that final comment
107(d)-4 provides that a financial institution should use updated
information if available.
In response to its request for comment on the issue in the NPRM,
the Bureau received feedback from an industry commenter that the sample
data collection form should include a disclosure that information can
be reused for section 1071 reporting purposes, and that an applicant
should inform its lender if there have been any changes. The Bureau is
finalizing the sample data collection form without a disclosure about
potential reuse of data. Including such language could distract an
applicant from other language on the form (such as why the data is
being collected) and risks potentially confusing an applicant, who
might not understand that reuse is limited to 1071. Relatedly, the
collection form accurately identifies why the information is being
collected whether or not the data are later reused--to help ensure that
all small business applicants are treated fairly and that communities'
small business credit needs are being fulfilled.
Final comment 107(d)-1 (proposed as comment 107(c)(2)-1) is revised
to clarify that reuse of data pursuant to final Sec. 1002.107(d) is
limited to reuse for the purpose of reporting such data pursuant to
Sec. 1002.109. In response to an individual commenter's concern about
potential misuse of 1071 data, the Bureau has adopted new Sec.
1002.110(e), which prohibits a financial institution from disclosing or
providing to third parties the information it collects pursuant to
final Sec. 1002.107(18) and (19) except in limited circumstances. In
addition, financial institutions remain prohibited from using 1071
data--particularly data about whether the business is minority-owned,
women-owned, or LGBTQI+-owned, and the ethnicity, race, and sex of the
principal owners of the business--in a manner that violates ECOA,
existing Regulation B, or any other applicable law. For example,
existing Sec. 1002.4(a) prohibits a creditor from discriminating
against an applicant on a prohibited basis in any aspect of a credit
transaction. Similarly, existing Sec. 1002.6(b)(1) prohibits a
creditor from taking a prohibited basis into account in any system of
evaluating the creditworthiness of an applicant, except as expressly
provided for by ECOA or Regulation B. Thus, just because this final
rule gives a financial institution permission to collect ethnicity,
race, and sex/gender information for the limited purposes of section
1071, a financial institution still remains prohibited from considering
that data in a manner that violates ECOA, existing Regulation B, or any
other applicable law.
Final comments 107(d)-2 and -3 (proposed as comments 107(d)-2 and -
3) contain minor revisions for consistency and clarity. Final comment
107(d)-2 identifies the particular data that can be reused. The comment
also clarifies that other data required by final Sec. 1002.107(a)
cannot be reused, as those data points are specific and unique to each
covered application. Final comment 107(d)-3 clarifies instances where
data have not been ``previously collected'' and so cannot be reused
under final Sec. 1002.107(d).
The Bureau is adopting new comment 107(d)-4 to clarify that if a
financial institution obtains updated information relevant to the data
required to be collected and reported pursuant to final Sec.
1002.107(a)(13) through (20), and the applicant subsequently submits a
new covered application, the financial institution must use the updated
information in connection with the new covered application or seek to
collect the data again. Final comment
[[Page 35391]]
107(c)(2)-4 also provides an example of updated information.
Final comment 107(d)-5 (proposed as comment 107(c)(2)-4) is revised
to provide guidance on how to measure the 36-month period for potential
reuse of certain data, and provides an illustrative example.
Final comment 107(d)-6 (proposed as comment 107(c)(2)-5) contains
minor revisions for consistency and clarity, and an example of when a
financial institution has reason to believe data may be inaccurate and
so cannot be reused for a subsequent covered application.
As noted above, final Sec. 1002.107(d)(1) permits a financial
institution to reuse gross annual revenue data if collected within the
same calendar year as the current covered application. The Bureau is
adopting a narrower window for the reuse of gross annual revenue data
than other previously collected data given the language in ECOA section
704B(e)(2)(F) requiring financial institutions to compile ``gross
annual revenue of the business in the last fiscal year . . . preceding
the date of the application.'' Given that the statute identifies a
specified time frame for the collection of gross annual revenue, it
would be more consistent with the statute to permit reuse of gross
annual revenue only within the same calendar year. Moreover, given that
gross annual revenue data already looks back to the prior fiscal year,
adding an additional 36-month period could affect data quality. The
Bureau is also adopting new comment 107(d)-7 to provide guidance on
when gross annual revenue information is considered collected in the
same calendar year, and so may be reused by a financial institution in
certain circumstances. In particular, the comment discusses
applications that span more than one calendar year.
The Bureau is adopting new comment 107(d)-8 to clarify that if a
financial institution decides to reuse data about the applicant's time
in business, the financial institution must update the data to reflect
the passage of time, and provides an illustrative example.
Lastly, final comment 107(d)-9 (proposed as comments 107(c)(2)-6
and -7) is revised to provide guidance on when data regarding minority-
owned business status, women-owned business status, LGBTQI+-owned
business status, and data on the principal owners' ethnicity, race, and
sex may be reused by a financial institution in a subsequent covered
application.
Section 1002.108 Firewall
Background
ECOA section 704B(d) generally limits the access of certain
individuals at a financial institution or its affiliates to certain
information provided by an applicant pursuant to section 1071. The
Bureau calls this requirement in 704B(d) to limit access to information
a ``firewall.''
More specifically, ECOA section 704B(d)(1) states that ``[w]here
feasible,'' underwriters and other officers and employees of a
financial institution or its affiliates ``involved in making any
determination concerning an application for credit'' cannot have access
to any information provided by the applicant pursuant to a request
under 704B(b). That is, the statute limits access not only by
underwriters and persons making an underwriting decision but also by
anyone else involved in making any determination concerning an
application. However, it does not expressly define the term
``feasible'' or provide clarification regarding what it means to be
``involved in making any determination concerning an application for
credit.''
Additionally, under ECOA section 704B(d)(2), if a financial
institution determines that an underwriter, employee, or officer
involved in making a determination ``should have access'' to any
information provided by the applicant pursuant to a request under
704B(b), the financial institution must provide a notice to the
applicant of the underwriter's access to such information, along with
notice that the financial institution may not discriminate on the basis
of such information. Section 704B(d)(2) does not expressly define or
describe when an underwriter, employee, or officer ``should have
access,'' nor does it explain the relationship, if any, between when a
financial institution determines that an individual ``should have
access'' under 704B(d)(2) and whether it is ``feasible'' to implement
and maintain a firewall under 704B(d)(1).
Proposed Rule
Scope of the firewall. In the NPRM, the Bureau explained its belief
that section 1071 is ambiguous with respect to the meaning of ``any
information provided by the applicant pursuant to a request under
subsection (b).'' On the one hand, ECOA section 704B(b)(1) directs
financial institutions to inquire whether a business is ``a women-
owned, minority-owned, or small business,'' so the phrase could be
interpreted as referring only to these three data points. However,
section 704B(e) indicates that the scope of 704B(b) is much broader. It
instructs financial institutions that ``information provided by any
loan applicant pursuant to a request under subsection (b) . . . shall
be itemized in order to clearly and conspicuously disclose'' data
including the loan type and purpose, the amount of credit applied for
and approved, and gross annual revenue, among other things. In other
words, 704B(e) designates all of the information that financial
institutions are required to compile and maintain--not simply an
applicant's status as a women-owned, minority-owned, or small
business--as information provided by an applicant ``pursuant to a
request under subsection (b).''
Information deemed provided pursuant to 704B(b) is subject not only
to the firewall under 704B(d) but also to a right to refuse under
704B(c) and separate recordkeeping requirements under 704B(b)(2).
Applying these special protections to many of the data points in
704B(e), such as an applicant's gross annual revenue or the amount
applied for, would be extremely difficult to implement because this
information is critical to financial institutions' ordinary operations
in making credit decisions.
In order to resolve these ambiguities, the Bureau gave different
meanings to the phrase ``any information provided by the applicant
pursuant to a request under subsection (b)'' with respect to ECOA
section 704B(e) as opposed to 704B(b)(2), (c), and (d). With respect to
the scope of the firewall, the Bureau interpreted the phrase to refer
to the data points in proposed Sec. 1002.107(a)(18) (minority-owned
business status) and proposed Sec. 1002.107(a)(19) (women-owned
business status), as well as proposed Sec. 1002.107(a)(20) (ethnicity,
race, and sex of principal owners). None of these data points has any
bearing on the creditworthiness of the applicant. Moreover, a financial
institution generally could not inquire about this demographic
information absent section 1071's mandate to collect and report the
information, and ECOA prohibits a financial institution from
discriminating against an applicant on the basis of the information.
Thus, the Bureau believed that the best effectuation of congressional
intent was to apply section 1071's limitation on access and right to
refuse provisions to all demographic information collected pursuant to
section 1071 and not to whether an applicant is a small business or any
of the non-demographic data points proposed in Sec. 1002.107(a).
[[Page 35392]]
Accordingly, the Bureau proposed that financial institutions need
only limit access under ECOA section 704B(d) to an applicant's
responses to the financial institution's specific inquiries regarding
women-owned business status and minority-owned business status and the
ethnicity, race, and sex of principal owners, but not to an applicant's
small business status.\784\ Additionally, the proposal would have
clarified that this prohibition on allowing certain employees and
officers to access certain information does not extend to ethnicity or
race information about principal owners that the financial institution
collects via visual observation or surname. It would have also
clarified that the prohibition does not extend to an applicant's
responses to inquiries regarding demographic information made for
purposes other than data collection pursuant to section 1071 or to an
employee's or officer's knowledge due to activities unrelated to the
inquiries made to satisfy the financial institution's obligations under
section 1071 (e.g., an employee knows that the applicant is a minority-
owned business or women-owned business due to information provided to
qualify for a special purpose credit program or an officer knows a
principal owner's ethnicity, race, or sex due to participation in a
community group or association).
---------------------------------------------------------------------------
\784\ SBREFA Outline at 36-37.
---------------------------------------------------------------------------
As noted above, section 1071 prohibits access to certain
information by underwriters and other officers and employees of a
financial institution or its affiliates ``involved in making any
determination concerning an application for credit.'' Consistent with
the statute, the Bureau proposed that a financial institution need only
prohibit the access of an employee or officer to demographic
information pursuant to section 1071 if that employee or officer is
involved in making a determination concerning an applicant's covered
application. The Bureau further proposed defining the phrase ``involved
in making any determination concerning a covered application'' to mean
participating in a decision regarding the evaluation of a covered
application, including the creditworthiness of an applicant for a
covered credit transaction. The NPRM noted that this group of employees
and officers includes, but is not limited to, employees and officers
who serve as underwriters. Additionally, the NPRM would have explained
that the decision that the employee or officer makes or participates in
must be about a specific covered application. An employee or officer
would not be involved in making a determination concerning a covered
application if the employee or officer is involved in making a decision
that affects covered applications generally, the employee or officer
interacts with small businesses prior to them becoming applicants or
submitting a covered application, or the employee or officer makes or
participates in a decision after the financial institution has taken
final action on the application, such as decisions about servicing or
collecting a covered credit transaction.
Feasibility of establishing and maintaining a firewall. In the
NPRM, the Bureau also noted that ECOA section 704B(d) contains
significant ambiguities with respect to how financial institutions, in
practical terms, should determine how to implement a firewall to limit
access to certain information provided by applicants pursuant to
section 1071. Indeed, based on feedback from stakeholders during the
SBREFA process, it appeared that in many instances financial
institutions that find it not ``feasible'' to implement and maintain a
firewall will be the same institutions determining that relevant
individuals ``should have access'' to the information provided by an
applicant pursuant to 704B(b). The Bureau believed that reading these
two provisions in isolation from each other would likely result in
significant confusion and challenges, particularly for smaller
financial institutions.
Accordingly, the Bureau proposed that section 1071's firewall
requirement be implemented by reading the ``should have access''
language in ECOA section 704B(d)(2) in conjunction with the
``feasibility'' language in 704B(d)(1). As proposed, it would not be
feasible for a financial institution to implement and maintain a
firewall with respect to a given employee or officer involved in making
a determination concerning a covered application if the financial
institution determines that employee or officer should have access to
one or more of the applicant's responses to the financial institution's
inquiries under proposed Sec. 1002.107(a)(18) through (20).
Conversely, it would be feasible for a financial institution to
implement and maintain a firewall if the financial institution
determines that no employee or officer involved in making a
determination concerning a covered application should have access to
the applicant's responses to the financial institution's inquiries
under proposed Sec. 1002.107(a)(18) through (20). Thus, the Bureau
proposed that the prohibition on certain individuals accessing
information as set forth in proposed Sec. 1002.108(b) would not apply
to an employee or officer if the financial institution determines that
it is not feasible to limit that employee's or officer's access to one
or more of an applicant's responses to the financial institution's
inquiries under proposed Sec. 1002.107(a)(18) through (20), and the
financial institution provides the notice required under proposed Sec.
1002.108(d) to the applicant.
The Bureau further proposed that it is not feasible to limit access
as required pursuant to proposed Sec. 1002.108(b) if the financial
institution determines that an employee or officer involved in making
any determination concerning a covered application should have access
to one or more applicants' responses to the financial institution's
inquiries under proposed Sec. 1002.107(a)(18) through (20). The Bureau
proposed to define the phrase ``should have access'' to mean that an
employee or officer may need to collect, see, consider, refer to, or
otherwise use the information to perform that employee's or officer's
assigned job duties. As proposed, a financial institution may determine
that an employee or officer should have access for purposes of proposed
Sec. 1002.108 if that employee or officer is assigned one or more job
duties that may require the employee or officer to collect (based on
visual observation, surname, or otherwise), see, consider, refer to, or
use information otherwise subject to the prohibition in proposed Sec.
1002.108(b). The employee or officer would not have to be required to
collect, see, consider, refer to or use such information or to actually
collect, see, consider, refer to or use such information. It would be
sufficient if the employee or officer might need to do so to perform
the employee's or officer's assigned job duties. Additionally, a
financial institution may determine that all employees or officers with
the same job description or assigned duties should have access for
purposes of proposed Sec. 1002.108. However, if a financial
institution determines that one or more employees or officers involved
in making any determination concerning a covered application should
have access for purposes of proposed Sec. 1002.108, the financial
institution would have been responsible for ensuring that the employees
or officers only access and use the protected information for lawful
purposes.
Exception to establishing and maintaining a firewall. As explained
above, the Bureau proposed to implement the statutory exception to the
requirement to establish and maintain a firewall in Sec. 1002.108. The
[[Page 35393]]
exception would allow financial institutions to give certain employees
or officers access to protected demographic information if the
financial institution determines that they should have access to that
information. However, in such circumstances, the financial institution
would need to comply with the statutory requirement to provide a notice
in lieu of limiting access. Thus, the Bureau proposed that, in order to
satisfy the exception, as set forth in proposed Sec. 1002.108(c), a
financial institution would be required to provide a notice.
The Bureau proposed that the financial institution be required to
provide the notice to, at least, each applicant whose responses to the
financial institution's inquiries under proposed Sec. 1002.107(a)(18)
through (20) would be accessed by an employee or officer involved in
making a determination concerning that applicant's covered application.
As an alternative, the Bureau proposed that the financial institution
could provide the required notice to a larger group of applicants,
including all applicants, if it determines that one or more officers or
employees should have access to protected demographic information.
The Bureau further proposed that the notice provided to satisfy the
exception in proposed Sec. 1002.108(c) must inform the applicant that
one or more employees and officers involved in making determinations
concerning the applicant's covered application may have access to the
applicant's responses regarding the applicant's minority-owned business
status, its women-owned business status, and its principal owners'
ethnicity, race, and sex. The Bureau proposed language for the required
notice and stated that a financial institution would be required to use
the language set forth in proposed comment 108(d)-2 or substantially
similar language when providing the notice.
The Bureau also proposed timing requirements for providing the
notice. The Bureau proposed that, if the financial institution provides
the notice orally, it must provide the notice prior to asking the
applicant if it is a minority-owned business or women-owned business
and prior to asking for a principal owner's ethnicity, race, or sex. If
the financial institution provided the notice on the same paper or
electronic data collection form as the inquiries about minority-owned
business status, women-owned business status, and the principal owners'
ethnicity, race, or sex, the financial institution would have been
required to provide the notice at the top of the form. If the financial
institution provided the notice required by proposed Sec. 1002.108(d)
in an electronic or paper document that is separate from the data
collection form inquiring about the applicant's minority-owned business
status, its women-owned business status, and its principal owners'
ethnicity, race, and sex, the financial institution would have been
required to provide the notice at the same time as or prior to
providing the data collection form. Additionally, the NPRM would have
clarified that the notice required pursuant to proposed Sec.
1002.108(d) must be provided with the non-discrimination notices
required pursuant to proposed Sec. 1002.107(a)(18) through (20).
Requests for comment. The Bureau sought comment on its proposed
approach to the statutory firewall requirement and whether a different
approach might result in a better policy outcome. The Bureau also
sought comment on the scope of the proposed firewall requirement and
the exception to establishing and maintaining a firewall. The Bureau
specifically sought comment on whether the proposed firewall should
apply to information about principal owners' ethnicity and race that is
obtained via visual observation and/or surname analysis. Finally, the
Bureau generally requested comment on whether additional clarification
is needed regarding the firewall requirement.
Comments Received
The Bureau received comments on its proposed approach to the
firewall requirement from a wide range of commenters including lenders,
trade associations, business advocacy groups, community groups, small
business owners and other individuals, and members of Congress. A
majority of these comments addressed the feasibility of establishing
and maintaining a firewall and/or addressed the notice required to rely
on the exception. Numerous commenters sought the elimination of or
exemptions to the firewall requirement. Other commenters sought
additional guidance on some or all of the firewall provisions,
including the scope of the firewall and determining who ``should have
access'' to the protected information.
General. A community group commenter said that the proposed
firewall provisions appropriately protect applicants, and another
stated that the formulation of the proposed firewall provisions was
reasonable. A CDFI lender said that while smaller financial
institutions might not be able to establish and maintain a firewall,
the NPRM provided sufficient flexibility in its firewall provisions to
facilitate implementation. A women's business advocacy group encouraged
the Bureau to look at ways to make a more secure firewall and noted
that the feasibility standard in the proposed rule seemed to remove the
firewall's effectiveness. Another commenter cautioned that the proposed
firewall would not stop lenders from using information inappropriately
and in a manner that harms small business applicants.
In contrast, a large number of lenders, trade associations, and
individual commenters requested that the Bureau eliminate the firewall.
Some of these commenters said that the firewall should be eliminated
because it would create competitive disadvantages or overburden certain
financial institutions. Others said that it should be eliminated
because the firewall would overburden all covered financial
institutions. Many commenters said that the firewall will add
complexity, create burden and regulatory risk, and/or increase the cost
of compliance. A few commenters said that the firewall provisions could
result in financial institutions being required to purchase or create
new technology or systems. Some commenters noted that the additional
expense could result in an increased cost of credit, limited access to
credit, and/or the cessation of certain products being offered. One
commenter further stated that the costs of such a requirement would
likely decimate small businesses' access to credit because financial
institutions will either decrease or stop their small business lending.
One bank commenter asked that the Bureau create a simple way for
the commenter to certify that the firewall concept cannot work for its
entire institution without exception, equivocation, or a repetitive
review. This commenter further indicated that it would provide a short
and simple disclosure (one half of a letter size page or less) to all
of its commercial applicants to document its compliance. The commenter
said that the proposed firewall requirements gave it concern and
appeared to be a ``gotcha'' clause in the proposed rule. In particular,
they indicated it was concerned with a portion of proposed comment
108(c)-1 that would have said that a financial institution cannot
permit all employees and officers to have access simply because it has
determined that one or more employees or officers should have access.
Some commenters said that they had not been able to devise a
workable method for improving what they called
[[Page 35394]]
the firewall's ``prohibit-or-disclose regime,'' and suggested that the
Bureau needed to exercise its statutory authority to eliminate the
firewall provision. These commenters and others also noted that
eliminating the firewall requirement would align the rule implementing
section 1071 with HMDA/Regulation C, which they said has required
collection of demographic information for decades without any known
incidents, despite the absence of any firewall.
Some commenters said that the Bureau should eliminate the firewall
because it is unnecessary. A commenter also noted that the firewall
requirement presents unique compliance challenges because the
requirement is different than HMDA and will require unique systems. A
few commenters said that the firewall serves no purpose or has no
practical value. A few other commenters noted that the firewall is
impractical or serves no purpose when applications are not anonymous,
such as in smaller communities or where the employee or officer making
determinations has an existing relationship with the applicant.
A few commenters asked the Bureau to create a platform, portal, or
other system for applicants to report demographic information directly
to the Bureau so that financial institutions could avoid having to
intake such information at all.
Scope of the firewall. Comments on the scope of the proposed
firewall requirement largely requested clarification. These commenters
requested additional guidance regarding the types of employees and
officers that would be subject to the firewall with one commenter
asserting that the standard in the proposed rule was vague and
subjective. This commenter also requested additional clarity regarding
the definition of the phrase ``involved in making any determinations
concerning an application for credit.'' Some commenters requested that
specific groups of employees (such as software engineers and data
scientists, bankers and managers who provide information or counseling
on available credit products, and employees who gather information and
submit applications to unrelated financial institutions who may take
assignments of the credit contract) explicitly be excluded from the
scope of the firewall requirement. However, a trade association said it
supported the proposed definition of the phrase ``involved in making
any determination concerning a covered application.''
One commenter specifically agreed that the firewall should not
extend to an applicant's status as a small business.
Regarding application of the proposed firewall requirement to
demographic information collected via visual observation or surname,
one commenter requested guidance on how to comply with the firewall for
such information. Another commenter urged the Bureau not to include
information collected via visual observation or surname within the
scope of the firewall. In contrast, another commenter noted that if the
firewall is meant to prevent a credit decision based on protected
information, it should not matter how the demographic information is
collected.
Some commenters requested clarification or guidance regarding the
firewall's applicability to information collected pursuant to HMDA or
other laws or regulations. One commenter said that an employee or
officer should not be subject to the firewall if the employee or
officer accessed demographic information collected pursuant to section
1071 in order to satisfy HMDA or another regulatory requirement.
A commenter said that the firewall should only apply to
applications originated completely online.
Feasibility of establishing and maintaining a firewall. A
significant majority of the comments about the firewall provisions
specifically addressed the feasibility of establishing and maintaining
a firewall. Overwhelmingly, these commenters said that the firewall
would be impossible, difficult, inefficient, and/or costly to implement
for certain financial institutions.
Numerous commenters said that the firewall is not or may not be
feasible for smaller institutions, such as credit unions and other
community-based financial institutions with limited staff and
resources. Numerous commenters also said that the firewall would not be
workable with some business models, loan processes, and/or decision-
making structures. Specifically, commenters asserted that the firewall
would be impossible or impractical with high-contact and relationship-
based lending models and with lending models that rely on loan officers
to collect information from applicants. One commenter said that the
logistics of implementing a firewall would be too much for most
lenders.
While some commenters said that the firewall requirement would
unfairly burden and punish smaller financial institutions or
traditional financial institutions in favor of larger financial
institutions and online lenders, others said that the firewall may not
be feasible for larger institutions or online lenders. Specifically,
some commenters said that the firewall would not be feasible for larger
institutions because they would have to make substantial investments in
technology to implement a firewall. One commenter said that while it
was a larger financial institution, its business lending department was
small, which would make establishing and maintaining a firewall
impossible, infeasible, or burdensome.
Many commenters said that lenders would need to change their
operations, hire additional staff, reconfigure systems, and/or invest
significant sums in technology in order to establish and maintain a
firewall. Some commenters asserted that the costs of doing these things
may be prohibitive. A few commenters said that the firewall would
disrupt their process, and one commenter said that the firewall
requirement could diminish a loan officer's ability to fully engage
with their clients efficiently and timely. With regard to indirect
vehicle financing, a few commenters said that there is not currently a
mechanism to shield and transmit data for such transactions and noted
there would be a one-time cost exceeding $4 million to develop such a
mechanism.
Some commenters requested additional clarification or guidance on
the feasibility standard. A few commenters specifically requested a
clearer feasibility standard. Some recommended that the Bureau provide
clear guidance about when a firewall is or is not feasible and how a
covered financial institution may determine the feasibility of
establishing and maintaining a firewall. A few commenters said that the
Bureau should clarify the operational factors (such as existing
staffing, software capability, other existing systems and operations,
and costs of making changes) that a financial institution may consider
when determining feasibility and when an employee or officer should
have access to protected demographic information collected pursuant to
section 1071. Two of these commenters requested that the commentary
specifically state that a financial institution may determine that a
firewall is not feasible if it would need to hire additional staff in a
line of business. Another commenter said that a financial institution
should be permitted to consider department size in determining
feasibility.
Two commenters said that the Bureau should expressly state that a
financial institution has discretion to determine when a firewall is or
is not feasible. These commenters further said that a financial
institution's determination that a firewall is not feasible should be
[[Page 35395]]
left to the sole and exclusive discretion of financial institutions,
effectively creating a safe harbor for institutions' determinations of
feasibility. Another commenter said that the Bureau should also
consider adding a feasibility-related safe harbor provision in Sec.
1002.112(c) that allows for variations in determining feasibility.
Other commenters recommended that a determination of feasibility or
infeasibility should satisfy the rule if done in conformity with
written procedures. Finally, one commenter said that it did not believe
that the Bureau could create a feasibility standard that would allow a
financial institution to determine whether it is required to implement
a firewall pursuant to the rule.
Providing a notice in lieu of establishing and maintaining a
firewall. A significant number of the commenters who said that it would
not or may not be feasible to implement and maintain a firewall also
opposed providing a notice in lieu of establishing and maintaining a
firewall. Generally, commenters said that the notice may raise privacy
concerns among some applicants, create confusion, and/or create
competitive disadvantages for financial institutions that provide the
notice. Some commenters said that requiring a notice would create an
additional compliance and/or administrative burden, and one said that
the notice may slow down the loan process because financial
institutions will need to explain the required language. Several
commenters said that the notice could cause customer complaints (as
well as customer confusion) if some financial institutions are not
required to provide the notice. Several commenters said that applicants
may want to obtain loans from financial institutions that do not
provide the notice, and some said this ultimately could result in a
reduction of applicant choice, a reduction of applicant access to
credit, or increased cost of credit.
A number of commenters said that providing the applicant with
notice of the fact that their demographic data will be shared could
raise questions or suspicions of whether the data plays a role in
credit decisions or doubts about the impartiality of the credit
decision, or could cause unwarranted scrutiny from individuals
receiving the notice. Some commenters said that the notice may cause
applicants to think the financial institution is not adequately staffed
or cannot maintain the confidentiality of applicant information. One
commenter suggested that the language of the proposed notice is
inflammatory. Another commenter said that the proposed notice implied
that some financial institutions are inherently more likely to engage
in unfair lending, to the extent that a ``government warning'' is
necessary. The commenter further stated that this implication is an
unwarranted insult to the integrity and fairness of the shareholders
and management of smaller community banks, and they would most likely
prefer to withdraw from or significantly curtail small business lending
than rely on the proposed exception to the firewall requirement by
providing the notice.
Different commenters identified financial institutions that would
need to provide the notice as smaller financial institutions, mid-sized
financial institutions, community banks, credit unions, or more
traditional financial institutions (i.e., not online lenders). However,
one commenter predicted that lenders of many sizes, business models,
and regulatory levels will conclude that employees and officers
involved in making a determination concerning an application should
have access to demographic information collected under section 1071 and
provide the notice.
A number of commenters suggested that the notice could inhibit the
collection of demographic information and/or undercut section 1071's
statutory purposes because it might influence applicants not to provide
the requested information. One commenter said the notice might result
in more applicants at community banks opting not to provide their
demographic information, and in turn, more community banks having to
report ethnicity and race information based on visual observation or
surname. Another commenter said that providing the notice may affect an
applicant's willingness to provide demographic information as the
notice gives the perception that the information would likely be used
to discriminate. Likewise, some commenters said that providing the
notice to qualify for the firewall exception at the same time as the
non-discrimination notice is especially problematic and could result in
applicants declining to provide the requested information. Some
commenters said that giving the notices together could result in other
harms, such as harm to existing customer relationships. Two commenters
suggested that the notice requirement is counterproductive because
applicants may be less inclined to provide demographic information if
they are told that decision makers may access their demographic
information.
A bank said that the Bureau should eliminate the notice because
applicants will know that the person making the inquiries pursuant to
section 1071 will be making determinations regarding applications.
Another bank said that the notice is useless because no one reads
disclosures, and customers already know that lenders cannot
discriminate.
A few commenters requested specific revisions to the notice. One
commenter said that the Bureau should revise the notice to align with a
HMDA notice. Another commenter requested that the Bureau align the
notice with the disclosure used for HMDA and stated that this means
that the disclosure would be provided with requests for demographic
information on covered applications, regardless of whether the
financial institution can maintain a firewall, and would emphasize that
the information is being requested/collected for government monitoring
of lenders' fair lending performance and compliance, cannot influence
credit decisions, and is voluntary for applicants to provide. A third
commenter said that in lieu of having a firewall requirement, the
Bureau should develop a model disclosure to applicants explaining the
data gathering process, similar to the disclosure provided in the
government monitoring section of the home mortgage application.
A commenter said that the Bureau should exercise its authority to
allow institutions to provide a Bureau-developed disclosure to
applicants explaining that there may be access to the data and explain
that the institution must not discriminate based on the information.
The commenter further said that the Bureau should develop and provide
the disclosure in Spanish as well as English when it publishes the
final rule and add other translations over time.
A trade association supported the Bureau's proposal to develop
model disclosures that lenders could use when notifying applicants of
an employee's or officer's access to personal information. Another
trade association supported an exception to the firewall requirement
and a model disclosure that alerts applicants that an employee or
officer may have access to demographic information, but does not tell
applicants that such individuals will have access to such information.
Two other commenters supported allowing financial institutions to
provide a notice to applicants in lieu of restricting access to
applicants' protected demographic information if a financial
institution determines that it is not feasible to limit access to one
or more of an applicant's responses to the financial institution's
inquiries. A community group
[[Page 35396]]
commenter said that the notice is an important aspect of the proposed
rule.
Requests for exemptions from the firewall requirements. Many
commenters requested that the Bureau exempt certain financial
institutions from the firewall requirement, though not all commenters
agreed on which institutions should be exempted. One commenter
requested an exemption for financial institutions with assets of less
than $1.384 billion (the CRA small bank threshold as of January 1,
2022),\785\ and another for institutions with assets of less than $5
billion. A few commenters said that financial institutions with assets
of less than $10 billion should be exempted. Other commenters said that
``smaller'' or ``community based institutions'' or ``community banks''
or ``credit unions'' should be exempted. One commenter said that
community banks should be exempt from the notice requirement.
---------------------------------------------------------------------------
\785\ Bd. of Governors of the Fed. Rsrv. Sys. & Fed. Deposit
Ins. Corp., Agencies release annual asset-size thresholds under
Community Reinvestment Act regulations (Dec. 16, 2021), https://www.federalreserve.gov/newsevents/pressreleases/bcreg20211216a.htm;
Fed. Fin. Insts. Examination Council, Explanation of the Community
Reinvestment Act Asset-Size Threshold Change (Dec. 16, 2021),
https://www.ffiec.gov/cra/pdf/2022_Asset_Size_Threshold.pdf.
---------------------------------------------------------------------------
Other commenters said that certain institutions should be provided
an ``automatic'' exception to the firewall, such that smaller
institutions could avoid the analysis and documentation required to
show that an institution qualifies for the exception.
Several commenters said that, due in whole or in part to the
firewall requirement, certain institutions should be exempted from the
entire rule. One commenter said that banks under $1 billion should be
exempted on this basis, a few said community banks should be exempted
on this basis, and one commenter said that all but the largest lenders
or all depository lenders should be exempted.
One commenter said that as an alternative to exempting community
banks from the firewall requirement, the Bureau could require all
financial institutions to provide the notice to all applicants,
regardless of whether information is firewalled.
Final Rule
For the reasons set forth herein, the Bureau is generally
finalizing the firewall requirement with additional clarifications in
the commentary regarding the definitions of ``involved in making any
determination concerning a covered application'' and ``should have
access,'' the scope of the firewall, determining feasibility, the
nature of the exception, and applying the exception to a specific
employee or officer or group of similarly situated employees or
officers. In addition, the Bureau has eliminated the requirement to use
specific language when providing the notice required to qualify for the
exception and, instead, has provided sample language for the notice.
This sample language appears in the sample data collection form at
appendix E. The Bureau has also revised the firewall provisions to
align with other changes to the final rule, such as the inclusion of
LGBTQI+-owned business status collected pursuant to final Sec.
1002.107(a)(18) as protected demographic information subject to the
firewall and the elimination of the requirement to collect certain
information via visual observation or surname.
Final Sec. 1002.108(b) states the general prohibition on access to
applicants' protected demographic information by certain persons. The
Bureau is finalizing Sec. 1002.108(b) and comments 108(b)-1 and
108(b)-2 with changes for clarity and consistency with other portions
of the final rule. Specifically, Sec. 1002.108(b) has been revised to
include LGBTQI+-owned business status, and cross-references have been
updated to reflect changes elsewhere in the final rule. Final Sec.
1002.108(b) states that unless the exception under final Sec.
1002.108(c) applies, an employee or officer of a covered financial
institution or a covered financial institution's affiliate shall not
have access to an applicant's responses to inquiries that the financial
institution makes pursuant to this subpart regarding whether the
applicant is a minority-owned business, a women-owned business, or an
LGBTQI+-owned business under final Sec. 1002.107(a)(18), and regarding
the ethnicity, race, and sex of the applicant's principal owners under
final Sec. 1002.107(a)(19), if that employee or officer is involved in
making any determination concerning that applicant's covered
application. Comments 108(b)-1 and -2 have been re-ordered. Final
comment 108(b)-1 and final comment 108(b)-2 have been revised to
clarify the scope of the prohibition.
While many commenters said that the Bureau should eliminate the
firewall requirement, or should exempt certain covered financial
institutions or certain types of transactions from the firewall
requirement, the Bureau does not believe it is appropriate to abrogate
this statutory requirement through section 1071's general exception
authority beyond the exception provided in the statutory firewall
provision itself. Congress, which would have been aware of the HMDA
data collection regime (including its lack of a firewall) at the time
that section 1071 was enacted, specifically required that financial
institutions limit certain employees' and officers' access to
demographic information that financial institutions request from
applicants in order to comply with section 1071. While Congress allowed
an exception to the general requirement to establish and maintain a
firewall in certain circumstances (i.e., when the financial institution
determined that an employee or officer should have access to the
demographic information and a firewall would not be feasible), the
language of the statute suggests that Congress did not intend for the
Bureau to eliminate the prohibition on access more broadly.
Furthermore, Congress only authorized the Bureau to create exceptions
to the requirements in section 1071 where necessary or appropriate to
carry out section 1071's purposes. The Bureau does not believe that
eliminating the firewall is necessary or appropriate to carry out
section 1071's purposes.
Moreover, the Bureau believes that it has separately addressed many
of the concerns about the ability of smaller institutions and
institutions with limited staff to implement a firewall in other
sections of the final rule. In particular, the Bureau has increased the
origination threshold for coverage in Sec. 1002.105(b). As a result,
many smaller institutions and institutions with limited staff will not
be subject to any provisions of the final rule, including the firewall
requirement.
Because the requirement to collect certain information via visual
observation or surname is not included in final Sec. 1002.107(a)(19),
it is not necessary to address the comments about the applicability of
the firewall requirements to information collected via those methods.
The Bureau has accordingly removed references to collecting information
via visual observation or surname from final comments 108(a)-2.i and
108(b)-2.ii. Similarly, because HMDA reportable loans are excluded
transactions pursuant to final Sec. 1002.104(b)(2), it is not
necessary to address comments asking for guidance on how to apply the
firewall requirement if a loan is subject to both HMDA and this final
rule.
Regarding comments that the Bureau establish a platform or system
that applicants can use to report demographic data directly to the
Bureau, thereby eliminating the need for institutions to implement a
firewall, in line with its discussion of this issue in the section-by-
section analysis of Sec. 1002.107(a)(19), the Bureau does not
[[Page 35397]]
intend to create such a system at this time but is open to engaging
further with stakeholders on alternative approaches for how financial
institutions might collect and report protected demographic
information.
Final Sec. 1002.108(a) provides certain relevant definitions,
including the definition of the phrase ``involved in making any
determination concerning a covered application from a small business.''
Generally, the Bureau is finalizing the definition of the phrase
``involved in making any determination concerning a covered
application'' in Sec. 1002.108(a)(1) with revisions for clarity. The
Bureau also is revising comment 108(a)-1 to provide additional clarity
that the covered application must be from a small business and to
provide clarity and examples regarding which employees and officers are
subject to the prohibition set out in final Sec. 1002.108(b) and which
employees and officers are not subject to the prohibition. In response
to the comments, the Bureau has clarified that certain activities do
not constitute being involved in making a determination concerning a
covered application from a small business and that other activities do
constitute being involved in making such determinations.
While the Bureau recognizes that the ``involved in making any
determination concerning an application for credit'' standard that
Congress created in the statute is broad, the Bureau does not believe
that the standard in final Sec. 1002.108(a)(1), as further explained
in the commentary, is unduly vague or subjective, as asserted by some
commenters.
As explained in final comment 108(a)-1.i, an employee or officer is
involved in making a determination concerning a covered application
from a small business for purposes of final Sec. 1002.108 if the
employee or officer makes, or otherwise participates in, a decision
regarding the evaluation of a covered application or the
creditworthiness of a small business applicant for a covered credit
transaction. Final comment 108(a)-1.i also explains that the decision
that an employee or officer makes or participates in must be about a
specific covered application or about the creditworthiness of a
specific applicant. Thus, activities undertaken prior to the submission
of a covered application do not constitute being involved in making a
determination about a covered application. Similarly, activities
undertaken after a financial institution has taken final action on a
covered application do not constitute making a determination regarding
a covered application. Furthermore, an employee or officer is not
involved in making a determination concerning a covered application if
the employee or officer is only involved in making a decision that
affects covered applications generally. Finally, the comment clarifies
that an employee or officer may be participating in a determination
even if the employee or officer is not the ultimate or sole decision
maker and provides examples.
Additionally, in response to comments requesting further
clarification regarding the definition of the statutory phrase
``involved in making any determination concerning an application for
credit,'' the Bureau has added several examples to the list of the
types of activities in final comment 108(a)-1.ii that do not constitute
being involved in making a determination concerning a covered
application from a small business for purposes of Sec. 1002.108. The
Bureau has also added a list of examples in comment 108(a)-1.iii of the
types of activities that do constitute being involved in making a
determination concerning a covered application from a small business
for purposes of Sec. 1002.108.
Section 1002.108(c), which the Bureau is finalizing with updated
cross-references to reflect other changes in the rule, explains the
exception to the general prohibition set forth in final Sec.
1002.108(b). Final Sec. 1002.108(c) establishes an exception to the
prohibition in final Sec. 1002.108(b) and states that the prohibition
does not apply to an employee or officer if the financial institution
determines that it is not feasible to limit that employee's or
officer's access to an applicant's responses to the financial
institution's inquiries under final Sec. 1002.107(a)(18) or (19) and
the financial institution provides the notice required under final
Sec. 1002.108(d) to the applicant. It further provides that it is not
feasible to limit access as required pursuant to final Sec.
1002.108(b) if the financial institution determines that an employee or
officer involved in making any determination concerning a covered
application from a small business should have access to one or more
applicants' responses to the financial institution's inquiries under
final Sec. 1002.107(a)(18) or (19).
However, in response to comments (including comments requesting
clarification about how a financial institution should be permitted to
determine feasibility pursuant to the final rule) and to provide
additional clarity and guidance, the Bureau has divided proposed
comment 108(c)-1 into two comments and revised and supplemented both
comments. Specifically, the Bureau has added language in final comment
108(c)-1 to clarify that a financial institution is not required to
separately determine the feasibility of maintaining a firewall. A
determination that an employee or officer should have access means that
it is not feasible to maintain a firewall as to that particular
employee or officer, and the exception applies to that employee or
officer if the financial institution provides the notice required by
final Sec. 1002.108(d).
The comment also clarifies the nature of the exception (i.e., that
it applies on an individual employee or officer basis, not an
institution-wide basis). The comment states that the fact that a
financial institution has made a determination that an employee or
officer should have access does not mean that the financial institution
can permit other employees and officers who are involved in making
determinations concerning a covered application to have access to the
information collected pursuant to final Sec. 1002.107(a)(18) and (19).
A financial institution may only permit an employee or officer who is
involved in making a determination concerning a covered application to
have access to information collected pursuant to final Sec.
1002.107(a)(18) and (19) if it has determined that employee or officer
or a group of which the employee or officer is a member should have
access to the information.
The Bureau is not adopting one commenter's suggestion that the
Bureau permit a financial institution to determine that a firewall is
not feasible for a single employee and then allow all employees and
officers to have access to protected demographic information. As
explained above, the final rule clarifies that a financial institution
can permit an employee or officer who is involved in making a
determination concerning a covered applications from a small business
to access that small business's protected demographic information only
if the financial institution has determined that employee or officer
should have access (i.e., either individually or as part of a group).
This requirement is not intended to be a ``gotcha,'' as suggested by
the commenter, but rather a reasonable means of allowing a financial
institution to provide employees and officers to have access to
protected demographic information when such access may be necessary to
perform assigned job duties without allowing such information to be
widely accessible to those employees and officers who make
determinations concerning covered applications but do not need the
information to perform
[[Page 35398]]
their jobs. The sample data collection form at appendix E includes
sample language for the firewall notice, but the Bureau is not
requiring use of that specific language for the firewall notice.
Final comment 108(c)-2 addresses how a financial institution may
apply the exception to a specific employee or officer or a group of
similarly situated employees or officers. It clarifies that a financial
institution may determine that several employees and officers, all of a
group of similarly situated employees or officers, and multiple groups
of similarly situated employees or officers should have access to
information collected pursuant to Sec. 1002.107(a)(18) and (19). It
also provides examples. Final Sec. 1002.108(a)(2) defines the phrase
``should have access,'' which is used in Sec. 1002.108(c) and related
commentary. This phrase means that an employee or officer may need to
collect, see, consider, refer to, or otherwise use the information to
perform that employee's or officer's assigned job duties. However, in
response to comments, the Bureau has revised comment 108(a)-2 and added
a comment 108(a)-2.iii. The Bureau has also revised comment 108(a)-2 to
align with other changes finalized in the rule (i.e., the elimination
of requirements to collect information via visual observation or
surname and the inclusion of the LGBTQI+-business status in final Sec.
1002.107(a)(18)). These comments clarify how a financial institution
may determine who should have access.
Final comment 108(a)-2.i explains that a financial institution may
determine that an employee or officer who is involved in making a
determination concerning a covered application should have access to
protected demographic information if that employee or officer is
assigned one or more job duties that may require the employee or
officer to collect, see, consider, refer to, or use such information.
The employee or officer does not have to be required to collect, see,
consider, refer to, or use such information or to actually collect,
see, consider, refer to or use such information in order for the
financial institution to determine that the employee or officer should
have access. It is sufficient if the employee or officer might need to
do so to perform the employee's or officer's assigned job duties.
Final comment 108(a)-2.ii explains that a financial institution may
determine that all employees or officers with the same job description
or assigned duties should have access for purposes of final Sec.
1002.108. If a financial institution assigns one or more tasks that may
require access to one or more applicants' protected demographic
information to a particular job title, the financial institution may
determine that all employees and officers who share that job title
should have access for purposes of Sec. 1002.108.
Although the final rule does not provide a safe harbor for a
financial institution's determination to account for variations in
determining feasibility (i.e., determining which employees and officers
should have access) as two commenters requested, new comment 108(a)-
2.iii states that a financial institution is permitted to choose what
lawful factors it will consider when determining whether an employee or
officer should have access to protected demographic information. A
financial institution's determination that an employee or officer
should have access may take into account relevant operational factors
and lawful business practices. For example, a financial institution may
consider its size, the number of employees and officers within the
relevant line of business or at a particular branch or office location,
and/or the number of covered applications the financial institution has
received or expects to receive. Additionally, a financial institution
may consider its current or its reasonably anticipated staffing levels,
operations, systems, processes, policies, and procedures. A financial
institution is not required to hire additional staff, upgrade its
systems, change its lending or operational processes, or revise its
policies or procedures for the sole purpose of determining who should
have access.
The Bureau believes this new comment makes clear that different
financial institutions may make different determinations regarding
which employees and officers should have access and that those
different determinations are permissible. Additionally, in response to
commenters' suggestions that determinations of feasibility should
satisfy the final rule if they are made in conformity with written
procedures, the Bureau notes that a financial institution may choose to
make its determinations regarding who should have access to protected
demographic information pursuant to written procedures, but is not
required to do so in order to have a determination satisfy the final
rule. Furthermore, in light of the flexibility provided in Sec.
1002.108, and because the firewall requirement was explicitly set forth
by Congress in section 1071, the Bureau does not believe that providing
further discretion in determining feasibility or adopting a safe
harbor, as suggested by some commenters, would be appropriate.
Final Sec. 1002.108(d) explains the requirement to provide a
notice in order to qualify for the exception. The Bureau is finalizing
Sec. 1002.108(d) and comments 108(d)-1 and -3 largely as proposed, and
has revised comment 108(d)-2 regarding the content of the notice. Final
Sec. 1002.108(d) has been revised to include LGBTQI+-owned business
status, and cross-references have been updated to reflect changes
elsewhere in the final rule. Specifically, final Sec. 1002.108(d)
states that in order to satisfy the exception set forth in final Sec.
1002.108(c), a financial institution shall provide a notice to each
applicant whose responses to inquiries for protected demographic
information will be accessed, informing the applicant that one or more
employees or officers involved in making determinations concerning the
covered application may have access to the applicant's responses to the
financial institution's inquiries regarding whether the applicant is a
minority-owned business, a women-owned business, or an LGBTQI+-owned
business, and regarding the ethnicity, race, and sex of the applicant's
principal owners. The financial institution shall provide the notice
required by final Sec. 1002.108(d) when making the inquiries required
under final Sec. 1002.107(a)(18) and (19) and together with the
notices required pursuant to Sec. 1002.107(a)(18) and (19).
Final comment 108(d)-1, which includes minor revisions for clarity,
explains that if a financial institution determines that one or more
employees or officers should have access pursuant to Sec. 1002.108(c),
the financial institution must provide the required notice to, at a
minimum, the applicant or applicants whose responses will be accessed
by an employee or officer involved in making determinations concerning
the applicant's or applicants' covered applications. Alternatively, a
financial institution may also provide the required notice to
applicants whose responses will not or might not be accessed. For
example, a financial institution could provide the notice to all
applicants for covered credit transactions or all applicants for a
specific type of product.
Final comment 108(d)-3, which includes minor revisions to align
with changes made elsewhere in the final rule, explains the timing for
providing the notice. Generally, the financial institution must provide
the notice required by Sec. 1002.108(d) prior to asking the applicant
if it is a minority-owned, women-owned, or LGBTQI+-owned business and
prior to asking for a
[[Page 35399]]
principal owner's ethnicity, race, or sex. Additionally, the notice
must be provided with the non-discrimination notices required pursuant
to Sec. 1002.107(a)(18) and (19).
While many commenters said that the Bureau should eliminate the
notice requirement or should exempt certain covered financial
institutions from the notice requirement, the Bureau does not believe
it is appropriate to eliminate this statutory requirement or to except
certain financial institutions from providing the notice if they are
relying on the exception to the firewall requirement. Congress
explicitly required that a financial institution provide a notice to an
applicant if the financial institution does not limit certain
employees' and officers' access to protected demographic information.
Congress also required that applicants be permitted to refuse to
provide the requested demographic information. Thus, an applicant
should be told that certain employees and officers may have access to
the protected demographic information so that the applicant can make an
informed decision of whether to exercise the applicant's statutory
right to refuse. The Bureau does not believe it would be appropriate to
allow some or all financial institutions to forego providing applicants
with the information they may need to determine whether to exercise
this statutory right. Although some commenters said that the notice may
undercut section 1071's purposes because the notice may cause
applicants to refuse to provide the requested demographic information,
the Bureau believes that Congress was aware of this potential result
when it provided applicants with the right to receive a notice and the
right to refuse to provide the requested information.
Additionally, other commenters undercut or contradicted the
reasoning put forth by commenters opposed to providing the notice. For
example, while a group of commenters opposed providing the notice based
on the belief that it would create competitive disadvantages or burdens
only for smaller institutions, other commenters said that larger
institutions would also likely provide the notice in lieu of
establishing and maintaining a firewall.\786\ Other commenters
supported allowing financial institutions to provide a notice in lieu
of establishing and maintaining a firewall, and one commenter said that
the notice was an important aspect of the proposed rule.
---------------------------------------------------------------------------
\786\ Aside from being speculative, such a competitive effect,
if it existed, would be a direct consequence of the statutory
mandate regarding the firewall: if the financial institution
determines that an employee or officer should have access to
protected demographic information, the notice must be provided.
---------------------------------------------------------------------------
Nonetheless, in order to address commenters' concerns about the
specific content proposed for the notice, the Bureau has revised
comment 108(d)-2. That comment reiterates that the notice must inform
the applicant that one or more employees and officers involved in
making determinations concerning the applicant's covered application
may have access to the applicant's responses regarding the applicant's
minority-owned business status, women-owned business status, LGBTQI+-
owned business status, and its principal owners' ethnicity, race, and
sex. However, the comment no longer prescribes language to be used for
the notice and, instead, directs financial institutions to the sample
data collection form included in the final rule for sample language
that a financial institution may opt to use when providing the
notice.\787\ Alternatively, a financial institution may opt to use
different language as long as the notice provides an applicant with the
statutorily required information (i.e., that one or more employees and
officers involved in making determinations regarding the applicant's
covered application may have access to the applicant's responses
regarding the applicant's minority-owned business status, women-owned
business status, LGBTQI+-owned business status, and its principal
owners' ethnicity, race, and sex). Final comment 108(d)-2 also notes,
for clarity, that if a financial institution establishes and maintains
a firewall and chooses to use the sample data collection form, it may
delete the sample language for the firewall notice from the form
because employees and officers involved in making determinations
concerning applicants' covered applications will not have access to the
applicants' responses to inquiries for protected demographic
information.
---------------------------------------------------------------------------
\787\ Regarding the comment that the Bureau should develop and
provide the notice in Spanish as well as English when it publishes
the final rule and add other translations over time, the Bureau
notes that it will be translating the sample data collection form in
appendix E (including the sample language for the notice on the
form) into several languages. See also the discussion regarding
compliance and technical assistance at the end of part I above.
---------------------------------------------------------------------------
Section 1002.109 Reporting of Data to the Bureau
Final Sec. 1002.109 addresses several aspects of financial
institutions' obligations to report small business lending data to the
Bureau. First, Sec. 1002.109(a) requires data to be collected on a
calendar year basis and reported to the Bureau by June 1 of the
following year, and addresses several related issues. Second, Sec.
1002.109(b) details the information that financial institutions must
provide about themselves when reporting data to the Bureau. Finally,
Sec. 1002.109(c) addresses technical instructions for submitting data
to the Bureau.
The Bureau is finalizing Sec. 1002.109 to implement ECOA section
704B(f)(1) and pursuant to its authority under 704B(g)(1) to prescribe
such rules and issue such guidance as may be necessary to carry out,
enforce, and compile data pursuant to section 1071. The Bureau is also
finalizing Sec. 1002.109(b) pursuant to 704B(e)(2)(H), which requires
financial institutions to compile and maintain as part of their data
any additional data that the Bureau determines would aid in fulfilling
the purposes of section 1071.
Details regarding each aspect of final Sec. 1002.109, including a
discussion of what the Bureau proposed and comments received, are
provided in the section-by-section analyses that follow.
109(a) Reporting to the Bureau
109(a)(1) Annual Reporting
Proposed Rule
ECOA section 704B(f)(1) provides that ``[t]he data required to be
compiled and maintained under [section 1071] by any financial
institution shall be submitted annually to the Bureau.''
Proposed Sec. 1002.109(a)(1)(i) would have required that by June 1
following the calendar year for which data are collected and maintained
as required by proposed Sec. 1002.107, a covered financial institution
shall submit its small business lending application register in the
format prescribed by the Bureau. This approach to reporting frequency
and reporting period is consistent with the annual submission schedule
specified in the statute. The Bureau sought comment on this aspect of
the proposal, and how best to implement it in a manner that minimizes
cost and burden to small financial institutions.
Proposed Sec. 1002.109(a)(1)(ii) would have required that an
authorized representative of the covered financial institution with
knowledge of the data submitted certify to the accuracy and
completeness of data submitted pursuant to proposed Sec. 1002.109(a).
A similar provision exists in Regulation C (Sec. 1003.5(a)(i)), and
the Bureau believed it appropriate to adopt a similar requirement here
as well. Based on the Bureau's experience with HMDA and Regulation C,
the Bureau believed that
[[Page 35400]]
having a specific person responsible for certifying to the accuracy and
completeness of data is likely to lead to financial institutions
providing better quality data.
Proposed Sec. 1002.109(a)(1)(iii) would have clarified that when
the last day for submission of data prescribed under proposed Sec.
1002.109(a)(1) falls on a date that is not a business day, a submission
is considered timely if it is submitted no later than the next business
day.
The Bureau sought comment on its proposed approach to the aspects
of reporting addressed in proposed Sec. 1002.109(a), including that
the reporting frequency be annual, that the reporting period be the
calendar year, and that the submission date be June 1 of the next
calendar year. In particular, the Bureau sought comment with respect to
proposed Sec. 1002.109(a)(1)(i) on whether requiring the submission of
small business lending application registers by June 1 might give rise
to complications for any persons or entities relying on data from the
registers for other purposes, such as Federal regulators scheduling
examinations.
Comments Received
In response to proposed Sec. 1002.109(a)(1)(i), the Bureau
received comments from lenders, trade associations, community groups,
and others. Commenters discussed the reporting deadline of June 1, the
calendar year reporting period, and the annual reporting frequency.
Several commenters supported the Bureau's reporting frequency and
period, as well as the reporting deadline of June 1. One bank urged the
Bureau to permit reporting as early as March 1 for institutions who
wished to do so. A few community groups and a CDFI lender supported the
reporting frequency and period, but only supported the proposed
deadline of June 1 contingent upon the Bureau's timely publication of
the data later on in the year.
Some commenters supported the reporting frequency and period but
did not support the reporting deadline. Of this group of commenters,
one trade association urged the Bureau against aligning the section
1071 reporting deadline with the HMDA reporting deadline of March 1,
citing a strain on resources. A trade association and a bank supported
annual reporting but requested a later deadline. Finally, two trade
associations requested the Bureau to permit ongoing reporting alongside
annual reporting. Both of these commenters suggested the Bureau create
a portal or centralized system where banks could input data as it is
received. Both commenters mentioned the burden that would come along
with maintaining a database internally, as well as concerns about
system maintenance, cost, and risk. One of those trade associations
also described an alternative whereby the Bureau could provide a link
where small business loan applicants could input their own data or opt
out of sharing their data altogether.
One bank did not support any aspect of proposed Sec.
1002.109(a)(1)(i). This bank argued that adding another reporting
regime, in addition to HMDA and CRA, would add significant burden to
their staff, both at the loan origination stage and at the reporting
stage. It also argued that having a mid-year reporting deadline would
tie up critical compliance resources and would require them to spend
one quarter of the year on reporting requirements.
Two trade associations touched on quarterly reporting. The first
commented that large banks (for CRA purposes) should be required to
provide their data within 30 days of a request to do so. They argued
that if the Bureau absolves lenders of the requirement to respond to
individual requests, then data should be reported quarterly. The second
commented that the frequency of reporting that financial and regulatory
agencies expect to receive is quarterly (Call Reports). They also
stated that non-regulated lenders, CDFIs and other similar providers
should be required to report no less than semi-annually.
Many commenters did not support the June 1 reporting deadline and
the calendar year reporting period in particular. A lender and a
business advocacy group urged the Bureau to adopt a reporting deadline
of July 1 instead of June 1 to provide more time between HMDA reporting
and section 1071 reporting. The business advocacy group stated that for
institutions who report HMDA data quarterly, 60 days after quarter end,
a deadline of June 1 would leave no separation between reporting
requirements. A cross-sector group of lenders, community groups, and
small business advocates urged the Bureau to adopt a May 1 to April 30
reporting period with a reporting deadline in July, citing that
staggering reporting periods would ease regulatory burden for lenders
who also report HMDA data. A joint letter from community groups
suggested a reporting period of July 1 to June 30, citing that covered
lenders would benefit by having six months to prepare before data
collection begins.
Several banks requested the reporting deadline be no earlier than
June 30 so that there would be more time to perform data integrity
reviews for those lenders that are HMDA and/or CRA reporters. Several
commenters requested, as a general matter, that reporting-related
changes be effective January 1 rather than midyear.
Finally, several lenders urged the Bureau to coordinate section
1071 reporting with CDFI Fund reporting. They argued that CDFIs are
required to report for a three-year period through the CDFI Fund's
Transaction Level Reporting data points that are well beyond the scope
of section 1071. They also suggested that the Bureau standardize data
formats to match those used in CDFI Fund reporting, and to coordinate
across agencies in order to streamline data collection and reporting
requirements. This, they argue, would minimize the burden on CDFIs.
The Bureau did not receive any comments in response to proposed
Sec. 1002.109(a)(1)(ii) and (iii).
Final Rule
For the reasons set forth herein, the Bureau is finalizing Sec.
1002.109(a)(1)(i) and (ii) as proposed, and finalizing Sec.
1002.109(a)(1)(iii) with a revision for clarity. Specifically, under
final Sec. 1002.109(a)(1)(i), on or before June 1 following the
calendar year for which data are compiled and maintained as required by
Sec. 1002.107, a covered financial institution shall submit its small
business lending application register in the format prescribed by the
Bureau. While several commenters advocated for more frequent reporting,
the Bureau believes that its approach is consistent with the annual
submission schedule specified in the statute. The Bureau is not
permitting financial institutions to submit their data on a real-time
basis or ongoing basis, as this approach could result in financial
institutions treating the Bureau as their official recordkeeper for
their data.\788\ Regarding the comments supporting a June 1 submission
date, contingent on rapid publication of data soon after, the Bureau
addresses such comments in the section-by-section analyses of Sec.
1002.110(a) and (b), and the privacy section in part VIII. While some
commenters requested that financial institutions have the ability to
submit data as early as March 1, the Bureau intends to make it possible
for financial institutions to report as early as possible before June 1
each year once the small
[[Page 35401]]
business lending data reporting platform is established.
---------------------------------------------------------------------------
\788\ With respect to comment that it should build an online
platform to receive data from applicants on a real-time basis, the
Bureau does not, at this time, intend to take this step, in line
with its analysis of demographic data submission in the section-by-
section analysis of Sec. 1002.107(a)(19).
---------------------------------------------------------------------------
While some commenters suggested alternate reporting periods, the
Bureau believes there are advantages to having data collected and
reported on a calendar year basis. Calendar year reporting may
facilitate other aspects of the rule that depend on data that is
typically recorded on a calendar year basis. For instance, other parts
of the rule look to annual data, such as Sec. 1002.105(b), which would
use a financial institution's loan volumes over the prior two calendar
years to determine whether it is a covered financial institution.
Further, the Bureau understands that financial institutions would
generally prefer to have such data collections occur on a calendar year
basis because such an approach would be generally consistent with their
operations. An annual reporting period other than the calendar year--
such as July 1 to June 30--could result in additional challenges for
financial institutions in complying with the rule, which could in turn
increase the probability of errors in collecting and reporting data to
the Bureau.\789\
---------------------------------------------------------------------------
\789\ Regarding concerns that a January 1 collection date would
be too soon after the publication of the rule, the Bureau addresses
all concerns about the amount of time lenders have to comply with
this rule in the section-by-section analysis of Sec. 1002.114(b).
---------------------------------------------------------------------------
Regarding submission date, several commenters requested alternate
deadlines such as March 1 or July 1. However, the Bureau believes that
a June 1 submission deadline gives the compliance staff of financial
institutions, especially smaller institutions, adequate time and
resources to dedicate to preparing a small business lending application
register, after meeting other reporting obligations earlier in the
year, such as under HMDA or CRA. This remains true even though the
final rule excludes all HMDA-reportable loans and even though the
Federal prudential regulators have proposed amendments to the CRA rules
that would use small business and small farm data from this rule. Many
institutions will still have March deadlines for their HMDA and CRA
reporting obligations unrelated to small business lending, and the
Bureau believes a later deadline for reporting data collected under
this final rule remains appropriate. Financial institutions with
quarterly HMDA filing deadlines generally handle a high volume of
mortgage loan originations and are more likely to have sufficient
resources to cope with a June 1 deadline for this rule (and, indeed,
any filing deadline set by the Bureau would be within 60 days of a
quarterly HMDA filing deadline).
Final Sec. 1002.109(a)(1)(ii) specifies that an authorized
representative of the covered financial institution with knowledge of
the data shall certify to the accuracy and completeness of the data
reported pursuant to Sec. 1002.109(a)(1)(i). The Bureau has modified
final Sec. 1002.109(a)(1)(iii) for clarity; it now provides that when
June 1 falls on a Saturday or Sunday, a submission shall be considered
timely if it is submitted on the next succeeding Monday.
109(a)(2) Reporting by Subsidiaries
Proposed Rule
ECOA section 704B(f)(1) states that ``any'' financial institution
obligated to report data to the Bureau must do so annually; the statute
does not expressly address financial institutions that are themselves
subsidiaries of other financial institutions.
Proposed Sec. 1002.109(a)(2) would have stated that a covered
financial institution that is a subsidiary of another covered financial
institution shall complete a separate small business lending
application register. The proposal would have provided that a
subsidiary shall submit its small business lending application
register, directly or through its parent, to the Bureau. Proposed
comment 109(a)(2)-1 would have explained that a covered financial
institution is considered a subsidiary of another covered financial
institution for purposes of reporting data pursuant to proposed Sec.
1002.109 if more than 50 percent of the ownership or control of the
first covered financial institution is held by the second covered
financial institution. This proposed provision would have mirrored one
that exists for HMDA reporting under Regulation C in Sec.
1003.5(a)(2). The Bureau believed that the proposed provision would
facilitate compliance by permitting parent financial institutions to
coordinate the reporting of all their subsidiaries' small business
lending data together.
The Bureau sought comment on this aspect of its proposal.
Additionally, the Bureau sought comment on proposed Sec.
1002.109(a)(2) in light of proposed Sec. 1002.105(b), which would have
defined a covered financial institution as a financial institution that
originated at least 25 covered credit transactions for small businesses
in each of the two preceding calendar years. The Bureau sought comment
on whether this provision may risk creating ambiguity with respect to
compliance and whether additional safeguards may be required to
dissuade financial institutions from creating subsidiaries for the sole
purpose of avoiding the collection and reporting of 1071 data. The
Bureau also sought comment on all other aspects of this proposal.
Comments Received
The Bureau received comments from a bank, a trade association, and
a community group on the proposed provision regarding reporting by
subsidiaries. The community group had no objections to the Bureau's
proposal. The bank recommended that the Bureau define subsidiary in
subpart B, stating that the term was used extensively in this proposed
provision and to dissuade financial institutions from creating
subsidiaries in order to avoid reporting data. The community group
recommended that the Bureau create safeguards against the possibility
that a lender will develop an ownership structure that will evade
reporting requirements, specifically that originations be counted at
the parent or holding company level for the purposes of determining
institutional coverage under Sec. 1002.105(b).
Final Rule
For the reasons set forth herein, the Bureau is finalizing Sec.
1002.109(a)(2) and associated commentary as proposed. The Bureau
believes that this provision will help facilitate compliance through
consistency with an existing provision in a separate regulation
(Regulation C) familiar to many financial institutions and by also
permitting financial institutions to coordinate the reporting of all
their subsidiaries' small business lending data. The final rule
provides a definition of subsidiary in comment 109(a)(2)-1.
The Bureau does not believe it is necessary to add to the rule a
requirement to count originations at the parent or holding company
level for the purposes of determining whether a financial institution
has met the institutional coverage threshold. Final Sec. 1002.105(b)
defines a covered financial institution as a financial institution that
originated at least 100 covered credit transactions for small
businesses in each of the two preceding calendar years. The Bureau
believes that the process and costs of establishing a new charter to
avoid reporting data, along with other associated obligations in
forming a new legal entity, will generally dissuade lenders from
creating subsidiaries through whom to make small business loans
specifically for the purpose of avoiding coverage under this final
rule.
[[Page 35402]]
109(a)(3) Reporting Obligations Where Multiple Financial Institutions
Are Involved in a Covered Credit Transaction
Background
Section 1071's requirement to collect and report data for any
``application to a financial institution for credit'' could be read as
applying to more than one financial institution when an intermediary
provides an application to another institution that takes final action
on the application. It might also apply in cases where one application
is simultaneously sent to multiple financial institutions for review.
This broad reading may serve a useful function, such as comprehensive
reporting by all financial institutions involved in a small business
lending transaction, but could also generate duplicative compliance
costs for financial institutions and potentially detract from the
quality of reported data, increasing the risk that certain applications
are reported multiple times with potential inconsistencies.
During the SBREFA process, several small entity representatives
voiced support for aligning reporting requirements for financial
institutions that are not the lender of record with the approach taken
for HMDA reporting in the Bureau's Regulation C. Other small entity
representatives expressed concern in adopting the Bureau's approach in
Regulation C, noting the differences between small business and
residential mortgage loan products, and advocated for simpler
approaches.
SBREFA feedback from other stakeholders included support for a
HMDA-like approach when multiple lenders are involved in a transaction,
praising the Bureau's consistent approach and interest in limiting
duplicative information. However, several stakeholders advocated
against the HMDA approach, generally by proffering other ideas rather
than criticizing the rules or outcomes of the HMDA approach.
Alternative suggestions varied, but included suggesting that data
collection and reporting should be required only for the company most
closely interacting with the loan applicant; if a financial institution
receives a covered application, then the application should be subject
to reporting, regardless of outcome; the financial institution that
funded (or would have funded) the loan should be required to collect
and report; and the financial institution that conducts the
underwriting and determines whether the small business credit applicant
qualifies for credit using its underwriting criteria should be required
to report and collect.
Proposed Rule
Proposed Sec. 1002.109(a)(3) would have provided that only one
covered financial institution shall report each covered credit
transaction as an origination, and that if more than one financial
institution was involved in an origination, the financial institution
that made the final credit decision approving the application shall
report the loan as an origination, if the financial institution is a
covered financial institution.
Proposed Sec. 1002.109(a)(3) would have further provided that if
there was no origination, then any covered financial institution that
made a credit decision shall report the application. The Bureau
explained that under certain lending models, financial institutions may
not always be aware of whether another financial institution originated
a credit transaction. The Bureau believed that information on whether
there was an origination should generally be available, or that lending
models can be adjusted to provide this information at low cost.
Proposed comment 109(a)(3)-1 would have provided general guidance
on how to report originations and applications involving more than one
institution. In short, if more than one financial institution was
involved in the origination of a covered credit transaction, the
financial institution that made the final credit decision approving the
application would report the covered credit transaction as an
origination. Proposed comment 109(a)(3)-2 would have offered examples
illustrating how a financial institution should report a particular
application or originated covered credit transaction. Proposed comment
109(a)(3)-3 would have explained that if a covered financial
institution made a credit decision on a covered application through the
actions of an agent, the financial institution reports the application,
and provided an example. State law determines whether one party is the
agent of another. While these proposed comments assumed that all of the
parties are covered financial institutions, the same principles and
examples would apply if any of the parties were not a covered financial
institution.
The Bureau sought comment on this aspect of its proposal. In
particular, the Bureau sought comment with respect to proposed Sec.
1002.109(a)(3) on whether, particularly in the case of applications
that a financial institution is treating as withdrawn or denied, the
financial institution can ascertain if a covered credit transaction was
originated by another financial institution without logistical
difficulty or significant compliance cost.
Comments Received
The Bureau received comments on this aspect of the proposal from a
range of stakeholders, including lenders, trade associations, and
community groups.
Several commenters, including trade associations and a community
group, expressed general support for the Bureau's proposed approach,
stating that it would help avoid duplicative reporting, the originating
lender is best positioned to obtain the necessary information from the
borrower, and the approach will increase the accuracy of the reported
data, especially in an increasingly complex lending market. In
addition, two credit union trade associations said that the proposal
takes the correct approach for loan participation arrangements. Another
trade association said that, to ensure simplicity, the Bureau should
make the rule identical to Regulation C.
Conversely, several other industry commenters asserted that the
proposal may be too complex or not feasible. A bank requested that the
Bureau consider different reporting rules in cases where coordination
among financial institutions is not feasible. A trade association
stated that financial institutions are not aware of credit extensions
made by competitors and are prohibited from sharing nonpublic
personally identifiable information, including the existence of an
account, with other financial institutions. This commenter pointed out
that in indirect financing, the loan might be offered to multiple
parties, so several financial institutions might be in this position.
Similarly, a joint letter from several insurance premium finance
trade associations stated that insurance premium lenders generally do
not know whether an application was originated by another financial
institution, and it would be difficult, if not impossible to find out.
These commenters suggested a new exception where insurance premium
finance lenders are permitted to report data regarding any signed
premium finance agreement they receive and take action upon (without
requiring them to determine whether another lender originated the rare
premium finance loan that is not approved and funded).
A joint letter from community and business advocacy groups argued
that the proposal does not address the complexity of modern online
lending. These commenters stated that online
[[Page 35403]]
lenders often ``rent a charter'' to evade the limitations of State
lending laws, the terms of these partnerships are often unknown, but
under the proposal only one party would report the data without it
being clear which one. They further noted that the final credit
decision might be made by a digital algorithm but then approved by the
depository institution. In addition, two credit union trade
associations expressed uncertainty regarding who is responsible for
errors or noncompliance--that is, credit union service organizations or
the member credit union.
A joint letter from two motor vehicle dealer trade associations
requested clarification on the rule's application, stating their belief
that for indirect auto lending, the responsible party would typically
be the indirect lender that advances funds, not the motor vehicle
dealer. They further asserted that the dealer typically is identified
on the credit contract as the seller-creditor even though the indirect
lender as assignee-creditor performs the underwriting, funding, and
servicing functions and determines whether, and on what terms, it will
agree to take assignment of the credit contract. They argued that when
an origination occurs, the lender taking assignment of the credit
contract should be the entity responsible for compliance with section
1071, and that when an origination does not occur, then reporting
responsibility should rest with the lender that conducted underwriting
and determined that they would not take assignment of the credit
contract.
A financial services trade association characterized the
transaction differently, explaining that indirect vehicle finance
transactions involve two separate, but related transactions. The
commenter stated that a customer purchases a car from a motor vehicle
dealer and executes a retail installment sales contract that finances
the purchase price and any other products the customer elects to
purchase. The dealer is the original creditor and negotiates the
financing terms with the customer. Separately, the dealer communicates
with one or more other financial institutions to determine which one
will purchase the completed contract and at what terms. As purchaser of
the credit contract, the financial institution takes assignment of the
contract and begins servicing the contract until it is paid in full.
In addition, two trade associations pointed to Board regulations
implementing ECOA and argued that the dealer would be prohibited under
the law from asking the business owner for protected demographic
information.
Some commenters expressed uncertainty regarding the Bureau's use of
the term ``final credit decision'' in the proposal. Two commenters
asserted that it was unclear which lender makes the final credit
decision in situations where two lenders are required to make a credit
decision to approve an application. A number of certified development
companies, their trade association, and other lenders provided the
example of the SBA's 504 Development Company Loan Program, which
requires loans to be financed by both a certified development company
and a private lender, asking who reports in such cases.
Several farm credit institutions and a trade association requested
that the Bureau clarify that its rule does not apply to credit
decisions made after loan approval. The commenters explained that farm
credit institutions are required to make an independent judgment on the
creditworthiness of the borrower, even in secondary market
transactions, so it would be helpful to make clear that those judgments
are not subject to data collection and reporting obligations. In
addition, a group of trade associations requested that the rule text
should more closely match the text in proposed comment 109(a)(3)-1.ii,
saying that otherwise it could be misinterpreted to mean that as long
as one institution reports its decision, then others need not do so.
A law firm commented that the Bureau should clarify that third-
party review, even if for the purposes of telling the creditor that the
third party will only purchase the post-origination loan under certain
conditions, does not mean that the third party/potential purchaser made
the final credit decision. The commenter explained that in these types
of ``forward flow'' transactions, the third party does not originate
the credit nor does it have any particular interest in whether the
creditor approves and originates the transaction.
A group of trade associations stated that in the case of withdrawn
applications, it would be impractical and burdensome for a financial
institution to determine whether an applicant received credit
elsewhere.
Commenters offered some alternative suggestions. Two industry
commenters stated that if a loan is originated, only the creditor to
whom the obligation is initially payable should be required to collect
and report data. When there is no origination, only the institution
that initially received the application should be required to collect
and report data. These commenters asserted that this was a simpler
approach, and the originating creditor is in the best position to
collect and report all of the required data points.
A joint letter from community and business advocacy groups stated
that the Bureau should assign reporting responsibility to the financial
institution that has the predominant economic interest in and bears the
predominant risk of a loan (or that would have had such an interest had
the loan been consummated). These groups further asserted that it is
important in online lenders' ``rent a charter'' arrangements for the
Bureau to collect data on both the identity of the online lender and
the depository institution because they are both ECOA creditors, but at
a minimum the Bureau should collect data on the party that bears the
bulk of the risk.
Another commenter stated that the Bureau should consider adding a
non-unique (i.e., shared across institutions) loan identifier that
would allow matching of loans reported by multiple institutions (e.g.,
a new data point). The commenter asserted that this would allow data
users to match loans reported by multiple financial institutions and
obviate the need to have such reporting rules.
Comments addressing partial interests and participation loans are
discussed in the section-by-section analysis of Sec. 1002.104(b).
Moreover, several farm credit institutions urged the Bureau to clarify
that in the syndicated loan context, the administrative agent is the
sole lender with responsibility under the rule. Commenters explained
that syndicated loans differ from participations in that multiple
lenders enter into a contractual relationship with the borrower, but
there is typically an administrative agent, which is primarily
responsible for interacting with the applicant or borrower. A farm
credit institution noted that the proposal's ambiguity with respect to
syndicated loan reporting would create inaccuracies in reported
information.
Final Rule
For the reasons set forth herein, the Bureau is finalizing Sec.
1002.109(a)(3) with modifications. Final Sec. 1002.109(a)(3) states
the general rule that each covered financial institution shall report
the action that it takes on a covered application. Where it is
necessary for more than one financial institution to make a credit
decision in order to approve the covered credit transaction, however,
only the last covered financial institution with authority to set the
material terms of the covered credit transaction shall report
[[Page 35404]]
the application. In addition, financial institutions report the actions
of their agents.
Final comment 109(a)(3)-1 provides general guidance on how to
report applications involving more than one institution. Final comment
109(a)(3)-2 provides a variety of examples to illustrate which
financial institution reports a particular application when multiple
financial institutions are involved in a covered credit transaction and
how such applications are reported.
The Bureau has revised language in proposed Sec. 1002.109(a)(3)
that discussed outcomes ``if more than one financial institution was
involved in an origination'' both for clarity, and to avoid complexity,
logistical challenges, and potential data accuracy issues. Initially,
final Sec. 1002.109(a)(3) provides that each covered financial
institution shall report the action that it takes on a covered
application. Final comment 109(a)(3)-1.ii sets forth the various
actions that a financial institution may take on a covered application.
Certain of the examples in final comment Sec. 1002.109(a)(3)-2
illustrate credit transactions that involve a single financial
institution with responsibility for making a credit decision on a
covered application. Those examples make clear that where a financial
institution is only passively involved in a covered credit transaction
or is only involved after the time of origination (for example, to
purchase the loan), it has not taken action on the covered application
and so does not report. For example, the Bureau understands that a non-
originating financial institution may be ``involved'' with a covered
credit transaction after closing (for example, if it purchases the
covered credit transaction); however, such post-closing transactions
(with the exception of applications for line increases) are generally
not covered by the final rule. The Bureau further notes that whether an
entity meets the definition of ``creditor'' under ECOA and Regulation B
is not determinative of who reports under this rule.
Despite the general rule that all financial institutions shall
report action taken on a covered application, final Sec. 1002.9(a)(3)
and final comment 109(a)(3)-1.i provide that where it is necessary for
more than one financial institution to make a credit decision in order
to approve the covered credit transaction, only the last financial
institution with authority to set the material terms of the covered
credit transaction is required to report. Setting the material terms of
the covered credit transaction includes, for example, selecting among
competing offers or modifying pricing information, amount approved or
originated, or repayment duration. The fact that it is necessary for
more than one financial institution to make a credit decision in order
to approve the covered credit transaction does not mean that there was
an actual approval or origination of the covered application. Rather,
and in contrast to the passive conduit scenario described above, this
provision applies when a financial institution would not originate a
covered credit transaction unless it was approved by at least one other
financial institution prior to closing.
The changes to Sec. 1002.109(a)(3) are intended to address
commenters' concerns that the NPRM approach was too complex or
infeasible. Many of these commenters stated that it would be difficult
for a financial institution to know if a loan was originated by another
financial institution. Unlike the NPRM approach, final Sec.
1002.109(a)(3) is not limited to requiring only one financial
institution to report an origination. Final Sec. 1002.109(a)(3) states
that where it is necessary for more than one financial institution to
make a credit decision to approve the covered credit transaction, only
the last covered financial institution with authority to set the
material terms of the covered credit transaction is required to report
the application (i.e., whether or not it was originated). In making
this change, the Bureau seeks to avoid duplicative reporting in more
than just cases of originated transactions; it seeks to clarify that
only one financial institution is required to report on the
application, no matter the action taken.
While the Bureau recognizes there may be some benefit in having
multiple financial institutions reporting the same application, there
are logistical challenges and potential data accuracy issues that could
result from reporting by multiple financial institutions. For example,
the Bureau understands that in some typical indirect lending
situations, one application may be transmitted to several financial
institutions to determine interest in purchasing an originated
transaction, and requiring reporting from each of these financial
institutions (even if the small business applicant is not aware of
their involvement or the action taken by these institutions) would
significantly increase reporting volumes for these types of
transactions. Moreover, in this example, while this approach means a
lack of visibility into purchase offers and an inability to compare
them to the resulting credit contract, the Bureau believes that
reporting of such data could undermine data quality and would provide
only limited additional benefits where the purchase decisions are later
accepted, declined, or altered by a different financial institution
that ultimately presents (or does not present) a credit offer to the
applicant. Thus, the Bureau believes data quality, along with the
purposes of section 1071, will be better served if the financial
institution with the last authority for setting the material terms of
the covered transaction is the reporter.\790\
---------------------------------------------------------------------------
\790\ If the financial institution with last authority for
setting the material terms of the covered credit transaction is not
a covered financial institution, whether due to a statutory
exemption (such as the one for motor vehicle dealers in section
1029) or other reasons, then the application is not reported under
this rule.
---------------------------------------------------------------------------
Final comment 109(a)(3)-1.i emphasizes that the determinative
factor is not which financial institution actually made the last-in-
time credit decision, but rather which financial institution had last
authority for setting the material terms of the covered credit
transaction, even if it did not actually exercise this authority in a
particular case. For example, a financial institution that has the
authority to modify the total loan amount prior to origination has the
last authority for setting the terms of the covered credit transaction,
even if it makes no changes to the total loan amount. The Bureau is
adopting a categorical, rather than a case-by-case rule, to enable
financial institutions to identify a reporting party at the outset of a
transaction. The Bureau believes that this will help eliminate
uncertainty and logistical challenges concerning which institution
reports, and thus provide a more straightforward and administrable
bright line.
This approach will also address requests for clarification from
commenters. For example, one commenter suggested that the Bureau
clarify that third-party review, even if for the purposes of telling
the creditor that the third party will only purchase the post-
origination loan under certain conditions, does not mean that third
party/potential purchaser made the final credit decision. The Bureau
believes that final comment 109(a)(3)-2.vii addresses this scenario,
illustrating that where another financial institution has ultimate
authority for setting the material terms of the covered credit
transaction, the third party/potential purchaser does not report. In
finalizing this approach, the Bureau is also removing the phrase
``final credit decision'' from Sec. 1002.109(a)(3) because the phrase
appears to have caused confusion and is not necessary to convey the
Bureau's intentions regarding which financial institution is
[[Page 35405]]
required to report under various circumstances.
In addition, final comment 109(a)(3)-1.iii clarifies reporting
obligations in circumstances where it is necessary for more than one
financial institution to make a credit decision in order to approve a
single covered credit transaction and where more than one financial
institution denies the application or otherwise does not approve the
application. In this circumstance, the reporting financial institution
(the last financial institution with authority to set the material
terms of the covered credit transaction) shall have a consistent
procedure for determining how it reports inconsistent or differing data
points for purposes of subpart B, such as reporting the denial
reason(s) from the first financial institution that denied the covered
application.
The Bureau believes that the revisions to Sec. 1002.109(a)(3) and
associated commentary will help ensure clarity and consistency from the
outset regarding which entity has reporting responsibility in a variety
of fact patterns involving multiple financial institutions. In
addition, the Bureau believes that this approach advances section
1071's purposes by reducing logistical challenges and potential data
accuracy issues resulting from reporting by multiple financial
institutions on the same application.
In response to commenters who urged consistency with HMDA, the
Bureau notes that it initially sought alignment with Regulation C given
its understanding of how well the approach has worked in the
residential mortgage context and the similarities that exist with
various indirect lending scenarios in the small business lending
context. While the Bureau's approach in final Sec. 1002.109(a)(3) in
many situations is consistent with Regulation C outcomes, it deviates
in some ways because, unlike Regulation C, this final rule does not
cover purchase transactions. In addition, the Bureau believes that
commenters' concerns about alignment with HMDA are mitigated by the
Bureau's decision to exclude reporting of all HMDA-reportable
transactions, as set forth in final Sec. 1002.104(b)(2).
Unlike section 1071, HMDA expressly contemplates data collection
for loan purchases, and Regulation C thus requires financial
institutions to report purchases of covered loans.\791\ Moreover,
Regulation C commentary clarifies that if more than one institution
approved an application prior to closing or account opening and one of
those institutions purchased the loan after closing, the institution
that purchased the loan after closing reports the loan as an
origination.\792\ The preamble to the 2015 final HMDA rule explained
that requiring that only one institution report the origination of a
covered loan eliminates duplicative data.\793\ Identical language was
included in proposed comment 109(a)(3)-1.i.
---------------------------------------------------------------------------
\791\ See 12 U.S.C. 2803(a)(1) (stating that institutions
``shall compile and make available . . . the number and total dollar
amount of mortgage loans which were (A) originated (or for which the
institution received completed applications), or (B) purchased by
that institution''); Regulation C Sec. 1003.4(a) (stating that a
financial institution ``shall collect data regarding . . . covered
loans that it purchases for each calendar year'').
\792\ Regulation C comment 4(a)-2.i.
\793\ 80 FR 66128, 66173 (Oct. 28, 2015).
---------------------------------------------------------------------------
Upon further consideration, the Bureau believes that Regulation C's
approach involving a purchasing institution is incongruous with section
1071 requirements and thus the final rule adopts a different approach.
As described in the section-by-section analysis of Sec. 1002.104(b)
above, purchases of covered credit transactions are not, in themselves,
covered by the rule. Thus, the Bureau is removing language from
proposed comment 109(a)(3)-1.i that would have required reporting by a
purchasing financial institution that also approved an application
prior to closing or account opening, and is instead placing the
reporting obligation on the last covered financial institution with
authority to set the material terms of the covered credit transaction.
The Bureau believes that this approach is more broadly applicable to
the small business financing context (particularly since the Bureau is
excluding HMDA-reportable transactions) where there are some salient
differences to the mortgage lending context.
For example, while there may also be intermediaries in a mortgage
loan transaction, an intermediary typically does not have the
discretion and authority to materially deviate from the terms expected
by a secondary-market purchaser. In some small business lending
contexts, even where a subsequent bona fide purchaser and holder in due
course of a covered credit transaction has been identified, an
intermediary may have the authority to sort through different purchase
offers, select one, and present it to the applicant. Such an
intermediary may also have the authority to change material terms of
the covered credit transaction prior to closing, such as modifying the
pricing terms, loan amount, or repayment duration. As the only party to
interact with the applicant prior to closing, the intermediary can be
the party with the most fair lending risk. The Bureau believes, given
section 1071's statutory purposes, this last financial institution with
the authority to set the terms of the small business's credit
obligation should be the one to report on an application.
Indirect auto lending transactions are a common example of
situations involving multiple financial institutions. It is common for
motor vehicle dealers to assess specific credit information about the
applicant, negotiate and set credit terms (such as the duration of the
transaction), negotiate and charge for add-on products, and include
loan pricing markups. Likewise, the dealer is typically the original
creditor, executing and setting the terms of a retail installment sales
contract with the customer, and then selling it to another financial
institution. Even if the motor vehicle dealer interacts with several
financial institutions to make a credit decision and originate a credit
transaction, the dealer is typically the last entity with authority to
set the material credit terms of the covered credit transaction. Final
comments 109(a)(3)-2.vii and viii provide examples of such scenarios.
In some cases, a financial institution's purchase of the retail
installment sales contract may not even occur until well after the
contract has been signed and the vehicle has been driven off the lot.
The fact that a contract may be conditioned on a financial
institution's purchase of the contract at a later time does not alter
the analysis. In these situations, often known as ``spot delivery,''
the applicant has met the underwriting and creditworthiness conditions
used by the motor vehicle dealer and has been approved. The fact that a
motor vehicle dealer has imposed other conditions on the execution of
the contract (i.e., a financial institution purchasing the contract)
that are outside of the applicant's control does not change the
conclusion. Once the contract has been signed and the terms of credit
set, there is no credit decision on a covered application by a
subsequent purchaser.
The Bureau recognizes that its rules generally do not apply to
motor vehicle dealers, as defined in section 1029(f)(2) of the Dodd-
Frank Act, that are predominantly engaged in the sale and servicing of
motor vehicles, the leasing and servicing of motor vehicles, or
both.\794\ This provision is codified in final Sec. 1002.101(a). The
Dodd-Frank Act also specifies that in general, ``nothing
[[Page 35406]]
in this title . . . shall be construed as modifying, limiting, or
superseding the operation of any provision of Federal law, or otherwise
affecting the authority of the Board of Governors . . . with respect to
a [motor vehicle dealer that is predominantly engaged in the sale and
servicing of motor vehicles, the leasing and servicing of motor
vehicles, or both].'' \795\ Thus, consistent with this provision, if
the motor vehicle dealer is the last financial institution with
authority to set the material credit terms of the covered credit
transaction, that application will not be reported under subpart B.
---------------------------------------------------------------------------
\794\ 12 U.S.C. 5519.
\795\ 12 U.S.C. 5519(c).
---------------------------------------------------------------------------
Relatedly, several commenters asserted that motor vehicle dealers
are prohibited by the Board's Regulation B from asking for protected
demographic information in order to furnish it to another financial
institution for reporting under the Bureau's rule. As noted above, the
Bureau believes that dealers are often the last entity with authority
to set the material credit terms of the covered credit transaction, and
so are generally unlikely to be collecting 1071 data on behalf of other
reporting financial institutions. But even in situations where the
dealer is acting as a mere conduit, and thus may be collecting
information on behalf of another financial institution, comment
5(a)(2)-3 to the Board's Regulation B states that persons such as loan
brokers and correspondents do not violate ECOA or Regulation B if they
collect information that they are otherwise prohibited from collecting,
where the purpose of collecting the information is to provide it to a
creditor that is subject to HMDA or another Federal or State statute or
regulation requiring data collection.\796\
---------------------------------------------------------------------------
\796\ This language aligns with comment 5(a)(2)-3 in the
Bureau's Regulation B, to which the Bureau is adding a reference to
subpart B for additional clarity.
---------------------------------------------------------------------------
The Bureau appreciates the range of potential alternatives raised
by commenters as to the entity that should be required to report data
when a covered credit transaction involves multiple financial
institutions, but is not implementing these alternative suggestions.
For the reasons described above, the Bureau believes that the last
financial institution with the authority to set the material terms of
the covered credit transaction should be the one to report.
The Bureau believes that the final rule is also consistent with
arrangements where an online lender partners with a bank and provides
further clarity regarding who reports when multiple financial
institutions are involved.
Commenters' concerns regarding reporting of insurance premium
financing transactions are rendered moot by the Bureau's exclusion of
such transactions from coverage under the rule. See the section-by-
section analysis of Sec. 1002.104(b)(3) for additional details.
Regarding farm credit institutions' request that the Bureau clarify
that the rule does not apply to credit decisions made after loan
approval, the Bureau has made clear in final Sec. 1002.109(a)(3) and
associated commentary that only the action taken on the application is
reportable.
Regarding partial purchase interests and participation loans, as
explained in the section-by-section analysis of Sec. 1002.104(b), the
Bureau has added commentary to clarify that a partial purchase of a
loan does not, in itself, generate an obligation for a covered
financial institution to report small business lending data. The Bureau
believes that applications for covered credit transactions will
generally be reported by one covered financial institution, i.e., the
financial institution that sold portions of the loan to other
participants. The examples provided in final comments 109(a)(3)-2.ix
and .x speak to such scenarios.
The Bureau further believes that the rule is consistent with loan
syndication arrangements where multiple lenders come together to fund a
large loan for a single borrower. Syndication is distinguishable from
loan participations. In participations, the contractual relationship
runs from the borrower to the lead bank and from the lead bank to the
participants. In syndications, the borrower signs a loan agreement with
multiple creditors, each of whom has a direct contractual relationship
with the borrower. Usually, each creditor in a syndicated loan
transaction receives its own promissory note from the borrower. In
fact, the Farm Credit Administration legally distinguishes between the
Farm Credit System's loan-making authority (which includes syndication
transactions) and its participation authority.\797\ The Bureau believes
that syndication is typically used for large commercial projects and a
limited number of reportable applications are likely to involve
syndicated loans. The Bureau also understands that typical syndication
arrangements have a syndicate agent/lead bank. If the lead bank has the
last authority to set the material terms of the covered credit
transaction, it has the reporting obligation.
---------------------------------------------------------------------------
\797\ See 69 FR 8407 (Feb. 24, 2004).
---------------------------------------------------------------------------
The Bureau also believes that the rule is consistent with lending
through Certified Development Companies (CDCs) for SBA loans. CDCs are
nonprofit organizations that are certified by, but independent of, the
SBA. SBA 504 loans involve two applications--one to a CDC and one to
another participating SBA lender. Generally, the transaction begins
with the applicant submitting an application to the CDC to obtain
approval for up to 40 percent of a project's costs. Once the
application is approved by the CDC, the applicant works with another
lender--typically a bank--to apply for the other portion of the
financing. The other lender's loan typically covers 50 percent of a
project's cost and is secured by a first lien, while the CDC's loan
covers up to 40 percent of the project's cost and is secured by a
second lien. The CDC loan is backed by a 100 percent SBA-guaranteed
debenture. The bank earns interest from the debenture, which it
receives semi-annually. The borrower contributes equity of at least 10
percent, sometimes up to 20 percent, of the project cost. The CDC and
the other lender separately underwrite the loan, and the terms and
conditions on the CDC and bank loans may differ. Because both the CDC
and the other lender make their own credit decisions on separate
covered applications, they are each responsible for reporting the
application covering their portion of the financing.
109(b) Financial Institution Identifying Information
As explained in the NPRM, beginning in 1989, Regulation C required
financial institutions reporting HMDA data to use a discrete
transmittal sheet to provide information on themselves separate from
the loan/application registers used to submit HMDA data.\798\ The 2015
HMDA final rule incorporated information previously submitted on the
transmittal sheet into the regulatory reporting requirements.\799\ The
FFIEC publishes information on financial institutions that report HMDA
data in
[[Page 35407]]
the HMDA Reporter Panel, which includes the required submission
information provided by financial institutions under Sec.
1003.5(a)(3), as well as other data derived from this information.\800\
---------------------------------------------------------------------------
\798\ See 54 FR 51356, 51361 (Dec. 15, 1989) (requiring
financial institutions to use the transmittal sheet and loan/
application register in appendix A).
\799\ 80 FR 66128, 66526 (Oct. 28, 2015) (deleting appendix A
and relocating its substantive requirements to Sec. 1003.5(a)(3)).
The information now required by Regulation C includes: (i) the
financial institution's name; (ii) the calendar year the data
submission covers; (iii) the name and contact information of a
person who may be contacted with questions about the institution's
submission; (iv) its appropriate Federal agency; (v) the total
number of entries contained in the submission; (vi) its Federal
taxpayer identification number; and (vii) its Legal Entity
Identifier (LEI).
\800\ See, e.g., Fed. Fin. Insts. Examination Council, HMDA
Public Panel, https://ffiec.cfpb.gov/documentation/2017/panel-data-fields/ (last visited Mar. 20, 2023).
---------------------------------------------------------------------------
The Bureau proposed to collect similar information regarding
financial institutions that report small business lending data.
Specifically, proposed Sec. 1002.109(b) would have required that a
financial institution provide the following information about itself as
part of its submission: (1) its name; (2) its headquarters address; (3)
the name and business contact information of a person who may be
contacted with questions about the financial institution's submission;
(4) its Federal prudential regulator, if applicable; (5) its Federal
taxpayer identification number; (6) its LEI; (7) its Research,
Statistics, Supervision, and Discount identification (RSSD ID) number,
if applicable; (8) its parent institution information, if applicable
(including the name, LEI, and RSSD ID number of its immediate parent
entity and top-holding parent entity, if applicable); (9) the type of
financial institution, chosen from a list provided; and (10) whether
the financial institution is voluntarily reporting data.
The Bureau sought comment on its approach to collecting information
on financial institutions, including each of the items listed in
proposed Sec. 1002.109(b)(1) through (10) as well as whether the
Bureau should require the reporting of any other information on
financial institutions. The Bureau did not receive any comments on the
requirement to provide financial institution identifying information
generally, although comments received regarding each of the items
listed in proposed Sec. 1002.109(b)(1) through (10), are discussed in
turn below. The Bureau also received comments discussing the benefits
and privacy risks of financial institution identifying information,
which are discussed in part VIII below.
For the reasons set forth herein, the Bureau is finalizing Sec.
1002.109(b) with modifications to move examples regarding when to
report changed financial institution identifying information to new
comment 109(b)-1 to streamline and ensure uniformity in the guidance,
with revisions to Sec. 1002.109(b)(3) to clarify which contact
person's information must be provided, and to adjust the list provided
in comment 109(b)(9)-1 based on comments received.
The Bureau believes it is appropriate to require each of these
pieces of information regarding financial institutions reporting small
business lending data. As a practical matter, the Bureau anticipates
that this information will be provided by a financial institution when
it initially sets up an account with the Bureau's small business
lending data submission platform to allow it to file data as required
by the rule. Thus, this information will exist in the Bureau's data
submission system and will be updated by the financial institution as
needed.
The Bureau believes that collecting a financial institution's name
(as well as all the other identifying information in proposed Sec.
1002.109(b)) is necessary to carry out, enforce, and compile data under
section 1071, and will aid in fulfilling the purposes of section 1071.
For both of section 1071's statutory purposes, the identity of the
financial institution taking covered applications and originating
covered credit transactions is critical as it will (1) make fair
lending enforcement possible, and (2) make analyzing business and
community development needs of small businesses more effective.
With the possible exception of the LEI (in final Sec.
1002.109(b)(6) and (8)(ii) and (v)) in certain circumstances, the
Bureau believes that financial institutions already have all the
information that is required of them under final Sec. 1002.109(b), and
that being required to provide this information to the Bureau should
not pose any particular difficulties or costs on financial
institutions.
Paragraph 109(b)(1)
Proposed Sec. 1002.109(b)(1) would have required a financial
institution to provide its name. Regulation C (Sec. 1003.5(a)(3)(i))
requires financial institutions to provide their names when filing HMDA
data, and the Bureau believed that a similar requirement would have
been appropriate here.
The Bureau detailed several practical considerations for proposing
to require a financial institution to provide its name, including
identification for examination purposes and administration of the
Bureau's website for data submissions. Additionally, the Bureau noted
that it proposed in Sec. 1002.110(c) that financial institutions'
statutory obligation to make data available to any member of the
public, upon request, pursuant to ECOA section 704B(f)(2)(B) would have
been satisfied by the institutions' directing the public to the
Bureau's website for this information. Without the financial
institution's name (and other relevant identifying information),
proposed Sec. 1002.110(c) would not have satisfied this statutory
requirement.
The Bureau received two comments on this aspect of the proposal
from community groups, both of which supported Sec. 1002.109(b)(1) as
proposed. For the reasons set forth herein, the Bureau is finalizing
Sec. 1002.109(b)(1) as proposed.
Paragraph 109(b)(2)
Proposed Sec. 1002.109(b)(2) would have required a financial
institution to provide the physical address of its headquarters
location. The headquarters address of a financial institution would
provide geographic information that would aid in fulfilling the
statutory purposes of section 1071, including, for instance, analyses
of the connection between a financial institution's location and the
business and community development needs where it operated. It would
also help identify and differentiate financial institutions,
particularly nondepository financial institutions, that have similar
names.
Having received no comments on this aspect of the proposal and for
the reasons set forth herein, the Bureau is finalizing Sec.
1002.109(b)(2) as proposed.
Paragraph 109(b)(3)
Proposed Sec. 1002.109(b)(3) would have required a financial
institution to provide the name and business contact information of a
person who may have been contacted with questions about the financial
institution's data submission. The Bureau noted that Regulation C
includes a similar requirement in Sec. 1003.5(a)(3)(iii), and the
Bureau believed it would have been appropriate to require such
information here. In general, the Bureau found, from its experience
with HMDA and Regulation C, that requiring the name and business
contact information of a person who may have been contacted with
questions generally facilitated communication in the event that follow-
up on a submission is required.
Having received no comments on this aspect of the proposal and for
the reasons set forth herein, the Bureau is generally finalizing Sec.
1002.109(b)(3) as proposed. However, the Bureau is revising final Sec.
1002.109(b)(3) to make clear that the contact reported is a person
responsible for responding to Bureau or other regulator inquiries about
the submission, rather than inquiries from the general public.
[[Page 35408]]
Paragraph 109(b)(4)
Proposed Sec. 1002.109(b)(4) would have required a financial
institution that is a depository institution to provide the name of its
Federal prudential regulator, if applicable. Proposed comment
109(b)(4)-1 would have explained how to determine which Federal
prudential regulator (i.e., the OCC, the FDIC, the Board, or the NCUA)
a financial institution should report. Proposed comment 109(b)(4)-2
would have provided guidance on when a financial institution would be
required to report a new Federal prudential regulator, for instance, in
the event of a merger or a change of charter.
The Bureau noted that Regulation C includes a similar provision in
Sec. 1003.5(a)(3)(iv), requiring financial institutions to identify
the appropriate Federal agency. In the Regulation C context, the
purpose of this requirement is to identify the agency to which a
financial institution must report its HMDA data--often the financial
institution's Federal prudential regulator for depository
institutions.\801\ For small business lending data, the Bureau believed
a requirement to report a financial institution's Federal prudential
regulator would be appropriate for different reasons. The reporting of
a financial institution's Federal prudential regulator would enable
analysts to more easily identify other information about a financial
institution that its Federal prudential regulator makes publicly
available, such as Call Report data; further, such additional data may
be used by regulators to perform analyses of the characteristics of
financial institution's data. Nondepository institutions generally do
not have Federal prudential regulators and would not have reported one
under this requirement.\802\
---------------------------------------------------------------------------
\801\ 12 U.S.C. 2803(h).
\802\ Additionally, while some nondepository institutions have
Federal regulators, those Federal regulators may not meet the
definition of Federal prudential regulator provided in comment
109(b)(4)-1 and this data point still may not be applicable. For
example, while Farm Credit System institutions are regulated and
supervised by the Farm Credit Administration, the Farm Credit
Administration is not a Federal prudential regulator as defined in
comment 109(b)(4)-1.
---------------------------------------------------------------------------
Having received no comments on this aspect of the proposal and for
the reasons set forth herein, the Bureau is finalizing Sec.
1002.109(b)(4) as proposed, but has moved the example in proposed
comment 109(b)(4)-2 to new comment 109(b)-1.
Paragraph 109(b)(5)
Proposed Sec. 1002.109(b)(5) would have required a financial
institution to provide its Federal taxpayer identification number
(TIN). Proposed comment 109(b)(5)-1 would have explained when a
financial institution should report a new Federal TIN in the event that
it obtained a new Federal TIN (for instance, because the financial
institution merged with another financial institution and adopted the
Federal TIN of the other financial institution). The Bureau noted that
Regulation C Sec. 1003.5(a)(3)(vi) requires financial institutions to
report Federal TIN with their HMDA submissions, and the Bureau believed
such a requirement would be appropriate here as well. A financial
institution's Federal TIN may be used to identify other publicly
available information on a financial institution, and combined with a
financial institution's small business lending application register to
enhance the types of analysis that can be conducted to further the two
statutory purposes of section 1071.
Having received no comments on this aspect of the proposal and for
the reasons set forth herein, the Bureau is finalizing Sec.
1002.109(b)(2) as proposed, but has moved the example in proposed
comment 109(b)(5)-1 to new comment 109(b)-1.
Paragraph 109(b)(6)
Proposed Sec. 1002.109(b)(6) would have required a financial
institution to provide its LEI. Proposed comment 109(b)(6)-1 would have
explained what an LEI is and would have made clear that financial
institutions that do not currently have an LEI must obtain one, and
that financial institutions would have an ongoing obligation to
maintain an LEI in order to satisfy proposed Sec. 1002.109(b)(6).
The Bureau explained that an LEI is a unique, 20-digit identifier
issued by an entity endorsed or otherwise governed by the Global LEI
Foundation. Regulation C requires financial institutions to obtain and
use an LEI, which facilitates the analysis of HMDA data and aids in the
recognition of patterns by more precisely identifying financial
institutions and affiliated companies.\803\ The LEI also helps
financial institutions that report HMDA data generate the universal
loan identifier used to identify application or application-level
records in Regulation C. Similarly, in the section 1071 context, a
financial institution's LEI would also likely facilitate data
analyses,\804\ by helping the Bureau and other stakeholders better
understand a financial institution's corporate structure. Proposed
Sec. 1002.107(a)(1) would have also required that financial
institutions use their LEIs in creating unique identifiers for covered
applications. The Bureau believed this, in turn, would result in more
sophisticated and useful analyses of the financial institution's data.
---------------------------------------------------------------------------
\803\ 80 FR 66128, 66248 (Oct. 28, 2015) (noting that, despite
the cost, the Bureau believed that the benefit of all HMDA reporters
using an LEI justified the associated costs by improving the ability
to identify the financial institution reporting the data and link it
to its corporate family).
\804\ Id. (``By facilitating identification, this requirement
will help data users achieve HMDA's objectives of identifying
whether financial institutions are serving the housing needs of
their communities, as well as identifying possible discriminatory
lending patterns.'').
---------------------------------------------------------------------------
The Bureau received a few comments on this aspect of the proposal.
These commenters were supportive of proposed Sec. 1002.109(b)(6),
agreeing with the Bureau's assertion that an LEI would help facilitate
analyses. One commenter stated that the Bureau needed to ensure data
users could identify parent and affiliate connections. The comments
also supported requiring financial institutions to provide LEI
information, stating that it would be consistent with HMDA, as
discussed in the proposal.
For the reasons set forth herein, the Bureau is finalizing Sec.
1002.109(b)(6) as proposed. Regarding the comment requesting the Bureau
make identification of parent and affiliate connections easier, the
Bureau notes that it is requiring LEI information in part for this
reason, as discussed in the proposal. As explained in comment
109(b)(6)-1, financial institutions are required to report the current
LEI number, and if the financial institution does not currently possess
one, to obtain one. Financial institutions also have an ongoing
obligation to maintain their LEI number. As part of maintaining an LEI
number, a financial institution must make sure the LEI number and
associated information are current, including any relationship data.
The Bureau believes that publication of a financial institution's LEI,
as well as any parent and top parent LEIs, as applicable, will allow
data users to identify these relationship connections.
Paragraph 109(b)(7)
Proposed Sec. 1002.109(b)(7) would have required a financial
institution to report its RSSD ID number, if applicable. The Bureau
explained that an RSSD ID is a unique identifying number assigned to
institutions, including main offices and branches, by the Federal
Reserve System. All depository institutions know and regularly report
their RSSD ID numbers on FFIEC regulatory forms. The Bureau believed
that an RSSD ID would help data users link the data for
[[Page 35409]]
a particular financial institution to other regulatory data, including
the connections between a particular financial institution with other
financial institutions. The Bureau believed that this additional
information would result in more sophisticated and useful analyses of
the financial institution's small business lending data.
Proposed comment 109(b)(7)-1 would have explained what an RSSD ID
number is and how financial institutions that have one might find it.
Financial institutions that do not have RSSD IDs, typically
nondepository institutions, would not have been required to obtain
them, and would report ``not applicable'' in that field.
The Bureau received one comment from a community group supporting
this aspect of the proposal. For the reasons set forth herein, the
Bureau is finalizing Sec. 1002.109(b)(7) as proposed.
Paragraph 109(b)(8)
Proposed Sec. 1002.109(b)(8) would have required a financial
institution to provide certain information on its parent entities, if
applicable. This information would have included the name, the LEI (if
available), and the RSSD ID (if available) of the financial
institution's immediate parent entity and the financial institution's
top-holding parent entity.
Proposed comments 109(b)(8)-1 and -2 would have provided guidance
on how to identify a financial institution's immediate parent entity
and a financial institution's top-holding parent entity. Proposed
comment 109(b)(8)-3 would have explained that a financial institution
would have reported its parent entities' LEIs if they have them, but
that no parent entity would be required to obtain an LEI if it did not
already have one. Proposed comment 109(b)(8)-4 would likewise have
explained that a financial institution would report its parent
entities' RSSD ID numbers if they had them.
In the NPRM, the Bureau explained that it believed that the
collection of information on a financial institution's structure would
further both of the statutory purposes of section 1071. Data on a
financial institution's organizational structure that is self-reported
would be more accurate than would be the case if the Bureau attempted
to generate such information from publicly available sources.\805\
---------------------------------------------------------------------------
\805\ With respect to HMDA, the Bureau, on behalf of the FFIEC
and HUD, does currently attempt to generate and publish information
on filers, including parent company and top holder information
obtained from the LEI provided. See Fed. Fin. Insts. Examination
Council, Public Panel--Data Fields with Values and Definitions,
https://ffiec.cfpb.gov/documentation/2021/panel-data-fields/ (last
visited Mar. 20, 2023). But the Bureau has encountered difficulties
in using the LEI to obtain parent company and top holder
information, and thus proposed for this rulemaking to require that
it be provided directly by financial institutions.
From 1989 to 1998, Regulation C required financial institutions
to report their parent entity information on transmittal sheets. 54
FR 51356, 51361, 51368 (Dec. 15, 1989) (adding the transmittal sheet
requirement, including parent institution information, to appendix A
to Regulation C); 63 FR 52140, 52141 (Sept. 30, 1998) (stating that
the Board believed that the availability of information from the
FFIEC website makes the continuation of the requirement for parent
company information on the transmittal sheet unnecessary). In 2002,
Regulation C again required financial institutions to report parent
information on transmittal sheets on the grounds that data users
asserted the importance of having the parent institution information
associated with the HMDA data itself, rather than in a separate
database provided by the National Information Center. 67 FR 7221,
7232 (Feb. 15, 2002).
In the 2014 HMDA NPRM, the Bureau proposed to continue requiring
that financial institutions identify their parent companies. The
Bureau stated that because information about parent companies was
not yet available through the LEI, the Bureau believed it was
necessary to maintain this requirement to ensure that financial
institutions' submissions can be linked with those of their
corporate parents. 79 FR 51731, 51861 (Aug. 29, 2014). However,
required reporting of parent company information stopped under the
2015 HMDA final rule on the grounds that once the LEI is fully
implemented, parent entity information was expected to become
available. 80 FR 66128, 66248 (Oct. 28, 2015) (citing Fin. Stability
Bd., LEI Implementation Grp., Fourth Progress Notes on the Global
LEI Initiative, at 4 (Dec. 11, 2012), https://www.financialstabilityboard.org/wp-content/uploads/r_121211.pdf?page_moved=1) (noting that the LEI Implementation Group
is developing proposals for additional reference data on the direct
and ultimate parent(s) of legal entities and on relationship data
more generally).
---------------------------------------------------------------------------
The Bureau further explained that better structural information
would, for instance, improve the accuracy of peer analyses, which would
facilitate fair lending enforcement. The Bureau stated that analyzing
trends over time would be useful for identifying institutions that may
give rise to fair lending risk. Given structural changes to
institutions over time, information that enables the identification of
institutions consistently and accurately over time is important to this
trend analysis.
In addition, the Bureau believed that information on a financial
institution's structure would advance the business and community
development purpose of section 1071 by facilitating the analysis of
whether and how corporate structure impacts how a financial institution
provides access to credit to small businesses. In particular, this
structural information could be used to understand how regulation in
one part of a corporate structure impacts unregulated entities within
the same corporate group.
Proposed Sec. 1002.109(b)(8) would have resulted in more accurate
and comprehensive corporate structure information by requiring
financial institutions to provide not only the name of one parent
entity, but the immediate parent entity of the financial institution as
well as the top-holding parent of the financial institution (for some
financial institutions, this would be a bank holding company). For the
reasons set out above in the section-by-section analyses of Sec.
1002.109(b)(6) and (7), the reporting of LEI and RSSD ID of parent
entities would improve the ability of regulators and other stakeholders
to map out more precisely and fully the often-complex networks of a
financial institution's corporate structure. This more detailed and
accurate structural data, in turn, might be used to perform more
sophisticated and useful analyses of the financial institution's small
business lending data. In addition, this information would have helped
the Bureau confirm whether data were appropriately being reported by
financial institutions on behalf of their subsidiaries pursuant to
proposed Sec. 1002.109(a)(2).
With respect to proposed Sec. 1002.109(b)(8), the Bureau sought
comment on whether it should require any other parent entity
information to be provided by financial institutions reporting data.
The Bureau received comments on this aspect of the proposal from a
community group and a trade association. These commenters were
supportive of proposed Sec. 1002.109(b)(8). One commenter supported
identifying the parent and top holder parent entities under proposed
Sec. 1002.109(b)(8)(i) and (iv). Both commenters supported the
inclusion of LEI information for both the parent and top holder parent
entities under proposed Sec. 1002.109(b)(8)(ii) and (v). For the
reasons set forth herein, the Bureau is finalizing Sec. 1002.109(b)(8)
as proposed.
Paragraph 109(b)(9)
Proposed Sec. 1002.109(b)(9) would have required a financial
institution to report the type of financial institution it is,
selecting the applicable type or types of institution from a list in
proposed comment 109(b)(9)-1. The comment would also have explained
that a financial institution would select all applicable types. The
list provided in the proposed comment included: (i) bank or savings
association, (ii) minority depository institution, (iii) credit union,
(iv) nondepository institution, (v) CDFI, (vi) other nonprofit
financial institution, (vii) Farm Credit System institution, (viii)
government lender, (ix) commercial finance company, (x) equipment
finance company, (xi)
[[Page 35410]]
industrial loan company, (xii) fintech, and (xiii) other. Proposed
comment 109(b)(9)-2 would have explained that a financial institution
reports the type of financial institution as ``other'' where none of
the enumerated types of financial institution appropriately describe
the applicable type of financial institution, and the institution
reports the type of financial institution as free-form text.
The Bureau believed that information regarding the type of
financial institution reporting small business lending data would
greatly assist in the analysis conducted by the Bureau and other data
users. Information providing further details on types of financial
institutions would help advance the statutory purposes of section 1071;
fair lending analysts might use this information on the financial
institution type (for instance, depository institutions compared to
nondepository institutions) as a control variable for their analyses.
The inclusion of this information may also assist in an assessment of
the business and community development needs of an area as it may
provide analysts a means of determining what types of financial
institutions serve certain geographic areas.
In addition, the Bureau believed that this information, combined
with the parent entity information required by proposed Sec.
1002.109(b)(8), would offer more accurate and granular data on
nondepository institutions within the same corporate group as
depository institutions. The Bureau noted that, at the time of the
NPRM, the National Information Center database, which contains
information on the structure of corporate groups that contain banks and
other financial institutions, provided little information on
nondepository institutions. In connection with proposed Sec.
1002.109(b)(8), information on corporate structure that financial
institutions self-report could fill in reporting gaps, including more
specific information on financial institution types.
With respect to proposed Sec. 1002.109(b)(9), the Bureau sought
comment on whether it should consider removing, modifying, or adding
any types of financial institutions to the list in proposed comment
109(b)(9)-1, including in order to manage unique privacy interests
(such as, for example, whether a category for captive finance companies
that lend to applicants that share the same branding should be included
on the list). The Bureau also sought comment on whether it should
consider defining any of the types of financial institutions in the
proposed list, in particular whether and how to define the term
``fintech.''
The Bureau received comments on this aspect of the proposal from
several community groups and a software vendor. Generally, these
commenters were supportive of proposed Sec. 1002.109(b)(9), though
some requested certain modifications. Two commenters stated that the
use of ``fintech'' in the list of financial institution types in
proposed comment 109(b)(9)-1 was not a clear descriptor, and that
``online lender'' would be a better term. One commenter also requested
the Bureau make clear that selection of ``other'' as a type of
financial institution does not qualify the financial institution for
exemption from coverage of this rule. Additionally, the commenter
requested the Bureau make clear that selection of multiple financial
institution types from the list provided in proposed comment 109(b)(9)-
1 is permitted. Finally, a commenter requested the Bureau require
financial institutions to identify the types of products they offer, in
addition to the type of financial institution.
For the reasons set forth herein, the Bureau is finalizing Sec.
1002.109(b)(9) with a revision in comment 109(b)(9)-1 to replace the
financial institution type ``fintech'' with ``online lender'' and to
add commentary about how the Bureau may add additional financial
institution types in the future. The Bureau agrees with commenters that
using ``online lender'' as a financial institution type will help
better identify the type of financial institution that is being
described rather than ``fintech.'' As commenters noted, ``fintech'' has
a wide variety of uses over different industries. That variety may make
it difficult to determine what ``fintech'' means as a financial
institution type and under what circumstances a financial institution
must report ``fintech'' as one of their types. Using ``online lender''
as the financial institution type helps make clear the financial
institution's business model is to conduct business primarily online.
For example, an online lender would include a platform or peer-to-peer
lender that generally only receives applications and originates loans
through a website and that does not have in-person encounters with
small businesses, such as accepting applications or having meetings
with loan officers, at a physical office. In such a case, the financial
institution would select ``online lender'' as the type of financial
institution (in addition to any other applicable financial institution
types listed in final comment 109(b)(9)-1).
For similar reasons as those discussed in the section-by-section
analysis of Sec. 1002.107(a) regarding the addition of comment 107(a)-
4, the Bureau is also adding a comment in Sec. 1002.109(b)(9) to
facilitate flexibility and account for the evolution of small business
lending market, identifying how the Bureau may add additional financial
institution types in the future. Comment 109(b)(9)-3 provides that the
Bureau may add additional types of financial institutions via the
Filing Instructions Guide and related materials. Comment 109(b)(9)-3
refers financial institutions to the Filing Instructions Guide for any
updates for each reporting year.
Regarding commenters' requests for clarity regarding selection of
multiple financial institution types, and that selecting ``other'' does
not exempt an institution from coverage under the rule, final comment
109(b)(9)-1 states a financial institution shall select all applicable
types, confirming that multiple financial institution types should be
selected if more than one type applies to the financial institution.
Additionally, the Bureau notes that final Sec. 1002.105 addresses
institutional coverage under this rule. Financial institution type is
not a determinative factor for coverage; in fact, an exempt institution
(unless voluntarily reporting data pursuant to Sec. Sec. 1002.107
through 1002.109 as discussed in comment 105(b)-6) would not be
submitting information pursuant to Sec. 1002.109 in the first
instance. Final comment 109(b)(9)-2 explains the circumstances for
which a financial institution is required, or permitted, to report
``other.''
Finally, the Bureau does not believe it is necessary to add a
requirement for financial institutions to provide their product types
as part of the financial institution identifying information, as
suggested by one commenter. Section 1002.107(a)(5), as finalized,
requires a financial institution to identify the credit type for each
application or origination reported. This information, together with
the other financial institution identifying information required
pursuant to Sec. 1002.109(b), will allow data users to identify the
product types offered by each financial institution in the dataset.
Paragraph 109(b)(10)
Proposed Sec. 1002.109(b)(10) would have required a financial
institution to indicate whether it was not a covered financial
institution under proposed Sec. 1002.105(a) and was thus voluntarily
reporting covered applications.
The Bureau believed it was important to be able to specifically
identify these
[[Page 35411]]
institutions' transactions in the dataset. If reporting were restricted
to only financial institutions required to report, the data would
accurately reflect the overall population of financial institutions
subject to the final rule. However, institutions that do not meet the
rule's loan-volume threshold in proposed Sec. 1002.105(b) could choose
to voluntarily report small business lending data pursuant to proposed
Sec. 1002.5(a)(4)(vii) through (ix). Those institutions that
voluntarily reported data might not be representative of all potential
voluntary reporters and might differ from required reporters. Without a
specific designation, it might not be possible to distinguish an
institution voluntarily reporting data after a single year of exceeding
the loan-volume threshold from an institution reporting because it had
already exceeded the loan-volume threshold in two consecutive years.
The Bureau believed that data users would benefit from being able to
use this information as a control variable, resulting in better fair
lending as well as business and community development analyses, to
account for certain differences that might exist as between required
and voluntary reporters.
The Bureau received one comment on this aspect of the proposal from
a community group. The commenter supported inclusion of Sec.
1002.109(b)(10), agreeing with the Bureau's assertion that data users
will need to identify voluntary reporters. For the reasons set forth
herein, the Bureau is finalizing Sec. 1002.109(b)(10) as proposed.
109(c) Procedures for the Submission of Data to the Bureau
Proposed Rule
Proposed Sec. 1002.109(c) and comment 109(c)-1 would have directed
financial institutions to a publicly available website containing the
Bureau's Filing Instructions Guide, which would have set out technical
instructions for the submission of data to the Bureau pursuant to
proposed Sec. 1002.109. Regulation C Sec. 1003.5(a)(5) contains a
comparable provision, which directs users to a Bureau website that sets
out instructions for the submission of HMDA data, and the Bureau
believed a similar approach would be appropriate here.
The Bureau sought comment on this aspect of the proposal, including
the provision of technical instructions for data submission via a
Bureau website and how best to implement the provisions of this section
in a manner that minimizes cost and burden particularly to small
financial institutions while implementing all statutory obligations.
The Bureau also sought comment on ways it could streamline reporting
for small financial institutions.
Comments Received
The Bureau received comments from two lenders, several trade
associations, and a community group concerning the Bureau's publication
of a Filing Instructions Guide to assist lenders in their submission of
small business lending data to the Bureau. A CDFI lender and two trade
associations supported the publication of technical instructions for
data submission in the Filing Instructions Guide, stating that it would
greatly aid in complying with the rule. One of these commenters
requested that the Bureau dedicate staff to provide answers that can be
relied on, such that community banks could not be criticized or
penalized during subsequent examinations.
A bank and several trade associations expressed concern about the
possible timing for the Bureau's publication of its Filing Instructions
Guide, noting the importance of receiving such instructions well in
advance such that lenders could comply with the rule and provide
accurate and reliable data. Two of these commenters requested that the
Bureau release the Filing Instructions Guide at least six months before
any required data collection begins.
A trade association inquired whether the Filing Instructions Guide
for this regulation would be similar to the one for HMDA and Regulation
C, and whether the Bureau would make the Filing Instructions Guide
available for comment. A joint letter from community and business
advocacy groups suggested that certain data categories for race and
ethnicity be contained in the Filing Instructions Guide, so they could
be adjusted from time to time to align any changes in the OMB's Federal
Data Standards on Race and Ethnicity, rather than being codified in the
commentary to this regulation.
Final Rule
The Bureau is finalizing Sec. 1002.109(c) as proposed. The Bureau
is developing a system to receive, process, and publish the data
collected pursuant to this final rule. In doing so, the Bureau has
benefitted from what it learned in its multiyear effort in developing
the HMDA Platform, through which entities file data as required under
HMDA and Regulation C. As it did in developing the HMDA Platform, the
Bureau's ongoing work in developing the small business lending data
submission system focuses on satisfying all legal requirements,
promoting data accuracy, and reducing burden. The Bureau is publishing,
concurrently with this final rule, a Filing Instructions Guide and
related materials for financial institutions.\806\ The Bureau does not
believe proposed comment 109(c)-1 is necessary as it is duplicative of
the regulatory text, and thus has removed it from the final rule.
---------------------------------------------------------------------------
\806\ See https://www.consumerfinance.gov/data-research/small-business-lending/filing-instructions-guide/.
---------------------------------------------------------------------------
ECOA section 704B(g)(1) authorizes the Bureau to prescribe rules
and issue such guidance as may be necessary to carry out, enforce, and
compile data pursuant to section 1071. Section 704B(g)(3) provides for
the Bureau to issue guidance to facilitate compliance with the
requirements of section 1071. Here, final Sec. 1002.109(c) is
justified under both ECOA provisions because the issuance of the means
of submitting data to the Bureau are both necessary to compile data
pursuant to section 1071 and to facilitate compliance with section
1071.
The Bureau agrees with commenters that the Filing Instructions
Guide will significantly facilitate compliance with section 1071.
Regarding the request that the Bureau provide staff to answer questions
about complying with the rule before the rule's compliance date, Bureau
staff will be available after the publication of this final rule to
provide guidance to lenders in complying with the rule. The Bureau will
make other compliance and technical resources available as well, as
described at the end of part I above.
The Bureau notes, in response to the question of whether the Filing
Instructions Guide would be similar to the one for HMDA, that many
aspects of the Filing Instructions Guide for this regulation are based
on the HMDA guide. The Bureau does not believe it is necessary to
request public comment on the Filing Instructions Guide, as it is a
technical document that reflects the regulatory requirements of Sec.
1002.107 and Sec. 1002.109(b) such that data can be submitted to the
Bureau's small business lending data submission platform. However, as
with HMDA, various iterations of the Filing Instructions Guide will be
published over time with changes based in part on feedback from
financial institutions and third-party providers. Regarding the comment
that certain data categories for race and ethnicity contained in the
Filing Instructions Guide be adjusted from time to time to align any
changes in the OMB's Federal Data Standards on
[[Page 35412]]
Race and Ethnicity, the Bureau recognizes that it may need to adjust
some data categories over time, but that the statute may not permit
exact alignment with all future developments by another agency that is
not itself implementing section 1071.
Other Reporting Issues
With respect to HMDA data, Regulation C Sec. 1003.5(a)(1)(i)
provides that a financial institution shall submit its annual loan/
application register in electronic format to the appropriate Federal
agency. Regulation C does not provide for the submission of HMDA data
by unaffiliated third parties directly on behalf of financial
institutions in the way that a parent institution may submit HMDA data
on behalf of its subsidiary under Sec. 1003.5(a)(2) and comment 5(a)-
3. The Bureau understands from financial institutions that report HMDA
data to the Bureau that most institutions use third-party software
vendors in some way to help them prepare or submit their loan/
application registers to the Bureau. The Bureau sought comment on
whether it should permit third parties (such as financial software
vendors) to submit to the Bureau a small business lending application
register on behalf of a financial institution, including whether
financial institutions should be required to designate third parties
authorized to submit registers on their behalf.
Commenters did not directly address the topic of third-party
submissions of small business lending application registers on behalf
of financial institutions. One trade association, in the context of
proposed Sec. 1002.109, noted that its members rely on third-party
vendors for many important business processes, and the contributions of
such vendors to support financial institution innovation is important.
Industry commenters, including trade associations and lenders, widely
noted their reliance on third-party vendors for many important business
processes in commenting on other sections of the proposed rule, as is
noted, for instance, in the section-by-section analysis of Sec.
1002.114(b). The commenter asked that the Bureau encourage vendors to
develop solutions to help financial institution clients comply with
section 1071.
The Bureau is finalizing Sec. 1002.109 as proposed. While there is
no explicit provision addressing financial institution use of service
providers in connection with submission of applicant registers,
informed by its HMDA experience, the Bureau is open to such submission,
so long as it complies with all applicable provisions of the final
rule, including the restrictions on disclosure of protected demographic
data contained in final Sec. 1002.110(e). In addition, the Bureau will
continue to engage with vendors and industry to assess future demand
for service provider use in this area. Regarding the comment asking the
Bureau to encourage third-party solutions to help covered financial
institutions comply with section 1071, the Bureau agrees and has
engaged in outreach to third-party vendors, as discussed in part III
above, since the issuance of the NPRM to facilitate their development
of solutions to assist financial institutions in complying with this
rule.
Section 1002.110 Publication of Data
Final Sec. 1002.110 addresses several issues surrounding
publication of small business lending data. First, final Sec.
1002.110(a) addresses annual publication of application-level data on
the Bureau's website, subject to modification and deletion decisions by
the Bureau based on consideration of privacy interests. Second, final
Sec. 1002.110(b) states that the Bureau may compile and aggregate data
submitted by financial institutions and may publish such compilations
or aggregations as the Bureau deems appropriate. Third, final Sec.
1002.110(c) requires a covered financial institution to publish on its
website a statement that its small business lending data, as modified
by the CFPB, are or will be available on the CFPB's website. Finally,
final Sec. 1002.110(d) provides when a covered financial institution
shall make the notice required by final Sec. 1002.110(c) available to
the public and how long it shall maintain the notice on its website.
The Bureau is finalizing Sec. 1002.110 to implement ECOA section
704B(f)(2)(B) and (C), which require the Bureau to adopt regulations
addressing the form and manner that data are made available to the
public, and pursuant to its authority under 704B(g)(1) to prescribe
such rules and issue such guidance as may be necessary to carry out,
enforce, and compile data pursuant to section 1071. The Bureau is also
finalizing Sec. 1002.110(b) pursuant to 704B(f)(3), which permits the
Bureau to compile and aggregate small business lending data, and to
publish such aggregate data.
110(a) Publication of Small Business Lending Application Registers and
Associated Financial Institution Information
ECOA section 704B(f)(2)(C) requires the Bureau to annually make the
small business lending data it receives from financial institutions
available to the public in such form and in such manner as the Bureau
determines by regulation.
Proposed Rule
Proposed Sec. 1002.110(a) would have provided that the Bureau
shall make available to the public generally the data reported to it by
financial institutions pursuant to proposed Sec. 1002.109, subject to
deletions or modifications made by the Bureau if the Bureau determines
that, based on the proposed balancing test, the deletion or
modification of the data would advance a privacy interest.\807\ The
Bureau proposed to make such data available on an annual basis, by
publishing it on the Bureau's website. The Bureau sought comment on its
proposed approach to implementing ECOA section 704B(f)(2)(C).
---------------------------------------------------------------------------
\807\ As discussed in part VIII below, the Bureau is not
announcing how it will consider different factors when implementing
its discretion to delete or modify application-level data before
publication. The Bureau will continue to engage with stakeholders on
publication and it intends to make final decisions only after that
continued engagement and receipt of a full year of application data.
Part VIII lays out the CFPB's preliminary views, in light of
comments received on the balancing test articulated in the NPRM, on
how to assess and protect privacy interests through modifications
and deletion.
---------------------------------------------------------------------------
Comments Received
In response to proposed Sec. 1002.110(a), the Bureau received
comments from a range of lenders, trade associations, community groups,
individual commenters, and others. Many commenters supported the
Bureau's proposal to make data available on an annual basis by
publishing it on the Bureau's website. Some noted that publication of
disaggregated data is critical to achieving the statutory purposes of
section 1071. Some commenters indicated the Bureau should make clear
that the Bureau must publish data annually, citing their concern that
any discretion in data publication could allow for inconsistent data
publication in the future. A commenter further supported publication on
the Bureau's website, stating that it preferred the Bureau as the
singular source for published data because it would ensure the data was
uniform and consistent in data and publication formats, which would
help to prevent obfuscation efforts by bad actors. The commenter noted
that, based on their historical experience with HMDA data, without
publication on the website, the public would need to request data from
each financial institution individually and the data
[[Page 35413]]
provided may not be in the same file format, may not be in an
accessible file format, and the data may have variations in formatting,
which could hide data anomalies or patterns of discrimination.
Some commenters opposed publication of disaggregated data entirely,
citing various privacy risks, or otherwise preferred the Bureau publish
small business lending data only in aggregate form.\808\ Some
commenters supported publication of disaggregated data publication, but
also supported modifications in light of privacy risk.
---------------------------------------------------------------------------
\808\ See also part VIII below.
---------------------------------------------------------------------------
Commenters also discussed timing of data publication. Some
supported annual publication, as proposed. Others requested publication
as soon as possible but did not suggest a specific schedule. Two
requested quarterly data publication, and one suggested publication
every six months. A few commenters requested the Bureau also establish
a deadline by which it would annually publish data; some did not
suggest a specific deadline while others requested a fall publication
deadline, shortly after data are submitted to the Bureau, in order to
maximize the data's currency and usefulness.
Many commenters requested the Bureau ensure that published data are
accessible to the general public. These commenters noted that the data
should be easily searchable or filterable so that anyone with an
interest in fair lending can use and understand the data. Some of these
commenters noted that data can sometimes be inaccessible if provided in
a very technical manner, such that only those with expertise in data
analysis can understand and use the data. One commenter suggested that
this concern was of particular concern for ethnicity and race data.
Additionally, a few commenters pointed to previous Bureau data releases
as examples of publication that worked well, such as the consumer
complaint database, and those that they would prefer the Bureau not
follow, including the current data tool used to publish HMDA data.
Some commenters requested the Bureau add disclaimers or
explanations to data fields when the data is published to aid in user
understanding about the data, such as data limits, caveats, or
exceptions. For example, several commenters requested the Bureau add a
disclaimer to data submitted by Farm Credit System lenders identifying
their unique statutory coverage limitations and dividend structures.
Other commenters requested a disclaimer that identifies when ethnicity,
race, and sex data was collected on the basis of visual observation
pursuant to proposed Sec. 1002.107(a)(20). One commenter requested a
publication disclaimer for amount of credit applied for and amount of
credit approved or originated, that would explain that applicant-
provided information can be arbitrary and may not match the amount of
credit approved or originated. Another commenter requested that the
Bureau include a disclaimer for private label credit because, they
said, private label credit should not be compared to other small
business credit products because it is based on the availability of the
financial institution's retail partners and those partners' geographic
locations. Conversely, one commenter requested the Bureau not add any
disclaimers to pricing data points on the grounds that they would cause
further misunderstanding of the data.
Two commenters suggested the CFPB establish an advisory group to
offer advice or it should seek public feedback on ways to improve
publication and enhance data accuracy. One commenter asked that it
establish an authorization program to certify as ``CFPB-approved''
particular data products and programs created from 1071 data. Another
commenter stated that when publishing the data, the Bureau should
ensure that the data are organized by institution and credit product
type as a default setting, rather than only by institution, to ensure
proper comparison by data users.
Final Rule
For these reasons set forth herein, the Bureau is finalizing Sec.
1002.110(a) largely as proposed. As finalized, subject to modification
or deletion decisions made by the Bureau to advance privacy interests
as discussed in part VIII below, the Bureau has committed itself in
Sec. 1002.110(a) to making application-level data available to the
public via annual publication. Because publication is subject to any
modification or deletion decisions made by the Bureau pursuant to its
privacy analysis, the Bureau concludes that Sec. 1002.110(a) itself
adequately addresses commenter concerns about privacy risks. As
discussed in part VIII, the CFPB is also of the view that application-
level data have significant disclosure benefits that will facilitate
the fair lending and business and community development purposes of
section 1071. This determination strongly supports disclosure of the
data in a disaggregated format to the extent consistent with the
privacy interests. As a result, the Bureau does not intend to publish
only aggregate data compilations pursuant to Sec. 1002.110(b).
Publication of application-level data on an annual basis is
appropriate. While a few commenters proposed shorter cycles, the Bureau
would not have new data to publish more frequently because, as
discussed in the section-by-section analysis of Sec. 1002.109(a), the
Bureau is requiring financial institutions to report annually. Further,
the Bureau concludes that until it obtains a full year of reported data
and performs a full privacy analysis, as discussed in part VIII below,
it cannot know with certainty the amount of time it will take to
analyze the privacy risks, and make modifications or deletions as
needed, particularly for the first publication of application-level
data. Accordingly, the final rule does not set a publication deadline.
Because the Bureau is still creating its data publication platform,
it takes under advisement commenter concerns about accessibility and
ease of use, and will make efforts to be responsive to those comments
as the platform and user tools are built. The Bureau is also taking
under advisement suggestions on how to organize and display data.
Similarly, the Bureau is taking under advisement requests to make
data limitations, such as related to credit or financial institution
type, clear to data users. But it does not intend to state that the
amount of credit applied for and amount of credit approved or
originated may have discrepancies because the applicant underestimated
their credit limitations. As discussed in the section-by-section
analyses of Sec. 1002.107(a)(7) and (8) above and in the NPRM, there
are several other reasons for discrepancy between the amount an
applicant applies for and the amount for which they are approved. A
disclaimer asserting the discrepancy may be attributable to applicant
overconfidence would minimize the serious risk of fair lending concerns
that these data points may otherwise identify. For similar reasons, the
Bureau does not intend to add disclaimers to pricing data.
Finally, the Bureau notes that while it does not have an advisory
group dedicated to small business lending data publication, there are
several avenues through which it expects to receive feedback from the
public on small business lending data in the future, including the
Bureau's Advisory Committees, as well as any regulatory or technical
assistance function created for data submitters. The Bureau also
intends to pursue continued public engagement, including with respect
to its intended privacy assessment and associated modification and
deletion decisions, as discussed in part VIII below. Further, the
Bureau will not
[[Page 35414]]
approve or endorse any particular entity's use of or republication of
data, although entities may use and republish the data once it is made
available in the public domain pursuant to this rule. Because the
statutory purposes and noted benefits of data publication (as discussed
herein) include providing information to the public to identify and
address fair lending issues in the small business lending market, the
Bureau encourages data users to analyze the data to address the
statutory purposes. It also encourages technologists to develop tools
to assist in this analysis.
110(b) Publication of Aggregate Data
ECOA section 704B(f)(3) provides that the Bureau may ``compile and
aggregate data collected under this section for its own use'' and
``make public such compilations of aggregate data.''
Proposed Sec. 1002.110(b) would have provided that the Bureau may
compile and aggregate data submitted by financial institutions pursuant
to proposed Sec. 1002.109, and make any compilations or aggregations
of such data publicly available as the Bureau deems appropriate. The
proposal explained that publication of certain such compilations and
aggregations would provide useful data to the public to supplement the
Bureau's publication of application-level data. In particular, the
Bureau noted the importance of providing aggregations for the
application-level data fields that may be modified or deleted before
publication to protect privacy interests.
The Bureau received comments on this aspect of the proposal from
several community groups, business advocacy groups, and a software
provider. These commenters were supportive of proposed Sec.
1002.110(b), though some requested modifications. Several commenters
requested the Bureau make specific aggregations available, based on
their experience with HMDA or for specific user purposes. Additionally,
two commenters requested that the Bureau commit to annual publication
of aggregate data.
For the reasons set forth herein, the Bureau is finalizing Sec.
1002.110(b) as proposed. It is unnecessary for the rule to commit to
specific timing for publication of aggregate data or to identify the
specific aggregations that it will make available. ECOA section
704B(f)(3) provides the Bureau discretion to compile and aggregate data
collected, and to make those aggregations publicly available. Any
aggregations compiled using the data collected will be dependent on
multiple factors, including privacy considerations, the volume of data,
and the trends in the data received. For these reasons, the Bureau
believes it is important to preserve flexibility as to both the content
and timing of any aggregate data publications, although it anticipates
publishing aggregate data before releasing application-level data.
110(c) Statement of Financial Institution's Small Business Lending Data
Available on the Bureau's Website and 110(d) Availability of Statements
Proposed Rule
ECOA section 704B(f)(2)(B) requires that the data compiled and
maintained by financial institutions shall be ``made available to any
member of the public, upon request, in the form required under
regulations prescribed by the Bureau.''
Proposed Sec. 1002.110(c) would have required that a covered
financial institution make available to the public on its website, or
otherwise upon request, a statement that the covered financial
institution's small business lending application register, as modified
by the Bureau pursuant to proposed Sec. 1002.110(a), is or will be
available on the Bureau's website.
Proposed Sec. 1002.110(c) would have also stated that a financial
institution shall use language provided by the Bureau, or substantially
similar language, to satisfy this requirement to provide a statement.
Proposed comment 110(c)-1 would have provided model language that a
financial institution could use to comply with proposed Sec.
1002.110(c). Proposed comment 110(c)-2 would have provided guidance to
financial institutions that do not have websites.
Proposed Sec. 1002.110(d) would have provided that a covered
financial institution shall make the notice required by proposed Sec.
1002.110(c) available to the public on its website when submitting its
small business lending application register to the Bureau pursuant to
proposed Sec. 1002.109(a)(1), and shall maintain the notice for as
long as it has an obligation to retain its small business lending
application registers pursuant to proposed Sec. 1002.111(a).
The Bureau sought comment on its proposed approach to implementing
ECOA section 704B(f)(3), including how best to implement proposed Sec.
1002.110(c) and (d) in a manner that minimizes cost and burden
particularly on small financial institutions while implementing all
statutory obligations.
Comments Received
In response to proposed Sec. 1002.110(c) and (d), the Bureau
received comments from a number of lenders, trade associations, and
community groups, along with one individual commenter. A majority of
those commenters supported the proposed approach to making financial
institutions' data available to the general public on the Bureau's
website, citing reasons including reduction of compliance burden, cost,
and redundant data. However, a few commenters argued that covered
financial institutions should be required to make their data available
on their own websites. One such commenter asserted that financial
institutions (particularly large banks) should be required to make
their data available within 30 days of a request to do so, which they
stated has worked well for HMDA.\809\ This commenter also stated that
if the Bureau were to adopt proposed Sec. 1002.110(c), it should
require quarterly public data reporting. An individual commenter
suggested that without a requirement that financial institutions
release their own data, the public would have no way to confirm the
``legitimacy'' of data released by the Bureau.
---------------------------------------------------------------------------
\809\ The Bureau's approach to Sec. 1002.110(c) aligns with
Regulation C Sec. 1003.5(c)(1). However, prior to the 2015 HMDA
Amendments, covered financial institutions were required to make
their HMDA data available upon request.
---------------------------------------------------------------------------
Final Rule
For the reasons set forth herein, the Bureau is finalizing Sec.
1002.110(c) with a minor modification and Sec. 1002.110(d) as
proposed, to implement ECOA section 704B(f)(2)(B). The Bureau's
revision to Sec. 1002.110(c) removes the specific URL at which the
Bureau will publish 1071 data on its website. The Bureau has made
several small revisions to the notice language set forth in comment
110(c)-1 for clarity. The Bureau is also adopting new comment 110(c)-3
to explain that the Bureau may modify the location specified in the
notice language provided in comment 110(c)-1, at which small business
lending data are available, via the Filing Instructions Guide and
related materials.
The approach set forth in final Sec. 1002.110(c) and (d) will
reduce potential burdens on financial institutions associated with
publishing modified data. It will also reduce privacy risks resulting
from errors by individual financial institutions implementing any
modifications or deletions required by the Bureau, and would be more
efficient overall. Regulation C (Sec. 1003.5(c)(1)) implements a
similar statutory requirement regarding the form of data reporting and
requires financial institutions to direct any public requests
[[Page 35415]]
for HMDA data they receive to the Bureau. A similar provision is
appropriate here to maintain continuity across reporting regimes, and
because this centralized approach will help ensure consistent
implementation of any modifications or deletions made to protect
privacy interests. Commenters' concerns regarding the timing of
financial institutions making their own data available are thus
rendered moot.
The Bureau does not believe that financial institutions should be
required to make their data available within 30 days of a request to do
so. Such requests can be fulfilled as easily by accessing small
business lending application registers on the Bureau's website, after
modifications or deletions are made to protect privacy interests. Nor
does the Bureau believe that quarterly public data reporting is
appropriate, as discussed in the section-by-section analysis of Sec.
1002.110(a) above. Further, the Bureau does not believe that a
requirement that financial institutions release their own data is
necessary to confirm the ``legitimacy'' of data released by the Bureau.
The Bureau will conduct examinations of unredacted small business
lending data, and will make application-level data (subject to privacy
modifications and deletions) available for review and analysis by
members of the public.
110(e) Further Disclosure Prohibited
ECOA section 704B(e) and (f) require financial institutions to
compile and maintain records of information provided by applicants and
to submit such data annually to the Bureau. However, the statute does
not expressly address what a financial institution may do with data
collected pursuant to section 1071 for purposes other than reporting
such data to the Bureau, nor did the proposal specify restrictions on a
financial institution's use or disclosure of data collected pursuant to
this rulemaking for purposes other than collecting, maintaining, and
reporting such data to the Bureau.
The Bureau received comments from individuals and industry that
raised concerns about potential misuse of protected demographic data
provided pursuant the small business lending rulemaking. For example,
one commenter expressed concern that LGBTQ community members are at
risk that their data may be used for unintended and harmful purposes
outside of 1071 data collection. Commenters further noted that
applicants may be hesitant to provide certain information if the data
can be inappropriately used. The Bureau also received comments from
industry commenters urging that protected demographic data be reported
directly to the Bureau, stating, in part, that such a regime would
likely increase response rates because applicants would not be
concerned that financial institutions would improperly use the data.
In order to safeguard protected demographic data against possible
misuse and encourage applicant responses, and in response to comments,
the Bureau is adding new Sec. 1002.110(e) pursuant to its authority
under ECOA section 704B(g)(1) to prescribe such rules and issue such
guidance as may be necessary to carry out, enforce, and compile data
pursuant to section 1071. New Sec. 1002.110(e) prevents misuse of
applicants' protected demographic information in two ways.
First, Sec. 1002.110(e)(1) prohibits a financial institution from
disclosing or providing to a third party the protected demographic
information it collects under subpart B except in limited
circumstances. First, a financial institution may disclose such
information to a third party to further compliance with ECOA or
Regulation B. This exception permits disclosure, for example, to a
third-party service provider that is assisting the financial
institution in auditing or submitting small business lending data to
the Bureau. This exception also permits disclosure to a third party for
uses consistent with how such protected demographic information may
currently be used under ECOA and Regulation B, such as to conduct
internal fair lending testing or to extend special purpose credit
programs. Section 1002.110(e)(1) further states that a financial
institution may disclose or provide protected demographic information
collected pursuant to this rule as required by law.
Second, Sec. 1002.110(e)(2) prohibits further redisclosure of
protected demographic information by a third party that initially
obtains such information for the purposes of furthering compliance with
the ECOA and Regulation B. In such situations, the third party is
prohibited from disclosing the protected demographic information except
to further compliance with ECOA and Regulation B or as required by law.
Section 1002.111 Recordkeeping
Final Sec. 1002.111 addresses several aspects of the recordkeeping
requirements for small business lending data. First, final Sec.
1002.111(a) requires a covered financial institution to retain evidence
of its compliance with subpart B, which includes a copy of its small
business lending application register, for at least three years after
the register is required to be submitted to the Bureau pursuant to
final Sec. 1002.109. Second, final Sec. 1002.111(b) requires a
financial institution to maintain, separately from the rest of the
application and accompanying information, an applicant's responses to
the financial institution's inquiries regarding whether an applicant
for a covered credit transaction is a minority-owned business, a women-
owned business, and/or an LGBTQI+-owned business under final Sec.
1002.107(18) and regarding the ethnicity, race, and sex of the
applicant's principal owners under final Sec. 1002.107(19). Finally,
final Sec. 1002.111(c) requires that, in compiling, maintaining, and
reporting data pursuant to final Sec. 1002.109 or Sec. 1002.111(a) or
(b), a financial institution shall not include personally identifiable
information concerning any individual who is, or is connected with, an
applicant.
The Bureau is finalizing Sec. 1002.111 to implement ECOA section
704B(f)(2)(A), which requires financial institutions to compile and
maintain data for at least three years; 704B(b)(2), which requires
financial institutions to maintain a record of the responses to the
inquiry required by 704B(b)(1), separate from the application and
accompanying information; and 704B(e)(3), which provides that in
compiling and maintaining data, a financial institution may not include
personally identifiable information concerning an individual who is, or
is connected with, an applicant. The Bureau is also finalizing Sec.
1002.111 pursuant to its authority under 704B(g)(1) to prescribe such
rules and issue such guidance as may be necessary to carry out,
enforce, and compile data pursuant to section 1071.
111(a) Record Retention
Proposed Rule
ECOA section 704B(f)(2)(A) requires that information compiled and
maintained under section 1071 be retained for not less than three years
after the date of preparation. Proposed Sec. 1002.111(a) would have
required that a financial institution retain a copy of its small
business lending application register for three years after the
register is submitted to the Bureau pursuant to proposed Sec.
1002.109. By way of comparison, under Regulation C, financial
institutions must retain the loan/application registers that they
submit to the Bureau for three years.\810\ This reflects the
requirement in HMDA itself that a loan/application register be
[[Page 35416]]
retained for three years after it is made available.\811\
---------------------------------------------------------------------------
\810\ Regulation C Sec. 1003.5(a)(1).
\811\ 12 U.S.C. 2803(j)(6).
---------------------------------------------------------------------------
Proposed comment 111(a)-1 would have provided examples of what
evidence of compliance with the proposed provision is likely to
include. Proposed comment 111(a)-2 would have required that a creditor
that is voluntarily, under proposed Sec. 1002.5(a)(4)(vii) and (viii),
collecting information pursuant to subpart B but is not required to
report that data to the Bureau, complies with proposed Sec.
1002.111(a) by retaining evidence of compliance with subpart B for at
least three years after June 1 of the year following the year that data
was collected.
The Bureau sought comment on its proposed approach to implementing
ECOA section 704B(f)(2)(A), including how best to implement proposed
Sec. 1002.111(a) in a manner that minimizes cost and burden
particularly on small financial institutions while implementing all
statutory obligations.
Comments Received
The Bureau received comments from several lenders, trade
associations, and others on this aspect of its proposal. One trade
association supported the proposed requirement that financial
institutions retain their data for at least three years after
submission to the Bureau, noting that this retention period is
congruent with the five-year period that banks must maintain data under
the Bank Secrecy Act. A CDFI lender agreed the proposal was reasonable
and stated that it did not foresee issues with compiling and
maintaining data for three years.
A trade association, a business advocacy group and a software
vendor recommended that the Bureau instead align the recordkeeping
requirement with ECOA's 25-month retention period rather than HMDA's
three-year retention period. The software vendor asserted that the
proposed provision appeared to be in conflict with ECOA's 12-month
record retention period for commercial loans under $1 million. The
trade association recommended avoiding requirements that would
necessitate the acquisition of costly record retention systems. Another
industry commenter said that the proposed provision would unnecessarily
burden community banks.
A joint letter from two trade associations recommended that the
Bureau expressly state that financial institutions without a reporting
obligation under the rule, in particular motor vehicle dealers, are not
required to comply with the other obligations in the rule, including
the recordkeeping requirements of the rule.
Final Rule
The Bureau is finalizing Sec. 1002.111(a) as proposed. The Bureau
is also finalizing the associated commentary with an adjustment as
discussed below. The Bureau is finalizing this provision to implement
section 1071's recordkeeping requirement as set forth in ECOA section
704B(f)(2)(A).
Regarding commenters' requests that the Bureau should adopt either
existing Regulation B's 25-month retention period for consumer credit
or its 12-month retention period for business credit, rather than a
three-year period, ECOA section 704B(f)(2)(A) mandates that the Bureau
adopt a three-year recordkeeping requirement for applications for small
business loans. In any case, the Bureau notes that, in contrast to
these commenters, at least one lender suggested that Sec. 1002.111(a)
was congruent with other recordkeeping requirements applicable to
certain extensions of credit.\812\ The Bureau is finalizing comment
111(a)-1 (regarding evidence of compliance) with an additional sentence
to reiterate that final Sec. 1002.111(a)'s three-year record retention
requirement applies to any records covered by Sec. 1002.111(a),
notwithstanding the more general 12-month retention period for records
related to business credit specified in existing Sec. 1002.12(b). The
Bureau is finalizing comment 111(a)-2 (regarding record retention for
creditors that voluntarily collect data under Sec. 1002.5(a)(4)(vii)
and (viii)) as proposed.
---------------------------------------------------------------------------
\812\ See, e.g., 31 CFR 1010.410(a) and 1010.430(d).
---------------------------------------------------------------------------
The Bureau acknowledges commenters' concerns that this provision
would necessitate the acquisition of costly record retention systems or
about its impact on community banks, but does not believe that further
adjustments would be appropriate. While financial institutions may
incur added expenses in complying with final Sec. 1002.111(a), the
provision does not itself suggest or mandate that lenders must acquire
new record systems; the provision simply requires that financial
institutions adjust their procedures if they do not already retain
certain records for the period specified in Sec. 1002.111(a). In any
case, as noted above, final Sec. 1002.111(a) implements the record
retention period set forth in the statute.
Regarding the comment concerning the obligations of financial
institutions that are not required to report data under the rule, the
Bureau agrees that a financial institution that is not covered by the
rule is not subject to its provisions, including the recordkeeping
provisions. However, a covered financial institution must keep records
in accordance with Sec. 1002.111(a). In order to satisfy its own
recordkeeping obligations, a covered financial institution must ensure
that it has obtained the necessary records from third parties through
which it receives applications or ensure that those third parties keep
adequate records on its behalf.
111(b) Certain Information Kept Separate From the Rest of the
Application
Proposed Rule
ECOA section 704B(b)(2) requires financial institutions to maintain
a record of the ``responses to [the] inquiry'' required by 704B(b)(1)
separate from the application and accompanying information. Consistent
with the approach the Bureau is finalizing as set forth in E.2 of the
Overview to this part V, the Bureau proposed to interpret the term
``responses to such inquiry'' in 704B(b)(2) to be the applicant's
responses to inquiries regarding protected demographic information--
that is, whether the applicant was a minority-owned business or a
women-owned business, and the ethnicity, race, and sex of the
applicant's principal owners.
Proposed Sec. 1002.111(b) would have stated that a financial
institution shall maintain, separately from the rest of the application
and accompanying information, an applicant's responses to the financial
institution's inquiries to collect data pursuant to proposed subpart B
regarding whether an applicant for a covered credit transaction is a
minority-owned business under proposed Sec. 1002.107(a)(18) or a
women-owned business under proposed Sec. 1002.107(a)(19), and
regarding the ethnicity, race, and sex of the applicant's principal
owners under proposed Sec. 1002.107(a)(20).
Proposed comment 111(b)-1 would have explained that a financial
institution may satisfy this requirement by keeping an applicant's
responses to the financial institution's request pursuant to proposed
Sec. 1002.107(a)(18) through (20) in a file or document that is
discrete or distinct from the application and its accompanying
information. For example, such information could be collected on a
piece of paper that is separate from the rest of the application form.
In order to satisfy the requirement in proposed
[[Page 35417]]
Sec. 1002.111(b), proposed comment 111(b)-1 would have clarified that
an applicant's responses to the financial institution's request
pursuant to proposed Sec. 1002.107(a)(18) through (20) need not be
maintained in a separate electronic system, nor need they be removed
from the physical files containing the application. However, the
financial institution may nonetheless need to keep this information in
a different electronic or physical file in order to satisfy the
requirements of proposed Sec. 1002.108.
The Bureau sought comment on its proposed approach to implementing
ECOA section 704B(b)(2), including how best to implement proposed Sec.
1002.111(b) in a manner that minimizes cost and burden, particularly on
small financial institutions, while implementing all statutory
obligations. The Bureau also sought comment on whether, for financial
institutions that determine that underwriters or other persons should
have access to applicants' demographic information pursuant to proposed
Sec. 1002.108(b), it should likewise waive the requirement in proposed
Sec. 1002.111(b) to keep that information separate from the
application and accompanying information.
Comments Received
A number of lenders and trade associations commented on the
proposed requirement that protected demographic information be kept
separate from application or loan files. A CDFI lender said the
proposal was reasonable and did not foresee issues with maintaining
demographic information separate from applications. A trade
association, while claiming proposed Sec. 1002.111(b) would be
difficult to comply with, acknowledged that the provision was mandated
by section 1071. Another trade association agreed with the Bureau that
ECOA section 704B(b)(2) should be interpreted as referring to
applicants' responses to the inquiries regarding minority-owned and
women-owned business status in proposed Sec. 1002.107(a)(18) and (19),
as well as the ethnicity, race, and sex of applicant's principal owners
in proposed Sec. 1002.107(a)(20). A joint letter from two trade
associations supported the limitation on accessing protected
demographic information but expressed concern about the effort and cost
it would take to segregate and limit this information and ensure the
accuracy of reports and files that must be maintained. These trade
associations suggested that all regulations and guidance related to
record retention be consistent with the FTC's newly amended Gramm-
Leach-Bliley Safeguards Rule and Privacy Rule.
A trade association and a business advocacy group requested
clarifications to improve feasibility and reduce technical challenges,
expressing concern that compliance with proposed Sec. 1002.111(b)
could require expensive technical solutions to separate protected
demographic information from applications in different electronic or
physical files. One sought clarity as to what proposed comment 111(b)-1
meant, stating that, to satisfy Sec. 1002.108, some financial
institutions may need to keep protected demographic information in a
different electronic or physical file.
Some industry commenters opposed the proposal on the grounds of
cost, complexity and practicality. A few of these commenters argued
that proposed Sec. 1002.111(b) would add unnecessary cost and
complexity to compliance and would make audits of data more difficult.
Others asserted the provision would be difficult to implement or
unworkable. One commenter stated that this requirement would impact
small lenders in particular and would increase ongoing costs.
Several industry commenters requested that the Bureau exercise
exemption authority to exempt all lenders from having to comply with
this provision on the grounds that it would make examinations and
audits more cumbersome and costly because demographic information would
need to be retrieved from separate files. Commenters also requested
that, to remain consistent with proposed Sec. 1002.108(b), the Bureau
waive this requirement for financial institutions that determine that
underwriters or other persons should have access to applicants'
demographic information. They also stated that both provisions were
operationally burdensome without any benefit, and that if a firewall
was infeasible, so was the proposed recordkeeping provision.
Several industry commenters requested that the Bureau not prohibit
the collection of demographic information on the same form as the rest
of the application, explaining that such a prohibition would disrupt
SBA's 7(a) loan process, and because section 1071 itself does not
prohibit including demographic questions on an application form;
rather, it requires ``recording'' the information separately. A bank
also that such a prohibition would disrupt loan processes and data
integrity audits. Another bank requested that the Bureau not specify
that protected demographic information be kept in a separate file,
which it said would be costly and burdensome for financial
institutions, but rather that the Bureau leave to lenders how to comply
with this provision.
A bank and a trade association asserted that proposed Sec.
1002.111(b) was not feasible or necessary, and noted that Regulation C
does not require lenders to keep demographic information separate from
mortgage loan files. They also asserted that there was no evidence of
violations of Regulation B because demographic information was not kept
separate from loan files. Another bank requested that the Bureau align
the requirements of HMDA and section 1071 by waiving Sec. 1002.111(b)
for applications reportable under both regimes.
Final Rule
The Bureau is finalizing Sec. 1002.111(b) with adjustments to
reflect updated cross-references to other portions of the final rule
and to refer to LGBTQI+-owned businesses along with women- and
minority-owned businesses, as per final Sec. 1002.107(a)(18). The
Bureau is also finalizing the comment 111(b)-1 with one adjustment as
discussed below, and the Bureau is adding a new comment 111(b)-2.
As discussed in detail above in part V.E.2, the Bureau believes the
best reading of the statutory provisions that mention the inquiry made
under ECOA section 704B(b)(1)--in 704B(b)(2) as well as in 704B(c)
regarding the right to refuse and 704B(d) regarding the firewall--is
that they refer to applicants' responses to the inquiries regarding
protected demographic information: minority-owned, women-owned, and
LGBTQI+-owned business statuses in final Sec. 1002.107(a)(18) and the
ethnicity, race, and sex of applicants' principal owners in final Sec.
1002.107(a)(19). Each of these data points require financial
institutions to request demographic information that has no bearing on
the creditworthiness of the applicant. Moreover, a financial
institution generally could not inquire about this demographic
information absent section 1071's mandate to collect and report the
information, and ECOA prohibits a creditor from discriminating against
an applicant on the basis of the information. The Bureau accordingly
believes that the best effectuation of congressional intent is to apply
section 1071's special-protection provisions to this demographic
information, regardless of whether the statutory authority to collect
it originates in 704B(b)(1) (women-owned business status and minority-
owned business status), 704B(e)(2)(G) (race, sex, and ethnicity of
principal owners), or
[[Page 35418]]
704B(e)(2)(H) (LGBTQI+-owned business status, which is additional data
that the Bureau has determined would aid in fulfilling the purposes of
section 1071). The Bureau similarly believes that Congress did not
intend these special protections to apply to any of the other
applicant-provided data points in final Sec. 1002.107(a), which the
financial institution is permitted to request whether or not it is
covered under section 1071, which are not the subject of Federal
antidiscrimination laws, and many of which financial institutions
already collect and use for underwriting purposes.
The Bureau does not believe it would be appropriate to modify the
statutory requirements implemented in final Sec. 1002.111(b) (or
elsewhere in Sec. 1002.111), as requested by some commenters, for
consistency with the FTC's newly amended Gramm-Leach-Bliley Safeguards
Rule \813\ and Privacy Rule.\814\ Commenters did not identify any
inconsistency between Sec. 1002.111 and the requirements of the Gramm-
Leach-Bliley Act.\815\ The Bureau notes that the privacy and data
security provisions of these rules apply to consumer information, and
the Gramm-Leach-Bliley Act defines consumer to mean an individual who
obtains, from a financial institution, financial products or services
which are to be used primarily for personal, family, or household
purposes. The Bureau is finalizing comment 111(b)-1 with updated cross-
references to other portions of the final rule and additional text
explaining that while Sec. 1002.111(b) does not always require that a
financial institution maintain certain information in separate physical
or digital files, a financial institution may nonetheless as a
practical matter need to keep this information in a different
electronic or physical file in order to satisfy the requirements of
Sec. 1002.108(b) to establish and maintain a firewall. Final comment
111(b)-1, as revised, is intended to clarify, and facilitate compliance
with, the statutory directive that financial institutions must keep
certain information separate from the credit application. The Bureau is
also adding comment 111(b)-2 to the final rule, which states that a
financial institution is permitted to maintain information regarding
the applicant's number of principal owners pursuant to final Sec.
1002.107(a)(20) with an applicant's responses to the financial
institution's request pursuant to Sec. 1002.107(a)(18) and (19). The
Bureau believes that as a practical matter, the demographic information
that financial institutions would have to maintain separately would
inherently and necessarily include the applicant's number of principal
owners. For example, if an applicant had three principal owners, the
separately maintained demographic information would necessarily contain
three sets of responses to questions about principal owners' race, sex
and ethnicity, even if no part of the separately maintained information
explicitly listed ``3'' as the information responsive to Sec.
1002.107(a)(20).
---------------------------------------------------------------------------
\813\ Fed. Trade Comm'n, Standards for Safeguarding Customer
Information, Final Rule, 86 FR 70272 (Dec. 9, 2021).
\814\ Fed. Trade Comm'n, Privacy of Consumer Financial
Information Rule Under the Gramm-Leach-Bliley Act, 86 FR 70020 (Dec.
9, 2021).
\815\ 15 U.S.C. 6801 through 6809.
---------------------------------------------------------------------------
Regarding comments seeking further clarification of Sec.
1002.111(b) and comment 111(b)-1, the Bureau intended in these
provisions to provide financial institutions with flexibility in
complying with Sec. 1002.111(b), which some industry commenters
favored. The Bureau believes that some commenters overstate the
complexity of Sec. 1002.111(b); several appeared to interpret this
provision as requiring financial institutions to create separate
physical or digital files in all instances. This is contrary to
proposed comment 111(b)-1, which explicitly states that the demographic
information need not be maintained in a separate electronic system, nor
removed from the physical files containing the application. The
Bureau's intent was to acknowledge that different lenders may implement
Sec. 1002.111(b) in varying ways, depending on how they choose to
comply with the firewall requirement. For instance, a lender that
complies with Sec. 1002.108(b) may determine that to keep demographic
information from underwriters and other employees, it must maintain
such information in a separate file from the application, rather than
on a separate piece of paper in the same file as the application.
However, for those financial institutions that, pursuant to Sec.
1002.108(c), determine it is not feasible to limit access to an
applicant's protected demographic information, the Bureau believes that
compliance with ECOA section 704B(b)(2), as implemented in Sec.
1002.111(b), does not necessitate maintaining such information in
separate files.
Regarding several commenters' request that the Bureau use its
exemption authority generally to exempt all lenders from having to
comply with Sec. 1002.111(b) and should, in any case, waive the
requirement for lenders where the firewall under Sec. 1002.108(b) is
infeasible, the Bureau does not believe it would be appropriate to do
so. The request for a general exemption appears to be based on the
premise that proposed Sec. 1002.111(b) would have required demographic
information be stored in separate files. As explained above, final
Sec. 1002.111(b) and final comment 111(b)-1 make clear that there is
not a mandate for all financial institutions to maintain protected
demographic information in separate files, and the commenters do not
explain why financial institutions would choose to maintain separate
files for protected demographic information when they have determined
that one or more officers or employees should have access to that
information.
Regarding the various comments opposing Sec. 1002.111(b) on the
grounds of cost, complexity, and feasibility of compliance, the Bureau
acknowledges that the provision adds effort and expense to complying
with this rule. However, the Bureau believes that comments overstate
the magnitude of the costs, complexity, and purported infeasibility of
complying with Sec. 1002.111(b). Comment 111(b)-1 provides for
flexibility in complying with Sec. 1002.111(b) in retaining records
containing demographic information required by section 1071. The
commenters addressing the cost, complexity, and feasibility did not
identify any less costly, complex, and more feasible methods of
compliance, especially for those financial institutions that found it
infeasible to maintain a firewall pursuant to Sec. 1002.108(b). In any
case, several other commenters, including a lender, agreed with the
Bureau that compliance with Sec. 1002.111(b) is feasible.
The Bureau does not believe that Sec. 1002.111(b) would be
counterproductive in the conduct of examinations or audits, as
suggested by some commenters. As with the comments concerning cost,
complexity and feasibility, these comments--assuming the necessity of
separate electronic or physical files in all cases--overstate the
complexity of Sec. 1002.111(b). As final comment 111(b)-1 establishes,
in many instances, simpler means of separating protected demographic
information from other information within an application file would
suffice, and, the Bureau believes, would not impede audits or
examinations. Further, the Bureau believes that for purposes of
complying with ECOA and subpart A of Regulation B, many financial
institutions already maintain certain documents in files separate from
the application, such as copies of drivers' licenses, that may reveal
protected demographic
[[Page 35419]]
information about business applicants' owners, such as race and sex.
The Bureau likewise disagrees with the assertion that Sec.
1002.111(b) is not necessary; this provision implements a statutory
requirement in ECOA section 704B(b)(2). In addition, in its
interpretation of 704B(b)(2), the Bureau has endeavored to minimize
cost and complexity by reading the provision narrowly. Regarding the
comment that Sec. 1002.111(b) would impact small lenders in particular
and increase ongoing costs, the Bureau does not believe the cost and
complexity of small lenders' compliance efforts will necessarily be
greater than for other institutions, as discussed in part IX below.
Regarding comments that the Bureau should not prohibit the
collection of demographic information on the same form as the rest of
the application, the Bureau disagrees. The Bureau interprets ECOA
section 704B(b)(2), which Sec. 1002.111(b) implements, to suggest that
collection of protected demographic information on separate forms may
be a practical necessity. That is, it would be difficult, if not
impossible, to determine whether a financial institution had complied
with Sec. 1002.111(b), or the firewall provision, if demographic
information is collected with the information from which it must be
kept separate. This is also illustrated in final comment 107(a)(18)-5.
The Bureau does not believe that Sec. 1002.111(b) would disrupt
the SBA's 7(a) loan process, as a commenter suggested--neither Sec.
1002.111(b) nor Sec. 1002.107(a)(18) and (19) affect how demographic
information gathered for purposes other than compliance with this final
rule are to be collected or retained.
Regarding the request that the final rule mirror HMDA's approach to
the collection of demographic information, the Bureau notes that HMDA
does not include a requirement comparable to the one in ECOA section
704B(b)(2) mandating the separation of certain information from the
application; Regulation C thus permits demographic information required
under HMDA to be retained as part of the application.\816\ Regarding
the claim that no evidence exists of fair lending violations from a
failure to separate demographic information separate mortgage files,
the Bureau reiterates that Sec. 1002.111(b) implements a statutory
requirement in ECOA. Regarding the request to exempt HMDA-reportable
loans from complying with Sec. 1002.111(b), the request is mooted by
the Bureau's adoption of new Sec. 1002.104(b)(2), which excludes HMDA-
reportable transactions from the requirements of this final rule.
---------------------------------------------------------------------------
\816\ See 80 FR 66128, 66192-93 (Oct. 28, 2015).
---------------------------------------------------------------------------
111(c) Limitation on Personally Identifiable Information Retained in
Certain Records Under This Section
Proposed Rule
ECOA section 704B(e)(3) provides that in compiling and maintaining
any record of information under section 1071, a financial institution
may not include in such record the name, specific address (other than
the census tract), telephone number, electronic mail address, or any
other personally identifiable information (PII) concerning any
individual who is, or is connected with, an applicant.
The Bureau proposed in Sec. 1002.111(c) that in compiling and
maintaining any records under proposed Sec. 1002.107 or Sec.
1002.111(b), or reporting data pursuant to proposed Sec. 1002.109, a
financial institution shall not include any name, specific address,
telephone number, email address, or any PII concerning any individual
who is, or is connected with, an applicant, other than as required
pursuant to proposed Sec. 1002.107 or Sec. 1002.111(b). The
prohibition on the inclusion of PII in ECOA section 704B(e)(3), which
covers the ``compiling and maintaining [of] any record of
information,'' implicates proposed Sec. Sec. 1002.107, 1002.109, and
1002.111, which together would address the compilation, maintenance,
and reporting of data by financial institutions.
Proposed comment 111(c)-1 would have clarified that the prohibition
in proposed Sec. 1002.111(c) applies to data compiled and maintained
pursuant to Sec. 1002.107, data in the small business lending
application register submitted by the financial institution to the
Bureau under proposed Sec. 1002.109, the version of the register that
the financial institution maintains under proposed Sec. 1002.111(a),
and the separate record of certain information created pursuant to
proposed Sec. 1002.111(b).
Proposed comment 111(c)-2 would have addressed the types of
information (including PII) that a financial institution is prohibited
from including in the data it compiles and maintains pursuant to
proposed Sec. 1002.107, in its records under proposed Sec.
1002.111(b), or in data reported to the Bureau under proposed Sec.
1002.109.
Proposed comment 111(c)-3 would have clarified that the prohibition
in proposed Sec. 1002.111(c) does not extend to the application or any
other records that the financial institution maintains. This comment
was intended to address the request by stakeholders in the SBREFA
process that the Bureau clarify that this prohibition does not extend
more broadly to a financial institution's application or loan-related
files.
Proposed comment 111(c)-4 would have clarified that the prohibition
in proposed Sec. 1002.111(c) does not bar financial institutions from
providing to the Bureau, pursuant to proposed Sec. 1002.109(b)(3), the
name and business contact information of the person who may be
contacted with questions about the financial institution's submission.
The Bureau sought comment on its proposed approach to implementing
ECOA section 704B(e)(3), including how best to implement this
requirement in a manner that minimizes cost and burden, particularly on
small financial institutions, while implementing all statutory
obligations. Regarding comments by stakeholders in the SBREFA process
that reporting small business lending data to the Bureau could give
rise to a potential conflict with the data protection and privacy laws
prohibiting the disclosure of nonpublic personal information to
unaffiliated third parties, the Bureau noted that such laws typically
provide an exemption for disclosures made pursuant to Federal and State
law.\817\
---------------------------------------------------------------------------
\817\ See, e.g., California Consumer Privacy Act, Cal. Civ. Code
1798.145(a)(1) (noting that the obligations imposed on businesses by
CCPA ``shall not restrict a business' ability to . . . comply with
federal, state, or local laws''). Some other laws on this topic may
apply only to consumers acting primarily for personal, family, or
household purposes, but they also provide an exemption for
disclosures made pursuant to Federal and State law. See Gramm-Leach-
Bliley Act section 502(e)(8), 15 U.S.C. 6802(e)(8), and Regulation P
Sec. 1016.15(a)(7)(i) (stating that the limitations on disclosing
nonpublic personal information to unaffiliated third parties do not
apply if the information is disclosed to comply with Federal, State,
or local laws, rules and other applicable legal requirements).
---------------------------------------------------------------------------
The Bureau sought comment on whether the requirements in this
proposed rule could conflict with other data privacy or data protection
laws, and whether the Bureau might need to use its preemption authority
under ECOA,\818\ Regulation B,\819\ and/or section 1041(a)(1) of the
Dodd-Frank Act to ensure that financial institutions do not violate
State law in reporting 1071 data to the Bureau. The Bureau also sought
comment on whether it should include a provision to preempt any State
data privacy or data protection laws that would prohibit the
collection, maintenance, and reporting to the Bureau of 1071 data. In
the SBREFA process before the publication of the proposed rule, some
industry
[[Page 35420]]
stakeholders expressed concern regarding a different issue related to
data privacy, specifically that reporting 1071 data to the Bureau may
cause them to violate other data privacy laws, including State data
privacy laws.
---------------------------------------------------------------------------
\818\ 15 U.S.C. 1691d(f).
\819\ Existing Sec. 1002.11.
---------------------------------------------------------------------------
Comments Received
The Bureau received comments on this aspect of the proposal from
several lenders and trade associations. A CDFI lender said the proposed
provision was reasonable and that it did not foresee an issue with
ensuring that the enumerated PII is not connected to the applicant. A
trade association stated the Bureau, in proposing this provision,
identified a consistent and correct approach to protecting PII. Another
trade association said that the Bureau should issue a provision
clarifying when PII must be excluded in the compiling and maintaining
of any record of information at the different stages in the process.
A bank opposed the proposal, observing that most small community
banks correlate documents to a specific borrower and application using
PII, and that if the rule prohibited the inclusion of such information
on the collection form, there would be no way to tie demographic
information to the specific application in order to aggregate and
accurately report the data.
A credit union trade association stated that the proposed visual
observation and surname data collection requirement for principal
owners' ethnicity and race (pursuant to proposed Sec. 1002.107(a)(20))
may expose covered financial institutions to compliance costs related
to an evolving patchwork of State personal data privacy laws, including
in California, which provides financial institutions only an
information-level exemption from its data privacy law.\820\
---------------------------------------------------------------------------
\820\ 4 Cal. Civ. Code 1798.145(c).
---------------------------------------------------------------------------
Final Rule
The Bureau is finalizing Sec. 1002.111(c) and associated
commentary with revisions for clarity. Final Sec. 1002.111(c), and the
associated commentary, is intended to implement ECOA section
704B(e)(3), which provides that in compiling and maintaining any record
of information under section 1071, a financial institution may not
include in such record the name, specific address (other than the
census tract), telephone number, electronic mail address, or any other
PII concerning any individual who is, or is connected with, an
applicant. The Bureau further clarifies in final Sec. 1002.111(c) that
it does not interpret ECOA section 704B(e)(3) as prohibiting a
financial institution from including PII in its application or other
files, but only the small business lending application register
submitted by the financial institution to the Bureau, the copy of the
submitted register that is retained for inspection, and the separately
maintained record of protected demographic information kept pursuant to
Sec. 1002.111(b).
Final Sec. 1002.111(c), along with corresponding passages in the
commentary, now states that in reporting a small business lending
application register pursuant to Sec. 1002.109, maintaining the
register pursuant to Sec. 1002.111(a), and maintaining a separate
record of information pursuant to Sec. 1002.111(b), a financial
institution shall not include any name, specific address, telephone
number, email address, or any other PII concerning any individual who
is, or is connected with, an applicant, other than as required pursuant
to Sec. 1002.107 or Sec. 1002.111(b). Final Sec. 1002.111(c) and
final comment 111(c)-2 now refer to ``any other personally identifiable
information'' for the sake of clarity and to better conform with ECOA
section 704B(e)(3). Final Sec. 1002.111(c) and associated commentary
incorporate several revisions compared to the proposal. First, to
address a potential misunderstanding regarding the first cross-
reference to Sec. 1002.107 in proposed Sec. 1002.111(c)--as some
comments reflected--as to whether a financial institution is prohibited
from maintaining PII with not only the small business lending
application register but also any other records related to the
collection and maintenance of data points specified in Sec. 1002.107,
including an application for a covered credit transaction. The Bureau
acknowledges the comment that, as drafted, the reference to ``compiling
and maintaining any records under Sec. 1002.107'' in proposed Sec.
1002.111(c) made it unclear exactly what documents, beyond the small
business lending application register and the separately maintained
demographic information of applicants, are subject to the prohibition
on the inclusion of PII.
The Bureau understands that the initial collection of records
relevant to the data points specified in Sec. 1002.107 will commence
in the normal course of business for financial institutions when they
receive a covered application from a small business. At that phase, and
during the underwriting of the application, it would be impractical to
expect that financial institutions could keep the PII of the
individuals associated with an application separate from all of the
other information in the application from which the various data points
in Sec. 1002.107(a) would be derived. The Bureau acknowledges comments
suggesting that a prohibition on including PII on forms--such as the
applicant's name--to tie an application for credit to the separately
kept demographic information would likely impede the accurate compiling
and reporting of data.
As a result, the Bureau has revised Sec. 1002.111(c) to clarify
that financial institutions are prohibited from maintaining certain
types of PII in reporting data pursuant to Sec. 1002.109, the
provision concerning the creation and maintenance of the small business
lending application register. Likewise, final comments 111(c)-1 and
111(c)-2 now refer to the reporting of data pursuant to Sec. 1002.109,
rather than the compilation and maintenance of any records pursuant to
Sec. 1002.107, to focus on PII associated with the small business
lending application register, rather than any records, even those
loosely associated with, the data points under Sec. 1002.107.
Second, the Bureau is finalizing Sec. 1002.111(c) and comment
111(c)-2 to refer explicitly to Sec. 1002.111(a) for clarity. Proposed
comment 111(c)-1 referred to Sec. 1002.111(a) in prohibiting PII in
the copy of the small business lending application register maintained
by the financial institution, but proposed Sec. 1002.111(c) and
proposed comment 111(c)-2 did not explicitly mention Sec. 1002.111(a).
Final Sec. 1002.111(c) and final comment 111(c)-2 have been modified
to remedy this omission. If financial institutions are prohibited from
including PII not only in the small business lending application
register they submit to the Bureau pursuant to Sec. 1002.109,
logically they must also be prohibited from including PII in the copy
of the register they retain pursuant to Sec. 1002.111(a). The Bureau
clarifies in final Sec. 1002.111(c) that it is the Bureau's
interpretation that ECOA section 704B(e)(3) should be read as
prohibiting lenders from including PII in the small business lending
application register submitted to the Bureau pursuant to Sec.
1002.109, and, logically, as requiring lenders to also exclude PII from
the copy of this register that a financial institution is required to
retain pursuant to Sec. 1002.111(a).
Third, the Bureau is finalizing Sec. 1002.111(c) and comment
111(c)-2 to refer explicitly to Sec. 1002.111(b) earlier in both
provisions. Section 1002.111(b) is mentioned towards the end of both
proposed Sec. 1002.111(c) and proposed comment 111(c)-2; however, in
neither provision is it abundantly clear that the
[[Page 35421]]
protected demographic information that lenders must maintain separately
from the application pursuant to Sec. 1002.111(b) must itself be free
of PII. This lack of clarity is remedied in final Sec. 1002.111(c) and
final comment 111(c)-2.
Fourth, the Bureau is finalizing Sec. 1002.111(c) and comment
111(c)-2 to clarify that financial institutions are prohibited from
including in the enumerated records certain enumerated types of PII
specified in the statute, as well as any other PII. The proposed Sec.
1002.111(c) referred simply to ``any'' PII (rather than ``any other''),
which the Bureau believes could have been misinterpreted to suggest
that the list of specific items preceding ``any'' (name, specific
address, telephone number, email address) were not themselves forms of
PII. As a result, to avoid any potential confusion, in both final Sec.
1002.111(c) and final comment 111(c)-2, the Bureau refers to ``any
other'' PII, which also better conforms with the text of ECOA section
704B(e)(3).
Finally, the Bureau is finalizing comment 111(c)-3 to specify that
the prohibition in Sec. 1002.111(c) does not extend to an application
for credit, or any other records that the financial institution
maintains that are not specifically enumerated in final Sec.
1002.111(c). Proposed comment 111(c)-3 simply noted that Sec.
1002.111(c) did not apply to an application for credit or any other
records that the financial institution maintains. The addition of the
phrase ``that are not specifically enumerated in Sec. 1002.111(c)'' is
intended to eliminate any uncertainty about the scope of application of
Sec. 1002.111(c).
Regarding the comment requesting clarification on whether the
prohibition on PII includes different stages in the process of
compiling and maintaining any record of information, the Bureau
addresses these concerns in final Sec. 1002.111(c), and comments
111(c)-1 and 111(c)-2, as revised, as well as comment 111(c)-3, which
is finalized as proposed. Final comment 111(c)-1 specifies the
categories of information that Sec. 1002.111(c) applies to, and final
comment 111(c)-3 makes clear that the prohibition on PII does not
extend to the application or other records that the financial
institution maintains beyond the small business lending application
register.
Regarding the comment that a prohibition on the inclusion of PII on
forms--such as the applicant's name--to tie an application for credit
to the separately kept demographic information would impede the
accurate aggregation and reporting of data, the Bureau believes that
for this specific purpose, other identifiers not involving PII may be
used. For instance, the unique identifier data point in Sec.
1002.107(a)(1) is specific to a particular applicant and can be used to
tie an application to the separately maintained demographic information
for that applicant. By definition and according to comment 107(a)(1)-3,
the unique loan identifier may not include PII prohibited by Sec.
1002.111(c).
The concern that the visual observation and surname provision of
the proposal would expose covered lenders to compliance costs related
to State personal data privacy laws, such as California's, is rendered
moot by the Bureau's decision not to finalize its proposal for
financial institutions to use visual observation and surname analysis
to determine principal owners' ethnicity and race in certain
circumstances.
Section 1002.112 Enforcement
Final Sec. 1002.112 addresses several issues related to the
enforcement of violations of the requirements of proposed subpart B.
First, Sec. 1002.112(a) states that a violation of section 1071 or
subpart B of Regulation B is subject to administrative sanctions and
civil liability as provided in sections 704 and 706 of ECOA. Second,
Sec. 1002.112(b) provides that a bona fide error in compiling,
maintaining, or reporting data with respect to a covered application is
an error that was unintentional and occurred despite the maintenance of
procedures reasonably adapted to avoid such an error. This provision
also addresses the maintenance of procedures reasonably adapted to
avoid such errors. Third, Sec. 1002.112(c) identifies four safe
harbors under which certain errors--namely, certain types of incorrect
entries for the census tract, NAICS code, and application date data
points, or incorrect determination of small business status, covered
credit transaction, or covered application--do not constitute
violations of ECOA or Regulation B.
The Bureau is finalizing Sec. 1002.112 to implement sections 704
and 706 of ECOA, pursuant to its authority under ECOA section
704B(g)(1) to prescribe such rules and issue such guidance as may be
necessary to carry out, enforce, and compile data pursuant to section
1071 and pursuant to its authority under 704B(g)(2) to adopt exceptions
to any requirement of section 1071 and to exempt any financial
institution or class of financial institutions from the requirements of
section 1071, as the Bureau deems necessary or appropriate to carry out
the purposes of section 1071.
112(a) Administrative Enforcement and Civil Liability
Proposed Rule
A violation of section 1071 is subject to the enforcement
provisions of ECOA, of which section 1071 is a part. ECOA contains
administrative enforcement provisions in section 704,\821\ and it
provides for civil liability in section 706.\822\ The enforcement
provisions in existing Regulation B (Sec. 1002.16(a)(1) and (2))
cross-reference and paraphrase these administrative enforcement and
civil liability provisions of ECOA. Proposed Sec. 1002.112(a) would
have provided that a violation of section 1071 or subpart B of
Regulation B is subject to administrative sanctions and civil liability
as provided in sections 704 and 706 of ECOA, where applicable. The
Bureau sought comment on its proposed approach to administrative
enforcement and civil liability.
---------------------------------------------------------------------------
\821\ 15 U.S.C. 1691c.
\822\ 15 U.S.C. 1691e.
---------------------------------------------------------------------------
Comments Received
Several lenders and several trade associations commented on the
proposed administrative and civil enforcement provisions of the rule. A
CDFI lender and two trade associations supported the proposed provision
as appropriate and in line with other regulations. Several commenters
observed that, with respect to Farm Credit lenders, the Farm Credit
Administration examines and enforces compliance with fair lending laws,
including compliance with any rule implementing section 1071. A trade
association observed that for banks with $10 billion or less in assets,
this regulation will be enforced under section 8 of the Federal Deposit
Insurance Act by the appropriate Federal banking agency.
One community group asked that the final rule provide for the
recording and enforcement of whistleblower complaints in the event that
rural farm lenders retaliate against farmers for the good faith
exercise of their rights under various Federal consumer protection
laws, as protected by ECOA and subpart A of Regulation B. The community
group had cited farm loan servicing in particular as an area where
minority famers faced the most discriminatory terms and conditions.
One bank opposed the proposed administrative enforcement and civil
liability provisions in general. A trade association requested that the
Bureau prohibit private causes of action based
[[Page 35422]]
on 1071 data, including discovery in private proceedings. The commenter
claimed that the Bureau had overemphasized the use of these data by
non-governmental entities such as researchers, economists, industry,
and community groups, and that only governmental agencies should have
the power to use such data for supervision and enforcement because only
they were capable of providing appropriate governance to covered
institutions. The same commenter opposed the Bureau's use of such data
in its own enforcement and supervision actions because the right of
applicants to refuse to provide demographic information would render
the data incomplete, unreliable, and inherently inaccurate. The
commenter also claimed that the Bureau had not explained how it would
acquire data on the broader business credit market, without which
accurate decisions on potential violations of fair lending or other
laws could not be made.
One trade association requested that the Bureau, and any regulators
responsible for implementing section 1071, train examiners well and
assign senior staff to examine CDFI banks. The commenter further
observed that the small business lending market is mostly unregulated,
and requested that the Bureau develop examination capacity to cover
currently unregulated lenders such that it should delay implementation
until it has the capacity to enforce compliance with section 1071
across all covered lenders. A women's business advocacy group indicated
support for auditing by the Bureau to ensure that financial
institutions do not alter information to manipulate the data to their
benefit. Another trade association asked what underwriting imbalance
threshold would cause the Bureau to initiate investigation and
enforcement, and how such a process would allow for the mitigation of
data anomalies and errors. Finally, one trade association supported and
deferred to the views of covered lenders, and other trade associations,
and their opinions on the proposed administrative and civil enforcement
provisions of the rule.
A trade association said that because small business loans vary
widely in design and purpose, use of the same analytical techniques and
examination approaches applicable to HMDA's enforcement may yield
erroneous results, and that the Bureau must coordinate with other FFIEC
agencies, including NCUA, to develop model examination procedures in
advance of a final rule. A bank asked that the Bureau limit the use of
data by regulators to conduct fair lending exams only, and not to
subject financial institutions to technical audit and compliance
requirements, based on its experience with HMDA.
Final Rule
The Bureau is finalizing Sec. 1002.112(a) as proposed. Final Sec.
1002.112(a) is necessary to implement the administrative and civil
enforcement provisions of ECOA. A violation of section 1071 is subject
to the enforcement provisions of ECOA, of which section 1071 is a part.
ECOA contains administrative enforcement provisions in section 704, and
it provides for civil liability in section 706. The enforcement
provisions in existing Regulation B (Sec. 1002.16(a)(1) and (2))
cross-reference and paraphrase these administrative enforcement and
civil liability provisions of ECOA. The Bureau notes that several
commenters, including trade associations to industry, agreed with the
Bureau's proposed implementation of the administrative and civil
enforcement provisions of ECOA. Regarding the comments noting the role
of other statutory regimes in the enforcement of section 1071, the
Bureau agrees and notes that the administrative enforcement provisions
of ECOA cross-reference the enforcement authority of other Federal
regulators, including the agencies mentioned by the commenters.
Regarding the request to record and enforce whistleblower
complaints against farm lenders, the Bureau notes that this would be
outside of the scope of this regulation, although the commenter
correctly notes that retaliation for the good faith exercise of rights
under various Federal consumer protection laws could violate ECOA and
subpart A of Regulation B.
Regarding the comment opposing Sec. 1002.112(a) in its entirety,
the Bureau notes that Sec. 1002.112(a) simply implements, by cross-
reference, the existing administrative enforcement and civil liability
provisions of ECOA. Regarding a commenter's request that the Bureau
prohibit private causes of action, including discovery proceedings, the
Bureau is not making such a change as Sec. 1002.112(a) implements, by
cross-reference, the existing administrative enforcement and civil
liability provisions of ECOA, of which section 1071 is a part. Further,
as specified in the preamble to the proposed rule, the Bureau expressed
its belief in response to stakeholders' comments on the SBREFA Outline
that the administrative enforcement mechanisms under ECOA would be
appropriate to address most instances of non-compliance by financial
institutions that report small business lending data to the Bureau,
based on its experience with Regulation C and HMDA.\823\ Further, other
provisions would serve to limit private liability, especially for
unintentional errors, including the bona fide error provision of Sec.
1002.112(b) and the various safe harbors in Sec. 1002.112(c).
---------------------------------------------------------------------------
\823\ 86 FR 56356, 56503 (Oct. 8, 2021).
---------------------------------------------------------------------------
The same commenter claimed that the proposal overemphasized the use
of data by non-governmental entities such as researchers, economists,
industry, and community groups, and that only government agencies
should have access to these data. However, ECOA section 704B(a)
explicitly states that one of the purposes of the statute is to enable
communities and creditors to identify business and community needs and
opportunities; researchers and economists work at community groups and
within industry to assist their analyses in identifying business and
community needs. Moreover, the Bureau does not believe the statute's
other purpose--facilitating enforcement of fair lending laws--was
intended to be limited to enforcement by only governmental entities.
Regarding the commenter's claim that only governmental agencies should
have the power to use such data for supervision and enforcement because
only they are capable of providing appropriate governance to covered
institutions, the commenter undercuts this claim by, in the same
comment letter, also opposing the Bureau's use of small business
lending data in its own enforcement and supervision actions on the
grounds that applicants' right to refuse to answer demographic
information would render the data incomplete, unreliable, and
inherently inaccurate. The Bureau recognizes that the applicant's right
to refuse pursuant to 704B(c) may result in a less complete dataset,
but compared to the status quo, this rule will result in a vastly
expanded dataset on the market for small business credit.
Regarding the varied supervision-related requests for ensuring
sufficient examiner training, assigning senior staff to CDFI banks,
training for examiners to supervise currently unregulated lenders, and
conducting audits to check for the manipulation of data, the Bureau
notes that such requests are outside of the scope of this rulemaking;
the Bureau establishes supervisory and examination procedures only
after a regulation has been finalized, and such procedures will be
consistent with the Bureau's existing policies regarding supervision
and examinations. The Bureau does not believe it would be appropriate
to state, at this time, what would cause the Bureau to initiate
investigation and enforcement, and how it would allow
[[Page 35423]]
for the mitigation of data errors. The Bureau notes, however, that
Sec. 1002.112(b) and appendix F establish thresholds for errors in the
reporting of data.
Regarding the comment concerning how the Bureau should conduct
examinations, the Bureau observes that such comments are outside of the
scope of this regulation. In any case, the Bureau agrees that the
analytical techniques and examination approaches for HMDA may differ
somewhat from the small business credit context, in part because small
business credit products differ widely in design and purpose, and the
Bureau's supervision and enforcement will reflect this. However,
because HMDA as implemented by Regulation C is a data collection regime
that shares similar structures and goals as section 1071 and this
regulation, including the manner in which HMDA data facilitates fair
lending enforcement, the Bureau believes that its experience with HMDA/
Regulation C is instructive for this rulemaking and will inform its
enforcement and supervisory work. Regarding the comment that the Bureau
must coordinate with other FFIEC agencies, including NCUA, to develop
examination procedures in advance of a final rule, the Bureau notes
that examination procedures normally follow after the publication of a
new rule. Regarding the comment that the Bureau should only use the
data it receives to conduct fair lending examinations, and not
technical compliance examinations, the Bureau does not believe that
such a limitation would be appropriate and notes that fair lending
examinations are less effective if the underlying data are not
accurate; technical compliance examinations help ensure the accuracy of
data.
112(b) Bona Fide Errors
Background
During the SBREFA process, small entity representatives and other
industry stakeholders expressed concern about private litigants suing
them for non-compliance with the rule.\824\ In addition, several small
entity representatives requested that the Bureau not assess penalties
for the first year of data collection and reporting, as it did
following the 2015 HMDA final rule; prior to the compliance date for
that rule, the Bureau issued a policy statement announcing it would not
seek penalties for errors for the first calendar year (2018) of data
collected under the amended Regulation C.\825\ Stakeholders asked the
Bureau to emulate that approach for this rulemaking. Other stakeholders
expressed concern about the potential consequences of committing what
they viewed as technical or inadvertent errors in collecting or
reporting data. One financial institution stakeholder suggested that
the rule adopt or emulate the good faith error provisions set out in
Regulation C, including Sec. 1003.6(b)(1), which provides that an
error in compiling or recording data for a covered loan or application
is not a violation of HMDA or Regulation C if the error was
unintentional and occurred despite the maintenance of procedures
reasonably adapted to avoid such an error. Stakeholders also referred
to the existing error-related exemptions in ECOA and Regulation B.\826\
ECOA's civil liability provision states that creditors will not be
liable for acts done or omitted in good faith in conformity with any
official rule, regulation, or interpretation thereof by the
Bureau.\827\
---------------------------------------------------------------------------
\824\ The small entity representative feedback discussed in this
section-by-section analysis can be found in the SBREFA Panel Report
at 34-36.
\825\ CFPB, CFPB Issues Public Statement On Home Mortgage
Disclosure Act Compliance (Dec. 21, 2017), https://www.consumerfinance.gov/about-us/newsroom/cfpb-issues-public-statement-home-mortgage-disclosure-act-compliance/ (noting that the
Bureau did not intend to require data resubmission unless data
errors were material, or assess penalties with respect to errors for
HMDA data collected in 2018 and reported in 2019).
\826\ See, e.g., Sec. 1002.16(c).
\827\ 15 U.S.C. 1691e(e).
---------------------------------------------------------------------------
Proposed Rule
Proposed Sec. 1002.112(b) would have provided that a bona fide
error in compiling, maintaining, or reporting data with respect to a
covered application is an error that was unintentional and occurred
despite the maintenance of procedures reasonably adapted to avoid such
an error. A bona fide error is not a violation of ECOA or subpart B. A
financial institution would be presumed to maintain procedures
reasonably adapted to avoid errors with respect to a given data field
if the number of errors found in a random sample of the financial
institution's submission for the data field does not equal or exceed a
threshold specified by the Bureau for this purpose in proposed appendix
H. However, an error would not be a bona fide error if either there is
a reasonable basis to believe the error was intentional or there is
other evidence that the financial institution did not maintain
procedures reasonably adapted to avoid such errors.
The Bureau believed that a similar approach to Regulation C,
modified and combined with the approach taken by Federal agencies in
HMDA examinations, would be appropriate here. Regulation C Sec.
1003.6(b)(1) provides that an error in compiling or recording data for
a covered loan or application is not a violation of HMDA or Regulation
C if the error was unintentional and occurred despite the maintenance
of procedures reasonably adapted to avoid such an error. In an
examination of a financial institution for compliance with Regulation
C, a financial institution may make a certain number of unintentional
errors in a testing sample of applications for a given data field in
the institution's loan/application register, the HMDA analog to the
small business lending application register, before it must resubmit
its loan/application register. These tolerance thresholds are based on
the number of loans or applications in a loan/application register as
set out in the HMDA tolerances table in the FFIEC's Interagency HMDA
examination procedures.\828\
---------------------------------------------------------------------------
\828\ Fed. Fin. Insts. Examination Council, Interagency
Examination Procedures: HMDA (Apr. 2019), https://files.consumerfinance.gov/f/documents/cfpb_supervision-and-examination-manual_hmda-exam-procedures_2019-04.pdf.
---------------------------------------------------------------------------
The Bureau provided a table of thresholds in proposed appendix H
and incorporated it in the bona fide error provision in proposed Sec.
1002.112(b). Under this proposed provision and the table of thresholds
in proposed appendix H, financial institutions that report a number of
errors equal to or below the applicable thresholds would have been
presumed to have in place procedures reasonably adapted to avoid
errors; those that report a number of errors above the applicable
thresholds would not be presumed to have in place procedures reasonably
adapted to avoid errors.
Proposed comment 112(b)-1 would have explained that a financial
institution is presumed to maintain procedures reasonably adapted to
avoid errors with respect to a given data field if the number of errors
found in a random sample of the financial institution's submission for
the data field does not equal or exceed a threshold specified by the
Bureau for this purpose. Proposed comment 112(b)-1 would also have
explained that the Bureau's thresholds appear in column C of the table
in proposed appendix H, and that the size of the random sample shall
depend on the size of the financial institution's small business
lending application register, as shown in column A of the table in
appendix H.
Proposed comment 112(b)-2 would have provided that, for purposes of
determining bona fide errors under Sec. 1002.112(b), the term ``data
field''
[[Page 35424]]
generally refers to individual fields, but that, with respect to
information on the ethnicity or race of an applicant or borrower, or
co-applicant or co-borrower, a data field group may consist of more
than one field. Proposed comment 112(b)-2 would have provided that if
one or more of the fields within an ethnicity or race field group have
errors, they count as one (and only one) error for that data field
group.
Proposed comment 112(b)-3 would have provided that an error that
meets the criteria for one of the four safe harbor provisions in
proposed Sec. 1002.112(c) would not be counted as an error for
purposes of determining whether a financial institution has exceeded
the error threshold for a given data field.
The Bureau sought comment on its proposed approach to bona fide
errors, including whether the tolerance levels in proposed appendix H
were appropriate.
Comments Received
The Bureau received comments on this aspect of the proposal from
lenders, trade associations, a community group, a women's business
advocacy group, and a third-party service provider. Several lenders and
trade associations expressed support for the proposed provision on bona
fide errors. One trade association also noted that the provision, with
a table of thresholds, was broadly consistent with HMDA.
A women's business advocacy group and a community group expressed
some concerns about the provision. The trade association understood
that the proposal would hold financial institutions harmless for bona
fide errors, and encouraged a limit to the number of safe harbors. The
community group expressed the concern that the tolerances must not be
overly generous because if the rule was too lax, data quality would
suffer and the statutory purposes of the rule would be imperiled.
A community group asked the Bureau to clarify that certain types of
errors might still prompt an examination or enforcement action even if
the number of errors in a sample did not exceed the threshold, citing
the example provided by the Bureau in proposed comment 112(b)-1 in
which a lender coded withdrawn applications as denials to conceal a
potential fair lending deficiency. The commenter asked that the Bureau
further spell out these examples so as not to completely overrule the
proposed table of tolerances, noting that perhaps extra scrutiny should
apply mainly to the action taken categories, revenue size, and
ethnicity, race, and sex data points and fields.
A CDFI lender observed that, as a lender focused on women and
minority[hyphen]owned small businesses, it had noticed discrepancies in
self[hyphen]reporting ethnicity and race, where a minority self-
reported as non-minority, and vice versa. The commenter said that this
could have serious consequences for non[hyphen]profit lenders focused
on minorities, and that it used software and other relevant information
to reconcile ethnicity and race information when possible. The
commenter asked if the Bureau recognized this as an issue, and if the
Bureau would have an issue with lenders correcting or overriding
inaccurate self[hyphen]reported ethnicity and racial data.
A group of trade associations asked that any errors associated with
special lending programs, such as the SBA's Paycheck Protection
Program, that would require financial institutions to quickly provide
credit to their communities and that involved changing guidance, should
not be counted toward the tolerances.
A service provider requested clarification of the ``good faith''
compliance provision of ECOA, especially what would fall outside of the
definition of ``good faith'' under ECOA's civil liability provision,
which provides that ``creditors will not be liable for acts done or
omitted in good faith in conformity with any official rule, regulation,
or interpretation thereof by the CFPB.'' The commenter also suggested
that clarity on this provision would reduce compliance friction, and
lenders would feel secure in providing information to the Bureau if
they had certainty that the data would not be used against them.
A community group suggested that an example identified in proposed
comment 112(b)-2 should constitute two errors, not one, for purposes of
the thresholds. The commenter stated that the example involved the
Bureau examining a lender's data finding an error in the ethnicity and
race fields of the applicant and co-applicant in the same data record,
and counting the two errors in the applicant and co-applicant field as
only one error.
Final Rule
The Bureau is finalizing Sec. 1002.112(b), associated commentary,
as well as appendix F (renumbered from appendix H in the proposal),
with minor revisions. The Bureau has revised comment 112(b)-2 slightly
by changing references from ``data field groups'' to ``data fields,''
because the Bureau will not use data field groups as it does in the
HMDA data collection. The Bureau has also revised an example in comment
112(b)-2 to clarify that, regarding the example provided in the
comment, one error rather than two would be reported for purposes of
the tolerance thresholds.
The Bureau believes that a similar approach to Regulation C,
modified and combined with the approach taken by Federal agencies in
HMDA examinations, is appropriate here. These tolerance thresholds are
based on the number of applications in a register. as set out in the
HMDA tolerances table.\829\ Accordingly, the Bureau believes that the
approach set out in Sec. 1002.112(b), including the accompanying
comments and appendix F, is broadly consistent with the approach it has
taken for HMDA.\830\ The Bureau also believes that this approach
addresses the concerns first expressed by stakeholders in the SBREFA
process regarding liability for some data reporting errors, especially
in the earlier years of reporting, as processes are first being
implemented. Moreover, the Bureau believes that this provision will
help to ensure the accuracy of the data submitted by requiring the
maintenance of appropriate procedures; at the same time, this provision
will prevent financial institutions from being subjected to liability
for some difficult-to-avoid errors that could drive those institutions
from the small-business lending market. Therefore, the Bureau believes
this provision is necessary to carry out, enforce, and compile data
pursuant to section 1071, as well as necessary or appropriate to
carrying out section 1071's purposes.
---------------------------------------------------------------------------
\829\ For HMDA, similar error tolerance thresholds are set forth
in the FFIEC's Interagency HMDA examination procedures, rather than
in Regulation C itself. Fed. Fin. Insts. Examination Council,
Interagency Examination Procedures: HMDA (Apr. 2019), https://files.consumerfinance.gov/f/documents/cfpb_supervision-and-examination-manual_hmda-exam-procedures_201904.pdf.
\830\ Home Mortgage Disclosure (Regulation C), 80 FR 66128,
66269 (Oct. 28, 2015).
---------------------------------------------------------------------------
The Bureau notes that while a handful of commenters expressed
concern about this provision, the vast majority approved of the
inclusion of the bona fide error provision, even if most criticized the
tolerance thresholds, as further described in the section-by-section
analysis of appendix F. The Bureau agrees with the comment that
expressed its strong support on the grounds that the bona fide error
approach was consistent with HMDA.
Regarding the concern that the bona fide error provision might make
it harder to hold lenders accountable for data errors, the Bureau
acknowledges the potential trade-offs between
[[Page 35425]]
maximizing data quality and practicability of implementation for
lenders, and believes that the tolerances in appendix F strike a
reasonable balance between these factors based on the experience of the
tolerance thresholds in HMDA. Regarding the request to clarify the
types of errors that might prompt regulatory action even if the number
of errors in a sample did not exceed the tolerance threshold, the
Bureau notes that the example of denials coded as withdrawals in
comment 112(b)-1 was merely illustrative; the bona fide error provision
is a general standard. Regarding the concerns of erroneous self-
reporting of ethnicity or race, the Bureau notes that for purposes of
reporting data under this regulation, as specified in Sec. 1002.112(b)
and comment 107(a)(19)-1, a financial institution relies on an
applicant's self-reporting of ethnicity and race.
The final rule does not include a provision that errors associated
with applications and loans associated with emergency or special
lending programs such as the Paycheck Protection Program not be counted
towards the tolerances, as requested by some commenters. The Bureau
appreciates the logistical difficulties that might have been
encountered by financial institutions in compiling accurate data
associated with the Paycheck Protection Program and the Economic Impact
Disaster Loan Program, but believes it is more appropriate to consider
guidance in the future tailored to emergency programs as they arise.
Regarding the request to clarify ``good faith'' in the ECOA
provision absolving creditors of liability for ``acts done or omitted
in good faith in conformity with any official rule, regulation, or
interpretation thereof by the CFPB,'' the Bureau notes that the
provision speaks for itself and applies generally to any ECOA
violation, not only violations of this regulation. The Bureau does not
believe it would be appropriate to state that data collected under this
rule would not be used in supervisory or enforcement actions against
covered financial institutions, given that one of the statutory
purposes of this regulation is the facilitation of fair lending
enforcement.
Regarding the comment stating that the example in comment 112(b)-2
should have constituted two errors, not one, for purposes of the
thresholds, the commenter referenced the ethnicity and race fields of
the applicant and co-applicant in the same data record, but the example
did not mention these. In any case, the example in comment 112(b)-2
expresses how the Bureau intends to treat certain types of errors
within data fields.
112(c) Safe Harbors
Proposed Rule
Proposed Sec. 1002.112(c) would have established four safe harbor
provisions, providing that certain types of errors would not constitute
violations of ECOA or Regulation B. Proposed Sec. 1002.112(c)(1) would
have provided a safe harbor for an incorrect entry for census tract
obtained by correct use of a geocoding tool provided by the FFIEC or
the Bureau. Proposed Sec. 1002.112(c)(2) would have provided a safe
harbor for an incorrect NAICS code determined by a financial
institution under certain circumstances. Proposed Sec. 1002.112(c)(3)
would have provide a safe harbor for the collection of applicants'
protected demographic information pursuant to proposed Sec.
1002.107(a)(18) through (20) after an initially erroneous determination
that an applicant is a small business. Proposed Sec. 1002.112(c)(4)
would have provided a safe harbor for the reporting of an application
date that is within three calendar days of the actual application date.
Comments Received
The Bureau received a number of comments from banks, trade
associations, banks concerning the safe harbor provision generally or
not addressing the specific safe harbors in (c)(1) to (c)(4). A women's
business advocacy group encouraged the Bureau to generally limit the
number of safe harbors. Two banks encouraged the general expansion of
safe harbors.
Several banks and trade associations requested a general safe
harbor from liability applying to data if the financial institution
reports what the applicant submitted in the application process, even
if that data are incorrect or inaccurate. One bank further asserted
that it is burdensome for a financial institution to review each data
point for accuracy, and the ability to rely on applicant provided data
would limit the corrections needed. A trade association pointed out
that under the proposal, lenders may rely on some but not all data
provided by applicants, and recommended that the Bureau permit lenders
to rely on all data, without verification, in all circumstances.
Two industry commenters suggested that the Bureau adopt a general
safe harbor for any data that is reasonably documented, and the
financial institution can demonstrate that it has policies and
procedures in place to capture the data. Another commenter recommended
a safe harbor setting a reasonableness standard for data collection
and/or relying on self-reporting, where lenders are not held liable for
the accuracy of the applicant's responses because they are in jeopardy
of violating other laws.
A number of commenters suggested more specific safe harbors. Two
suggested that the Bureau provide an express safe harbor for applicant-
provided data on the applicant's number of workers, Sec.
1002.107(a)(16), and the applicant's time in business, Sec.
1002.107(a)(17). Another suggested that the Bureau provide an express
safe harbor for gross annual revenue, Sec. 1002.107(a)(14), asserting
that ensuring precision in the data is difficult, often requiring
manual review, that the precision of the data does not affect
interpretation of data. The bank stated that, for instance, an
applicant might report an initial estimate (e.g., $900,000), but that
during underwriting, preliminary financials may show a different amount
(e.g., $915,000), and audited financials yet another (e.g., $912,000),
making it likely that the final number may not be the one reported to
the Bureau. To penalize such errors, which the commenter described as
immaterial, would, according to the commenter, burden lenders and
regulators as well. The bank suggested that the Bureau should institute
a 10 percent tolerance for errors made in reporting gross annual
revenue. A trade association suggested a safe harbor for when an
applicant misidentifies itself as a women- or minority-owned business,
which would then cause the lender to ask questions about ethnicity,
race, and sex that may be in violation of ECOA. Another trade
association asked the Bureau to consider adding a safe harbor related
to the feasibility of the firewall, allowing for variations in
determining feasibility.
Final Rule
As described in further detail below, the Bureau is finalizing four
safe harbors established in final Sec. 1002.112(c) with modifications.
In addition, the Bureau has renumbered the four subsections to be more
aligned with the order in the data points these safe harbors address.
The Bureau is finalizing these safe harbors pursuant to its
authority under ECOA and as amended by section 1071. ECOA section 703
provides the Bureau the authority to prescribe regulations to carry out
the purposes of ECOA, including such adjustments and exceptions for any
class of transactions that in the judgment of the Bureau are necessary
or proper to effectuate the purposes of ECOA, to prevent
[[Page 35426]]
circumvention or evasion thereof, or to facilitate or substantiate
compliance therewith. Section 704B(g)(1) provides that the Bureau shall
prescribe such rules as may be necessary to carry out, enforce, and
compile data pursuant to section 1071. Section 704B(g)(2) authorizes
the Bureau to adopt exceptions to any requirement of section 1071 and
to exempt any financial institution or class of financial institutions
from the requirements of section 1071, as the Bureau deems necessary or
appropriate to carry out the purposes of section 1071.
The Bureau is not further modifying the safe harbor provisions in
response to commenters' requests that the Bureau either generally limit
or expand the number of safe harbors. Regarding the request for a safe
harbor from liability when a financial institution submits applicant-
provided data, the Bureau does not believe a safe harbor is necessary
because pursuant to Sec. 1002.107(b) and comment 107(b)-1, financial
institutions are already permitted to rely upon applicant-provided data
in accord with those provisions. Regarding the comment that it is
burdensome for financial institutions to review each data point for
accuracy, the Bureau again notes that financial institutions may rely
upon applicant-provided data and need not verify such data, subject to
the requirements of Sec. 1002.107(b) and comment 107(b)-1. Regarding
the comment that the Bureau should permit lenders to report and rely
solely on applicant-provided data even when they have verified some of
that data for their own business purposes, the Bureau believes that
such a safe harbor would result in a reduction of data quality. The
Bureau believes that final Sec. 1002.107(b) and comment 107(b)-1
strikes a reasonable balance between data quality and cost and effort
incurred by lenders.
Regarding the comment that the Bureau adopt a general safe harbor
for any data that is reasonably documented by financial institutions
with policies and procedures in place, the Bureau does not believe such
a safe harbor would be consistent with the statutory purposes of
section 1071. Such a safe harbor would appear to shield a lender from
liability even if the data submitted to the Bureau were not accurate,
i.e., did not reflect the underlying documentation. Regarding the
comment requesting that the Bureau adopt a safe harbor establishing a
general reasonableness standard for errors in data reporting, the
Bureau does not believe it consistent with the statutory purposes of
section 1071 to adopt such an apparently open-ended safe harbor without
further consideration of what the limits to this provision would be.
The Bureau believes the bona fide error provision in this final rule
will serve the function requested by the commenter's suggested safe
harbor in a manner consistent with the statutory purposes of section
1071, for the reasons set out in the section-by-section analysis of
Sec. 1002.112(b).
The Bureau does not believe any of the more specific safe harbors
suggested by commenters are needed. The Bureau believes that a safe
harbor for the number of workers data point is not necessary because
final Sec. 1002.107(a)(16) does not require the reporting of a precise
numbers of workers, but rather permits the selection of ranges of
numbers. Similarly, the Bureau believes that a safe harbor for the time
in business data point is not necessary because final Sec.
1002.107(a)(17) does not require the reporting of exact years in
business for this data point unless the financial institution already
obtains that information for its own purposes.
The Bureau also does not believe that a safe harbor for gross
annual revenue is needed, as Sec. 1002.107(a)(14), and comments
107(a)(14)-1 and -2, permit financial institutions to report gross
annual revenue in the manner they collect it. The Bureau disagrees,
however, with the comment that the precision of the data would not
materially affect data analysis. The commenter offered a specific
example of discrepancies between different estimates of gross annual
revenue that were minor and might not be material; the commenter did
not suggest that in practice that the differences between self-reported
and verified measures of revenue would consistently be as small as in
the example presented. In any case, the commenter did not address
whether the time between when an application was submitted and when the
financial institution would have to submit the data related to the
application to the Bureau was insufficient to arrive at a final gross
annual revenue number. Neither does the Bureau agree with the comment
offering examples of errors in reporting gross annual revenue would not
really impact the overall integrity of the data; based on its
experience with other data reporting regimes such as HMDA, the 10
percent error range suggested by the commenter in the reporting of
gross annual revenue could be material and impact the integrity of the
data the Bureau received.
A safe harbor for when an applicant misidentifies itself as a
women-owned or minority-owned business is likewise not necessary, as
financial institutions are required to report business statuses as
provided by the applicant, without verification, pursuant to final
Sec. 1002.107(a)(18) and comment 107(a)(18)-8. Regarding the request
to add a safe harbor related to the feasibility of the firewall,
allowing for variations in determining feasibility, the Bureau notes
that its implementation of the statutory firewall provision, in Sec.
1002.108, provides financial institutions substantial leeway; as
specified in comment 108(c)-1, a financial institution is not required
to perform a separate analysis of the feasibility of maintaining a
firewall beyond determining whether an employee or officer should have
access to an applicant's protected demographic information.
112(c)(1) Incorrect Entry for Application Date
Final Sec. 1002.107(a)(2) requires financial institutions to
report application date. In the NPRM, the Bureau proposed Sec.
1002.112(c)(4), which would have provided that a financial institution
does not violate proposed subpart B if it reports on its small business
lending application register an application date that is within three
calendar days of the actual application date pursuant to proposed Sec.
1002.107(a)(2). The Bureau sought comment on its proposed approach to
this safe harbor.
The Bureau received comments on proposed application date safe
harbor from a handful of lenders and trade associations. Most of these
commenters generally supported the safe harbor, with one commenter
stating that it would reduce the compliance burden of pinpointing an
exact application date. A trade association supporting the safe harbor
further stated that the application process is fluid and that it should
be sufficient for the financial institution to reasonably document the
data point and have policies and procedures in place to capture the
data. Another trade association stated that the proposed safe harbor is
appropriate, but questioned its utility. The commenter noted that it
was unclear who or how the ``actual'' application date would be
determined and the proposed definition of a covered application was
already flexible and subjective.
Two banks urged the Bureau to change ``calendar'' days to
``business'' days in the safe harbor. These commenters stated that they
often operate their business seven days a week or may approve requests
for credit on non-business days. They argued that business days would
allow for
[[Page 35427]]
consistent application of the safe harbor regardless of the date a
business applied for credit, retaining only calendar days would mean
financial institutions would lose the flexibility afforded by a safe
harbor when it is most needed, and that failure to make the change
could preempt the ability of financial institutions to provide ``off-
hour'' services. Finally, a couple commenters urged the Bureau to
provide additional clarifications, such as examples of how to calculate
the safe harbor date range or illustrations in the commentary on how
the safe harbor would operate.
The Bureau is finalizing Sec. 1002.112(c)(1) (proposed as Sec.
1002.112(c)(4)) with modifications to provide that a financial
institution does not violate ECOA or subpart B if it reports on its
small business lending application register an application date that is
within three business days of the actual application date pursuant to
final Sec. 1002.107(a)(2). The Bureau believes this provision will
both ensure the level of accuracy needed for the resulting data to be
useful in carrying out section 1071's purposes and minimize the risk
that financial institutions will be held liable for difficult-to-avoid
errors, which might otherwise affect their participation in the small
business lending market. The Bureau therefore believes final Sec.
1002.112(c)(1) is necessary or appropriate to carry out section 1071's
purposes pursuant to ECOA section 704B(g)(1) and (2).
In response to commenters' concerns that ``calendar'' days would
disadvantage a financial institution that receives applications on non-
traditional business days, the Bureau is revising ``calendar'' days to
``business'' days. A business day means any day the financial
institution is open for business.\831\ The Bureau agrees with
commenters that the safe harbor should apply equally regardless of
which day of the week an application is received. In response to
commenters' request for illustrations as to how the safe harbor would
work, the Bureau believes the text of final Sec. 1002.112(c)(1)
provides sufficient guidance on how to calculate whether a reported
date falls within the safe harbor. For example, in accordance with
final Sec. 1002.112(c)(1), if a covered application is received by a
financial institution on Saturday, January 5, and the financial
institution is closed for business on Sunday, January 6, the safe
harbor would apply so long as the financial institution reports an
application date that falls between Wednesday, January 2 (three
business days preceding the actual date of a covered application) and
Wednesday, January 9 (three business days following the actual date of
a covered application). Sunday, January 6 does not count as one of the
three business days because it was not a business day for the financial
institution.
---------------------------------------------------------------------------
\831\ If a financial institution accepts covered applications
online at any time, but under its procedures does not actually
receive or review the application until the next business day, the
mere willingness to accept applications online does not mean the
financial institution is open for business seven days a week.
---------------------------------------------------------------------------
112(c)(2) Incorrect Entry for Census Tract
Proposed Rule
Proposed Sec. 1002.112(c)(1) would have provided that an incorrect
entry for census tract is not a violation of ECOA or this subpart if
the financial institution obtained the census tract by correctly using
a geocoding tool provided by the FFIEC or the Bureau. Regulation C
Sec. 1003.6(b)(2) contains a similar provision, and the Bureau
believed a similar approach would be appropriate here.
Proposed comment 112(c)(1)-1 would have explained that the safe
harbor provision under proposed Sec. 1002.112(c)(1) would not extend
to a financial institution's failure to provide the correct census
tract number for a covered application on its small business lending
application register, as would have been required by proposed Sec.
1002.107(a)(13), because the FFIEC or Bureau geocoding tool did not
return a census tract for the address provided by the financial
institution. In addition, proposed comment 112(c)(1)-1 would have
explained that this safe harbor provision would not extend to a census
tract error that results from a financial institution entering an
inaccurate address into the FFIEC or Bureau geocoding tool.
The Bureau sought comment on its proposed approach to this safe
harbor.
Comments Received
Several lenders and trade associations commented on the proposed
safe harbor for incorrect census tract. Some commenters supported the
safe harbor as proposed; several further requested that the safe harbor
also protect the use of reasonable processes to identify and report
census tract data where the FFIEC and Bureau tools did not return a
census tract. Two commenters requested that the Bureau create an
exclusion from census tract reporting when the applicant only provides
a P.O. Box or other mailbox that is not connected to a physical
address. Another requested, because the Bureau census tract tool is not
yet available and because the FFIEC tool does not permit batch
geocoding, that the Bureau extend the safe harbor to include
commercially available batch geocoders often found within HMDA and CRA
reporting software. One commenter supported the safe harbor but
asserted that the safe harbor's usefulness was limited because of the
difficulty in proving that a geocoding tool was used correctly. Two
commenters requested additional latitude if a census tract is reported
for a business where the business has a physical location, even if it
is not the business's main address or where loan funds are spent.
Final Rule
For the reasons set forth herein, the Bureau is finalizing Sec.
1002.112(c)(2) (proposed as Sec. 1002.112(c)(1)) and comment
112(c)(2)-1 (proposed as 112(c)(1)-1) as proposed. As noted above,
Regulation C Sec. 1003.6(b)(2) contains a similar provision, and the
Bureau believes a similar approach is appropriate here. Given the
number of years that financial institutions have been relying on the
FFIEC geocoding tool in the HMDA context, the Bureau believes it is
reasonable to similarly permit financial institutions to rely on
information provided by a geocoding tool offered by the FFIEC or the
Bureau, subject to the caveats in comment 112(c)(2)-1. Additionally,
the Bureau believes that this safe harbor will ultimately improve the
accuracy of the data submitted by encouraging the use of reliable FFIEC
geocoding tools, and preventing financial institutions from being
subject to liability for difficult-to-avoid errors that some commenters
said could drive those institutions to eschew these useful tools. The
Bureau thus believes this provision is necessary to carry out, enforce,
or compile data pursuant to section 1071, and necessary or appropriate
to carry out section 1071's purposes pursuant to ECOA section
704B(g)(1) and (2).
Regarding commenters' request that the safe harbor be adjusted to
protect the use of reasonable processes to identify and report census
tract data where the FFIEC and Bureau geocoding tools did not return a
census tract, or that the Bureau expand the safe harbor to include
commercially available batch geocoding tools, the Bureau does not
believe that such changes are warranted. Both Regulation C Sec.
1003.6(b)(2) and final Sec. 1002.112(c)(2) permit financial
institutions to rely on the accuracy of tools provided by the Federal
government when they are able to return a census tract. Where such
tools return no census tract at all, financial institutions must rely
on other tools,
[[Page 35428]]
such as geocoding tools provided by third parties, or must use other
means to determine census tract. The Federal government does not
review, and therefore cannot verify or take responsibility for, the
accuracy of commercially available geocoders.
Similarly, the Bureau is not adopting an exception for situations
in which the applicant only provides a P.O. Box or other mailbox that
is not connected to a physical address. The ``waterfall'' reporting
method for the census tract data point implements the statutory term
``principal place of business.'' Pursuant to final Sec. 1002.107(c), a
financial institution is required to maintain procedures reasonably
designed to collect applicant-provided data, which includes an address
or location for purposes of determining census tract. Because a P.O. or
other mailbox address is generally unrelated to the location of the
principal place of business or another location associated with the
business, the Bureau expects that in most instances (for its own
purposes or as needed to comply with other regulations) a financial
institution will attempt to collect an address more suitable for
determining the census tract. If the financial institution is unable to
do so, it may use a P.O. or other mailbox address for reporting census
tract.
Despite the assertion that this safe harbor is limited because of
the difficulty in proving that a geocoding tool was used correctly, the
Bureau does not believe that changes to the safe harbor would be
appropriate. The safe harbor, which the Bureau notes is broader than
the one in Regulation C (this safe harbor extends to the Bureau
geocoding tool; the one in Regulation C does not), is intended to be
narrowly applicable to government-provided geocoding tools. Financial
institutions have relied for years on existing geocoding tools,
including the FFIEC tool in the HMDA context. The use of the FFIEC
tool, and the manner that the Bureau has dealt with any errors derived
from the use of the tool, are well established. Thus, the Bureau does
not anticipate difficulties identifying whether an error is caused by
user error (which would not be protected by the safe harbor) or by the
geocoding tool itself (which would be protected). The Bureau does not
believe that, as requested by the same commenter, any further latitude
is required in the reporting of census tract (i.e., if the census tract
is reported for a physical location, even if it is not the business's
main address or where the proceeds of the credit applied for or
originated will be or would have been principally applied) for the
reasons set out here and in the section-by-section analysis of Sec.
1002.107(a)(13) above.
112(c)(3) Incorrect Entry for NAICS Code
Proposed Rule
The Bureau proposed to require financial institutions to collect
and report an applicant's 6-digit NAICS code in proposed Sec.
1002.107(a)(15). A financial institution would have been permitted to
rely on statements of or information provided by the applicant in
collecting and reporting the NAICS code as described in proposed
comments 107(a)(15)-3 and -4. The Bureau also proposed a safe harbor,
in Sec. 1002.112(c)(2), to address situations where a financial
institution does not rely on such information, but instead identifies
the NAICS code for an applicant itself and the identified NAICS code is
incorrect. Specifically, proposed Sec. 1002.112(c)(2) would have
provided that the incorrect entry for that institution-identified NAICS
code is not a violation of ECOA or subpart B, provided that the first
two digits of the NAICS code are correct and the financial institution
maintains procedures reasonably adapted to correctly identify the
subsequent four digits.
The Bureau sought comment on its proposed approach to this safe
harbor. The Bureau also sought comment on whether requiring a 3-digit
NAICS code with no safe harbor would be a better alternative.
Comments Received
The Bureau received a number of comments on its proposal to require
collection and reporting of a 6-digit NAICS code, as discussed in the
section-by-section analysis of Sec. 1002.107(a)(15) above. The Bureau
received comments from some lenders and trade associations specifically
regarding the related safe harbor in proposed Sec. 1002.112(c)(2).
Several industry commenters reiterated their general opposition to the
proposed NAICS code data point but asserted that they supported the
safe harbor if the Bureau were to require financial institutions to
collect and report NAICS code. A trade association stated that as long
as the data point reported is reasonably documented and the financial
institution can demonstrate it has policies and procedures in place to
capture the data, the Bureau should recognize that it is sufficient. A
bank and a trade association for online lenders stated that where an
institution in good faith reports a NAICS code, believed to be accurate
based on the attestation and information provided by the applicant, but
was provided with inaccurate information, a reporting financial
institution should not be deemed to be in noncompliance with the
regulation. A few commenters asserted that if the Bureau requires NAICS
code to be collected, then the Bureau should permit lenders to rely
upon applicant statements or codes obtained through the use of business
information products as proposed in comments 107(a)(15)-3 and -4.
A few trade associations and a business advocacy group expressed
the belief that the safe harbor was insufficient and should be broader.
In particular, these commenters asserted that the safe harbor would not
apply when the institution relied on the applicant's statement for the
NAICS code. A group of trade associations concluded that financial
institutions that want to use the safe harbor would be required to try
to determine the NAICS code themselves and said that this process would
be burdensome and fraught with the risk of inaccuracies.
Final Rule
For the reasons set forth herein, the Bureau is finalizing Sec.
1002.112(c)(3) (proposed as Sec. 1002.112(c)(2)) with certain
adjustments. As discussed in the section-by-section analysis of Sec.
1002.107(a)(15) above, the Bureau is requiring that financial
institutions collect and report a 3-digit NAICS code for the applicant.
The Bureau is revising the safe harbor to account for this modification
for the required number of digits and to clarify what information the
financial institution may rely on in reporting NAICS codes. In
addition, while the bona fide error provision in final Sec.
1002.112(b) continues to apply (provided its requirements are met), the
Bureau is deleting that language from comment 112(c)-2 for consistency
across the safe harbor provisions and because comment 112(b)-3
addresses the issue.
Specifically, final Sec. 1002.112(c)(3) makes clear that an
incorrect entry for a 3-digit NAICS code is not a violation of ECOA or
subpart B, provided that the financial institution obtained the 3-digit
NAICS code by: (i) Relying on an applicant's representations or on an
appropriate third-party source, in accordance with Sec. 1002.107(b),
regarding the NAICS code; or (ii) identifying the NAICS code itself,
provided that the financial institution maintains procedures reasonably
adapted to correctly identify a 3-digit NAICS code.
[[Page 35429]]
As discussed above, some commenters believed that the proposed safe
harbor would not apply when the institution relied on the applicant's
statement for the NAICS code, and as a result financial institutions
could be penalized for reporting erroneous NAICS codes provided by
applicants and thus may have to re-check such NAICS codes themselves in
order to qualify for the safe harbor. Given the provisions in proposed
Sec. 1002.107(a)(15) and (b) (finalized in Sec. 1002.107(b) with
additional detail) that expressly permitted a financial institution to
rely on applicant-provided information in reporting NAICS code, the
Bureau did not believe that such a safe harbor was necessary. However,
to address commenters' concerns, the Bureau is expressly including
NAICS codes provided by applicants or obtained from an appropriate
third-party source, in accordance with Sec. 1002.107(b), within the
scope of final Sec. 1002.112(c)(3).
The Bureau is adopting this safe harbor pursuant to its statutory
authority under section 704B(g)(1) and (2). The Bureau believes that
this safe harbor, as revised, is responsive to commenters' concerns
about the difficulties in correctly classifying an applicant's NAICS
code (whether because the business may change over time, codes may have
overlapping definitions, small businesses may not know their NAICS
code, or because classifications may otherwise be prone to human
error). The Bureau also believes that the safe harbor will help to
ensure the accuracy of the data submitted by requiring the maintenance
of appropriate procedures when the financial institution is determining
an applicant's NAICS code itself; at the same time, the safe harbor
prevents financial institutions from being subjected to liability for
some difficult-to-avoid errors. Therefore, the Bureau believes final
Sec. 1002.112(c)(3) is necessary or appropriate to carry out section
1071 purposes pursuant to ECOA section 704B(g)(1) and (2).
112(c)(4) Incorrect Determination of Small Business Status, Covered
Credit Transaction, or Covered Application
Proposed Rule
Proposed Sec. 1002.112(c)(3) would have provided that a financial
institution that initially determines that an applicant for a covered
credit transaction is a small business, as defined in proposed Sec.
1002.106(b), but later concludes the applicant is not a small business,
does not violate ECOA or Regulation B if it collected information
pursuant to subpart B regarding whether an applicant for a covered
credit transaction is a minority-owned business or a women-owned
business, and the ethnicity, race, and sex of the applicant's principal
owners. Proposed Sec. 1002.112(c)(3) would further have provided that
a financial institution seeking to avail itself of this safe harbor
would have to comply with the requirements of subpart B as otherwise
required pursuant to proposed Sec. Sec. 1002.107, 1002.108, and
1002.111 with respect to the collected information.
The Bureau proposed this safe harbor to address situations where a
financial institution may otherwise be uncertain about whether it ``may
obtain information required by a regulation'' under existing Sec.
1002.5(a)(2), which could deter financial institutions from complying
with the rule implementing section 1071. The Bureau believed that this
safe harbor would facilitate compliance with ECOA by eliminating a
situation in which a financial institution might be deterred from
appropriately collecting applicants' protected demographic information
due to the possibility that their understanding of an applicant's small
business status might change during the course of the application
process.
Proposed Sec. 1002.112(c)(3) would have made it clear that a
financial institution seeking to avail itself of this safe harbor must
comply with the requirements of subpart B as otherwise required
pursuant to proposed Sec. Sec. 1002.107, 1002.108, and 1002.111 with
respect to the collected information. Relatedly, proposed comment
106(b)-1 would have clarified that, in such a situation, the financial
institution does not report the application on its small business
lending application register pursuant to Sec. 1002.109.
The Bureau sought comment on its proposed approach to this safe
harbor.
Comments Received
As set out above in the section-by-section analysis of Sec.
1002.112(c), the Bureau received comments generally supporting all four
of the proposed safe harbors, including proposed Sec. 1002.112(c)(3),
as well as comments suggesting that the proposed safe harbors were too
narrow. With respect to proposed Sec. 1002.112(c)(3) specifically, a
CDFI lender and two trade associations supported this safe harbor
generally. The trade association further urged the Bureau to allow
banks to rely on applicant-provided revenue data in determining whether
to collect data pursuant to this regulation. Several other industry
commenters, apparently unaware of proposed Sec. 1002.112(c)(3),
requested that the Bureau adopt a safe harbor, in substance, identical
to proposed Sec. 1002.112(c)(3). A bank and a business advocacy group
suggested that the Bureau adopt a new safe harbor applying to an
application for a covered credit transaction where the applicant
ultimately accepts a product that is not reportable; the trade
association suggested that the collection of data for such applications
would not advance the statutory purposes of section 1071.
Final Rule
For the reasons set forth herein, the Bureau is finalizing this
safe harbor, renumbered as Sec. 1002.112(c)(4), with revisions. The
Bureau has expanded the safe harbor for the reasonable, yet erroneous,
collection of demographic data beyond an initial determination that an
applicant is a small business, to also cover an initial determination
that the application is for a covered credit transaction and that there
is a covered application.
Specifically, final Sec. 1002.112(c)(4) provides that a financial
institution that initially collects protected demographic data--
regarding whether an applicant for a covered credit transaction is a
minority-owned business, a women-owned business, or a LGBTQI+-owned
business, and the ethnicity, race, and sex of the applicant's principal
owners pursuant to final Sec. 1002.107(a)(18) and (19)--but later
concludes that it should not have collected such data does not violate
ECOA or Regulation B if the financial institution, at the time it
collected these data, had a reasonable basis for believing that the
application was a covered application from a small business for a
covered credit transaction pursuant to Sec. Sec. 1002.103, 1002.104
and 1002.106. Consistent with the proposal, final Sec. 1002.112(c)(4)
further states that a financial institution seeking to avail itself of
this safe harbor shall comply with the requirements of subpart B as
otherwise required pursuant to Sec. Sec. 1002.107, 1002.108, and
1002.111 with respect to the collected data. The Bureau is also
adopting new comment 112(c)-3 to provide an example of the kinds of
errors covered by the safe harbor in final Sec. 1002.112(c)(4).
The Bureau is adopting this safe harbor pursuant to its authority
under ECOA sections 703(a), 704B(g)(1), and 704B(g)(2). The Bureau has
determined it is appropriate to expand the safe harbor to address other
situations which could pose the same challenges to financial
institutions as the one addressed by proposed Sec. 1002.112(c)(3).
Specifically, the safe harbor as revised addresses several
determinations a
[[Page 35430]]
financial institution must make as a threshold matter in order to
collect applicants' protected demographic data pursuant to the rule:
whether an application is reportable pursuant to Sec. 1002.103, for a
covered credit transaction under Sec. 1002.104, and from a small
business applicant pursuant to Sec. 1002.106.
Comments the Bureau received on the safe harbor in proposed Sec.
1002.112(c)(3), and on the underlying substantive provisions including
proposed Sec. Sec. 1002.103, 1002.104 and 1002.106, suggested that
financial institutions need additional leeway in making threshold
determinations, particularly when those determinations are based on
applicant-provided data that may later change or otherwise turn out to
be incorrect. Under existing Sec. 1002.5(a)(2), a creditor may only
obtain otherwise protected information if ``required by a regulation,''
or some other express exception applies. Absent this expanded safe
harbor, financial institutions may be deterred from appropriately
collecting applicants' protected demographic information for fear of
running afoul of existing Sec. 1002.5(b) due to the possibility that
their understanding of an application--whether the application is for a
covered credit transaction, and is from a small business applicant--may
change during the course of the application process and so collection
of demographic data will no longer be ``required by a regulation.'' The
Bureau thus believes that the safe harbor in Sec. 1002.112(c)(3), as
revised from the proposal, will facilitate compliance with ECOA and the
rule.
The Bureau agrees, as suggested by several commenters, that the
safe harbor in proposed Sec. 1002.112(c)(3) may have been too narrow,
focused as it was on errors in determining the small business status of
an applicant. For the reasons explained herein, the Bureau believes it
is appropriate to extend the safe harbor to other threshold
determinations: whether an application is reportable at all under Sec.
1002.103 and whether the application in question is for a covered
credit transaction under Sec. 1002.104.
Regarding a commenter's request that banks should be allowed to
rely on applicant-provided revenue information in deciding to collect
demographic data, the Bureau notes that, pursuant to final Sec.
1002.107(b), financial institutions may rely on unverified applicant-
provided gross annual revenue (although if the financial institution
verifies that information, it must use the verified information
instead).
Regarding the same commenter's request to expand the safe harbor to
include any application for a covered credit transaction where the
applicant accepts an offer for a financing product that is not
reportable, the Bureau does not believe any further expansion of final
Sec. 1002.112(c)(4) is warranted. Final Sec. 1002.112(c)(4) addresses
the collection of demographic data from a small business that initially
applies for a covered credit transaction but, before final action is
taken, instead seeks a non-covered transaction, such as a lease.\832\
The safe harbor suggested by the commenter, on the other hand, would be
unnecessarily broad, reaching a covered application from a small
business that accepted a non-covered product after final action has
been taken on the covered application for a covered credit product. In
such circumstances, the initial decision of the financial institution
to collect demographic data on such applications for covered credit
transactions was not erroneous and would not have violated ECOA or
Regulation B, and thus a safe harbor is not necessary. Further, the
commenter did not explain why a safe harbor covering the situations it
described would be consistent with the statutory purposes of section
1071, which requires the collection of ``any application to a financial
institution for credit'' (emphasis added).
---------------------------------------------------------------------------
\832\ See also comment 103(a)-9, which discusses reporting where
there is a change in whether there is a covered credit transaction.
---------------------------------------------------------------------------
Section 1002.113 Severability
Proposed Sec. 1002.113 would have provided that the provisions of
subpart B are separate and severable from one another, and that if any
provision is stayed or determined to be invalid, the remaining
provisions shall continue in effect.
One trade association said that it had no comments on proposed
Sec. 1002.113.
The Bureau is finalizing Sec. 1002.113 with revisions to clarify
that applications of provisions are also severable. This is a standard
severability clause of the kind that is included in many regulations to
clearly express agency intent about the course that is preferred if
such events were to occur.
Section 1002.114 Effective Date, Compliance Date, and Special
Transitional Rules
Final Sec. 1002.114 addresses when the final rule becomes
effective and when financial institutions will be required to comply
with the rule, as well as how financial institutions can choose to
comply with the rule during this transitional period. Final Sec.
1002.114(a) states that this small business lending data collection
rule will become effective 90 days after the final rule is published in
the Federal Register. Final Sec. 1002.114(b) provides a tiered
approach to compliance dates. Specifically, the dates by which covered
financial institutions are initially required to comply with the
requirements of this rule are specified in four provisions based on the
number of covered originations. Compliance with the rule beginning
October 1, 2024 is required for financial institutions that originate
the most covered credit transactions for small businesses. However,
institutions with a moderate transaction volume have until April 1,
2025 to begin complying with the rule, and those with the lowest volume
have until January 1, 2026.
Final Sec. 1002.114(c)(1) permits covered financial institutions
to begin collecting information pursuant to final Sec. 1002.107(a)(18)
through (19) beginning 12 months prior to the compliance date. Final
Sec. 1002.114(c)(2) permits a financial institutions that do not have
ready access to sufficient information to determine their compliance
tier (or whether they are covered by the rule at all) to use reasonable
methods to estimate their volume of originations to small businesses
for this purpose.
114(a) Effective Date and 114(b) Compliance Date
Background
Section 1071 does not specify an implementation period, though
pursuant to ECOA section 704B(f)(1) financial institutions must report
data to the Bureau on an annual basis. In the SBREFA Outline, the
Bureau noted that it sought to ensure that financial institutions have
sufficient time to implement the rule, and stated that it was
considering proposing that financial institutions have approximately
two calendar years for implementation.\833\
---------------------------------------------------------------------------
\833\ SBREFA Outline at 42.
---------------------------------------------------------------------------
Small entity representative and stakeholder feedback regarding the
two-year period for implementation under consideration during the
SBREFA process was mixed.\834\ Some found the two-year period to be
adequate, some requested more time, and a few urged for less. Some
provided related feedback about adopting a grace period for data errors
in the first year(s) after the rule becomes effective. A fuller
discussion of the feedback from small entity representatives and
stakeholders on implementation period is included in
[[Page 35431]]
the NPRM and in the SBREFA Panel Report.
---------------------------------------------------------------------------
\834\ The small entity representative feedback discussed in this
section-by-section analysis can be found in the SBREFA Panel Report
at 36-37.
---------------------------------------------------------------------------
Proposed Rule
The Bureau proposed in Sec. 1002.114(a) that its small business
lending data collection rule become effective 90 days after the final
rule is published in the Federal Register. At that time, the rule would
become part of the Code of Federal Regulations; this would permit
financial institutions to avail themselves of the special transitional
rule in proposed Sec. 1002.114(c)(2), discussed below. However,
pursuant to proposed Sec. 1002.114(b), compliance with the final rule
would not have been required until approximately 18 months after the
final rule is published in the Federal Register.
The Bureau's proposed approach was a compromise between the two-
year implementation period under consideration at SBREFA that a slight
majority of stakeholders found acceptable and the shorter one-year
implementation period requested by certain stakeholders. The Bureau
believed that the statutory purposes of section 1071 are better served
by an earlier compliance date that would, in turn, result in earlier
publication of data by the Bureau. The Bureau acknowledged the
preference of various small entity representatives and other
stakeholders for a compliance period of two or more years to comply.
The Bureau noted, however, that some small entity representatives and
other industry stakeholders said that they could be ready in less than
two years. The Bureau agreed with the stakeholders that asserted that a
shorter implementation period is preferable given the length of time
that has elapsed since the passage of section 1071 of the Dodd-Frank
Act.
The Bureau believed that permitting or requiring a partial year
collection in the initial year of compliance would further the purposes
of section 1071 by expediting the collection and, potentially, the
publication of data to be used to further the fair lending and
community development purposes of the statute.
The Bureau sought comment on its proposed effective date of 90 days
following publication of an eventual final rule and its proposed
compliance date of approximately 18 months after the publication of its
final rule to implement section 1071. In particular, the Bureau sought
comment on which aspects of the Bureau's proposed rule might require
more or less time to implement, and ways in which the Bureau could
facilitate implementation for small financial institutions, especially
those that have had no experience with other Federal data reporting
regimes. The Bureau further sought comment on two alternatives: (a)
whether the Bureau should adopt a compliance date of two years after
the publication of the final rule; and (b) whether the Bureau should
adopt different compliance dates based on the size of a financial
institution (e.g., one year for large financial institutions, two years
for smaller institutions).
Comments Received
The Bureau received several comments in response to proposed Sec.
1002.114(a). A CDFI lender approved of the proposed effective date of
90 days after Federal Register publication of this rule. A joint letter
from several trade associations did not object to the 90-day effective
date. A business advocacy group requested a that there be no
retroactive application of the rule prior to the effective date. They
noted that the proposed rule would require numerous complex compliance
burdens based on the collection of new data, the establishment of new
internal processes, and the development of new systems, and urged the
Bureau to clearly explain that the final rule does not apply
retroactively, including as to draws made after the effective date on
loans made before the effective date.
The Bureau received a large number of comments in response to
proposed Sec. 1002.114(b). Several comments supported an 18-month
compliance period or requested a shorter period, but the vast majority
of comments suggested a longer compliance period, for varied reasons.
Support. One community group preferred a 1-year implementation but
was satisfied that the Bureau did not provide for a 2-year period as
requested by lenders. A trade association offered appreciation that the
proposed compliance period reflected consideration by the Bureau for
the lenders but still requested a longer compliance period than
proposed.
Requests to publish data quickly and frequently. A number of
commenters urged the Bureau to finalize the rule quickly to collect and
publish data as soon as possible. A range of commenters emphasized the
urgency of the Bureau implementing this rule carefully and quickly. Two
commenters stated that the ongoing failure to collect and publish data
harms women-owned and minority-owned small businesses and communities
because discriminatory practices are permitted to continue. One also
said that the absence of 1071 data would compromise the goals of
mission-driven lenders. A joint letter from community groups and
community oriented lenders said that swift implementation was critical
for consumers, regulators, and advocates to assess markets given the
limited data currently available.
A number of commenters asserted that the Bureau should move quickly
to implement the rule, collect and publish data given that more than 10
years have passed since the Dodd-Frank Act required the promulgation of
this rule. A minority business advocacy group requested that initial
data findings be published as soon as possible, and every six months so
that stakeholders can monitor progress and utilize data.
Less than 18 months. Several commenters asserted that an 18-month
compliance period was too long. Some commenters, including a joint
letter community groups, community oriented lenders, and business
advocacy groups, requested that the compliance date for this rule be
January 1, 2024. Another commenter argued that a one-year period better
served the statutory purposes of the rule. Several CDFI lenders stated
that mission-based lenders ready to report within 18 months should be
permitted to opt-in to report data. A community group suggested that
section 1071's statutory purposes are better served by shorter
compliance period considering Congress enacted section 1071 in the
Dodd-Frank Act in 2010.
More than 18 months. A large number of commenters, including
lenders, trade associations, and a community group, opposed the
proposed compliance date. Many of these commenters asked for a longer
compliance period without specifying how much time lenders needed. One
commenter stated that even if the final rule were shorter than the
NPRM, lenders would need more than 18 months.
Resources. Two industry commenters asserted that lenders needed
more resources for new data collection and reporting systems to comply.
A bank noted that it already faced thin margins and already had to
comply with the Financial Accounting Standards Board's Current Expected
Credit Losses rule.\835\
---------------------------------------------------------------------------
\835\ Off. of the Comptroller of the Currency, Treasury; Bd. of
Governors of the Fed. Rsrv. Sys.; and Fed. Deposit Ins. Corp.,
Regulatory Capital Rule: Revised Transition of the Current Expected
Credit Losses Methodology for Allowances, Final Rule, 85 FR 61577
(Sept. 30, 2020) (delaying for two years the requirement that
banking organizations implement the estimated impact on regulatory
capital stemming from the implementation of Accounting Standards
Update No. 2016-13, Financial Instruments--Credit Losses, Topic 326,
Measurement of Credit Losses on Financial Instruments).
---------------------------------------------------------------------------
[[Page 35432]]
Scope and complexity. Two trade associations claimed that lenders
needed more time to understand the scope of the final rule and to apply
new processes to various lines of business. One commenter noted that
the much of the data to be collected would be novel for lenders.
Previous experience. Two lenders requested additional time because
of their lack of experience with Federal data collections, such as HMDA
or CRA.
Policies and procedures. A number of commenters requested more time
to develop and/or update policies and procedures for application intake
and data collection. Several small lenders asserted that they would
have to implement new application processes and adopt new forms. One
bank noted that it would have to create formal applications and
associated procedures for agricultural or business loans.
Technology. A number of commenters identified the need to purchase
or upgrade compliance software in support of extending the compliance
period. Some banks said they needed time--for some, years--to rewrite
core processors to add data points for this rule. Several banks said
they needed to automate their small business lending processes, a
difficult task with many systems to choose from, review, develop and
implement. Several banks asked for more time to buy software from
vendors, including time to conduct due diligence, allow vendors to
develop systems, test integration with existing systems, and manage
vendors. One lender stated that 10 percent of agricultural loans are
made using a scoring system called AgScore, which must be re-engineered
to support this rule, a costly and time-consuming task.
Training. A number of banks said they needed more time to hire new
staff and/or train existing employees.
Other regulations. Commenters asserted that other comparably
complex data collection regulations provided for longer compliance
periods. A number of banks and two credit union trade associations
noted that the 2015 HMDA rule had a two-year compliance period, and by
contrast that this rule is a major regulation covering many different
products, requiring even more time for vendors to adapt. Several
commenters cited their experience with the TILA/RESPA integrated
disclosure rule, which gave two years to comply with updated
requirements, as proof that 18 months was not sufficient to comply with
this new rule.
Specific industries. Different types of lenders requested longer
compliance periods for their industries. One commenter stated that 18
months was insufficient because most mission-based lenders were small,
and that compliance would take time and resources. They also suggested
that CDFIs unable to meet the 18-month deadline should get more time to
comply. Two trade associations claimed that 18 months was insufficient
even for larger credit unions, and that most credit unions had to wait
for vendors to create compliance products. One commenter requested more
time because equipment finance companies are not accustomed to Federal
regulators. A commenter requested more time for community banks because
they would have to rely on software and vendors, not internal staff.
Other comments. One bank claimed that a short deadline would cause
unintended errors, leading to actions against the bank. Another bank
claimed that compliance costs will increase cost of small business and
agricultural lending, affecting customer profitability. A different
bank claimed that it needed more time because many borrowers may not
have or want to provide this data, and that small business owners
require education to be willing to provide data for this rule. Another
said rushed implementation would lead to unintended consequences.
Two years. Many banks, credit unions, and trade associations
requested a two-year compliance period. A joint letter from several
trade associations suggested a compliance period starting the January
1, two full years after the calendar year of the effective date. A bank
asserted that an 18-month period would make the rule an undue
regulatory burden, costly, and not commensurate to any reporting
benefit.
Scope and complexity. Several industry commenters asserted that
lenders needed two years to understand the full scope and complexity of
the rule. One argued that two years was warranted because the scope of
rule expanded after the SBREFA process, adding additional data points
pursuant to ECOA section 704B(e)(2)(H) and a visual observation and
surname requirement. The commenter also argued that car dealers face
open scope and coverage issues, specifically the involvement of dealers
exempt from Bureau rulemaking. One lender asked for more time because
the rule is a new regulatory paradigm, applying to multiple credit
products and loan systems even within one bank. Another lender
justified two years because small businesses need more time to
understand the requirements of the final rule.
Policies and procedures. Several industry commenters requested two
years to permit lenders to develop and test new policies and
procedures.
Technology. Some industry commenters requested at least two years
to comply to have enough time to deal with all of the steps related to
purchasing or upgrading compliance software, including finding and
onboarding vendors, conducting due diligence on vendors (some lenders
said they were required to vet third parties), integrating compliance
software with existing software, testing software, and reconfiguring
platforms, all before the compliance deadline. Some noted that no
vendors, at the time comments were submitted, offered compliance
software for this rule. One bank asked for more time to ensure that
their software differentiated between data reported under different
overlapping regulations, including CRA, HMDA, and FinCEN's beneficial
owner rule. Two industry commenters noted that lenders needed more time
to accommodate core providers to adjust and update their software. One
bank observed that, by way of example, its core provider only finished
software six weeks before the end of the two-year compliance period for
the beneficial owner rule.
Staff and training. Several lenders said they needed at least two
years to adjust staffing and train staff. A number of banks stated that
they would need to hire new staff. Some industry commenters stated that
lenders would need to train staff on compliance policies as well as new
software.
Two industry commenters argued that small financial institutions in
particular needed more time. One trade association said that early
stage online lenders would be burdened by the rule while seeking to
expand access to credit for small businesses. A bank asserted that
small banks needed two years because, unlike large banks, vendors and
not internal staff would develop compliance systems.
Other regulations. Several industry commenters justified a two-year
period based on the compliance periods for comparable data collection
regulations, including HMDA. One bank said that this rule was no less
complex than HMDA and that no less time should be given to comply.
Another bank observed that the 2015 HMDA rule justified a two-year
period in part on the new time-consuming and complex requirement to
collect open-end mortgage data; the bank argued that this rule was also
new and complex. Two commenters noted that lenders' experience with
HMDA showed how much time was needed to implement new systems,
policies, procedures, data privacy, data security, staff training and
compliance programs.
[[Page 35433]]
One trade association noted that this rule would be harder for
financial institutions with no experience with data reporting regimes
such as HMDA.
Other comments. A trade association argued that the proposed 18-
month period was inconsistent with the two-year period in the SBREFA
Outline of proposals under consideration.
30 months. Some industry commenters requested at least 30 months to
comply with the final rule, for several reasons.
Scope and complexity. Several banks asserted that the scope and
complexity of the rule warranted a 30-month compliance period. One bank
stated that each product had a unique application process and record
system, and different personnel. Another bank stated that the rule
would result in far-reaching, expensive changes across the bank's many
branches, including front and back-end staff. Several banks requested
more time because of the strain on dedicated resources. One bank said
it needed more time to ensure compliance as to all its products.
Processes. Several industry commenters requested 30 months to
comply to create or change processes and procedures in response to the
rule, including new collection and reporting processes.
Software. Some industry commenters requested 30 months to have time
to purchase or upgrade software. Several noted that software to comply
with this rule does not yet exist. Commenters also noted that vendor
management requires time, including conducting third-party due
diligence, integrating compliance software with existing software, and
training staff on new software. One bank said that 30 months would give
vendors time to develop and test solutions, and banks time to evaluate
these solutions. One software vendor asserted that vendors needed 30 to
36 months to work with business partners, such as form vendors, to
coordinate, make changes, and distribute work to lenders. The commenter
noted that it needed lead time to analyze, plan, design, develop, test,
document and distribute software changes to its financial institution
clients before the compliance date. A bank stated that the collection
of new data points would require extensive changes to software for
applications, loan processing, core processing, data collection and
fair lending, and that each update required testing and training.
Commenters offered specific concerns regarding small lenders and
software. One trade association noted that core providers that small
banks rely on do not now offer tools to comply with this rule. One
bank, not a HMDA filer, expressed that it was at the mercy of its core
provider regarding timing and expense. Another bank said it needed more
time because it did not have ready access to its vendors because it was
small compared to other lenders.
Several industry commenters requested 30 months to have time to
hire new staff and/or train existing staff to comply with this rule.
One bank noted that such training would involve staff from different
areas of the bank, including commercial lending, compliance,
underwriting, applications support, and business systems support. A
community bank said that it would not have a dedicated team for this
rule, but rather existing staff, including a loan operations manager,
loan audit clerk, and compliance officer, with competing concerns,
would meet monthly to work slowly through the rule. One bank noted the
particular importance of training its lending staff.
A trade association requested a 30-month period on the grounds that
a shorter period would result in flawed data the first few years, which
could negatively impact analysis. Another commenter noted that small
business lending is varied, involves more negotiation than consumer
lending, and is therefore more difficult to capture consistent data
for.
Some commenters justified a 30-month period on compliance periods
for other complex regulations. Several lenders cited their experience
with HMDA to justify a 30-month period. One noted that many HMDA
software kits barely met deadlines, and significant updates were still
needed after the deadline. Another bank, based on its experience with
the TILA/RESPA integrated disclosure rule, stated that it would take
longer than 18 months to comply with this rule.
Several lenders commented that they needed 30 months to comply
because they had no experience with other data collection regulations
such as HMDA or CRA.
Two banks expressed a concern that an 18-month period would hamper
their ability to serve customers. One also said it would be challenging
to comply with the new rule while still serving customers and
maintaining day-to-day bank operations. Another said that to ensure
data consistency, the adoption of new processes may produce less access
to credit.
Some commenters supported a 30-month period for specific small
business lenders. Some stated that 18 months was not sufficient for
small and community banks to review, develop and implement collection
systems. A number of smaller lenders and a trade association stated
that while large lenders have dedicated compliance staff, smaller banks
need more time because they rely on vendors and software. One bank
stated that regulations should target large and not small banks, that
rules often apply to lenders regardless of size, and that the Bureau
should set a longer period for all lenders for the sake of small ones.
A bank emphasized that a 30-month period would give smaller community
banks time to prepare processes that work for both the bank and its
customers.
A number of mission-based lenders stated that small CDFIs had
limited capacity and needed more time to develop compliance systems.
Several commenters stated that mission-based lenders should be able to
opt-in to comply in 18 months if they were ready to do so.
A trade association expressed concern that banks it represented
would have difficulties with the proposed 18-month period, especially
for rural lenders with no HMDA experience, which would have to create
new processes.
A software provider identified a sequence of factors justifying a
30-month period. First, this rule would require new data collection
fields to collect, store, and report data. Such changes could only
begin when this rule is finalized. After software changes are
distributed, lenders must test software, implement procedural changes,
and train employees on system updates prior to compliance date.
Further, some clients may operate on different releases of software so
multiple versions will have to be supported, requiring changes for
multiple versions. The commenter requested more time to address these
steps in an orderly fashion.
Several other comments supported a 30-month period. One bank noted
that the time is needed to resolve unanticipated implementation issues.
Another bank supported a 30-month period to match compliance
examination cycles. A third bank argued that a 30-month to three-year
period was not much more time than the proposed 18-month period, given
that the Bureau justified its proposal on the 10 years that elapsed
since the passage of the Dodd-Frank Act.
Three years. A plurality of commenters requesting a longer
compliance period than proposed suggested three years to comply,
including a wide variety of trade associations, as well as midsized and
smaller banks, credit unions, and agricultural lenders.
[[Page 35434]]
General comments. Several commenters stated that a three-year
period would permit lenders to make changes to achieve the statutory
purposes of section 1071. One lender suggested a compliance date of
January 1, 2026. A trade association asserted that the compliance
period should be three years and should start on January 1 on the
grounds that a partial year of data would not provide meaningful
benefits and would be ignored because data users would want to make
year-over-year comparisons.
Several industry commenters favoring a three-year period argued
that it was inappropriate for the Bureau to use its 10-year delay in
issuing this rule pursuant to the Dodd-Frank Act as grounds to burden
lenders with a short compliance period. Two bank trade associations
asserted that it was arbitrary and unreasonable for the Bureau to
propose an 18-month period to comply with the broader requirements of
the NPRM compared to the SBREFA outline of proposals under
consideration, which contemplated a two-year compliance period.
Sequential changes. Two trade associations noted that compliance
steps in sequence, each step dependent on the completion of prior one--
vendors create new data collection and reporting systems, lenders
develop and test procedures for these systems, staff are trained on the
systems and procedures, then further testing may identify issues that
require revisions and iterating again before the deadline. One
commenter stated that, ideally, at least six months before the
compliance date, lenders would receive software that can be tested and
validated.
Scope and complexity. Some industry commenters based a three-year
period in part on the need for time to understand and interpret this
rule. Several commenters noted that this new rule involves the
collection of new data and would be a ``sea change'' for small business
lenders, especially those with no experience with HMDA or data
reporting. A trade association stated it did not know how much more
time to request without knowing the content of the final rule. Another
trade association stated that a three-year period would give the Bureau
time to educate and support lenders as they implement this rule, based
on the experience with the Paycheck Protection Program.
Many banks and several trade associations cited the scope and
complexity of the rule to justify a three-year period, specifically,
that the rule would cover many different products with different
processes. Two commenters requested a three-year period because
compliance involves changes across many business units, systems, and
small business lending channels. A group of trade associations asserted
that the rule would require the collection of 21 data points, the
separate maintenance of demographic information, and the firewall. Two
trade associations stated that compliance with this rule would be
significant and time-consuming. One bank noted that small business
lending involved a wider variety of solutions than consumer lending.
One bank noted that the rule as proposed would have required the
reporting of 6,500 loans, 44 percent more than its 4,500 CRA-reportable
small business loans.\836\
---------------------------------------------------------------------------
\836\ This comment highlights the extent to which this final
rule will greatly improve the comprehensiveness of application-level
small business lending data available for analysis, compared to the
data available under the status quo, such as current CRA
regulations. The CFPB has worked closely with the OCC, FDIC, and
Federal Reserve Board to harmonize this rule with those agencies'
proposed CRA amendments; more comprehensive small business lending
data from this final rule can lead to better analysis of business
and community development needs in the context of the amended CRA
regulations. See, e.g., Bd. of Governors of the Fed. Rsrv. Sys.;
Fed. Deposit Ins. Corp.; and Off. of the Comptroller of the
Currency, Treasury, Community Reinvestment Act, Joint Proposed Rule,
87 FR 33884, 33941 (June 3, 2022) (``[T]he agencies propose using
section 1071 data, once available, to develop market benchmarks.'');
id. at 33998 (``In the longer term, the CRA's data collection and
reporting requirements for small business loans and small farm loans
would be eliminated and replaced by the CFPB's section 1071 data
collection and reporting requirements.'').
---------------------------------------------------------------------------
A number of industry commenters and a business advocacy group
justified a three-year period to create, update, and test non-software
processes and policies. Some commenters stated that lenders would need
new procedures or workflows for applications and data collection. One
bank stated that existing workflows would change to align with
firewall. Several commenters stated that lenders would need to overhaul
or obtain new forms and applications after the final rule. Other
commenters claimed not to use written applications for small business
and farm loans. One bank stated that it needed to develop a high-touch
data collection system because of its variety of small business lending
products. One trade association noted that lenders must wait for the
final rule to change their policies and procedures, and that
clarifications and questions regarding the rule would take months to
address, especially new proposed provisions not discussed at SBREFA.
One bank said it needed to establish controls and processes to train
staff. A trade association stated lenders needed time to assign
responsibility across departments, including compliance. Another bank
observed that it would take time to receive direction from compliance
vendors.
Software. Many comments supported a three-year compliance period
based in part on technological issues. Some industry commenters
justified a three-year period on the need to automate processes and
update small business lending applications. One bank stated that it
needed to build data collection procedures for its manual lending
processes, and that small business lending is not automated to same
extent as consumer lending. One bank stated that many lenders report
HMDA and CRA data via a manual process, and this will need to be
automated to collect the significantly expanded data under section
1071.
A number of industry commenters stated that lenders would need time
to choose, onboard and integrate new software. Several banks said no
existing software complies with this rule, and one bank stated that
many providers were waiting for this rule to be finalized and would
still take time to make a proven and accurate solution available. Some
lenders and trade associations noted that many lenders need to find and
vet vendors before buying a software system. Some industry commenters
stated that lenders do not have technology in place to collect data for
the rule. One bank offered a contrary view, reporting that its software
vendor was already working on software to comply with this rule. A
large bank stated that it would need additional time to build
compliance software itself.
One bank said that it had no relationship with vendors and no data
collection programs. A trade association stated that this rule would
require significant infrastructure investments for credit unions.
Another bank that it needed addition time to implement software before
updating its processes. A trade association stated that lenders needed
software before training staff. A group of trade associations stated
that the integration of compliance systems would be an iterative
process of testing, finding and fixing problems, and testing again, all
across multiple lines of small business lending products. Another
commenter identified a sequential process to purchasing software,
including selection, installation, training and testing.
Several commenters offered other details on why their technology
requirements justified three years to comply. One bank stated that it
needed at least 24 months to implement new software, and 12 months more
to have accurate reporting. Another bank stated that 18 months suffice
for vendors to
[[Page 35435]]
develop and install a data collection and reporting system but would
not suffice for lenders to implement the software and train staff. A
different bank stated that it searched for 1071 software for over two
years and would need 18 months to integrate the software with other
systems. Another bank said it needed more than two years to develop,
test, and implement systems of this scope. One bank stated that its
vendor would take six months to upgrade software after the final rule
is released. Yet another bank needed 18 months for software to become
available, vetted and installed, and 18 months more to train staff. A
trade association claimed that lenders needed more time because they
decide what technology to build one to two years in advance, and more
time was needed to take into account ``blackout'' periods, during which
technology builds stop eight weeks before calendar year end, which the
commenter believed could add up to four months to timeline to comply
with this rule.
A number of industry commenters stated that lenders needed time to
wait for vendors to prepare new software or update existing software,
and time to test it. Several industry commenters and a business
advocacy group also stated that lenders needed more time to onboard and
test software.
A number of lenders, particularly small and mid-sized banks,
requested more time to comply because they lacked control over the
speed and preparation of third-party software vendors. A trade
association for community banks stated that small banks depend more on
vendors to develop new systems. Several commenters stated that core
providers, particularly relied upon by community banks, need more time
to adjust to collect new data points. That is, community banks must
wait for core providers to update their systems, test updates and
resolve problems, after which compliance vendors can develop systems to
integrate with the core system. The same commenter stated that
community banks that use a platform, not a core provider, to originate
loans must ensure that, once their core provider has built the fields
for all of the data points, each is mapped individually to the small
business lending platform, requiring the creation of multiple APIs,
which would result in more costs and delays.
Smaller lenders described complications they would face in
obtaining software for this rule. One bank stated that lenders needed
time to conduct due diligence on these vendors. Another bank stated
that many financial institutions may make demands on the same vendors
at the same time, slowing implementation. A third bank stated that
covered financial institutions would compete for software
implementation dates to comply with this rule, and that the smallest
lenders will be at the greatest disadvantage for getting software in
time to comply with this rule. Another commenter stated that community
banks face higher costs to buy compliance software.
Two trade associations asserted that three years would suffice for
credit unions to work with vendors to revise systems for this rule.
Another trade association stated that credit unions required more time
than 18 months because they are at the mercy of vendors and must train
staff and update forms and processes.
A business advocacy group stated that the rule would result in
significant, time-consuming changes to reprogram software because
online lenders do not currently collect demographic information so as
to avoid accessing data that would make intentional discrimination
possible.
Staffing. A number of commenters, including a number of lenders and
trade associations, justified a three-year compliance period on the
time lenders needed to hire and/or train existing staff to collect,
verify, and report data for this rule.
Some industry commenters stated that lenders would have to hire new
staff for data collection, verification, and reporting. One bank stated
that time would be needed to determine staffing needs. Two smaller
banks stated that they would need an additional employee to collect and
verify data for this rule. A State bankers association said that
lenders needed more time because they and their small business
customers were struggling with the lasting effects of the pandemic and
labor market shortages.
Many commenters, including a number of lenders and trade
associations, justified a three-year compliance period in part on the
need to train staff, both new and existing employees, to comply with
the rule. Several banks stated that they could not start to train staff
until software and processes exists for compliance with this rule; one
bank said that 18 months was not sufficient to do this well.
Several commenters said that lenders would need to train a variety
of staff on compliance and software for this rule, including loan
officers and customer-facing staff as well as compliance, risk, legal,
and technology employees. Further, several banks and a business
advocacy group observed that lenders needed to train staff on what to
collect, including data points for this rule. A group of trade
associations noted that some lenders are not accustomed to collecting
data to the accuracy standards of the Bureau, and that staff familiar
with HMDA and CRA would require more training not to be confused with
overlaps with this rule.
Several industry commenters noted that the rule would require
greater staffing resources. One bank said it would increase staff hours
to collect and review data, which would impact operations. Another bank
stated that the biggest hurdle to compliance would be allocating
employee resources. Yet another bank noted that staff training is time
consuming. One bank noted that it needed several months to train its
3,000 employees. A credit union trade association stated that a tight
labor market, global pandemic, and economic crisis make updating
services harder.
Some commenters stated that they needed three years to comply to
communicate changes caused by the rule to consumer to minimize
disruption. Several commenters noted the need to accustom small
business applicants to the collection of ethnicity, race, and sex
information. One bank stated that borrowers may resist this type of
inquiry. Another bank said that customer education for this rule was
important, that many customers already believe that lenders ask for too
much information, and that customers may be driven from traditional
banking to less safe products as a result.
Access to credit. Several commenters supported a longer compliance
period on the grounds that financial institutions might need to pause
or stop their small business lending until they were in compliance with
this rule, hurting vulnerable small businesses that section 1071 was
intended to benefit.
Data accuracy. A number of commenters stated that hasty
implementation of the rule would result in data errors, bad data
quality and bad analysis based on that data. A group of State banking
regulators asked the Bureau to consider a longer compliance period so
that financial institutions can better prepare to compile and
accurately report data. Several banks and trade associations asserted
that rushed implementation generally would make data in the first few
years after the compliance date flawed, incomplete, or unusable,
limiting the usefulness of the data for fair lending and business and
community development purposes.
Some commenters asserted that more time to comply would make data
more accurate, or otherwise justified a three-year compliance period on
the grounds
[[Page 35436]]
of data accuracy. Several commenters stated that rushed compliance
would result in errors which, in turn, would lead to Bureau actions
against lenders as well as unnecessary public scrutiny, ultimately
harming small businesses that section 1071 was intended to help. One
bank stated that the implementation of policies and procedures,
acquisition of software, and training of employees would take more than
18 months to implement, but that three years would suffice to ensure
the collection of reliable data. Another bank stated that data will be
error[hyphen]laden in early years of collection until systems can be
refined. A different bank stated that the proposed 18-month period will
likely lead to flawed initial data reporting and flawed analyses. A
trade association asserted that a three-year period more closely
adhered to the expectation in the statute. Another trade association
stated that a compliance period of fewer than three years would risk
the viability of CDFI lending programs.
Many industry commenters requested a longer compliance period
because many lenders lacked experience with data reporting regulations,
such as HMDA or CRA. Specifically, a number of lenders and trade
associations stated that lenders not subject to HMDA reporting needed
three years to comply because they will start from scratch without
existing vendors, processes or procedures to adapt to small business
lending or train staff. A group of trade associations stated that banks
that do not report HMDA/CRA data will meet vendors for first time and
will not have experience with testing process. One bank stated that for
lenders with limited staffing resources and no existing reporting
mechanisms, 18 months to comply is unreasonable. Another bank stated
that many lenders have not had to collect this amount of data.
Other regulations. A number of commenters compared the proposed
compliance date with those of other regulations. One said that the
proposed 18-month period was short compared to those of other complex
rules. A bank said, based on past regulatory reporting rollouts, it
would take three years to comply with this rule. Another commenter
stated that historically, short implementation periods for complex
rules are not feasible.
Some commenters compared the proposed 18-month period to comply
with a new, complex rule with the more than two years that lenders had
to comply with the 2015 HMDA rule, which only modified existing
requirements. Commenters pointed out that, unlike the 2015 HMDA rule,
this rule requires the construction of new systems for a new data
collection regime rather than building on systems already in place. One
commenter encouraged the Bureau to consider a period of three years or
longer, especially to ensure that smaller lenders would have time to
comply. A large bank pointed out that, unlike HMDA, this rule covers
numerous credit products offered by lenders to small businesses,
including loans, lines of credit, and credit cards, each of which uses
a unique application process and system of record, and different
personnel.
Other lenders and trade associations expressed concern about the
proposed compliance period based on their experience with HMDA, noting
that vendors were not ready before the initial deadlines established by
the Bureau, which then had to provide leniency related to data accuracy
for HMDA data, as well as issue multiple corrections and clarifications
to HMDA rule since 2015. Several commenters noted that the 2015 HMDA
rule took several years and resulted in Congress amending HMDA in 2018.
One bank noted that, as with HMDA, lenders will spend many hours
reviewing data to avoid errors and resubmission.
Commenters also compared the proposed Sec. 1002.114(b) with
compliance periods of other Federal rulemakings. One bank said that,
based on its experience with the CRA, this rule would require more than
18 months. Several commenters stated that the experience with the TILA/
RESPA integrated disclosure rule shows that 18 months were insufficient
for major changes. One commenter requested three years to comply based
on its experience with that same rule, noting that vendors sought
clarity on that rule to make and deploy solutions, and the Bureau
answered questions until the effective date, making implementation
challenging. A trade association observed that industry had two years
to comply with the FinCEN's customer due diligence rule,\837\ which it
said was a simpler regulation.
---------------------------------------------------------------------------
\837\ FinCEN's customer due diligence rule requires financial
institutions to have procedures for each of its legal entity
customer to identify each 25 percent natural person who owns more
than 25 percent of the legal entity as well as one natural person
executive of the legal entity. Fin. Crimes Enf't Network, Customer
Due Diligence Requirements for Financial Institutions, Final Rules,
81 FR 29397 (May 11, 2016).
---------------------------------------------------------------------------
Two industry commenters took the opposite view, noting that lender
experiences with past regulations are irrelevant. A bank said that a
successful rollout would take more than 18 months even if a lender was
experienced with data collection regulations. A trade association
stated that even current HMDA reporters would find compliance with this
rule challenging because of the differences between small business and
agricultural lending and mortgage lending, specifically because small
business lending involves different loan platforms, small business
lending units do not offer a ``menu'' of standardized credit products,
and clear application procedures do not exist because small business
customers are unique.
Industry-specific rationales. A number of industry commenters
suggested rationales specific to their industries to justify a three-
year compliance period. An agricultural lender stated that many FCS
lenders, community banks, and small credit unions would incur great
expense if required to obtain new technology and train new employees
within 18 months. A trade association noted that a compliance period of
less than three years would burden CDFIs.
Some commenters, including a trade association and a number of
banks, stated that small and community banks needed three years to
comply rather than 18 months. One commenter emphasized that
stakeholders it consulted stated that an 18-month period was
inadequate, and that small lenders may take three years to comply. A
bank emphasized that while larger banks have more resources for
compliance, small banks will struggle without more time to comply and
will be disadvantaged. A trade association noted that smaller banks
that are not HMDA reporters would find a new data collection regime
challenging. A group of State banking regulators stated that small
lenders would face particular challenges early on in implementation. A
trade association and a bank noted that small banks depend on vendors
to develop systems. A bank stated that small and mid-sized lenders are
a lower priority for vendors, which would erode their participation in
small business lending. Two banks noted that small and community banks
would struggle because of shortfalls in staffing and technology.
A trade association stated that mid-sized banks were unlikely to
stand up systems in 18 months despite best efforts, based on the
experience of lenders with other data reporting regimes.
A business advocacy group stated that innovative start-ups, small
banks, and credit unions would struggle to implement the rule given the
resources at their disposal.
A group of State banking regulators requested a longer compliance
period,
[[Page 35437]]
in part, so that the Bureau could ``demonstrate'' its ability to
collect data from nondepository institutions subject to the rule.
A joint comment from two auto dealer trade associations requested a
three-year period because they said the proposed 18-month period is
untenable for dealerships in general and small dealerships in
particular, which must coordinate compliance efforts with credit
application system providers, vendors, and finance sources, after which
systems must be updated and tested, and staff must be trained.
More than three years. One commenter said that the compliance
period should be three to five years because the bank would have to
make hard decisions on staffing and its lending capacity due to the
additional reporting measures, and may exit the market. The commenter
expressed concern that a short implementation period would force the
bank to exit the small business lending market and hurt its current
customers.
Tiered compliance. Some commenters supported some kind of phased or
tiered compliance under which larger lenders would have earlier
compliance dates and smaller lenders would have later compliance dates.
Many industry commenters requested tiered compliance dates in addition
to, or as an alternative to, a longer single compliance period for all
lenders. Two commenters suggested tiered compliance starting not less
than three years after the final rule is issued because the process of
implementation would raise issues that require time and deliberate
action to frame and solve.
Industry commenters justified tiered compliance on a number of
grounds, including the scope and complexity of the rule, as well as the
need for smaller lenders to implement and test automated collecting and
reporting. One trade association observed that some lenders needed time
to test systems to ensure accurate collection and reporting, and
asserted that with an 18-month period, a bank would have just six
months to collect data to do a trial run with one year of data before
the compliance date.
Many commenters, including lenders and trade associations for State
banks and credit unions, argued for tiered compliance because of the
need to purchase or develop new software to comply with the rule.
Industry commenters also pointed to other factors requiring a longer
compliance period, include the time to find vendors, time to develop
software, time for vendors to plan and execute network changes, and
time to train and hire staff to integrate systems with software for
this rule.
Two industry commenters emphasized the dependence of smaller
lenders on third-party vendors to justify tiered compliance--that small
lenders would need time to evaluate lenders and complete due diligence,
that vendors would need time to develop new compliance software, and
that lenders would need time to integrate and test software with
existing systems.
Several trade associations emphasized that many lenders needed the
additional time that tiered compliance would provide to permit them to
hire and/or train compliance staff, and train existing lending staff,
to comply with the rule.
Two trade associations suggested that tiered compliance dates were
necessary for credit unions to educate their members and allow for the
development of member notifications.
A number of commenters justified tiered compliance based on
industry experience with complying with other regulations. Several
commenters noted lenders had more than two years to comply with the
2015 HMDA rule, which amended existing regulations, while this rule is
new and complicated. Several trade associations pointed to industry
experience with Financial Accounting Standards Board's Current Expected
Credit Loss rule as an example of rushed implementation; after
initially setting a single compliance date, regulators later staggered
implementation, requiring smaller institutions to comply later,
recognizing high one-time costs and advantages large institutions had
in negotiating with vendors.
A bank justified tiered implementation on the grounds that hasty
implementation would lead to inaccurate data in the first few years of
the rule.
Two trade associations stated that phased compliance is important
for lenders not experienced with data collection rules to give them
time to build infrastructure. One commenter noted that lenders that are
not federally insured depositories in particular need more time to
start training programs from scratch, and that it would be hard for
such lenders to find and hire enough staff with coding expertise
without regulatory data systems in place. Another commenter said that
banks that do not comply with HMDA would need more time to comply with
this rule than money-center banks that have HMDA experience.
Smaller lenders and trade associations justified longer compliance
dates for smaller lenders on various grounds. One bank stated that
smaller lenders could learn from the earlier compliance rollouts of
large banks. Others said that tiered compliance would give smaller
lenders more time to resolve unanticipated issues.
Several commenters suggested several compliance dates, tiered by
lender type. A trade association suggested that smaller lenders should
have a later compliance date to learn from largest banks, and to have
time to resolve unanticipated issues. In particular, the commenter said
that rural and underserved communities need more time than money-center
banks.
Amongst commenters that supported tiered compliance dates, there
was a variety of comments on how to determine which financial
institutions should report later. Two commenters requested tiered or
staggered compliance in any manner, whether by transaction type, lender
type, or lender size. A community bank asked that the Bureau tier
compliance dates based on asset-size or some other factor to provide a
longer compliance period for community banks. One CDFI lender requested
that the Bureau extend the compliance date to at least 30 months for
mission-based lenders.
Two trade associations and a large credit union supported tiering
based on loan volume. One of the trade associations asked for tiered
compliance with the earliest date starting three years after the final
rule is issued, on the grounds that credit unions often have little
bargaining power with vendors and are often the last to receive system
upgrades.
Several lenders suggested two compliance dates, with tiers set by
asset size. One lender suggested two tiers, giving more time to lenders
with less than $2 billion in assets because smaller institutions have
smaller compliance and information technology staffs. The lender did
not place much weight to the $2 billion threshold it proposed other
than it would match ``small lender'' definitions in other areas of
consumer financial law.
Several industry commenters suggested two compliance date tiers.
One bank suggested giving smaller lenders 24 to 36 months more than
large banks. Two banks suggested giving smaller lenders one year more
than larger banks, which they argued could reduce competition for
software installation, implementation help, and training, which in turn
could reduce costs and resource issues for small lenders. These
commenters believed that smaller lenders could learn best practices
from larger banks. A trade association said that large lenders ($10
billion or more in assets), should have
[[Page 35438]]
two years to comply, while smaller lenders should have three years. The
commenter stated this manner of tiering compliance dates would allow
the Bureau to collect a large amount of data earlier, and would also
give vendors more time to develop and integrate compliance products.
Several commenters suggested three compliance date tiers by asset
size. A trade association suggested that the Bureau adopt three
compliance tranches, giving large lenders one year to comply, medium-
sized lenders two years, and small lenders three years. The commenter
suggested the third tier should include the smallest lenders, community
banks, and lenders to small businesses that the Bureau trusts and knows
to be successful. Another bank proposed giving lenders with $5 billion
or more in assets 18 months to comply, lenders with $1 billion or more
24 months to comply, and banks with $1 billion or less 30 months to
comply. One bank suggested three tiers by size, without defining size,
and proposing that the largest lenders comply in the first year, mid-
sized lenders comply in second year, and small lenders comply in the
third year. The commenter justified the earliest compliance date for
large lenders because of the greater staff expertise, capacity and
resources that these institutions had to comply with the rule.
Several commenters opposed tiered compliance dates. The industry
commenters asserted that this rule represents a major change for small
and large lenders alike, from a ban on collecting protected demographic
information data to requiring collection of it for small business
loans. These commenters claimed that no vendors have a compliance
software ready for this rule, that all lenders need sufficient time to
understand the content of this rule, change processes, build and test
systems, train employees, and implement procedures and controls. These
commenters warned that a failure to give financial institutions of all
sizes adequate implementation time will limit access to small business
credit, which negatively impact the economy. A community group opposed
tiered compliance dates on the grounds that the proposed 18-month
period was sufficient for all institutions, and that lenders had from
the release of the NPRM in September 2021 to begin preliminary planning
to comply with this rule.
Final Rule
The Bureau is finalizing Sec. 1002.114(a) as proposed. The small
business lending data collection rule will become effective 90 days
after it is published in the Federal Register. The Bureau confirms, as
requested by a commenter, that this final rule does not apply
retroactively, including for funds drawn after the effective date where
the loan was originated before the effective date. See also final
comment 114(c)-2, which makes clear that covered applications received
prior to a financial institution's compliance date, but final action is
taken on or after that date, are not required to be reported.
The Bureau is not finalizing Sec. 1002.114(b) as proposed, which
would have required compliance with the final rule approximately 18
months after publication of the final rule in the Federal Register.
Instead, the Bureau is finalizing a tiered approach to compliance
dates. Specifically, the dates by which covered financial institutions
are initially required to comply with the requirements of this rule are
specified in four provisions:
First, under Sec. 1002.114(b)(1), a covered financial institution
that originated at least 2,500 covered credit transactions for small
businesses in each of calendar years 2022 and 2023 shall comply with
the requirements of this subpart beginning October 1, 2024. This
compliance date is 18 months after the Bureau's issuance of this final
rule.
Second, under Sec. 1002.114(b)(2), a covered financial institution
that is not subject to Sec. 1002.114(b)(1) and that originated at
least 500 covered credit transactions for small businesses in each of
calendar years 2022 and 2023 shall comply with the requirements of this
subpart beginning April 1, 2025. This compliance date is 24 months
after the Bureau's issuance of this final rule.
Third, under Sec. 1002.114(b)(3), a covered financial institution
that is not subject to Sec. 1002.114(b)(1) or (2) and that originated
at least 100 covered credit transactions for small businesses in each
of calendar years 2022 and 2023 shall comply with the requirements of
this subpart beginning January 1, 2026. This compliance date is 33
months after the Bureau's issuance of this final rule.\838\
---------------------------------------------------------------------------
\838\ The Bureau considered giving Tier 3 financial institutions
36 months to comply with the rule, as requested by many commenters.
This would have resulted in a Tier 3 compliance date of April 1,
2026. However, the Bureau believes that there is no material
difference between the 3 years (36 months) requested by certain
commenters and the 33 months provided to covered financial
institutions subject to Tier 3.
---------------------------------------------------------------------------
Finally, under Sec. 1002.114(b)(4), a financial institution that
did not originate at least 100 covered credit transactions for small
businesses in each of calendar years 2022 and 2023 but subsequently
originates at least 100 such transactions in two consecutive calendar
years shall comply with the requirements of this subpart in accordance
with Sec. 1002.105(b), but in any case no earlier than January 1,
2026. This compliance date is 33 months after the Bureau's issuance of
this final rule.
In addition, the Bureau has added a number of provisions to the
commentary accompanying Sec. 1002.114. New comment 114(b)-1 explains
that the applicable compliance date in Sec. 1002.114(b) is the date by
which a covered financial institution must begin to compile data as
specified in Sec. 1002.107, comply with the firewall requirement of
Sec. 1002.108, and begin to maintain records as specified in Sec.
1002.111. In addition, the covered financial institution must comply
with Sec. 1002.110(c) and (d) no later than June 1 of the year after
the applicable compliance date. New comment 114(b)-2 provides that when
the compliance date of October 1, 2024 specified in Sec.
1002.114(b)(1) applies to a covered financial institution, the
financial institution is required to collect data for covered
applications during the period from October 1 to December 31, 2024. The
financial institution must compile data for this period pursuant to
Sec. 1002.107, comply with the firewall requirement of Sec. 1002.108,
and maintain records as specified in Sec. 1002.111. In addition, for
data collected during this period, the covered financial institution
must comply with Sec. Sec. 1002.109 and 1002.110(c) and (d) by June 1,
2025. New comment 114(b)-3 addresses informal names for compliance date
provisions, providing for informal, simplified names to facilitate
discussion of the compliance dates specified in Sec. 1002.114(b)(1),
(2), and (3). Under this new comment 114(b)-3, Tier 1 refers to the
cohort of covered financial institutions that have a compliance date of
October 1, 2024 pursuant to Sec. 1002.114(b)(1), Tier 2 refers to the
cohort with a compliance date of April 1, 2025 pursuant to Sec.
1002.114(b)(2), and Tier 3 refers to the cohort with a compliance date
of January 1, 2026 pursuant to Sec. 1002.114(b)(3). New comments
114(b)-4(i) through (vii) provide examples of various scenarios that
illustrate how to determine which compliance date specified in Sec.
1002.114(b) applies to financial institutions.
The Bureau is adopting Sec. 1002.114(b) pursuant to its authority
under ECOA section 704B(g)(1) to prescribe such rules and issue such
guidance as may be necessary to carry out, enforce, and compile data
pursuant to section 1071.
[[Page 35439]]
The Bureau is adopting a tiered approach to compliance for a number
of reasons. The Bureau believes, all else equal, that the statutory
purposes of section 1071 are better served by an earlier compliance
date because it will result in the earlier publication of data by the
Bureau and use by the public.
Most industry commenters that addressed the issue of the compliance
date opposed Sec. 1002.114(b) as proposed, and requested more than 18
months to comply with the rule. Views varied widely on how much more
time was necessary. While commenters suggested compliance periods of 24
months, 30 months, three years, and in one case 3.5 years or more, a
plurality of industry commenters supported a single compliance date of
three years for all lenders. A sizable number of commenters also
supported tiered compliance dates based on the size of the lender, as
an alternative to single, compliance period longer than 18 months.
The Bureau gives credence to a set of three major factors
commenters cited in requesting additional time, beyond 18 months, to
comply with the rule (whether from 24 months to 3.5 years): the need to
purchase or upgrade compliance software (including time to find and
perform due diligence on vendors, purchase software, integrate
compliance software with other systems, and test all of these); the
need to create or adjust policies and procedures to comply with the
rule; the need to train and, in some cases, hire staff to use the new
software and implement the policies and procedures to collect data.
Commenters did not clearly tie these factors to precise periods of
time.
Many commenters identified the sequential and iterative nature of
these major factors. Generally, a lender must purchase and integrate
new software before developing new policies and procedures concerning
the use of the software, and the lender must have new policies in place
before hiring and training staff to implement the software and follow
the new processes. These processes are also iterative in that, in
testing software, procedures and staff training, lenders may identify
errors in software, processes, or training, and need to make
adjustments that may then require additional changes in other aspects
of the overall compliance program or system.
The Bureau believes from comments received, and consistent with
feedback received in SBREFA, that smaller financial institutions may
face particular difficulties that justify providing them additional
time to comply with the rule. Several industry commenters expressed
their concern that they were at the mercy of their software vendors and
other third-party providers and could not start compliance steps, such
as establishing new policies and training employees, in the absence of
such software. By contrast, one large bank requested more time to
comply to develop in-house compliance software.
Other commenters noted that with a shorter compliance period,
vendors may be overloaded with requests from a market of financial
institutions attempting to comply at the same time with this rule.
Several commenters cited their experience in attempting to obtain the
services of third-party vendors to comply with other rules such as the
TILA/RESPA integrated disclosure rule and the HMDA 2015 updates, and
observed that vendors tended to service larger lenders first, leaving
smaller lenders with little time to integrate software, update policies
and procedures, train and hire employees, and test all of these
systems.
Compounding these issues, many commenters--generally smaller
lenders, some of which were rural or community financial institutions--
stated that they did not have previous experience with data collection
rules, such as HMDA or CRA. The Bureau is aware that this rule may be
the first contact that many covered non-depository institutions have
with a Federal data collection regime. Further, a substantial number of
commenters noted that they used manual or analog systems and claimed
that they would have to automate their operations to comply with the
rule. The Bureau believes that the increased originations threshold
under in final Sec. 1002.105(b) may preclude many financial
institutions that expressed concern that they would have to automate
their processes from having to report data at all.
All of these factors suggest that smaller financial institutions
would face particular difficulties in complying with this rule within
18 months. The comments suggested a variety of potential consequences
stemming from insufficient time to comply. Some suggested that
financial institutions would exit the market, that they would face
greater costs to comply more quickly (for instance, a financial
institution that might be able to use existing staff over the course of
three years may need instead to hire additional staff to comply with
the rule in 18 months), and/or that they may submit inaccurate or data
of lesser quality to the Bureau than they would have if given more time
to the comply.
The Bureau does not believe that financial institutions would exit
the small business lending market because of the compliance date, but
rather believes that many smaller institutions may simply find it
challenging to comply within the 18-month compliance period. The Bureau
gives some credence to the concern that a shorter compliance period may
result in somewhat higher, though not significant, costs that in turn
may be passed on to customers. The Bureau believes that smaller
financial institutions, especially those unaccustomed to data
collection rules, may stay in the market but may be unable to comply
within 18 months for reasons at least partly out of their control. The
Bureau believes, based on comments received, that generally smaller
financial institutions are more likely to be at the mercy of vendors
that may prioritize larger customers.
While a plurality of commenters requested a single, three-year
compliance period for all lenders, the Bureau does not believe that
such a change is justified. The Bureau received comparatively few
comments from large banks regarding the sufficiency of an 18-month
compliance period. One large bank stated that it would require
additional time to develop its own compliance software. A trade
association requested three years to comply with the rule on the
grounds that larger lenders have more complex compliance systems to
establish and operate because such lenders often had different
divisions dedicated to different small business lending products. The
Bureau does not believe, given the dearth of comments on this point,
that the quality of data from large financial institutions is
compromised by an 18-month compliance period. The Bureau thus believes
that it would not be consistent with the statutory purposes of this
rule to provide large financial institutions a longer compliance
period.
As a result, the Bureau believes that tiered compliance dates
balance several factors at once; that the statutory purposes of section
1071 are best advanced by, in aggregate collecting as much data as
possible, as accurately as possible, as soon as possible; and that a
system of tiered compliance dates accomplishes this better than a
single 18-month compliance period.
In part, the Bureau believes that is accomplished by maintaining
the existing 18-month compliance period for the largest-volume
financial institutions that are likely to report the bulk of the
application-level data, and are likely to do so accurately. These
financial institutions are more likely
[[Page 35440]]
than smaller and even mid-sized institutions to have the resources and
experience to, with relative celerity, upgrade or purchase compliance
software, create pertinent policies and procedures, and train or hire
existing staff. The Bureau believes that the experience that many of
these larger-volume financial institutions have with other Federal data
collection regimes, such as HMDA or CRA, gives them the ability to
adapt to this rule within the time given to collect and submit data.
Further, by maintaining the 18-month compliance period for larger-
volume financial institutions in Tier 1, collection and reporting of
most small business lending data will begin quickly. That is, covered
financial institutions will report to the Bureau the vast majority of
small business lending applications--approximately 90 percent of the
applications covered by this rule, as detailed in part IX.D.2 Table 4--
on the timeline proposed in the NPRM.
The Bureau also believes that the statutory purposes of section
1071 are best advanced in aggregate by permitting small and mid-sized
financial institutions, by volume of originations, to have more than 18
months to comply with this rule. As discussed above, the Bureau
believes, based on the large volume of comments and the rationale
provided by them, that an 18-month compliance period increases the
likelihood that small and mid-sized financial institutions, for a
variety for reasons that are unique to them, will have difficulty
collecting and reporting data, and that the data reported would be more
likely to be inaccurate or unreliable. Further, the Bureau believes
based on the comments it has received, feedback received in SBREFA, and
its own observations about the small business lending market that the
smallest financial institutions, especially those that do not already
report data to Federal agencies, have more manual processes and
relatively few employees, which increases the likelihood that they
submit unreliable and inaccurate data to the Bureau.
The Bureau believes that tiered compliance dates will improve the
accuracy of data from smaller and mid-sized financial institutions.
Later compliance dates for smaller and mid-sized financial institutions
will mean they do not have to compete with larger financial
institutions for the time and attention of software and compliance
vendors. The Bureau understands that while the largest lenders are more
likely to rely on in-house capacity to comply with the final rule, many
other financial institutions with loan volumes likely to place them in
Tier 1 may still rely on software vendors and may compete with smaller-
volume financial institutions for the time and attention of software
vendors. With a longer timeframe to comply, smaller and mid-sized
financial institutions might also be able to avoid expedited and more
costly overtime and overflow work, and would have time to learn lessons
from the compliance experience of larger institutions.
Regarding the criteria for tiering, most commenters who addressed
the issue suggested asset size as the criteria to determine which
financial institutions should comply later. The primary virtue of that
approach is its simplicity--most depositories know their total assets.
However, many financial institutions that will be covered by this rule
are nondepository institutions that may originate a large volume of
loans but may have relatively few assets compared to depository
institutions. Conversely, some depositories with a large volume of
assets may have a low volume of small business loans. A tiering
approach based on assets may require early reporting by large
depositories with little interest in small business lending and exclude
large-volume small business lenders with comparatively few assets. The
Bureau does not believe that this approach would be as consistent with
the statutory purposes of section 1071 as a criterion for tiering
directly tied to a financial institution's relative activity in the
small business lending market. As a result, the Bureau believes that
the number of annual originations of covered credit transactions for
small businesses should be the basis for tiering compliance dates
On the number of tiers, commenters tended to favor two tiers rather
than three. The Bureau believes that the statutory purposes of the rule
are better served by three tiers. The Bureau determined from reviewing
all of the comments that there were meaningful differences in the
compliance challenges faced by smaller volume, middle-volume, and
large-volume financial institutions. The Bureau believes that three
compliance dates will help vendors better manage their capacity to
serve their customers. The Bureau also believes that three compliance
dates may also help the Bureau be more responsive to industry during
the transition period. By extending the implementation period, the
Bureau will be better able to provide more tailored attention to
smaller and mid-sized financial institutions.
General responses to comments received. The Bureau observes that
the vast majority of comments it received identified specific factors
or concerns regarding compliance with this rule that justified a longer
compliance period. Nearly all of these comments also identified
multiple factors or steps in the process of complying with this rule
that justified a compliance period longer than the one proposed in the
NPRM. As noted above, the Bureau observes that these comments, with
very few exceptions, did not quantify specific amounts of additional
time attributable to each specific factor or step in the compliance
process that were identified. For instance, a frequent industry comment
might have requested a three-year, rather than 18-month, compliance
period, citing the need to purchase and implement software, create
processes, and train staff, without attempting to attribute the
additional 18 months to each of these three steps in the compliance
process.
Requests to publish data quickly and frequently. Regarding requests
to collect and publish small business lending data as soon as possible,
the Bureau agrees that the absence of these data will continue to
hinder vital capital flow to small businesses, as small business and
community development needs cannot be effectively identified without
this data. However, the Bureau must conduct its privacy analysis, so
the publication of data will not immediately follow its collection.
Regarding the request to publish data as soon as possible, and to
publish data every six months so that stakeholders can monitor progress
and utilize data, the Bureau is not adopting a 6-month reporting
requirement because requiring financial institutions to provide
multiple data submissions a year may be administratively challenging
for both financial institutions to comply with and for the Bureau to
process. However, the Bureau may consider publishing aggregate data
more often than once a year in the future if administratively feasible.
Less than 18 months. The Bureau has considered comments asserting
that 18 months is too long a compliance period. While some financial
institutions could comply with this rule in less than 18 months, the
Bureau believes that most financial institutions appear unable to,
given the volume and intensity of comments requesting more time. The
Bureau believes a one-year compliance period would be inconsistent with
the statutory purposes of the rule because it appears that such a short
period could be costly for financial institutions and result in
inaccurate data. The Bureau agrees that mission-based lenders (or any
other lenders) ready to report within 18 months should be permitted
[[Page 35441]]
to do so, and the rule permits them to do so.
More than 18 months. Regarding the comments requesting a compliance
period of more than 18 months, the Bureau agrees in part. As discussed
above, the Bureau believes that many lower-volume financial
institutions, with either lower assets or a low volume of small
business lending and thus potentially fewer resources dedicated to that
line of business, may need additional time to comply with the rule for
the reasons provided above.
Regarding comments concerning resources, the Bureau agrees in part.
The Bureau does not believe that more time is justified solely because
the rule may cause a financial institution to expend resources to
comply with the rule. However, the Bureau agrees that smaller financial
institutions may need more time to marshal the necessary resources, as
discussed above.
The Bureau has considered comments stating that financial
institutions needed more time to understand the final rule and its
scope. While the application of this rule would be new to some lines of
business, and while some data would be novel the Bureau believes that
financial institutions have had enough time to understand the concepts
in the rule, especially for those financial institutions that have had
experience with other Federal data collection rules, such as HMDA, CRA,
or CDFI Fund. The concepts in the rule implement 2010 statutory
language, and the rule's implementation of those statutory concepts
relies on well-known concepts from existing rules, particularly the
HMDA and the CRA regulatory requirements. Nonetheless, the Bureau
acknowledges that preparing for compliance may be somewhat more
difficult for financial institutions, particularly smaller
institutions, with no previous experience with Federal data
collections. The Bureau believes that final Sec. 1002.114(b) provides
sufficient additional time for such financial institutions to come into
compliance with the final rule.
Regarding comments that financial institutions need more time to
establish policies and procedures, the Bureau does not believe this is
necessary for larger-volume lenders. The Bureau's proposed 18-month
compliance period was intended to accommodate the need of financial
institutions to develop or update policies and procedures to comply
with the rule. The Bureau believes, however, that more time may be
warranted for smaller financial institutions that do not have existing
written policies or procedures and do not currently use written
applications for small business or agricultural lending applications.
The Bureau does not have reason to believe that there are larger-volume
lenders that do not currently use forms or formal written applications.
Regarding comments requesting more time to comply because of
technological issues, the Bureau acknowledges the various steps that
may be involved in obtaining software needed to imply with this rule,
including updating core processors, automating analog systems,
conducting due diligence, choosing vendors, and testing and integrating
systems.
The Bureau agrees with commenters that smaller-volume lenders may
need more time than proposed to prepare software before the rule's
compliance date. In particular, the Bureau understands that smaller
financial institutions may need time to transition from informal
applications to automated systems. Regarding the reengineering of
agricultural credit scoring systems, the Bureau understood this issue
to apply to smaller FCS lenders and believes that the additional time
provided by the final compliance period provision would suffice for
changes to be made to AgScore and for them to adjust accordingly.
Regarding the comments that banks needed more time to hire new
staff and/or train existing employees, the Bureau notes that not enough
detail was provided by commenters that explained why this factor on its
own justified more than 18 months to comply with this rule.
Regarding the comments that the compliance periods for other
similar regulations provided more time, the Bureau acknowledges that
this rule, unlike HMDA and the TILA/RESPA integrated disclosure rule,
covers a variety of different product types, that this rule is a new
rulemaking rather than an amendment to existing regulations. The Bureau
notes from its experience that smaller financial institutions in
particular appeared to face challenges complying within the timeframe
given for the 2015 HMDA rule amending Regulation C and the TILA/RESPA
integrated disclosure rule. The Bureau agrees, from the experience of
past rulemakings, that smaller financial institutions may wait longer
than larger institutions for vendors to prioritize them.
Regarding various industry-specific rationales given for extending
the compliance period, the Bureau observes that many of the comments
advocated for types of financial institutions that tended to be
smaller, such as CDFIs, credit unions, and community banks. The Bureau
believes that final Sec. 1002.114(b) will provide most of the smaller
volume lenders the additional time they need to comply.
Regarding comments that even larger credit unions would have to
wait for vendors to create compliance products, the Bureau agrees only
in part. The Bureau believes that vendors are more likely to focus on
larger financial institutions--including larger credit unions--earlier,
but that smaller financial institutions, including credit unions, are
more likely to have to wait longer.
Regarding the comment that equipment finance companies may be less
accustomed to Federal regulators, the Bureau agrees but does not
believe that this justifies a longer compliance period specifically for
this type of lender. The Bureau believes that equipment finance
companies with larger volumes of originations are likely to have
sufficient experience and resources to prepare to come into compliance
more quickly.
Regarding the comment that a short compliance period would promote
unintentional errors, the Bureau agrees in part. The Bureau believes
that faced with limited time and resources, smaller financial
institutions are more likely to submit inaccurate data, and that this
is one of the rationales for providing lower-volume institutions
additional time to comply with the rule. Regarding the concern that
compliance costs will directly increase lending costs, the Bureau
acknowledges in its impacts analysis in part IX below that this may
take place, but that the per-loan impact of this rule will be
relatively low.
Regarding the comments that many borrowers do not possess or are
unwilling to provide data pursuant to this rule, the Bureau agrees that
educating small business applicants would improve their responses to
requests for data under this rule. Regarding the comment that rushed
implementation would lead to unintended consequences, the Bureau
observes that the notice and comment processes has identified
potentially unintended consequences of an 18-month compliance period,
and that the final tiered compliance provision is intended to address
these concerns.
Two years. Regarding the comments favoring a two-year compliance
period for financial institutions, the Bureau agrees in part. Based on
a consideration of a variety of factors, including the comments it has
received, the Bureau has determined that a two-year compliance period
is appropriate for mid-sized financial institutions. The Bureau does
not believe that two years
[[Page 35442]]
is an appropriate compliance period for all institutions. The Bureau
believes that two years more time than is needed by the largest volume
financial institutions, which have the ability to comply earlier, and
too little time for the smallest volume financial institutions, which
need closer to three years to comply with this rule.
The Bureau has considered the comment asserting that the proposed
compliance period would make the rule an undue regulatory burden,
costly, and not be commensurate to any potential reporting benefit. As
set out above, the Bureau believes that a shorter compliance period
would be challenging for many smaller and mid-sized financial
institutions, and the Bureau believes that it is more likely to obtain
more accurate data if it provides smaller volume financial institutions
more time to comply with this rule.
Scope and complexity. The Bureau has considered comments stating
that financial institutions needed a two-year compliance period to
understand the full scope and complexity of the new rule. While the
proposed rule included provisions not considered during SBREFA, such as
additional data points pursuant to ECOA section 704B9(e)(2)(H), the
Bureau does not believe that the increased complexity of the rule alone
justifies additional time. Most of the new provisions in the NPRM are
well-known outside of the context of this rule. In addition, the Bureau
has in some ways limited the scope of this rule further by, for
instance, not finalizing certain more complex provisions, such as the
proposed visual observation and surname analysis requirement. Regarding
scope and coverage issues faced by motor vehicle dealers, the Bureau
does not believe that there are open issues requiring resolution as
suggested by some commenters. The issues raised concerning the
application of Bureau regulations to indirect motor vehicle lenders are
well-established and not unique to this rulemaking. The Bureau likewise
does not believe that this rule represents an entirely new regulatory
paradigm; the many comments the Bureau received concerning the overlap
between this rule and HMDA, CRA, and CDFI Fund data collections suggest
that the concepts in this rule are already well understood by many
financial institutions and not necessarily novel or paradigm-shifting.
While the Bureau agrees that this rule is the first to attempt to
collect application-level data comprehensively from the entire small
business lending market, the Bureau does not believe that this alone is
a reason to extend the compliance period of the rule.
Policies and procedures. The Bureau has considered comments stating
that financial institutions needed two years to develop and test new
policies and procedures. However, the comments did not provide enough
detail to support extending the compliance period based on this factor
alone.
Technology. Regarding comments requesting two years to comply
because of the need to purchase or upgrade compliance software, the
Bureau agrees in part. The Bureau acknowledges the various steps
related to implementing or updating compliance software, including
finding and vetting vendors, integrating compliance software with other
systems. The Bureau acknowledges the concerns of some commenters that
vendors may not be ready with compliance software before the proposed
compliance date. The Bureau, as noted in part II above, has worked
proactively with vendors and technology departments of financial
institutions since the release of the NPRM to help them speed their
work The Bureau believes that the tiered compliance schedule will
ensure that financial institutions in need of time to buy or upgrade
software will have that time.
Staff and training. Regarding comments requesting a two-year
compliance period in order to have additional time to hire new staff
and train existing staff, the Bureau took those factors into account
when proposing an 18-month compliance date. However, the Bureau agrees
that small financial institutions may require additional time to comply
because they may not have the staff to develop compliance systems that
larger financial institutions may have. The Bureau believes that
smaller institutions may be particularly reliant upon vendors and
third-party software and, as mentioned before, may not be prioritized
by these providers.
Other regulations. Regarding the comments that a two-year period
based was justified based on the compliance periods for other similar
data collection regulations, the Bureau agrees in part for the reasons
specified above. The Bureau acknowledges that industry's experience
with the 2015 HMDA rule suggests that more time is required for smaller
financial institutions in particular, and especially those with no past
experience with a data collection regime like HMDA.
Other comments. Regarding concerns that the proposed compliance
period was inconsistent with the two-year period that the Bureau
previously considered in the SBREFA process, the Bureau now believes
that the two-year period is appropriate for financial institutions with
a moderate volume of originations.
30 months. The Bureau has considered comments requesting a single
30-month compliance period but does not believe this approach would be
appropriate, for the reasons provided below.
Scope and complexity. Regarding the comments that the scope and
complexity of the rule warrants a 30-month compliance period, the
Bureau acknowledges the breadth and complexity of this rule but does
not believe that the time needed to understand the rule in itself
justifies one additional year to comply with the rule.
Processes. The Bureau acknowledges that compliance with the rule
may itself entail complex changes to the various processes pertaining
to small business lending, including front and back-end operations, and
operations across different branches. The Bureau notes that while
industry commenters explained the complexity of changing processes and
procedures with some clarity, the Bureau anticipated these types of
changes in proposing an 18-month compliance period. In any case, these
commenters identified various changes they would have to make in
response to the rule without explaining why these changes justified
extending the proposed compliance period by 12 months.
Software. Regarding the comments requesting 30 months to comply
with the rule because of the need to purchase new software or upgrade
existing software, the Bureau agrees in part. The Bureau acknowledges
the various steps and complexities in the process to upgrade or
purchase software that commenters have identified, but the Bureau does
not believe that all financial institutions need more time to purchase
or upgrade software. The Bureau also acknowledges concerns that
compliance software for this rule did not exist when comments were
submitted in response to the NPRM. The Bureau understands from its
outreach that software providers have been developing compliance
products since the release of the NPRM, and while such products cannot
be finalized until after the final rule, the Bureau believes that such
software will be available for timely implementation by financial
institutions, especially because the Bureau is committed to providing
assistance to technology departments from financial institutions and
software providers to develop compliance solutions in time to meet the
final tiered
[[Page 35443]]
compliance dates. Regarding the comment that software providers need 30
to 36 months to work with their business partners, the Bureau believes
based on its outreach and comments received from some banks that this
work had already begun with the release of the NPRM, and that the
compliance dates provided in final Sec. 1002.114(b) should be
sufficient for software providers to work with their business partners
and financial institutions.
The Bureau acknowledges commenters' concerns about small financial
institutions and their ability to implement software before the
proposed compliance date. The Bureau believes that lower volume
lenders, especially those without previous experience with data
collection rules, are likely to be at the mercy of compliance software
providers and core providers, and are not as likely to have priority
access to new software or provider assistance in implementing it. The
Bureau does not, however, agree that these concerns justify a single
30-month compliance period. Instead, the Bureau believes that these
concerns justify tiered compliance based on the financial institution's
transaction volume.
Staffing and training. Regarding comments that a single, 30-month
compliance period is needed to accommodate the hiring of new staff and/
or training of existing staff, the Bureau agrees in part. The Bureau
acknowledges that this rule may require the hiring or training of staff
in variety of different areas and roles across financial institutions.
The Bureau emphasizes, however, the comment specific to smaller volume
lenders that a community bank would not have a dedicated implementation
team for this rule, but rather would assign responsibility for rule
implementation to existing employees across the bank in addition to
their existing tasks.
Data accuracy. The Bureau acknowledges the comments that the
proposed compliance period may result in data inaccuracies, but does
not believe that a single, 30-month compliance period would be the most
appropriate way to address these concerns. The Bureau, for the reasons
provided already, believes that smaller and even moderate volume
lenders, if subject to an 18-month compliance period data, may be at
particular greater risk of collecting and submitting inaccurate data to
the Bureau. The Bureau acknowledges the comment that small business
lending is varied, involves more negotiation than consumer lending, and
therefore makes it more difficult to capture consistent data for, but
the Bureau does not believe that this factor alone justifies extending
the compliance period. The Bureau observes that the existing
regulations that collect data on small business and small farm lending
already take into account the varied and more individually negotiated
nature of such transactions.
Other regulations. The Bureau acknowledges the comments concerns
that other comparably complex regulations identified by commenters,
such as the 2015 HMDA rule amendments and the TILA/RESPA integrated
disclosure rule, provided for compliance periods longer than the 18
months proposed by this rule. The Bureau acknowledges the comment
observing that in response to the 2015 HMDA amendments, many software
providers barely met the compliance date for that rule, and that
significant updates were still required after the deadline. The Bureau
agrees that smaller lenders may need more time to comply because of
their lack of experience with data collection regulations such as those
under HMDA or CRA. However, the Bureau does not believe that a uniform,
30-month compliance period would be the appropriate way to address all
these concerns. The Bureau believes that the specific comments it
received advocating for a 30-month compliance period for smaller volume
lenders or for those inexperienced with data collection rules support
the tiered compliance dates set forth in the final rule.
Customer relationships. Regarding the concerns that a short
compliance period would hamper the ability of their ability to serve
commercial lending customers, the Bureau agrees in part. The Bureau
believes that smaller lenders and, to a lesser extent, moderate volume
lenders may find it challenging to comply with the new rule while still
serving customers and maintaining day-to-day bank operations. The
Bureau acknowledges the concern that some commenters may adopt new
processes to ensure data quality but provide less access to credit for
applicants. The Bureau does not believe that a uniform, 30-month
compliance period would be the appropriate way to address these
concerns in a manner consistent with the statutory purposes of the
rule. Rather, the Bureau believes that the customer relationships of
smaller volume lenders are likelier to be affected by a shorter
compliance period than the customer relationships of larger lenders.
Sector specific. Regarding the comments that 18 months was not
sufficient for smaller lenders, the Bureau agrees. The Bureau believes
the differences between the compliance challenges faced by smaller and
larger lenders suffice to justify a longer compliance period for
smaller-volume lenders. The Bureau agrees with the multiple comments
stating that smaller institutions, such as community banks, CDFIs, and
rural lenders, are more limited in their capacity to expend the
additional time and resources needed to comply with this rule within 18
months, and with comments that larger lenders do not have such
limitations and often have staff dedicated to regulatory compliance.
Regarding the comment that regulations should apply only to large
banks, not smaller banks, the Bureau notes that while the Dodd-Frank
Act contains provisions specific to larger institutions, it does not
apply exclusively to larger lenders. The Bureau, however, agrees that
the compliance date provision of this rule should not apply to all
financial institutions regardless of size, given the differences in the
relative capacity to comply quickly, as the final tiered compliance
date provision recognizes.
Regarding the comments of a software provider concerning the
various steps in the process to implementing compliance software, the
Bureau appreciates the complexity of the process and the back-and-forth
between software vendors and lenders. The Bureau, however, believes
that the tiered compliance provision provides for more time for a
majority of smaller and moderate volume lenders to work through the
software implementation process. The Bureau is providing resources,
such as the Filing Instructions Guide, concurrent with the release of
this final rule to aid software vendors' and financial institutions'
development of software expeditiously.
Other comments. Regarding the comment requesting for 30 months to
address unanticipated implementation issues, the Bureau believes that
the final compliance date provision provides enough time and leeway for
lenders to address any such issues. Regarding the comment that a 30-
month compliance period would match the normal compliance examination
cycle, the Bureau disagrees as not every financial institution subject
to this rule has examinations on this schedule. Regarding the comment
that an 18-month compliance period is not justified by the length of
time that has elapsed since the passage of the Dodd-Frank Act, the
Bureau notes that in part, it agrees, providing an additional six to 18
months to most lenders.
Three years. The Bureau is not adopting a single compliance period
of three years for all covered financial
[[Page 35444]]
institutions, for the reasons below. The Bureau acknowledges that much
of the reasoning provided in support of a single, three-year compliance
period justifies the compliance period for Tier 3 financial
institutions. As noted above, the Bureau believes that there is no
material difference between 33 months and three years for purposes of
this rule and the compliance of Tier 3 institutions.
General comments. Regarding the comments that a single, three-year
period would achieve the statutory purposes of the rule, the Bureau
believes that having larger- and moderate-volume lenders begin
collecting data in 18 or 24 months, respectively, rather than 33
months, while waiting to obtain more accurate data from smallest-volume
financial institutions, is most likely to maximize the speed with which
the Bureau receives the largest possible volume of accurate data.
Because of this, the Bureau believes that the final tiered compliance
provision better accomplishes the statutory purposes of the rule.
Regarding the comment that such a three-year compliance period should
start on January 1, the Bureau believes that earlier collection of data
is consistent with the purposes of section 1071, even if it results in
the collection of a partial year of data. While less useful in a year-
over-year comparison, a partial year of data would not be ignored
entirely. Given the new data points that would be collected under the
final rule, a partial year of collection will give data users valuable
information they could not access from other sources, for the purposes
of facilitating fair lending enforcement and identifying business and
community development needs.
The Bureau has considered comments asserting that by proposing an
18-month compliance period, the Bureau has shifted the burden of
rapidly complying with the rule onto lenders. The proposed compliance
date reflected an attempt to balance competing concerns, and the final
compliance date reflects a reconsideration of how best to balance the
need to collect data quickly, and the need to collect it accurately.
Regarding the comments that it was arbitrary and unreasonable for
the Bureau to propose a broader rule with an 18-month compliance period
in the NPRM, compared to a rule of lesser scope and a two-year
compliance period in the SBREFA process, the Bureau is not finalizing a
blanket 18-month compliance period in this final rule, as explained
above. And even if the Bureau were finalizing an 18-month compliance
period as proposed, the Bureau would disagree with the commenters for a
number of reasons.
First, the Bureau does not believe that the scope of data
collection and reporting under the NPRM expanded greatly compared to
the SBREFA outline of proposals under consideration. While several data
points were proposed pursuant to ECOA section 704B9(e)(2)(H), most of
these data points (such as pricing, application method, application
recipient, reasons for denial) are data in possession of financial
institutions, as items that are part of the underwriting or lending
process. Some of the other items, such as time in business and NAICS
Code, are captured by some lenders in any case. Similarly, the NPRM
(but not the SBREFA Outline) included several provisions giving leeway
to financial institutions attempting to comply in good faith, such as
the bona fide error and safe harbor provisions.
Second, even assuming that the scope of data collection and
reporting under the NPRM were greatly expanded as compared to the
SBREFA Outline, the final rule includes a variety of provisions
intended to streamline compliance as compared to the NPRM. For
instance, the Bureau has simplified the approach to pricing, time in
business, and NAICS code (requiring the collection of just 3 digits
rather than 6), and the Bureau is no longer requiring the use of visual
observation and surname analysis. The Bureau is also providing a grace
period during which it does not intend to assess penalties, so long as
financial institutions attempts to comply with this rule in good faith
(see part VII below). The Bureau also believes that the materials it
has prepared for concurrent release with the final rule, including the
initial version of the Filing Instructions Guide, will have the effect
of facilitating compliance with the rule.
Regarding the comment that the Bureau was shifting the burden of
its delay in issuing the rule to industry, the Bureau disagrees. The
Bureau's intention in proposing an 18-month compliance period was
balancing two factors--providing sufficient time to comply while
obtaining data as soon as possible. The Bureau believes that the final
tiered compliance provision better strikes that balance by
differentiating between lenders more likely to be able to comply
earlier with accurate data, and lenders that are likely to need more
time to report accurate data.
Sequential changes. The Bureau acknowledges the comments that the
implementation of compliance systems involves numerous steps in a
specific order. However, the Bureau does not believe that this
justifies a single, three-year compliance period for all financial
institutions. The Bureau believes that it is generally correct that
compliance must proceed in a specific order, and it also believes that
larger lenders are more likely to have the capacity and resources to
work on different steps of compliance implementation in parallel rather
than purely sequentially, and thus comply in a shorter amount of time
than smaller-volume lenders with less capacity and resources.
Scope and complexity. Regarding the comments that a three-year
period is needed to carefully understand and interpret the new rule,
the Bureau agrees that this rule will be entirely new to many lenders
with no experience with other data collection rules. However, the
Bureau believes that such lenders are likelier to be smaller, lower-
volume lenders, and that the final tiered compliance regime give them
the additional time they need to understand this rule. Regarding the
comment that lenders could only understand the content of the
regulations after the issuance of the final rule, the Bureau observes
that it has endeavored to simplify this final rule compared to the
content of the NPRM. Regarding comments that a single three-year period
would give the Bureau time to educate and support lenders as they
implemented this rule, the Bureau believes that the finalized system of
tiered compliance dates provides sufficient time to educate and support
smaller, lower-volume lenders more likely to need this help.
The Bureau acknowledges that this rule would cover many different
financial products and services, often with different processes,
involving many changes across business units and systems, but the
Bureau does not believe that a single three-year compliance period for
all financial institutions is warranted on these grounds. The Bureau
acknowledges that this rule is more comprehensive than existing
collections of small business lending data, both in terms of how many
financial institutions will be required to report under the rule, and
in terms of the scope of what is required of any given financial
institutions. However, the Bureau observes that many larger volume
lenders have already complied with similar data reporting requirements
for small business lending, including CRA and the Paycheck Protection
Program, which also involved many data points and, for larger volume
lenders, compliance across different business units and systems. The
scope of this rule is somewhat more expansive than past data
collections, but, as many
[[Page 35445]]
other commenters have pointed out, the significant overlap between this
rule and the data required by other rules means that the content of
this rule is likely to be well understood by many financial
institutions.
Regarding the comments that the rule requires the collection of 21
data points, the separation of demographic information, and
consideration of the feasibility of a firewall, the Bureau notes that
these comments summarized the provisions of the rule without explaining
how compliance with these provisions would require three years rather
than 18 months. Regarding the comment that the regulatory burden of the
rule would be significant and time-consuming, the Bureau refers to the
impacts analysis in part IX. In short, such comments do not explain how
the Bureau's specific attempts to quantify costs were erroneous, and do
not address specific amounts of time that tasks would take.
Policies and processes. Regarding comments that lenders need three
years to create, update, and test non-software processes and policies,
the Bureau acknowledges that some lenders do not currently use written
applications for small business and farm loans, and would need to start
using them. The Bureau believes that these lenders are more likely to
be smaller lenders with lower volumes of originations. The Bureau also
acknowledges that lenders would not be able to change procedures,
forms, policies, and systems until the final rule is issued, and that
clarifications and questions may take some time to address. The Bureau
does not believe this justifies a single three-year compliance period
for all lenders.
Further, while stating that 18 months was insufficient, commenters
did not specify the additional amount of time needed to create new
procedures or workflows for applications, change existing workflows to
align with the firewall requirement, overhaul their forms and
applications, or to obtain new ones. The Bureau believes that the
proposed compliance date would have provided sufficient time for these
processes. The Bureau believes, however, that smaller lenders with
lower volumes of originations may need more time than other lenders to
adjust their processes and procedures to comply with the rule for the
reasons provided.
Technology. The Bureau acknowledges the many comments that it
received requesting a longer compliance period to implement software
solutions, and the various steps in that process, including
identifying, vetting, and choosing vendors, and integrating and testing
software. The Bureau acknowledges that the implementation process for
software can be iterative and sequential. The Bureau understands that
many lenders, especially smaller and community banks, that will need to
automate currently manual lending processes to collect data for this
rule. In particular, primarily lower-volume lenders, such as community
banks and rural institutions, will need additional time to automate
their processes with software to accurately collect data, including
some lenders that collect HMDA and CRA data by manual processes. The
Bureau also understands that many lenders not experienced with data
collection rules have no relationships with vendors.
While some lenders said that they could not begin to implement
software until vendors create it, the Bureau notes that one commenter
had identified a vendor already at work on compliance software for this
rule as of early 2022. Regarding the comment from a larger lender
stating that it would need additional time to build compliance software
itself, the Bureau notes that it received relatively few comments from
larger lenders.
The Bureau notes that of the comments citing software changes to
justify a three-year compliance period, only several provided any
estimates of the time needed to implement software. The few estimates
there were ranged from as few as six months from the issuance of the
final rule to upgrade software to 18 months to two years to implement
software, and further time still to train staff and test software. The
Bureau believes that these comments may overestimate the time vendors
will take to prepare compliance software. Some estimates assumed that
vendors would not start their work until after the release of the final
rule, but the Bureau understands from comments and other feedback that
some software vendors started work on compliance software for this rule
not long after the release of the NPRM. The Bureau also believes, based
on other comments received, that the longer periods suggested by
commenters are most likely to apply to smaller and mid-sized lenders,
for the reasons discussed before--that vendors are likely to prioritize
larger lenders in implementing new or upgraded software.
Regarding the comment that lenders should have software six months
before the compliance date for testing, the Bureau believes that the
tiered compliance provision would provide most lenders this extra time.
In any case, the Bureau believes that the grace period discussed in
part VII may permit lenders to continue testing after their compliance
dates, if needed. Regarding the comment that lenders need more than 18
months to comply because they make build technology decisions one to
two years in advance, the Bureau believes that the release of the NPRM
gave lenders time to plan and budget for compliance technology well in
advance of this final rule. Regarding the comment that some lenders
adopt blackout periods of eight weeks at the end of the year, which
could add four months to the time needed by lenders, the Bureau does
not believe additional changes are needed to final Sec. 1002.114(b).
The commenter did not suggest how common such blackouts were amongst
lenders, nor how an eight-week blackout period would necessitate a
four-month compliance date delay.
The Bureau acknowledges commenters' concerns that small and mid-
sized banks will likely need more time to comply because of their
greater dependence on the timing of third-party software vendors
because these comments were based on industry experience with software
vendors in the context of past rulemakings. The Bureau believes
comments that vendors may become time or resource-constrained and have
difficulties serving many lenders at once, and, given a single
compliance date, are less likely to prioritize smaller lenders. The
Bureau gives credence to comments that small lenders struggled to
implement compliance systems for the TILA/RESPA integrated disclosure
and HMDA rulemakings before their respective compliance dates because
small lenders competed with larger lenders for the limited time and
attention of vendors in advance of regulatory deadlines.
Staffing. The Bureau acknowledges the many comments that lenders
need more time to hire new staff and train existing staff to collect,
verify, and report data for this rule; that training may apply to staff
across different departments and business units within financial
institutions; and that training can be time-consuming. The Bureau
observes that comments requesting a three-year period based in part on
staffing concerns did not estimate how much of the additional time
requested was attributable to staffing issues. One exception was a
comment from a lender that said it would need several months to train
its staff of 3,000 employees; the Bureau believes that this comment
tends to support an 18-month compliance period for larger lenders.
The Bureau understands that certain staff training--on compliance
software for this rule--may occur only after software is implemented.
However, the
[[Page 35446]]
Bureau believes that other training may be conducted in parallel with
the development of software, such as the training on the content of
this rule. The Bureau agrees that lender staff with no familiarity with
data collection rules may need more time to be trained in complying
with this rule. The Bureau notes that the concern that staff already
familiar with the HMDA and CRA rules would need training to avoid
confusion with this rule is mooted by the Bureau's decision to exclude
HMDA-reportable loans from reporting under this rule, and the proposed
amendments to the CRA rules that would eliminate the existing CRA
reporting regime.
Regarding other comments, the Bureau agrees that part of the
compliance process will involve communicating operational changes
resulting from this rule to customers to minimize disruption and
increase the likelihood that they will answer inquiries related to
protected demographic information. The Bureau acknowledges that some
customers may believe that lenders already request too much data but
believes that it is speculative to say that customers may be driven to
less safe financial products to avoid providing data for this rule.
Access to credit. Regarding comments requesting a longer compliance
period because lenders might need to pause or stop their small business
lending until they were in compliance with this rule, hurting the small
businesses that section 1071 was intended to benefit, the Bureau does
not believe that a reduction in access to credit is likely for the
reasons set out in part IX.
Data accuracy. The Bureau, for the reasons stated above, agrees
that smaller and mid-sized lenders are more likely to need more time to
comply with this rule to ensure the accuracy of the data that they will
submit. The Bureau agrees with the group of State banking regulators
that the implementation timeframe should be increased for many
financial institutions to better equip them to accurately report data.
The Bureau makes particular note of comments from smaller lenders
and their representatives that lenders lacking experience with data
reporting regulations, such as HMDA or CRA, require more time to report
accurate data. Inexperienced lenders must create processes from
scratch, develop vendor relationships, and become accustomed to new
procedures, such as testing software and other systems, to ensure the
accuracy of data. The Bureau also agrees that the proposed 18-month
period is not sufficient for lenders with lower-volume small business
lending operations that may face limited staffing resources and that
have never before collected the amount of data required by this rule.
The Bureau agrees in principle that rushed implementation generally
would make data in the first few years after the compliance date
flawed, incomplete, or unusable, limiting the usefulness of the data
for section 1071's fair lending and business and community development
purposes. The Bureau believes that the tiered compliance date approach
it is taking in this final rule will not result in rushed
implementation. Rather, its final compliance provisions will provide
sufficient time for especially smaller and mid-sized lenders to
implement compliance systems and prepare to collect and report accurate
data.
Regarding the comments that data will be error[hyphen]laden in the
first few years of collection until systems, policies, and procedures
can be refined, the Bureau has accounted for this in its final rule,
with its bona fide error provision and additional safe harbors for
certain data points. As discussed in part VII, the Bureau is also
providing a grace period for lenders during which it does not intend to
assess penalties for errors, so long as lenders engaged in good faith
compliance efforts.
Regarding the assertion that a three-year compliance period more
closely adhered to the expectation in the statute, the Bureau notes
that text of the statute does not identify a specific compliance
period, much less one as specific as three years. The Bureau interprets
section 1071 as requiring a compliance period that best advances the
statutory purposes of the rule. For the reasons specified above, the
Bureau believes that its tiered compliance provision does this. In any
case, the Bureau believes that the majority of covered financial
institutions will report data with Tier 3, and thus will have 33 months
to comply with the rule from its issuance.
Other regulations. Regarding the comments that other comparably
complex regulations--such as the 2015 HMDA rule, CRA, the TILA/RESPA
integrated disclosure rule, and FinCEN's customer due diligence rule--
provided for more time to comply that the proposed 18-month compliance
period, the Bureau agrees that these other rules may be instructive as
to how much time smaller and mid-sized lenders might need to prepare to
comply with this rule. However, the Bureau does not believe that this
necessitates a single compliance period of three years.
The Bureau acknowledges the comment that, unlike the 2015 HMDA
rule, this rule does not involve building on an existing system but
rather making a new data collection system, and that smaller-volume
lenders in particular should therefore have closer to three years to
comply. The Bureau also acknowledges that this rule, unlike HMDA,
encompasses different credit products for small businesses which may
use or require different processes, systems, and personnel.
The Bureau agrees that smaller-volume lenders should have more time
because they are more likely to have to build new systems and face
challenges. The Bureau believes that larger lenders are less likely to
have to start from scratch in complying with this rule, that they are
more likely to be familiar with concepts from this rule borrowed or
analogous to provisions in other existing data collection regulations,
such as HMDA and CRA. This remains true even if larger lenders are more
likely than smaller lenders to offer different credit products for
small businesses which use different processes, systems, and personnel.
The Bureau acknowledges commenters' concerns that based on industry
experience with the 2015 HMDA rule, vendors were not likely to be ready
in time for lenders to comply with this rule. The Bureau believes that
the tiered compliance provision will give vendors time to work with
covered financial institutions on a timely basis by spreading out
software needs across three compliance dates. Vendors will be able to
focus on smaller-volume lenders in Tiers 2 and 3, avoiding the hasty
implementation or inattentive or delayed service commenters mentioned
experiencing in complying with the 2015 HMDA rule and the TILA/RESPA
integrated disclosure rule.
The Bureau acknowledges comments that the Bureau to provide
leniency regarding data accuracy for initial submissions after the 2015
HMDA rule, and that lenders spent hours reviewing data to avoid errors
and resubmissions under HMDA. The Bureau notes that the final rule
contains provisions--including the bona fide error provision and the
various safe harbors for several data points--that relieve lenders of
the need to provide perfectly accurate data, especially in early
submissions of data. As discussed in part VII below, the Bureau is also
providing a grace period for lenders during which it does not intend to
assess penalties for errors.
The Bureau appreciates the concerns that vendors may need time to
make inquiries to obtain clarity on the provisions of this final rule
after its release to deploy solutions, as they did with the TILA/RESPA
integrated disclosure rule. The Bureau intends to
[[Page 35447]]
work with vendors to answer inquiries about this rule as early as
possible. The Bureau is releasing certain compliance aids and guides
concurrently with the final rule to assist vendors in advance of the
compliance dates; with previous rules; in the past, such materials were
only made available months after the release of final rules. The Bureau
believes that the leeway the Bureau is providing, in the form of the
grace periods for all three compliance tiers, also may give vendors
more time to test, adjust and improve their systems.
Regarding the comments that experiences with past regulations are
irrelevant, the Bureau disagrees that experience with past rules will
not help lenders comply more quickly with this rule. The Bureau
believes that experienced lenders, especially larger ones, have
developed institutional knowledge and infrastructure in complying with
regulations that will enable them to adapt to more quickly to new rules
than lenders without such experience. The Bureau believes that the
experience with data collection regulations, such as HMDA and CRA, is
particularly relevant to compliance with this rule.
Industry-specific rationales. The Bureau finds compelling the
comments arguing that smaller-volume lenders--including FCS lenders,
community banks, small credit unions, CDFIs, and start-up lenders--
would face greater challenges and costs in complying with the rule
within the proposed 18-month period. The Bureau gives particular weight
to concerns of other regulators that small financial institutions may
need closer to three years to comply with the rule because they face
particular challenges in implementation.
In short, the Bureau finds the specific explanations compelling and
reasonable--larger banks, as commenters pointed out, have more
resources for compliance efforts, while smaller and even midsized banks
may have less resources to, for instance, pay for staff for overtime or
other short-term capacity to comply within 18 months. The Bureau also
believes that small and mid-sized financial institutions will be a
lower priority for vendors, based on the Bureau's outreach and comments
by smaller lenders that experienced this in complying with past Bureau
rulemakings. All of this suggests that smaller and, to a lesser extent,
mid-sized financial institutions may face a tradeoff between speedy
compliance and expending resources that larger lenders do not face.
The Bureau acknowledges the comment that mid-sized banks may face
challenges standing up systems in 18 months despite their best efforts.
The Bureau believes, however, that relative to the lenders with the
smallest volume of small business loans, middle-volume lenders tend to
have more resources and are more capable of complying somewhat more
quickly with this rule. The Bureau believes that while a 33-month
compliance period may be appropriate for smaller-volume lenders, a two-
year compliance period is appropriate for middle-volume lenders.
Regarding the comment that the Bureau should consider a longer
compliance period based on its capacity to collect data from non-
depository institutions subject to the rule, the Bureau believes the
challenge may be ensuring compliance by non-depositories that have not
previously been subject to Federal data collection regimes.
Nonetheless, the Bureau believes that larger non-depository lenders are
likelier to be able to prepare to comply with this rule more readily
while smaller volume lenders have additional time to prepare to comply.
Regarding the comments that the Bureau should provide three years
to comply because the proposed 18-month period is not tenable for motor
vehicle dealers in general and small dealerships in particular, the
Bureau observes that motor vehicle dealers are not covered financial
institutions under this rule. Moreover, as described in the section-by-
section analysis of Sec. 1002.109(a)(3), the Bureau believes that
motor vehicle dealers are often the last entity with authority to set
the material credit terms of the covered credit transaction, and so are
generally unlikely to be collecting small business lending data on
behalf of other reporting financial institutions.
More than three years. Regarding the comment that the Bureau should
adopt a compliance period of three to five years because community
banks would have to make hard decisions on staffing and lending
capacity, resulting in potential market exit, the Bureau does not
believe that such a lengthy compliance period is necessary for all
financial institutions. The Bureau is providing Tier 3 lenders--which
the Bureau believes will include many smaller community banks--33
months, or nearly three years, to prepare to comply with the final
rule. The commenter did not provide any details that would justify an
even lengthier compliance period.
Tiered compliance. Regarding the large number of comments received
from industry commenters that requested tiered compliance--often as an
alternative to a single compliance date longer than 18 months--the
Bureau agrees for the reasons set out above.
The Bureau appreciates industry comments in support of tiered
compliance periods on the grounds that such a system would give smaller
lenders would have more time to comply with the rule, including that
the scope and complexity of the rule and the need to test systems to
ensure accurate reporting would be particularly challenging to smaller
lenders.
The Bureau observes that many commenters that requested tiered
compliance periods on the grounds that smaller banks and credit unions,
especially those serving rural and underserved communities, needed more
time to comply to have time to implement new compliance software. The
Bureau acknowledges the comments identifying discrete steps in the
process of implementing software, including finding vendors, giving
vendors time to develop software, planning and executing network
changes, and training staff but notes that these steps are not unique
to smaller or mid-sized lenders. The Bureau observes that smaller-
volume lenders may find these steps more challenging for a number of
reasons already articulated above. The Bureau acknowledges that smaller
lenders may have little bargaining power with vendors and are often the
last to receive system upgrades. The Bureau believes that tiered
compliance dates are justified because hasty implementation by smaller
banks facing difficulties implementing this rule may result in
inaccurate data.
The Bureau acknowledges certain factors identified by commenters,
such as the need for lenders to hire and/or train additional compliance
staff, train existing lending staff, educate customers on the content
of the rule, are not unique to smaller lenders. However, the Bureau
believes that smaller-volume lenders, especially those without previous
experience complying with data collection rules, may face more
challenges with all of these factors than larger lenders.
The Bureau agrees with the comments that smaller financial
institutions--including CDFIs, credit unions, and lenders servicing
rural and underserved communities--should have a later compliance date
to learn from money-center banks. The Bureau agrees that tiered
compliance is important for lenders inexperienced with data collection
rules to give them time to build compliance infrastructure. The Bureau
agrees that such lenders may face more challenges than depository
institutions in complying quickly with
[[Page 35448]]
this rule, needing to create compliance training programs from scratch,
and that they may have a harder time obtaining expertise to implement
compliance software and procedures. The Bureau agrees with the comment
that banks with no HMDA compliance experience may need more time to
comply with this rule than larger banks with such experience. The
Bureau believes that the experience of larger banks with HMDA will
enable them to more quickly comprehend this rule and implement
compliance systems for this rule. This experience will also enable such
banks to train their staffs more quickly. The Bureau further agrees
that, under a tiered compliance system, smaller-volume lenders may
learn from the earlier implement of large banks, and that tiered
compliance would give smaller lenders more time to resolve
unanticipated issues.
The Bureau believes that industry experience with the staggered
effective dates in the Financial Accounting Standards Board's Current
Expected Credit Loss rule somewhat informs the final tiered compliance
provision. The Bureau believes that the approach taken by the Financial
Accounting Standards Board and other Federal regulators regarding the
Current Expected Credit Loss rule support the Bureau's approach here.
Regarding the number of compliance date tiers, the Bureau believes
that the three tiers included in this final rule are more appropriate
than two as suggested by some commenters, for the reasons already
articulated. However, commenters distinguished not just between smaller
and larger lenders; comments also identified mid-volume lenders as
facing unique issues in complying with the rule, occupying a space
between large and small lenders. Mid-volume lenders face certain
challenges complying with the rule compared to larger lenders, but have
greater resources and, often, more experience with Federal regulations
and data collections than small lenders.
Regarding the comments supporting the adoptions of three compliance
tiers, the Bureau agrees. Regarding the comment that the Bureau should
adopt three compliance tiers, giving the largest lenders one year to
comply, medium-sized lenders two years, and small lenders three years,
the Bureau agrees in part. The Bureau agrees that earlier compliance
dates are justified for large lenders because they have greater staff
expertise, as well as capacity and resources, to comply with data
collection regulations. However, the Bureau believes that a one-year
compliance period may be insufficient for many larger financial
institutions to comply with this rule.
Regarding the comment that the third compliance tier should include
trusted small business lenders, the CFPB intends to propose, in a
follow-on notice of proposed rulemaking, that lenders with strong
records under the CRA or other relevant frameworks be permitted
additional time to come into compliance with the rule. That approach is
consistent with the statutory purposes of the rule.
Regarding the request for tiered compliance starting not less than
three years after the final rule, the Bureau does not believe such an
approach would be appropriate, for the reasons specified above
concerning the request for a single three-year compliance period. The
Bureau believes that a three-year period for the earliest tier is
inconsistent with the statutory purposes of the rule because larger
volume financial institutions are capable of adequate compliance with
this rule within 18 months. Further delay for these lenders would
result in a longer period during which data are unavailable to
facilitate the enforcement of fair lending laws or to identify business
and community development needs and opportunities.
Regarding the requests that the Bureau use asset size to determine
compliance date tiers, the Bureau acknowledges that asset size can
sometimes be a proxy for determining the resources and capacity a
lender has to prepare to come into compliance with the rule. It is also
a simple metric to implement, given that there are recognized standards
for reporting assets. The Bureau agrees that institutions with less
assets often have smaller compliance and information technology staffs.
However, the Bureau notes that this rule applies to non-depository
institutions as well. Some such lenders may have high volumes of
originations but relatively low assets. As a result, the Bureau
observes that asset size may not be as reliable a proxy for the
capacity and resources a non-depository institution has to comply
quickly with the rule. The Bureau believes that volume of originations
is, in the context of small business lending, a better proxy than asset
size for determining the capacity of a lender to comply with this rule.
The Bureau also believes that tiering based on volume of originations
is proportional to the interest a lender would have in complying with
this rule, regardless of asset size.
Regarding the comments opposing tiered compliance dates, the Bureau
appreciates that this rule represents a great change for small and
large financial institutions that may proceed through similar steps to
implement the rule, including understanding the rule, changing
processes, building and testing systems, training staff, and adding
procedures and controls. The Bureau does not believe, however, that the
magnitude of challenges lenders face is the same regardless of the size
or capacity of the institution. The Bureau believes that the largest
volume lenders that will be in Tier 1 have the capacity to comply with
this rule within 18 months, especially given the leeway provided by
this rule--in the form of the bona fide error thresholds and safe
harbors--and by the grace period to report data that is sufficiently
accurate. The Bureau agrees with the comment that limiting access to
small business credit could have a negative impact on the economy, but
does not believe the final tiered compliance date provision would
``inevitably'' result in any diminishing of access to credit for small
businesses, as discussed in more detail in part IX below.
Regarding the comment opposing tiered compliance dates on the
grounds that 18 months was sufficient for all institutions, the Bureau
disagrees for the reasons specified above. While many smaller-volume
lenders may be able to comply within 18 months, the Bureau believes
that many such lenders may find it challenging to comply within 18
months. Regarding the comment that financial institutions have had
since the release of the NPRM in September 2021 to begin preliminary
planning to comply with this rule, the Bureau agrees in part. While the
final rule differs from the NPRM in several aspects, many provisions
are based on statutory requirements--such as the mandatory data points,
the firewall provision, the recordkeeping requirements, and the privacy
analysis--and would have been finalized in some manner, permitting some
planning for financial institutions concerned with preparing for
implementation well in advance of the eventual compliance date. The
Bureau does not believe, however, that the September 2021 release of
the NPRM gives smaller volume lenders the ability to comply with this
rule within 18 months of its issuance.
Regarding the comment that the proposed compliance period of 18
months would give banks just six months to collect data to do a trial
run with one year of data before compliance date, the Bureau observes
that smaller volume lenders in Tiers 2 or 3 would have more time to
test their collection systems. The Bureau also notes that pursuant to
final Sec. 1002.114(c)(1), all
[[Page 35449]]
financial institutions may start collecting data one year before their
respective compliance dates, giving especially smaller-volume lenders
more time to test their systems.
114(c) Special Transitional Rules
The Bureau is adopting two transitional rules in Sec. 1002.114(c)
to facilitate the initial compliance of financial institutions with
subpart B. Final Sec. 1002.114(c)(1) permits, but does not require,
financial institutions as described by Sec. 1002.114(b)(1) through (3)
to collect information regarding applicants' minority-owned business
status, women-owned business status, LGBTQI+-owned business status, and
the ethnicity, race, and sex of applicants' principal owners under
final Sec. 1002.107(a)(18) and (19) beginning 12 months prior to the
financial institution's applicable compliance date as set forth in
Sec. 1002.114(b)(1) through (3). A financial institution collecting
such information pursuant to Sec. 1002.114(c)(1) must do so in
accordance with the requirements set out in Sec. Sec. 1002.107(a)(18)
and (19), 1002.108, and 1002.111(b) and (c). In addition, comment
114(c)-2 clarifies that a financial institution that receives an
application prior to its compliance date under Sec. 1002.114(b), but
takes final action on the application after the compliance date, is not
required to collect data regarding that application under Sec.
1002.107 and not required to report the application pursuant to Sec.
1002.109.
Final Sec. 1002.114(c)(2) permits a financial institution that is
unable to determine the number of originations of covered credit
transactions for small businesses for calendar years 2022 and 2023,
because for some or all of this period it does not have readily
accessible the information needed to determine whether its covered
credit transactions were originated for small businesses as defined in
Sec. 1002.106(b), to use a reasonable method to estimate its
originations to small businesses for either or both of the calendar
years 2022 and 2023.
The Bureau believes that these transitional rules pursuant to its
authority under ECOA section 704B(g)(1), are necessary to carry out,
enforce, and compile data pursuant to section 1071.
114(c)(1) Collection of Certain Information Prior to a Financial
Institution's Compliance Date
Proposed Rule
Proposed Sec. 1002.114(c)(1) would have provided that a financial
institution that will be a covered financial institution as of the
compliance date in proposed Sec. 1002.114(b) is permitted, but not
required, to collect information regarding whether an applicant for a
covered credit transaction is a minority-owned business under proposed
Sec. 1002.107(a)(18), a women-owned business under proposed Sec.
1002.107(a)(19), and the ethnicity, race, and sex of the applicant's
principal owners under proposed Sec. 1002.107(a)(20) beginning 12
months prior to the compliance date. A financial institution collecting
such information pursuant to proposed Sec. 1002.114(c)(1) would have
been required to do so in accordance with the requirements set out in
proposed Sec. Sec. 1002.107(18) through (20) and 1002.108.
The Bureau sought comment on the approach in this proposal.
Comments Received
A joint letter from several trade associations supported the
proposed provision permitting early collection of data. A community
group agreed with the reasoning and approach to allowing voluntary
reporting by financial institutions, inquired whether the Bureau was
permitting voluntary reporting of date only for demographic
information, and suggested that to permit the reporting of only
demographic information would be of limited use. A business advocacy
group commended the Bureau for encouraging the reporting of data before
the start of the compliance period, and encouraged the Bureau to offer
incentives to enable collection of data as early as possible to help
enable the analysis of fair lending. Several CDFI lenders suggested
that mission-oriented lenders ready to report data in 18 months should
be able to opt in. Two banks recommended that the 12-month period of
voluntary collection in advance of the compliance date should be
extended further, noting that such a transitional period would be a
critical period for lenders to implement, test, and if necessary,
modify data collection and maintenance processes and systems before the
compliance date. One trade association requested that the Bureau
clarify that applications submitted before the compliance date, but
approved after the compliance date, not be considered covered
applications for purposes of determining coverage.
Final Rule
The Bureau is finalizing Sec. 1002.114(c)(1), maintaining the
provision in principle but making several changes. First, final Sec.
1002.114(c)(1) permits, but does not require, a financial institution
that will be a covered financial institution by the compliance dates
set out in Sec. 1002.114(b)(1) through (3) to collect protected
demographic information pursuant to Sec. 1002.107(a)(18) and (19)
beginning 12 months prior to the compliance date applicable to that
financial institution. This regulatory text has been adjusted to
account for the change from a single compliance date in proposed Sec.
1002.114(b) to the three different compliance dates in final Sec.
1002.114(b)(1) through (3). Second, final Sec. 1002.114(c)(1)
clarifies that any protected demographic information collected under
this provision must comply with the requirements of Sec.
1002.107(a)(18) and (19), and Sec. 1002.108, as proposed, and adds a
new requirement that any demographic information collected must comply
with the requirements of Sec. 1002.111(b) and (c). Third, final Sec.
1002.114(c)(1) clarifies that a financial institution that receives an
application prior to its compliance date specified in Sec.
1002.114(b), but takes financial action on or after that compliance
date, is not required to collect data regarding that application
pursuant to Sec. 1002.107 nor to report the application pursuant to
Sec. 1002.109.
The Bureau is also finalizing new comments 114(b)-1 through 4.
Comment 114(b)-1 specifies the provisions of this rule that a covered
financial institution must comply with by the compliance date that
applies to it under Sec. 1002.114(b). Comment 114(b)-2 specifies the
provisions of this rule that covered financial institutions that must
comply with the initial partial year collection pursuant to Sec.
1002.114(b)(1), from October 1, 2024 through December 31, 2024. Comment
114(b)-3 establishes informal names for compliance date provisions
(Tier 1, Tier 2 and Tier 3) to facilitate discussion of the compliance
dates specified in Sec. 1002.114(b)(1), (2), and (3). Comment 114(b)-4
illustrates the application of Sec. 1002.114(b) to determine the
compliance dates of a variety of financial institutions, based on a
variety of volumes of originations of covered credit transactions to
small businesses.
The Bureau believes that this provision will give financial
institutions time to test their procedures and systems for compiling
and maintaining this information in advance of actually being required
to collect and subsequently report it to the Bureau. Under this
provision, financial institutions will have time to adjust any
procedures or systems that may result in the inaccurate compilation or
maintenance of applicants' protected demographic information, the
collection of which is required by section 1071 but
[[Page 35450]]
otherwise generally prohibited under ECOA and Regulation B. (Financial
institutions could of course collect the other information that would
be required by this proposed rule at any time, without needing express
permission in Regulation B to do so.) The Bureau believes that this
provision will facilitate compliance and improve the quality and
accuracy of the data reported to the Bureau and therefore is necessary
to carry out, enforce, and compile data pursuant to section 1071, and
will carry out the purposes of ECOA, and is necessary or proper to
effectuate the purposes of ECOA and facilitate or substantiate
compliance therewith.
Regarding the question as to whether the proposed provision permits
voluntary reporting only of protected demographic information, the
Bureau observes that the provision actually only permits the
collection, not reporting, of demographic information. The provision is
necessary because, in its absence, ECOA and Sec. 1002.5(b) of
Regulation B would otherwise prohibit creditors from collecting such
demographic information, while creditors are not prohibited by ECOA and
Regulation B from collecting the other data points required by this
rule. Regarding the comments encouraging the Bureau to offer incentives
to collect data as early as possible to help enable the analysis of
fair lending, the Bureau notes that the provision exists only to help
financial institutions better prepare to comply with the rule. The
Bureau is not adopting any additional incentives, as suggested by
commenters, and indeed it is unclear what incentives it might offer to
further encourage early reporting.
Regarding the comment that mission-oriented lenders ready to report
data in 18 months should be able to opt in, the Bureau agrees.
Regarding the request to extend the transitional period further such
that financial institutions could collect protected demographic
information without being required to report it for a period longer
than 12 months, the Bureau acknowledges these concerns but does not
believe such a change would be appropriate. The Bureau's decision to
provide most smaller-volume financial institutions additional time by
way of tiered compliance dates, as well as a grace period during which
it does not intend to exercise its supervisory or enforcement
authorities, all give financial institutions additional time and leeway
to establish their compliance systems. Further, institutions seeking
longer periods to collect demographic information would not necessarily
have even one year of information upon which to base a determination
that they may have to begin preparing to comply with the rule,
potentially resulting in the collection (but not reporting) of
protected demographic data in a way that completely overrides the
general prohibition in existing Sec. 1002.5(b).
Regarding the request to clarify that applications submitted before
the compliance date, but approved after, not be considered covered
applications, the Bureau agrees that such clarity is useful and thus
final Sec. 1002.114(c)(1) addresses and implements this request.
114(c)(2) Determining Which Compliance Date Applies to a Financial
Institution That Does Not Collect Information Sufficient To Determine
Small Business Status
Proposed Rule
Proposed Sec. 1002.114(c)(2) would have provided that for purposes
of determining whether a financial institution is a covered financial
institution under proposed Sec. 1002.105(b) as of the compliance date
specified in proposed Sec. 1002.114(b), a financial institution would
be permitted, but not required, to use its originations of covered
credit transactions for small businesses in the second and third
preceding calendar years (rather than its originations in the two
immediately preceding calendar years).
The Bureau sought comment on the approach in this proposal.
Comments Received
A joint letter from trade associations representing the commercial
real estate industry supported the proposed provision and suggested an
edit to the regulatory text of proposed Sec. 1002.114(c)(2) specifying
that a financial institution is permitted, but not required, to use its
originations in the first two full calendar years after the effective
date of the rule, rather than its originations in the two immediately
preceding calendar years.
A joint letter from trade associations, in commenting on the
proposed compliance date, claimed that 18 months was not enough time to
determine covered financial institution status pursuant to Sec.
1002.105(b) because lenders would be required to collect gross annual
revenue data to determine the small business status of their
originations for purposes of originations thresholds, but they could
not collect such data until after the publication of the final rule.
The commenter noted that many lenders do not collect gross annual
revenue for their commercial loans (e.g., investment property loans are
underwritten based on net operating income), and that some lenders that
collected gross revenue data did not have it readily accessible. The
commenter requested a longer compliance period to give lenders time to
understand the content of the final rule before the start of a calendar
year to track originations for small businesses to avoid retroactive
application of the final rule. The commenter suggested, instead, a two-
calendar-year period to collect gross annual revenue data, followed by
the compliance date starting the third calendar year for those
financial institutions that determine they are covered. The commenter
noted that its proposed schedule was a minimum, and was predicated on
having a gap between publication of the final rule and the start of the
first calendar year during which lenders would track the small business
status of originations, and that the Bureau published technical
specifications sufficiently in advance of the third calendar year. A
trade association, also commenting on the compliance period, claimed
that two years would allow for implementation by lenders, would provide
time to track originations of covered transactions and, therefore, the
small business status of applicants, and would allow lenders to make
changes necessary to achieve the statutory purposes of the rule.
Final Rule
The Bureau is not finalizing Sec. 1002.114(c)(2) as proposed. The
Bureau is instead implementing a different provision stating that a
financial institution that is unable to determine the number of covered
credit transactions it originated for small businesses for calendar
years 2022 and 2023 for purposes of determining its compliance date
pursuant to Sec. 1002.114(b), because for some or all of this period
it does not have readily accessible the information needed to determine
whether its covered credit transactions were originated for small
businesses as defined in Sec. 1002.106, is permitted to use any
reasonable method to estimate its originations to small businesses for
either or both of the calendar years 2022 and 2023. The Bureau is also
implementing new comments 114(c)-3 through -6. Comment 114(c)-3
specifies circumstances under which a financial institution has readily
accessible the information needed to determine the small business
status of its covered credit transactions for purposes of determining
its compliance date. Final
[[Page 35451]]
comment 114(c)-4 specifies certain circumstances under which a
financial institution does not have readily accessible the information
needed to determine small business status of its covered credit
transactions for purposes of determining its compliance date. Final
comment 114(c)-5 identifies three reasonable methods that may be used
by financial institutions to estimate the number of covered credit
transactions for small businesses for purposes of determining its
compliance date. Final comment 114(c)-6 provides examples of financial
institutions applying each of the three reasonable methods identified
in comment 114(c)-5 by financial institutions, as well as financial
institutions applying reasonable methods not specified in comment
114(c)-5, to estimate the number of covered credit transactions for
purposes of determining its compliance date.
The Bureau believes that, in the context of the proposed single
compliance date, proposed Sec. 1002.114(c)(2) would have provided
greater clarity and certainty to financial institutions as to whether
or not they would be covered financial institutions. This may have been
particularly important for those financial institutions that originated
a volume of covered credit transactions close to the threshold under
proposed Sec. 1002.105(b) and a single compliance date. The Bureau
believed this provision would have been necessary to carry out,
enforce, and compile data pursuant to section 1071.
However, because of the changes to the compliance date provision in
final Sec. 1002.114(b), from a single compliance date to several tiers
of compliance dates, the Bureau believes that Sec. 1002.114(c)(2) as
originally proposed may no longer effectively serve the purposes for
which it was originally intended. The Bureau believes that because the
final rule provides for several compliance dates, the optionality
provided by proposed Sec. 1002.114(c)(2) is no longer necessary and
may even make compliance more confusing. The transition to several
compliance dates in the final rule, from a single compliance date in
the proposal, means that many lower-volume financial institutions will
have one to two years in advance of their compliance date to determine
whether they are covered financial institutions that must report data
at all. For instance, an institution with a compliance date of January
1, 2026, based on its annual originations in 2022 and 2023, may not be
a covered financial institution at all by its compliance date if it has
less than 100 annual originations in 2024 or 2025.
The Bureau received one comment directly addressing proposed Sec.
1002.114(c)(2). By contrast, the Bureau received multiple comments on
the difficulty that some financial institutions may face in determining
their coverage under this rule, and therefore their compliance date,
because they do not collect information on the gross annual revenue of
their applicants for business credit. Some industry commenters, as set
out in the section-by-section analysis of Sec. 1002.107(a)(14), noted
either that they did not collecting data on gross annual revenue of
some small business applicants, or that there would be difficulties in
collecting such data.
In response to these comments, the Bureau has revised Sec.
1002.114(c)(2) to provide greater flexibility for those financial
institutions that do not have ready access to data on gross annual
revenue to determine what compliance date will apply to them for
purposes of Sec. 1002.114(b). Because of the changes to this rule
after the proposal, the Bureau believes that this provision, as
finalized, will provide greater clarity and certainty to those
financial institutions that do not currently collect gross annual
revenue data as to which compliance date will apply to them. This will
be particularly important for those financial institutions that
originated a volume of potentially covered credit transactions close to
the threshold under Sec. 1002.105(b), and those financial institutions
that originated a volume of potentially covered credit transactions
close to the thresholds in Sec. 1002.114(b). The Bureau believes this
provision is necessary to carry out, enforce, and compile data pursuant
to section 1071.
Appendix E to Part 1002--Sample Form for Collecting Certain Applicant-
Provided Data Under Subpart B
Proposed Rule
The Bureau proposed a sample data collection form that financial
institutions could choose to use to collect minority-owned business
status, women-owned business status, and principal owners' ethnicity,
race, and sex. The proposed sample data collection form would have been
similar to the HMDA data collection form and would have included a
notice of the applicant's right to refuse to provide the information as
well as an explanation of why the financial institution is requesting
the information. The sample data collection form would have also
included the definitions of minority individual, minority-owned
business, principal owner, and women-owned business as they would have
been defined in proposed Sec. 1002.102(l), (m), (o), and (s),
respectively.
Additionally, to aid financial institutions with the collection of
the information in proposed Sec. 1002.107(a)(21), the sample data
collection form would have included a question about the applicant's
number of principal owners. The sample data collection form would have
also included language that a financial institution would have been
able to use to satisfy the notice requirement under ECOA section
704B(d)(2) if it determined that one or more employees or officers
should have access to the applicant's protected demographic information
pursuant to proposed Sec. 1002.108(b)(2).
The Bureau requested comment on the proposed sample data collection
form, including the proposed language for the notice under ECOA section
704B(d)(2). The Bureau also generally requested comment on whether to
provide additional clarification regarding any aspect of the sample
data collection form or the related notice provided pursuant to ECOA
section 704B(d)(2). In addition, the Bureau sought comment on whether
the sample data collection form should identify the Bureau to
applicants as a potential resource in connection with their applicable
legal rights or for additional information about the data collection,
including concerns regarding non-compliance. It also sought comment on
whether financial institutions need additional information on how to
adapt this form for use in digital modes of data collection, and, if
so, what specific information would be most useful. The Bureau further
requested comment on whether a sample data collection form in Spanish
or other languages would be useful to financial institutions.
Comments Received
Commenters were generally supportive of the Bureau's inclusion of a
sample data collection form in the final rule, stating that the sample
data collection form would help financial institutions meet the
demographic data collection requirements.
Several commenters had suggestions for language to add to the
proposed sample data collection form. One trade association suggested
that the data collection form disclose, as the beginning, that the
applicant is not required to respond to the questions, and second
inquire as to whether the applicant is a small business based on its
gross annual revenue and establish that the form is not required if the
applicant is not a small business. One bank commented that the form
should
[[Page 35452]]
include language, in bold, to the applicant stating that the
information provided will not be used against them and is not
derogatory.
A bank urged providing an option on the proposed form for an
applicant to indicate if the applicant's principal owner was present
when the form was completed or if the responses were provided by the
principal owner, to lessen confusion and discomfort during the
application process. The bank stated such an option would also improve
data quality where a financial institution does not meet with a
principal owner in person and thus cannot make ethnicity and race
determinations on the basis of visual observation and/or surname
analysis. A trade association suggested including options to indicate
on the form if the applicant declined to answer and that the applicant
was not available, which could be used if an applicant representative
was uncertain of an absent principal owner's ethnicity, race, and/or
sex or was unsure if the principal owner wished to provide such
information.
A community group commenter recommended that the sample data
collection form include a notice that the Americans with Disabilities
Act prohibits discrimination in lending practices on the basis of an
applicant's disability.
An individual commenter suggested that applications include an
explanation of why the Bureau is collecting protected demographic
information after a demographic information collection section, which
would allow an applicant to make an informed decision in providing
information and know who to contact in the event of discrimination.
A bank and a trade association stated that the proposed sample data
collection form is misleading because it would have indicated that the
demographic information is required and would not have stated that the
borrower has the right to refuse to provide the requested information.
In contrast, however, a CDFI lender supported the statement on the
proposed form that applicants are not required to provide the
information requested but are encouraged to do so. This commenter also
supported the notice on the sample form that while provided information
could not be used to discriminate against the applicant, some employees
may have access to the information.
Some lenders and trade associations expressed concerns about the
text on the proposed sample form that would have disclosed that, if an
applicant does not provide ethnicity, race, or sex information for at
least one principal owner and the financial institution meets with a
principal owner in person or via electronic media with an enabled video
component, the financial institution is required by Federal law to
report at least one principal owner's ethnicity and race based on
visual observation and/or surname. Some of these commenters, who also
opposed the proposed visual observation and surname data collection
requirement this language would have referenced, stated that the
proposed disclosure language may discourage an applicant from seeking
an in-person meeting with the financial institution or pressure
applicants to provide the information to avoid inaccurate guesses by
bank employees or officers. Other commenters requested that the
disclosure about the proposed visual observation and surname data
collection requirement be removed from the form, because it would
inform an applicant that the financial institution will be collecting
information about their principal owners' ethnicity and race regardless
of their choice to not provide the information. A joint letter from
several trade associations representing the commercial real estate
industry opposing the proposed visual observation and surname data
collection requirement stated that the related disclosure language on
the proposed form should be removed if the data collection requirement
is not adopted for the final rule.
Some community groups, a CDFI lender, and a joint trade association
letter recommended that the Bureau provide non-English translations of
any sample forms, including in Spanish. Two community groups suggested
that the data collection form be provided in English, Spanish, and
Mandarin Chinese. They stated that providing the forms in multiple
languages would help reduce confusion and help lenders. Other community
groups and a lender suggested that the proposed form be provided in at
least the top ten spoken languages in the United States, as determined
by the Census, so applicants can understand the data being collected
and its context. They stated that the translations are necessary to
honor the statutory intent, and that immigrants are more likely to
start businesses than non-immigrants, and research shows that many
immigrants and immigrant entrepreneurs have limited English
proficiency, which leads to difficulties in navigating the financial
marketplace.
A trade association and a bank requested flexibility to solicit
responses to the questions on the proposed sample collection form
across different circumstances, and specifically asked for
clarification that financial institutions could list the response ``I
do not wish to provide this information,'' as the first response option
and not the last, as it is listed for all the proposed questions on the
form. The commenters also asked for flexibility, when using an
electronic data collection form, to collapse subcategories of
questions, so that they appear only when an applicant clicks on a
question to facilitate readability. The commenters also asked for
clarification for applications taken orally, as to whether all
categories of responses must be read to the applicant, even if the
applicant has responded to an earlier response option. These commenters
also requested a safe harbor from liability for not using the language
of the sample data collection form when taking a covered application
orally, stating that some words on the form are long, complex, and may
be difficult for employees to pronounce. These commenters also stated
that the sample data collection form should disclose which data points
will be published to allow applicants to make informed decisions,
address privacy concerns, and improve data quality.
Some commenters had suggestions for additional forms or materials
the Bureau should issue. A trade association stated that the Bureau
should create a business-specific form to request information, which
the commenter stated should be optional for financial institutions to
use. Several commenters, including banks, community groups, and a
minority business advocacy group, asked the Bureau to create a uniform
or model data collection or application form. The commenters generally
stated that such a form would facilitate accurate data collection. One
bank asserted that the likelihood of a respondent providing information
would be higher, citing Paycheck Protection Program data that the
majority of applicants chose not to provide demographic information.
The bank stated that absent a uniform CFPB-issued form, collection and
the resulting data will be flawed. Two commenters cited the HMDA model
application forms as an example of such a uniform application, which
one said effectively explains to borrowers why data are being collected
and encourages completion of the data while also giving the borrower
some assurance that they will not be discriminated against for either
furnishing (or not) the data. A trade association and a bank urged the
Bureau to create a specific data collection form for loans covered by
HMDA and by section 1071, if HMDA-reportable loans are included in the
[[Page 35453]]
final rule, to facilitate consistent reporting. A trade association and
a business advocacy group encouraged the Bureau to evaluate the sample
data collection form and instructions on an ongoing basis for any
necessary changes.
Final Rule
Pursuant to its authority under ECOA section 704B(g)(1), the Bureau
is finalizing appendix E to help financial institutions comply with
requirements to collect applicants' protected demographic information
and to keep an applicant's responses to inquiries for such information
separately from the credit application and accompanying information.
The introductory language in the sample form includes right to refuse,
firewall, and non-discrimination notices. When lenders choose to use
the form, this language serves to facilitate compliance with ECOA
section 704B(c) and, when applicable, 704B(d)(2), as well as with
comment 107(a)(19)-4, which requires that applicants be informed that
Federal law requires it to ask for the principal owners' ethnicity,
race, and sex/gender to help ensure that all small business applicants
for credit are treated fairly and that communities' small business
credit needs are being fulfilled. Though the sample form reflects a
number of legal requirements applicable to collection, the rule does
not require use of the form itself. Rather, the sample form is intended
as a compliance resource for lenders who choose to use it.
The Bureau agrees generally with commenters that the sample data
collection form at final appendix E will help facilitate financial
institutions' efforts to comply with the data collection requirements
of the final rule, meet their statutory obligations, and that it will
streamline the data collection process. To further these goals, the
sample data collection form at final appendix E reflects edits made by
the Bureau in response to comments received and further Bureau
consideration. The final version of the form also considers feedback
from user testing, conducted to learn about small business owners'
likely experience in filling out the form and to explore design and
language options to make the form effective.\839\
---------------------------------------------------------------------------
\839\ CFPB, User testing for sample data collection form for the
small business lending final rule (Mar. 2023), https://www.consumerfinance.gov/data-research/research-reports/user-testing-for-sample-data-collection-form-for-the-small-business-lending-final-rule/.
---------------------------------------------------------------------------
The Bureau received comments suggesting that the Bureau provide
more guidance or specific text on the form about the purpose of the
data collected through the form. The Bureau agrees with commenters that
it is important to provide applicants with a general explanation of the
rule and its purpose. As discussed in the section-by-section analysis
of Sec. 1002.107(a)(19), in response to similar comments and in
consideration of feedback from the user testing, comments 107(a)(18)-4
and 107(a)(19)-4 provide that a financial institution must inform an
applicant that Federal law requires it to ask for the applicant's
principal owners' ethnicity, race, and sex to help ensure that all
small business applicants for credit are treated fairly and that
communities' small business credit needs are being fulfilled. The
Bureau has also included sample language for the statement on the
sample form at appendix E. In the Bureau's user testing, participants
also generally reflected a preference for upfront placement of language
establishing that Federal law requires the collection of the requested
information and emphasizing the purpose of collecting the information,
to ensure that small business owners are treated fairly. As revised,
the introduction on the first page of the final sample data collection
form starts with this statement and also reiterates the purpose of the
data collection in the last sentence. As discussed in the section-by-
section analysis of Sec. 1002.108, the Bureau has also revised the
firewall notice in the introduction. The Bureau has moved its placement
to the second paragraph of the introduction. In line with a suggestion
by a commenter, the Bureau has also generally revised the language of
the non-discrimination notice to emphasize that the financial
institution may not discriminate against the applicant on the basis of
its answers, by bolding and capitalizing the phrase, ``Federal law
prohibits discrimination'' in that disclosure, along with other
edits.\840\
---------------------------------------------------------------------------
\840\ Id. at app. A.
---------------------------------------------------------------------------
To accommodate the changes described above, the right to refuse
notice is now included later in the introduction. The Bureau received
comments that the proposed sample data collection form does not state
that applicants have the right to refuse to provide the information
requested--which the Bureau notes is incorrect--and a suggestion that
the form emphasize that right at the very beginning. In the user
testing, some participants also recommended greater emphasis on the
right to refuse.\841\ After consideration of all the received feedback,
the Bureau believes that the introduction of the sample data collection
form appropriately addresses an applicant's right to refuse to provide
the information requested. In particular, the preceding introductory
material in the sample data collection form, as described above, will
inform applicants about what they are refusing when exercising that
right.
---------------------------------------------------------------------------
\841\ Id.
---------------------------------------------------------------------------
The first page of the final sample form also includes a question
about the applicant's business status under final Sec.
1002.107(a)(18). Whereas the proposed sample form originally had
separate inquiries for an applicant's minority-owned business status
and women-owned business status, the final sample data collection form
combines those questions, along with the inquiry about whether the
applicant is an LGBTQI+-owned business, into one question to streamline
the questions on the data collection form.\842\ The Bureau also
received feedback during its user testing of the forms that the term
``business status'' was confusing for applicants. In consideration of
that feedback and comments received generally urging the Bureau to make
the sample data collection form clearer for applicants, the Bureau has
revised the sample question heading to read ``Business ownership
status.''
---------------------------------------------------------------------------
\842\ Two versions of a combined question were tested in the
Bureau's user testing. The version in final appendix E is the
version the Bureau believes is conceptually simpler for applicants
to understand.
---------------------------------------------------------------------------
As discussed in the section-by-section analysis of Sec.
1002.102(m), the Bureau is not adopting its proposed definition for
minority individual in the final rule, because it is incorporating the
substance of the minority individual definition in the ``minority-owned
business'' definition at final Sec. 1002.102(m). To facilitate the
readability of the combined business ownership status question on the
final sample data collection form, the Bureau is including a separate
explanation for what is meant by a minority individual, which is
similar to the approach to the minority-owned business question on the
proposed sample data collection form. A financial institution is
permitted to use the language on the sample form to satisfy the rule's
requirement to provide certain definitions when requesting an
applicant's business status.
The first page of the final sample data collection form also
includes a question about the number of the applicant's principal
owners, as did the first page of the Bureau's proposed form. The Bureau
has revised the question to include check boxes for potential responses
instead of a write-in text field as proposed, to reduce the likelihood
of
[[Page 35454]]
error by applicants in responding to the question.
Final comments 102(o)-3 and 107(a)(20)-1 clarify that a financial
institution must provide the definition of principal owner set forth in
Sec. 1002.102(o) when requesting information about the number of an
applicant's principal owners. As discussed further in the section-by-
section analyses of Sec. Sec. 1002.102(o) and 1002.107(a)(20), in
consideration of overall feedback from commenters to improve applicant
understanding of the data collection and positive feedback received in
the course of the user testing, the Bureau has revised the number of
principal owners inquiry on the final sample data collection form to
use the term ``individual'' instead of the term ``natural person'' when
providing the definition of a principal owner.
As explained in the section-by-section analysis of Sec.
1002.107(a)(19), the Bureau has elected to not adopt the proposed
requirement that a financial institution collect at least one principal
owner's ethnicity and race information through visual observation and/
or surname analysis under certain circumstances. As a result, the
Bureau has removed the proposed disclosure regarding this requirement
from the second page of the final sample data collection form,
rendering commenters' objections to the disclosure moot.
In the Bureau's user testing, some participants expressed confusion
about differences between the ethnicity and race questions on the
sample data collection form. Some users also stated it was not obvious
how many separate questions they had to answer. To ensure that the
sample data collection form is clear and easily understood, on the
second page of the form the Bureau has numbered the sample questions
about a principal owner's ethnicity, sex (as ``sex/gender''), and race
(from one to three, in that order) to make more apparent that the
questions are separate inquiries. The Bureau has also changed the
inquiries on that page to appear as questions (e.g., for ethnicity, to
ask ``Are you Hispanic or Latino?'') to make the substance of each
inquiry clearer. The Bureau has also made edits to rearrange the
questions and to the format of the ethnicity and race aggregate
categories and disaggregated subcategories on the final form, to make
clearer for the reader that the disaggregated subcategories are
associated with the aggregate categories. The Bureau has further
updated the instruction associated with each of the response options
with a write-in text field to direct the applicant to ``specify'' a
response and not ``print'' a response as proposed, to facilitate the
use of the instruction for paper, electronic, and oral applications.
The Bureau carefully considered the comment suggesting that the
sample form first note applicants' right to refuse and, second,
establish that if the applicant is not a small business it does not
need to fill out the form, by including an inquiry about the
applicant's gross annual revenue. However, in the Bureau's user
testing, participants preferred having information explaining that the
data collection was required under Federal law at the beginning of the
form and emphasized the importance of explaining the purpose of the
data collection.\843\ And, for the reasons explained above, the Bureau
believes the placement of the right to refuse in the introductory text
is appropriate.
---------------------------------------------------------------------------
\843\ CFPB, User testing for sample data collection form for the
small business lending final rule at app. A, at 6, 11-12, 14 (Mar.
2023), https://www.consumerfinance.gov/data-research/research-reports/user-testing-for-sample-data-collection-form-for-the-small-business-lending-final-rule/.
---------------------------------------------------------------------------
The Bureau also does not believe that it is necessary for the
sample form to include an inquiry establishing the applicant's small
business status. Financial institutions will be required to maintain
reasonably designed procedures to collect applicant-provided data,
pursuant to Sec. 1002.107(c). The Bureau has also included a safe
harbor under Sec. 1002.112(c) for a financial institution that
initially collects data under Sec. 1002.107(a)(18) and (19) regarding
whether an applicant for a covered credit transaction is a minority-
owned, a women-owned, and/or an LGBTQI+-owned business, and the
ethnicity, race, and sex of the applicant's principal owners, but later
concludes that it should not have collected this data, if certain
conditions are met. The Bureau believes these other regulatory
provisions will mitigate the possibility that data will be incorrectly
collected and protect financial institutions from inadvertent
collection. As a result, the Bureau does not believe that it is
necessary for the sample form to include a question to establish the
applicant's small business status.
The Bureau considered the commenter's suggestion to include a
disclosure about the American with Disabilities Act on the final sample
data collection form. The sample form has been developed by the Bureau
to address a financial institution's disclosure and data collection
obligations under section 1071 and the Bureau believes it would be
confusing for the sample form to include text as to the applicability
of other laws.
The Bureau is not adopting commenters' suggestions that the sample
data collection form include options for indicating whether an
applicant's principal owners or the applicant are not present or
available, that the data was not provided by principal owner, or that
the applicant declines to fill out the form. As discussed above, the
proposed form would have included a notice about the applicant's right
to refuse to provide the information requested. This right to refuse
notice also appears, with some edits, on the final sample data
collection form. The Bureau believes it is reasonable to assume that if
the person filling out the data collection form on behalf of an
applicant does not feel comfortable providing the information for any
reason, including because they are not the principal owner at issue or
do not believe they can provide accurate responses, that they will
exercise the right to refuse to provide the requested information.
Further, an applicant can also choose to not fill out the entirety of
the form, to not provide responses to a specific question, or to select
the ``I do not wish to provide this information'' or similar response
option available for each of the demographic questions on the sample
data collection form. As a result, the Bureau does not believe it is
necessary to include the suggested options on the sample data
collection form to address any discomfort by persons that may be
completing the data collection form, who are not principal owners, as
suggested by some commenters. Further, as explained in the section-by-
section analysis of Sec. 1002.107(a)(19), the Bureau is not finalizing
its proposal to require a financial institution to collect at least one
principal owner's ethnicity and race on the basis of visual observation
and/or surname analysis under certain circumstances. All financial
institutions will be required to report only applicant-provided
responses to the demographic questions on the final sample data
collection form. As a result, the Bureau does not believe the suggested
options are necessary to address data quality concerns relating to the
proposed visual observation and surname data collection requirement, as
suggested by one commenter.
The Bureau has considered comments suggesting that the sample data
collection form disclose what information will be published. As
discussed in greater detail in part VIII below, after receiving a full
year of reported data, the Bureau will assess privacy risks associated
with the data and make modification and deletion
[[Page 35455]]
decisions to the public, application-level dataset. As a result, the
Bureau does not have definitive information about the public,
application-level dataset available to put on the sample data
collection form. The Bureau takes the privacy of such information
seriously and, as noted, will be making appropriate modifications and
deletions to any data before making it public. However, the Bureau
intends to continue engage with the public about how to mitigate
privacy risk.
The Bureau also considered the suggestion to translate the sample
data collection form into other languages. Generally, Bureau
stakeholders have underscored the importance of language access as a
way of ensuring fair and competitive access to financial services and
products. Persons with limited English proficiency in the United States
make up a significant portion of the population. According to a report,
more than one in five immigrant entrepreneurs, or nearly 773,000
people, in the United States in 2018 had limited English
proficiency.\844\ More than 67 million people, or close to 22 percent
of the U.S. population over the age of five, speak a language other
than English at home.\845\ In 2021, over five million households
reported that all their members were of limited English speaking
ability.\846\
---------------------------------------------------------------------------
\844\ New Am. Econ. Rsch. Fund, Assessing Language Barriers for
Immigrant Entrepreneurs (Aug. 13, 2020), https://research.newamericaneconomy.org/report/covid19-immigrant-entrepreneurs-languages/ (analyzing 2018 data from the Census
Bureau's American Community Survey).
\845\ U.S. Census Bureau, American Community Survey, 2021
American Community Survey 1-Year Estimates, Table S1601: Language
Spoken at Home, https://data.census.gov/cedsci/table?q=language%20spoken%20at%20home&tid=ACSST1Y2021.S1601 (last
visited Mar. 20, 2023).
\846\ U.S. Census Bureau, American Community Survey, 2021
American Community Survey 1-Year Estimates, Table S1602: Limited
English Speaking Households, https://data.census.gov/cedsci/table?q=language%20spoken%20at%20home&tid=ACSST1Y2021.S1602 (last
visited Mar. 20, 2023). The U.S. Census defines a ``limited English
speaking household'' as one in which no member 14 years old and over
(1) speaks only English or (2) speaks a non-English language and
speaks English ``very well.'' See U.S. Census Bureau, Frequently
Asked Questions (FAQs) About Language Use, https://www.census.gov/
topics/population/language-use/about/
faqs.html#:~:text=What%20is%20a%20Limited%20English,least%20some%20di
fficulty%20with%20English (last visited Mar. 20, 2023).
---------------------------------------------------------------------------
The Bureau believes that competitive, transparent, and fair markets
are supported by providing translations of key material in the
customer's preferred language, along with the corresponding English-
language material. Accordingly, the Bureau will make available
translations of the sample data collection form, for financial
institutions that wish to use them. Use of these translations, like use
of the form itself, is not required under rule, but the Bureau is
providing them as an implementation resource for lenders.
Some commenters asked for flexibility as to the presentation of the
information, inquiries, and response options on the sample data
collection form at final appendix E. Generally, the Bureau believes
that applicants should have substantially similar experiences,
regardless of a financial institution's method of collection, when
being provided with required notices under the final rule (e.g., the
firewall notice, the non-discrimination notice, and the right to refuse
notice) and when asked for protected demographic information. The
Bureau has designed the sample data collection form at final appendix E
to assist financial institutions with their compliance obligations and
to maximize the likelihood that an applicant will provide demographic
information, after review of the comments received, user testing
feedback, and other considerations. However, the Bureau notes that the
use of the sample data collection form at final appendix E to collect
information required under the final rule is not mandatory, and
financial institutions are thus not prohibited from modifying the form,
so long as the resulting collection method complies with applicable
rule requirements.
With regard to a couple of commenters' request for clarification as
to whether a financial institution must read all of the categories of
responses if collecting over the phone or orally even if an applicant
has responded to an earlier response option, the Bureau is uncertain
whether the commenters' request is referring to the collection of a
principal owner's ethnicity and race information, which provides
aggregate categories and disaggregated subcategories as response
options. If so, the Bureau notes that it has revised the associated
commentary for Sec. 1002.107(a)(19) to provide financial institutions
with certain flexibility when inquiring about a principal owner's
ethnicity and race information. Generally, comment 107(a)(19)-16
provides that for applications taken orally through means other than by
a paper or electronic form (e.g., telephone applications), the
financial institution will not be required to read aloud every
disaggregated ethnicity and race subcategory, in the manner described
in the comment. Further, because an applicant using a paper version of
the sample data collection form will reference all available answer
options to a question at once and may review the answer options in any
order, the Bureau does not believe that the answer options for a
specified question need to be provided in a specific order for an
application taken over the phone, as long as all the answer options are
presented. However, for the requirement to collect ethnicity and race
information specifically, comment 107(a)(19)-16 clarifies that the
financial institution may not present the applicant with the option to
decline to provide the information requested without also presenting
specified aggregate categories and disaggregated subcategories for
ethnicity and race. This would apply even if the applicant informs the
financial institution, before the financial institution has asked for a
principal owner's ethnicity and race information, that it does not wish
to provide such information.
The Bureau is not including other sample, uniform, or model
applications or data collection forms in the final rule, as suggested
by some commenters. There are a variety of products that are covered
transactions under the final rule, and the Bureau understands that
covered financial institutions may need to ask for the information
(except for the protected demographic information) they are required to
report to the Bureau in different ways. The Bureau does not believe
that a sample, uniform, or model application or data collection form
would be able to account for such potential variations. Thus, any
additional forms may have limited utility and could incorrectly suggest
that financial institutions are limited in the manner in which they
collect non-demographic data under this final rule. As a result, the
Bureau is not providing such a form at this time. The Bureau may
consider issuing other guidance, tools, and compliance aids if it later
determines doing so is necessary.
The Bureau notes that there is no need for a specific data
collection form for loans that are reportable under both HMDA and
section 1071, as the Bureau has decided to exclude HMDA-reportable
loans from the data requirements of the final rule as discussed in the
section-by-section analysis of Sec. 1002.104(b)(2).
Some commenters urged the Bureau to continue to review the sample
data collection form and its instructions after these final rules are
issued. The Bureau anticipates receiving and feedback as the final
rules are implemented and, as with all the regulations it administers,
will issue guidance as necessary and consider if changes to any aspect
of the final rules are required, whether through rulemaking or
otherwise.
[[Page 35456]]
Appendix F to Part 1002--Tolerances for Bona Fide Errors in Data
Reported Under Subpart B
Proposed Rule
The Bureau proposed appendix H, which would have set out a
Threshold Table, as referred to in proposed Sec. 1002.112(b) and
proposed comment 112(b)-1. As these provisions would have explained, a
financial institution is presumed to maintain procedures reasonably
adapted to avoid errors with respect to a given data field if the
number of errors found in a random sample of a financial institution's
data submission for a given data field do not equal or exceed the
threshold in column C of the Threshold Table.
Under the Threshold Table in proposed appendix H, column A listed
the size of the financial institution's small business lending
application register in ranges of application register counts (e.g., 25
to 50, 51-100, 101-130, etc.). The applicable register count range
would have then determined both the size of the random sample, under
column B, and the applicable error threshold, under column C. The error
threshold of column C, as proposed comment 112(b)-1 would have
explained, identifies the maximum number of errors that a particular
data field in a financial institution's small business lending
application register may contain such that the financial institution is
presumed to maintain procedures reasonably adapted to avoid errors with
respect to a given data field. Column D would have been illustrative,
showing the error threshold as a percentage of the random sample size.
Proposed appendix H would also have included examples of how
financial institutions would use the Threshold Table.
The Bureau sought comment on proposed appendix H. In particular,
the Bureau sought comment on whether the register count ranges in
column A, the random sample sizes in column B, and the error thresholds
in column C were appropriate. The Bureau further sought comment on
whether a covered financial institution should be required to correct
and resubmit data for a particular data field, if the institution has
met or exceeded the thresholds provided in appendix H.
Comments Received
A number of commenters, including banks, trade associations, and a
community group addressed the proposed appendix H and its tolerance
thresholds. The community group supported the structure of the
tolerances as sensible, noting that larger lenders should face more
stringent tolerances, expressed as lower percentages, and that the
proposed thresholds were time-tested, and balanced reasonableness and
data integrity, because they were consistent with Regulation C
(implementing HMDA).
Many banks and trade associations stated that the tolerances set
out in proposed appendix H were too low and should be raised. One
commenter said that limited error tolerances would create undue
hardships for banks, and that it was imperative to work through
processes to create valid data, and that invalid data are likely to
raise false red flags that are burdensome for banks to defend. Another
commenter stated that the tolerances were too low and needed to be
raised because of the great amount of time needed to verify and re-
verify data points. A trade association advocated for higher tolerance
thresholds in recognition of the substantial implementation efforts
which will need to occur, and to provide banks a more meaningful
opportunity to effectively implement the rule.
A number of industry commenters noted that the thresholds in
proposed appendix H were based on the tolerance thresholds for
resubmitting data under Regulation C and HMDA, and asserted that these
thresholds were too low for this rule, citing the number of data points
required and the complexity of the data reporting requirements. Several
of these commenters asked that the error threshold be increased to a
``more reasonable level'' without specifying exact threshold
percentages. One commenter requesting higher tolerances noted that HMDA
reporting requirements had been in place for decades and that HMDA
reporters thus have had decades to fine tune their processes and
procedures.
A bank said that the proposed thresholds left a margin of error
that is statistically 0 percent, and claimed that by adopting error
thresholds similar to the HMDA requirements, financial institutions
would have to conduct a 100 percent audit to ensure accurate data
collection/reporting, which they said would burden lenders. Another
bank suggested that because data entry errors are inevitable the
tolerance levels should be changed to a ``reasonable'' rate, and that a
95 percent confidence level would be sufficient. A trade association
stated that the tolerance thresholds were unrealistically low, given
that small business loan data collection is entirely unprecedented and
would require new systems and processes. The commenter stated that 90
to 97.5 percent data accuracy was out of reach for most of the trade
association's lenders, particularly in the first year. The commenter
also noted that stringent data accuracy requirements under HMDA were
already costly.
A group of trade associations similarly requested that the
tolerance thresholds be increased, in recognition of the substantial
implementation efforts that financial institutions will undertake for a
new data collection and reporting regime, requiring new processes and
procedures, noting that despite all of these efforts that bona fide
errors are likely to occur, especially given the substantial number of
data points the Bureau is mandating.
A bank suggested that the tolerance thresholds did not
appropriately scale, noting that while there were seven tiers there
were only two threshold levels. The bank asked that the Bureau
implement more threshold levels and increase the thresholds, especially
for low and intermediate volume lenders. Another bank said that the
Bureau should increases the tolerance thresholds for lenders that had
between 191 to 500 applications, to at least 4 percent but preferably 5
percent. A third bank suggested expanding the threshold categories, to
include different groupings, by number of applications: 501 to 1,000;
1,001 to 10,000; 10,001 to 100,000; and more than 100,000. The bank
also suggested incremental increases in the threshold number of bona
fide errors.
Final Rule
The Bureau is finalizing appendix H, renumbered as appendix F, with
revisions that include the deletion of the first two rows of Table 1 to
appendix F. These rows, covering small business lending application
register counts of 25 to 50 applications and 51-100 applications, are
omitted to correspond with the change in the originations threshold to
determine if a financial institution is a covered financial institution
under final Sec. 1002.105(b), from 25 originations to 100
originations. While each provision looks to different metrics--
originations for Sec. 1002.105(b) and applications for appendix F--it
is not possible for a lender to have originated more than 100 covered
credit transactions for small businesses in a given year without also
having received more than 100 applications for covered credit
transactions. The Bureau believes that rows containing register counts
of less than 100 are superfluous. Table 1 of appendix F is adjusted
accordingly.
For the reasons set out in the section-by-section analysis of Sec.
1002.112(b), the Bureau is finalizing appendix F pursuant to its
authority under ECOA
[[Page 35457]]
section 704B(g)(1) to prescribe such rules and issue such guidance as
may be necessary to carry out, enforce, and compile data pursuant to
section 1071, and its authority under 704B(g)(2) to adopt exceptions to
any requirement of section 1071 and to exempt any financial institution
or class of financial institutions from the requirements section 1071
as the Bureau deems necessary or appropriate to carry out the purposes
of section 1071.
Regarding the various comments on the tolerance thresholds in
proposed appendix H, the Bureau agrees with the comment that the
structure of the tolerance thresholds was sensible, that larger lenders
should face more stringent tolerances, and that the proposed thresholds
were time-tested because of their use in examinations under Regulation
C. The Bureau has considered the various comments asserting that the
tolerances, based on the HMDA examination thresholds, are too low. The
error thresholds were, as one commenter mentioned, tested in the HMDA
context and reasonably balance the competing concerns of data quality
and practicability of implementation. Further, commenters claiming that
the thresholds were too low did not acknowledge one major difference
with the HMDA thresholds; while the HMDA thresholds determine when
lenders must resubmit their HMDA data to the Bureau, Sec. 1002.112(b),
with the thresholds in appendix F, serve to eliminate financial
institution liability under ECOA and this rule for bona fide errors
under the thresholds. The Bureau does not believe that limited
tolerances will create undue hardships, given the need to validate and
re-validate data, nor that they will raise false red flags that will be
burdensome for banks to defend. The revised compliance date provision
in Sec. 1002.114(b) will provide the majority of covered financial
institutions more time to validate their data in advance of the first
submission to the Bureau under this rule. In addition, the Bureau is
providing a grace period of one year, during which it does not intend
to assess penalties for errors in data submitted by financial
institutions that make good faith efforts to comply with rule (see part
VII below).
Regarding the comment that higher tolerance thresholds are needed
in recognition of the substantial implementation efforts which will
need to occur, the Bureau observes that it is recognizing these efforts
in other ways, including the added time to comply under revised Sec.
1002.114(b), and the grace period offered to all institutions in their
first 12 months of collecting data.
Regarding the comment that HMDA reporting requirements had been in
place for decades, and that HMDA reporters had decades to fine tune
their processes and procedures, and that the Bureau should increase the
tolerances in proposed appendix H, the Bureau acknowledges that many
HMDA reporters have had time to fine tune their processes, but also
notes that the tolerances apply nonetheless to new HMDA reporters as
well. In any case, the comment appears to support the point that the
HMDA tolerances have been time-tested and are reasonable to implement.
Regarding the comments that the proposed thresholds leave a margin
of error of 0 percent, that they would require lenders to conduct a 100
percent audit to ensure accurate data collection, and that a 95 percent
confidence level would be sufficient, the Bureau refers the commenter
to appendix F, which specifies the actual error thresholds based on the
number of transactions, ranging from 10 percent for the reporters with
the lowest volumes to 2.5 percent for those with the highest. Regarding
the comment that 90 to 97.5 percent data accuracy would be out of reach
for most of the trade association's lenders, particularly in the first
year, the Bureau notes that in addition to the error thresholds,
lenders will have the benefit of several other safe harbors, a grace
period, and additional time to comply for most lenders as specified in
Sec. 1002.114(b).
Regarding the comment that the tolerance thresholds do not scale
and that there were only two threshold levels, the Bureau notes that
proposed appendix H, finalized as appendix F, specified more than two
thresholds (five) and that final appendix F specifies four--6.4
percent, 5.4 percent, 5.1 percent, and 2.5 percent. The Bureau is not
implementing more threshold levels or to increasing the thresholds, as
requested by some commenters, as these thresholds are already
relatively high for low and intermediate volume lenders. Regarding the
comment requesting that the Bureau increases the tolerance thresholds
for the lenders that had between 191 to 500 applications to at least 4
percent but preferably 5 percent, the Bureau notes that the error
threshold for lenders in this range is already 5.1 percent. Regarding
the suggested expansion of threshold categories, to include more
groupings between 500 and 100,000, the Bureau notes that no explanation
was given about what such additional ranges would accomplish, or what
specific thresholds should be applied to these new ranges, other than
that they should increase incrementally. The Bureau is also not
adopting incremental increases in the error thresholds. Appendix F
reflects the experience of HMDA examinations, and financial
institutions with more applications are expected to have a lower
percentage of errors than those that receive fewer applications.
VI. Effective Date and Compliance Dates
The Bureau is adopting an effective date of 90 days after the
publication of this final rule in the Federal Register consistent with
section 553(d) of the Administrative Procedure Act \847\ and with
section 801(a)(3) of the Congressional Review Act.\848\
---------------------------------------------------------------------------
\847\ 5 U.S.C. 553(d).
\848\ 5 U.S.C. 801(a)(3).
---------------------------------------------------------------------------
This final rule includes the addition of a new subpart B to
Regulation B comprised of final Sec. Sec. 1002.101 through 1002.114
and related commentary, appendices E and F. This final rule also amends
certain sections of existing Regulation B, renumbered as subpart A,
specifically Sec. 1002.5(a)(4) and commentary related to Sec.
1002.5(a)(2) and (4). It also makes conforming changes in several other
provisions in existing Regulation B.
Further, for the reasons specified in the section-by-section
analysis of Sec. 1002.114(b), the Bureau is finalizing three different
compliance dates, based on the number of originations of covered credit
transactions for small businesses, rather than the single compliance
date in the NPRM, which proposed a compliance period of 18 months after
the publication of the final rule in the Federal Register. As specified
in Sec. 1002.114(b)(1), covered financial institutions in Tier 1,
which had at least 2,500 originations of covered credit transactions
for small businesses in each of calendar years 2022 and 2023, will have
a compliance date of October 1, 2024. As specified in Sec.
1002.114(b)(2), covered financial institutions in Tier 2, which had at
least 500 originations of covered credit transactions for small
businesses in each of calendar years 2022 and 2023, will have a
compliance date of April 1, 2025. As specified in Sec. 1002.114(b)(3),
covered financial institutions in Tier 3, which had at least 100
originations of covered credit transactions for small businesses in
each of calendar years 2022 and 2023, will have a compliance date of
January 1, 2026. As specified in Sec. 1002.114(b)(4), covered
financial institutions which did not have at least 100 originations of
covered credit transactions for small businesses in each of calendar
years 2022 and 2023, but subsequently
[[Page 35458]]
originates at least 100 such transactions in two consecutive calendar
years, will have a compliance date of no earlier than January 1, 2026.
VII. Grace Period Policy Statement
During the SBREFA process and in response to the NPRM, the Bureau
received numerous comments requesting a grace period in the early
period after financial institutions are required to comply with the
Bureau's final rule implementing section 1071. The Bureau agrees that
it is appropriate to provide a grace period during which it does not
intend to exercise its enforcement and supervisory authorities,
assuming good faith compliance efforts by financial institutions; for
instance, attempts to discourage applicants from providing data would
not be in good faith. This Grace Period Policy Statement explains how
the Bureau intends to implement such a grace period.
Comments Received
In the context of responding to the proposal presented during
SBREFA for a two-year implementation period, some small entity
representatives and other stakeholders suggested that the Bureau adopt
a grace period for data errors in the first year(s) after the rule goes
into effect. These comments suggested that the Bureau adopt a grace
period of some kind during which financial institutions would not be
penalized for errors when trying to comply with the Bureau's rule
implementing section 1071. This grace period would be akin to the first
year in which the 2015 revisions to Regulation C were effective, when
examinations were used to troubleshoot and perfect data reporting
rather than penalize reporters.\849\
---------------------------------------------------------------------------
\849\ CPFB, CFPB Issues Public Statement On Home Mortgage
Disclosure Act Compliance (Dec. 21, 2017), https://www.consumerfinance.gov/about-us/newsroom/cfpb-issues-public-statement-home-mortgage-disclosure-act-compliance/.
---------------------------------------------------------------------------
In response to both the proposed enforcement and the compliance
date provisions in the NPRM, the Bureau received a number of comments
requesting a grace period during which the Bureau would either not
examine financial institutions for compliance with this rule, or would
not assess penalties for violations of the rule. Several lenders
supported a grace period without specifying how long the grace period
should be. One of these commenters asked that the Bureau provide a
grace period for at least one exam cycle.
Many industry commenters requested a grace period of one year or
more from Bureau enforcement and examinations for data errors.
Commenters offered various reasons in support of this grace period.
Many lenders and trade associations stated that a one-year grace period
would be consistent with the Bureau's approach to the 2015 HMDA rule.
Some commenters with HMDA experience observed that the one-year grace
period in that context was helpful for compliance efforts. Several
other industry commenters stated that the experience with the 2015 HMDA
rule demonstrated that a grace period would improve data accuracy, as
it would allow financial institutions time to identity errors and
implement corrective action without penalty.
Several banks stated that a grace period would be critical to give
lenders an opportunity to ensure systems are working properly. One said
that a one-year grace period would foster cooperation and frank
discussions between covered financial institutions and the Bureau, and
that lenders would be more open and proactive in working with the
Bureau to ensure their compliance. Other commenters requested a grace
period on the grounds that compliance with the rule was a significant
change involving the revamping of systems, and that the grace period
would protect lenders from scrutiny for unintentional and bona fide
errors. Several stated that a grace period was necessary to provide
banks an opportunity to implement the rule effectively, perform
testing, and ensure that loan operation systems, software, and other
technologies are functioning correctly. A trade association requested
that the Bureau work with other regulators to provide a grace period so
that lenders are not penalized immediately for errors. A bank stated
that the numerous data points and the various reportable sub-parts to
those data points would inevitably lead to errors. Another industry
commenter requested a one-year grace period to permit lenders to avoid
penalties for data errors in spite of their best efforts. Two trade
associations requested a one-year grace period as necessary protections
given the need to implement substantial changes under the rule. A trade
association and a bank asserted that a one-year grace period should be
provided because honest errors are only discovered in the process of
implementation, and a grace period would permit not only the lenders
that committed these errors to learn from them, but also the industry
as a whole. Similarly, a bank stated that the grace period would help
ensure that all lenders were on the same page regarding all the
different circumstances presented by the rule. Another bank stated that
compliance with the rule would be new to all financial institutions. A
different bank stated that the grace period would ensure that the rule
would not cause undue compliance hardships on banks and would help
banks create valid data. A trade association urged that the Bureau use
enforcement actions sparingly in the 12 months following the rule's
compliance date.
A smaller number of industry commenters requested a two-year grace
period. One bank justified a two-year period because of the burden of
compiling, maintaining, and reporting data under the rule. Another bank
cited the magnitude of the rule's requirements and the tremendous
effort to implement software, create policies and procedures, and train
staff appropriately, and noted that such a grace period would allow for
data quality testing in a real-life environment and lead to
improvements in data accuracy. Several industry commenters requested
that the Bureau avoid enforcement actions related to technical
deficiencies for two years. Commenters also stated, in support of a
two-year grace period, that absent such a grace period small business
credit may be limited and the economy may be hurt; that compliance with
the rule is spread across different business units, systems, and
channels for larger lenders, and that current compliance systems are
built to avoid collecting key data required by the rule (such as
demographic information).
Some industry commenters stated that the experience with the 2015
HMDA rule showed that the Bureau should provide a two-year grace
period. Two of these commenters noted that the Bureau should follow its
approach in the 2015 HMDA rule, in which the Bureau imposed no
penalties for two years after the new HMDA data collections took
effect.\850\ These commenters also stated that with such a grace
period, lenders could self-correct issues with data accuracy without
threat of enforcement actions for the inevitable tech and other
challenges that will arise initially.
---------------------------------------------------------------------------
\850\ CFPB, Statement with respect to HMDA implementation (Dec.
21, 2017), https://files.consumerfinance.gov/f/documents/cfpb_statement-with-respect-to-hmda-implementation_122017.pdf.
---------------------------------------------------------------------------
Policy Statement
The Bureau agrees that a grace period is appropriate. The following
discussion explains how the Bureau intends to exercise its supervisory
and enforcement discretion following a
[[Page 35459]]
covered financial institution's initial compliance date.
With respect to institutions subject to the Bureau's supervisory or
enforcement jurisdiction, the Bureau intends to provide a 12-month
grace period for the initial data submission from covered financial
institutions that have compliance dates specified in Sec.
1002.114(b)(2), and (3) (i.e., Tier 2 and Tier 3 institutions), covered
financial institutions subject to Sec. 1002.114(b)(4) that must start
collecting data on January 1, 2026, and any financial institutions that
make a voluntarily submission for the first time for data collected in
2025 or 2026.
With respect to covered financial institutions subject to the
Bureau's supervisory or enforcement jurisdiction that make good faith
efforts to the comply with the rule that have a compliance date
specified in Sec. 1002.114(b)(1) (i.e., Tier 1 institution), as well
as any financial institutions that make a voluntarily submission for
the first time for data collected in 2024, the Bureau intends to
provide a grace period covering the 3 months of data collected in 2024
(from October 1, 2024 through December 31, 2024) as well as the first 9
months of data collected in 2025 (from January 1, 2025 through
September 30, 2025).
With respect to covered financial institutions subject to the
Bureau's supervisory or enforcement jurisdiction that make good faith
efforts to the comply with the rule that have a compliance date
specified in Sec. 1002.114(b)(2) (i.e., Tier 2 institution), as well
as any financial institutions that make a voluntarily submission for
the first time for data collected in 2025, the Bureau intends to
provide a 12-month grace period covering the 9 months of data collected
in 2025 (from April 1, 2025 through December 31, 2025) as well as the
data collected in the first three months of 2026 (from January 1, 2026
through March 31, 2026).
With respect to covered financial institutions subject to the
Bureau's supervisory or enforcement jurisdiction that make good faith
efforts to the comply with the rule that have a compliance date
specified in Sec. 1002.114(b)(3) (i.e., Tier 3 institution), as well
as any financial institutions that make a voluntarily submission for
the first time for data collected in 2026, the Bureau intends to
provide a grace period covering the 12 months of data collected in
calendar year 2026 (from January 1, 2026 through December 31, 2026).
The Bureau believes that a 12-month grace period will give
institutions further time to diagnose and address unintentional errors
without the prospect of penalties for inadvertent compliance issues,
and may ultimately assist other covered financial institutions,
especially those in later compliance tiers, in identifying best
practices. While the Bureau believes that financial institutions in
each reporting tier are capable of fully preparing to comply with the
rule by their respective compliance dates, the Bureau believes that the
use of its discretion providing a grace period that covers 12 months
for each tier may result in more deliberate and thoughtful compliance
with the rule, while still providing important data regarding small
business lending as soon as feasibly possible.
During the grace period, if the Bureau identifies errors in a
financial institution's initial data submissions, the Bureau does not
intend to require data resubmission unless data errors are material.
Further, the Bureau does not intend to assess penalties with respect to
errors in the initial data submissions. Any examinations of these
initial data submissions will consider the good faith efforts of the
financial institutions to comply with the data collection and reporting
requirements. The examinations will be diagnostic and will help to
identify compliance weaknesses. However, errors that are not the result
of good faith compliance efforts by financial institutions, especially
attempts to discourage the reporting of data, will remain subject to
the Bureau's full supervisory and enforcement authority, including the
assessment of penalties.
The Bureau believes that these initial data submissions will
provide financial institutions an opportunity to identify any gaps in
their implementation of this rule and make improvements in their
compliance management systems for future years.
The Bureau agrees with commenters who said that a grace period will
promote openness and frankness, and will permit the Bureau to help
financial institutions identify errors and, thereby, self-correct to
avoid such errors in the future. The Bureau can also use data collected
during the grace period to alert financial institutions of common
errors and potential best practices in data collection and submissions
under this rule.
The Bureau believes that a grace period covering institutions'
first 12 months of data submission is sufficient, especially given the
other accommodations the Bureau is making to ensure that financial
institutions are not unduly penalized for good faith errors, such as
the bona fide error provision and the various safe harbors the Bureau
has finalized in this rule, and the other provisions that the Bureau
believes are likely to lead to more accurate data, such as the tiered
compliance date structure, for the reasons specified in the section-by-
section analysis of Sec. 1002.114(b). The Bureau does not believe that
a two-year grace period is necessary to avoid impacting small
businesses' access to credit; as the impacts analysis in part X below
suggests, the Bureau does not believe that this rule will materially
impact the access small businesses have to credit.
Regarding the comment that the Bureau work with other regulators to
provide a grace period so that lenders are not penalized immediately
for errors, the Bureau notes that, unlike with HMDA, the Bureau is the
sole agency that will be in a position to examine financial
institutions' submissions for data errors in the first instance.
This is a general statement of policy under the Administrative
Procedure Act.\851\ It articulates considerations relevant to the
Bureau's exercise of its authorities. It does not impose any legal
requirements, nor does it confer rights of any kind. It also does not
impose any new or revise any existing recordkeeping, reporting, or
disclosure requirements on covered entities or members of the public
that would be collections of information requiring approval by the
Office of Management and Budget under the Paperwork Reduction Act.\852\
---------------------------------------------------------------------------
\851\ 5 U.S.C. 553(b).
\852\ 44 U.S.C. 3501 through 3521.
---------------------------------------------------------------------------
VIII. Public Disclosure of Data
A. Background
Section 1071 of the Dodd-Frank Act amended ECOA to require
financial institutions to collect and report to the Bureau data about
applications for credit for women-owned, minority-owned, and small
businesses, and for those data to be subsequently disclosed to the
public.\853\ Section 1071 further states that the Bureau may ``at its
discretion, delete or modify data collected under [section 1071] which
is or will be available to the public, if the Bureau determines that
the deletion or modification of the data would advance a privacy
interest.'' \854\ Under the final rule, financial institutions may not
compile, maintain, or submit any name, specific address, telephone
number, email address or any personally identifiable information
concerning any
[[Page 35460]]
individual who is, or is connected with, an applicant, other than as
would be required pursuant to final Sec. 1002.107. Nonetheless, as the
statute recognizes, publication of the data fields set forth in Sec.
1002.107(a) in an unedited, application-level format could potentially
affect privacy interests--for example, through the re-identification
of, and risk of harm to, small businesses and related natural persons.
---------------------------------------------------------------------------
\853\ See ECOA section 704B(e)(1) and (f)(2).
\854\ ECOA section 704B(e)(4).
---------------------------------------------------------------------------
The CFPB is not determining its final approach to protecting such
interests via pre-publication deletion and modification because it
lacks the reported data it needs to finalize its approach and it does
not see comparable datasets to use for this purpose. In light of
comments received on the NPRM's privacy analysis, this part VIII offers
a preliminary assessment of how it might appropriately assess and
advance privacy interests by means of selective deletion or
modification. The CFPB is not at this point identifying the specific
procedural vehicle for effecting its privacy assessment. With respect
to both substance and process, it will continue to engage with external
stakeholders; and it intends to invite further input on how it plans to
appropriately protect privacy in connection with publishing
application-level data.
B. Preliminary Privacy Assessment
1. Overview
Under ECOA section 704B(e)(4), Congress provided the CFPB with
broad discretion to modify or delete data prior to public disclosure to
advance privacy interests.\855\ The NPRM proposed the use a balancing
test for the exercise of this discretion. Specifically, it stated that
it would modify or, as appropriate, delete data fields from collected
application-level data where release of the unmodified data would pose
risks to the privacy interests of applicants, related natural persons,
or financial institutions that would not be justified by the benefits
of such release to the public in light of the statutory purposes of
section 1071. The Bureau explained that disclosure of an unmodified
individual data field may create a risk to privacy interests if such
disclosure either would substantially facilitate the re-identification
of an applicant or related natural person, or would disclose
information about applicants or related natural persons, or an
identified financial institution, that is not otherwise public and that
may be harmful or sensitive.
---------------------------------------------------------------------------
\855\ Id.
---------------------------------------------------------------------------
This balancing test would have required that the Bureau consider
the benefits of disclosure in light of section 1071's purposes and,
where these benefits did not justify the privacy risks the disclosure
would create, modify the public application-level dataset to
appropriately balance privacy risks and disclosure benefits. The Bureau
would have deleted a data field prior to publishing the application-
level dataset if other modifications would not appropriately balance
the privacy risks and disclosure benefits. An individual data field
would have been a candidate for modification or deletion under the
balancing test if its disclosure in unmodified form would create a risk
of re-identification or a risk of harm or sensitivity.
Section 1071 requires financial institutions to compile and
maintain data and provides that such information be made available to
the public upon request.\856\ Accordingly, section 1071 contemplates
that the public know what published application-level data are
associated with particular financial institutions. As a result, the re-
identification risk element of the balancing test analysis would not
have applied to financial institutions, although the Bureau would have
considered the risk to a financial institution that the release of 1071
data in unmodified form would inappropriately disclose commercially
sensitive information.
---------------------------------------------------------------------------
\856\ See ECOA section 704B(e), (f)(2)(B).
---------------------------------------------------------------------------
The Bureau sought comment on the design of the balancing test. It
also sought comment on whether the balancing test should apply to the
privacy interests of natural persons generally or only of those related
to applicants.
Comments Received
A wide range of commenters provided feedback on the proposed
balancing test. Many community groups, as well as a several members of
Congress, generally supported the NPRM approach. Others, including
industry and several community groups, saw it as too subjective. These
community groups stated that future Bureau leadership could choose to
restrict publication by releasing truncated or aggregated data, but not
application-level data. A lender and a trade association were concerned
that the balancing test would not sufficiently protect privacy
interests. Another commenter stated that the approach would be
ineffective if a third party had personal knowledge of an applicant or
related natural person because modifications to prevent re-
identification risk in this scenario would critically reduce data
utility. A joint letter from community and business advocacy groups
asked the Bureau to confirm that the balancing test would evolve. They
asked the Bureau to assess market developments and how well the final
rule achieved statutory purposes, and to use this information to modify
its publication approach. Industry commenters asked the CFPB to limit
or wholly abandon release of application-level data.\857\ For example,
one commenter said that the agency should use exception authority under
ECOA section 704B(g)(2) to not publish application-level data to avoid
risks and burdens to the commercial and reputational interests of
financial institutions.
---------------------------------------------------------------------------
\857\ Commenters also provided feedback on potential
modification and deletions for each of the Bureau's proposed data
points; those comments are addressed in detail for each data point
in part VIII.B.6 below.
---------------------------------------------------------------------------
Several commenters provided feedback about what benefits and risks
the balancing test should consider. A joint letter from community
groups, community-oriented lenders, and business advocacy groups, along
with a joint letter from several members of Congress, supported the
Bureau's stated intent to consider the benefits of public disclosure
and the statutory purposes of section 1071. In contrast, an industry
commenter said that the balancing test should not consider fair lending
enforcement as a relevant benefit. According to this commenter, using
the data for fair lending enforcement would subject financial
institutions to unjustified scrutiny by regulators and hinder the
development of innovative underwriting techniques.
Several commenters specifically stressed the importance of the
Bureau considering the personal privacy interests of small business
owners. More generally, a number of industry commenters, as well as
several members of Congress, supported the Bureau's considering the
privacy interests of applicants, related natural persons, and financial
institutions. Numerous commenters said that public application-level
data could pose significant privacy risks to these entities. Some noted
that publication carries risks of re-identification and the disclosure
of sensitive commercial and financial information. Industry commenters
also reported that small business customers express privacy concerns
whenever the government mandates disclosure of their business
information. Commenters cited negative reactions to Paycheck Protection
Program reporting requirements.
[[Page 35461]]
Some community groups saw the privacy risks associated with
publication as low. Several asserted that HMDA data, which contains
similar data fields, has not resulted in an increase of fraud or
identify theft against mortgage applicants. Some commenters also noted
that the interval between reporting and publication would reduce the
likelihood of misuse, as would the public availability of some of the
date from existing sources. Several community groups and a CDFI lender
urged the Bureau not to give weight to the privacy interests of
financial institutions. According to these commenters, publication
should not consider the commercial, proprietary, litigation, and
reputational interests of financial institutions. A joint letter from
community and business advocacy groups stated that because section 1071
contemplates the disclosure of financial institution identity, the
Bureau should not consider any of their privacy interests. Conversely,
some commenters raised concerns about financial institution privacy
interests. A trade association said that failing to consider such
interests would result in the disclosure of trade secrets and other
confidential information.
Some commenters suggested that the balancing test include various
presumptions for or against the publication of 1071 data. Community
groups and a CDFI lender generally agreed that the balancing test
should include a strong presumption in favor of disclosure. For
example, some commenters stated that the Bureau should only modify or
delete application-level data where its unmodified publication would
pose privacy risks that meet a particular significance threshold--for
example, where data fields would be ``highly sensitive'' or ``clear''
re-identification risk exists). Several industry commenters, on the
other hand, suggested that the balancing test incorporate a presumption
in favor of protecting privacy interests. For instance, a few
commenters suggested that the Bureau give special consideration to the
privacy interests of small financial institutions. These commenters
warned that small business customers may gravitate to larger lenders
because they believe it would be harder to identify individual
applicants or related natural persons in data reported by large
lenders.
Current Approach
In light of the comments received on the balancing test, the Bureau
is now of the preliminary view that re-identification risk to small
businesses and their owners is the core risk from which the
preponderance of cognizable privacy risks flow. In this respect, the
Bureau is focused particularly on risks to personal privacy
interests.\858\ The Bureau's preliminary assessment is that it will
consider modification and deletion techniques to reduce those risks,
while also considering the non-personal commercial privacy risks of
small businesses. Lender privacy interests would be considered only
where publication would create a compelling risk to those interests.
---------------------------------------------------------------------------
\858\ The Bureau is considering whether the risks to sole
proprietors, where the business and owner are indistinguishable for
tax or legal purposes, may also qualify as personal risks. This may
be the case where information reflects the sole proprietor's
personal information, such as creditworthiness.
---------------------------------------------------------------------------
Although some comments urged that it not publish any application-
level data, the Bureau does not intend to withhold all such data from
the public because that would critically undermine the stated purposes
of section 1071 and run contrary to the express disclosure provisions
in the statute. This drastic step is also unnecessary to adequately
mitigate relevant privacy risks.
In response to comments positing harms that could arise from a
third party having personal knowledge of an applicant or its owners,
the Bureau agrees that this scenario heightens privacy risks. The
Bureau will observe market developments to assess the likelihood and
nature of this risk as it considers the appropriate approach to
publication.
The Bureau does not intend to separately assess disclosure benefits
when making modification and deletion decisions about individual data
points. After considering commenters' feedback about the value of the
data fields, the Bureau is preliminarily of the view that all of the
data fields have significant disclosure benefits that will facilitate
fair lending enforcement as well as business and community development.
Most comments on privacy risk generally supported the Bureau's
intention to consider the privacy interests of small businesses,
related individuals, and financial institutions. While the Bureau
cannot conduct the statistical analysis necessary for a full re-
identification analysis until it receives reported data from financial
institutions, the Bureau's preliminary privacy assessment accepts that
some such data likely could re-identify applicants and their owners,
potentially disclosing sensitive information. The personal privacy
interests of small business owners, in particular, implicate compelling
risks of harms or sensitivities. As acknowledged in the NPRM, some
privacy risks are mitigated by the interval between collection and
publication, and some 1071 data are already available from other
sources. But publication of some data fields potentially poses
significant risks of harm or sensitivities to both the personal privacy
interests and non-personal commercial privacy interests of applicants
and related individuals. While public HMDA data do not result in
substantial privacy harms for mortgage applicants, that is in part
because the Bureau makes modifications and deletions before
publication, informed by a privacy risk assessment.\859\
---------------------------------------------------------------------------
\859\ See generally 82 FR 44586 (Sept. 25, 2017).
---------------------------------------------------------------------------
The Bureau does not intend to ignore the privacy interests of
financial institutions. As discussed further below, however, the
privacy risks to financial institutions raised by commenters are less
significant than those to small businesses and related individuals.
Accordingly, while the Bureau does not intend to exclude consideration
of financial institution privacy risks, it anticipates modifying or
deleting data to protect a financial institution's privacy interests
only when publication poses a compelling privacy risk. At this time,
commenters have not identified compelling privacy risks to financial
institutions.
In response to comments, the CFPB does not believe that a
presumption or threshold would provide the Bureau with a more
administrable standard. However, partly in response to comments on
these issues, the Bureau's preliminary privacy assessment is more
directly focused on the most significant privacy risks--particularly
re-identification risk--than the balancing test described in the NPRM.
2. Implementation Process
Proposed Approach
The NPRM did not include a full application of the balancing test
to most of the proposed data points. It stated that the Bureau would
analyze the re-identification risk element, in part, using a
statistical analysis. However, the absence of an existing dataset or an
alternative set of sufficiently similar data significantly impeded the
Bureau's ability to discern whether a proposed data field, individually
or in combination with other data, would substantially facilitate re-
identification of small businesses and related persons, and how
specifically to modify data to reduce that risk. Underestimating the
degree to which a 1071 data field, individually or in combination with
[[Page 35462]]
other data, facilitates re-identification risk could unnecessarily
increase privacy risks to an applicant or a related individual, while
overestimating re-identification risk could unnecessarily reduce data
utility. Accordingly, the Bureau believed that a re-identification
analysis of data other than actual reported 1071 data would not provide
an accurate basis on which the Bureau could apply the balancing test to
modify or delete data.
In light of these limitations, the Bureau considered deferring even
initial analysis until after it had obtained a full year of reported
1071 data. Doing so, however, would have reduced opportunities for
public feedback on privacy issues and their relationship to the
proposed rule. The Bureau saw substantial value in setting forth its
partial analysis under other aspects of the balancing test.
Specifically, the Bureau set forth an initial analysis of the benefits
and harms or sensitivities associated with the proposed data fields,
the capacity and motives of third parties to match proposed 1071 data
fields to other identifiable datasets, and potential modification
techniques it might consider to address privacy risks. The Bureau
responds to public feedback from commenters and updates this initial
analysis below.
In the NPRM, the Bureau indicated that a policy statement, rather
than a notice-and-comment rulemaking, would be an appropriate vehicle
for announcing its intentions with respect to data modifications and
deletions. The Bureau offered several reasons for this approach. Under
section 1071, the Bureau may delete or modify data at its discretion,
in contrast to other provisions in the statute that require legislative
rulemaking.\860\ Further, the Bureau's suggested approach with respect
to modifications and deletions would not impose compliance obligations
on financial institutions.\861\ In addition, the Bureau stated that
preserving the ability to exercise its discretion to modify or delete
data through policy statements would allow the Bureau to manage the
relationship between privacy risks and benefits of disclosure more
actively. The Bureau believed this flexibility may be especially
important in the event that the Bureau becomes aware of developments
that might contribute to privacy risks. The Bureau stated that
potential uses of the application-level data in furtherance of the
statute's purposes may also evolve, such that the benefits associated
with the disclosure of certain data may increase to an extent that
justifies providing more information to the public in less modified
form.
---------------------------------------------------------------------------
\860\ Compare ECOA section 704B(e)(4), with ECOA section
704B(f)(2).
\861\ Section 1071 requires financial institutions to compile
and maintain data and provides that such data be publicly available
upon request. See ECOA section 704B(e), (f)(2)(B). As discussed in
the section-by-section analysis of Sec. 1002.110, the Bureau is
finalizing its proposal to publish data on behalf of financial
institutions.
---------------------------------------------------------------------------
As a result, the Bureau suggested that after the first full year of
data are reported, but before it releases data to the public, it would
publish a policy statement setting forth its intentions with respect to
modifications and deletions to the public application-level data.
Before publishing that policy statement, the Bureau intended to conduct
a balancing test analysis based on feedback to the NPRM as well as a
quantitative analysis of re-identification risk using reported 1071
data. The Bureau stated that in the interests of making data available
in a timely manner, it did not intend to put its ultimate balancing
test analysis out for public comment prior to issuing the policy
statement. The Bureau sought comment on this approach.
Comments Received
A wide range of commenters provided feedback on the Bureau's
general approach to implementing the balancing test. Several community
group and industry commenters supported the Bureau's intention to defer
modification and deletion decisions until it had obtained a full year
of 1071 data. While not explicitly opposed, other community groups and
a minority business advocacy group asked the Bureau to publish data as
fast as possible to help realize the statute's purposes. Some noted
that the data remain unavailable despite Congress amending ECOA on this
point more than a decade ago. Commenters also provided feedback about
when the Bureau should begin publishing application-level data. Several
commenters stated that the Bureau should commit in the final rule to
releasing data by a date certain; some suggested January 1, 2024 as a
target.
Several industry commenters opposed deferring modification and
deletion decisions until the Bureau received a full year of 1071 data.
Some stated that if the Bureau published modification and deletion
decisions before lenders started to collect data, small business
applicants would better understand how to protect their privacy
interests. Another said that publishing a full privacy analysis before
the rule is effective is necessary for financial institutions to
evaluate privacy risks. Other commenters asserted that deferring re-
identification analysis until after data are reported is unnecessary
because it is already apparent that some proposed data fields, such as
NAICS code and census tract, create a unique set of records that can be
matched to public datasets. Several commenters offered alternative
timing for modification and deletion decisions. Some suggested that the
Bureau publish such decisions in this final rule. Another suggested
that the Bureau publish interim decisions in this final rule, which
could then be adjusted through notice-and-comment rulemaking after the
Bureau receives the first full year of data. Others asked the Bureau to
publish a full privacy analysis before the rule becomes effective. One
lender suggested that data not be published for at least a year after
the final rule is implemented to enable the Bureau to assess the
effectiveness of its privacy analysis.
The Bureau received a significant amount of feedback about its
intention of announcing modification and deletion decisions in a policy
statement without seeking additional comment. One industry commenter
supported this approach, but most industry commenters on this issue
asked the Bureau to seek additional comment on its privacy analysis and
on its modification and deletion decisions, regardless of whether the
Bureau announced publication decisions in a policy statement or through
a legislative rulemaking. Commenters stated that the opportunity to
comment would promote public confidence in the data collection process
and contribute to a more accurate dataset. A number of commenters
argued that the opportunity to comment on the full balancing test and
on modification and deletion decisions would be necessary for
stakeholders to provide meaningful feedback on privacy risk. According
to some commenters, this would be particularly important for smaller
financial institutions that were unable to provide adequate comment on
what they considered to be complex privacy issues raised in the NPRM.
Two lenders urged the Bureau to hold public meetings or hearings in
compliance with the Regulatory Flexibility Act to seek feedback from
smaller financial institutions and small businesses to, among other
things, specifically address the privacy risks associated with
reporting and publishing application-level data. A few industry
commenters stated that the opportunity to comment on the full privacy
analysis would be consistent with the Bureau's approach
[[Page 35463]]
adopted in the 2015 HMDA final rule. One commenter stated that the
Bureau's analysis of the first full year of reported data would likely
generate additional privacy issues that would warrant public input. Two
others suggested that the Bureau seek comment about how it would
release unmodified data to outside parties for research or other
purposes.
Several industry commenters, as well as a joint letter from several
members of Congress, specifically requested that the Bureau implement
its privacy assessment, and make associated modifications and
deletions, via legislative rule. Some of these commenters asserted that
this was required under administrative law. A group of trade
associations contended that section 1071 does not permit the Bureau to
use its discretion to make modification and deletion decisions outside
an Administrative Procedure Act rulemaking process. According to this
commenter, two provisions in section 1071 provide the Bureau
``discretion'': ECOA section 704B(e)(4) provides the Bureau discretion
to delete or modify public application-level data and ECOA section
704B(f)(3) provides the Bureau discretion to compile and publish
aggregate 1071 data. Noting that the Bureau proposed Sec. 1002.110(b)
to implement the latter provision in this rule, the commenter asserted
that the Bureau did not adequately explain how it was appropriate to
implement the former provision outside a rule. The commenter said that
these provisions should be implemented in a formal rulemaking. In
addition, some industry commenters stated that increasing transparency
about forthcoming publication, including potentially through a notice-
and-comment rulemaking, would protect the Bureau from litigation under
FOIA. In this respect, commenters cited litigation involving the SBA's
publication of Paycheck Protection Program data.\862\
---------------------------------------------------------------------------
\862\ See, e.g., WP Co. LLC v. U.S. Small Bus. Admin., 502 F.
Supp. 3d 1 (D.D.C. Nov. 5, 2020).
---------------------------------------------------------------------------
Citing the benefits of transparency and to facilitate information
about credit access and fair lending information, a joint letter from
community groups, community-oriented lenders, and business advocacy
groups stated that the Bureau should produce and release aggregate
analyses of 1071 data in addition to releasing application-level data.
Current Approach
For reasons discussed below, the Bureau intends to conduct a full
privacy analysis and issue modification and deletion decisions with
respect to the publication of application-level data after it obtains a
full year of reported 1071 data. However, the Bureau is not committing
at this time to issue modification and deletion decisions through a
policy statement. Instead, the Bureau will continue to consider the
specific timing and vehicle choice for issuing modification and
deletion decisions, as it remains engaged with stakeholders on privacy
and publication issues.
Publication of application-level data will substantially advance
the fair lending enforcement and business and community development
purposes of section 1071. The Bureau thus intends to conduct a full
privacy analysis and issue modification and deletion decisions as soon
as practicable. It will also continue to consider feedback obtained to
date and to engage with the public on how best to mitigate re-
identification risk and other risks to privacy interests. While the
Bureau is not determining the vehicle with which it will announce
modification and deletion decisions with respect to application-level
data, or the precise timing of such decisions, it anticipates that
those decisions will continue to be informed by public engagement.
The Bureau intends to announce modification and deletion decisions
only after obtaining a full year of application-level data. The Bureau
lacks the data needed to perform an accurate re-identification analysis
and commenters were not able to identify an alternative dataset that
could be used for this purpose. Without data for an accurate re-
identification analysis, the Bureau cannot conduct a full privacy
analysis to inform modification and deletion decisions.\863\ As
discussed further below, there are certain data fields that the Bureau
anticipates may present comparatively high risk to privacy interests,
including the combination of NAICS code and census tract. However, the
Bureau lacks data to confirm whether these data fields in fact create
unique records that can be matched to public datasets.
---------------------------------------------------------------------------
\863\ As discussed below, the Bureau is announcing more
conclusive intentions with respect to modifications or deletions for
individual contact information, unique identifier, and the use of
free-form text in responses for certain data fields.
---------------------------------------------------------------------------
The Bureau is not committing to a specific timeline for publishing
application-level data. However, a target date of January 1, 2024 for
publication, as suggested by some commenters, is not feasible because
covered financial institutions are not required to begin collecting
data under this rule until October 1, 2024 at the earliest. The Bureau
intends to treat data under this rule as confidential in accordance
with 12 CFR part 1070 until such time as it has completed its privacy
analysis and published the data, and it will work expeditiously to
those ends.
Robust feedback, including in response to the NPRM, SBREFA, and
other outreach, about the risks and benefits of 1071 data publication,
has informed the Bureau's thinking to date.\864\ The Bureau intends to
continue to seek further public engagement with respect to these
issues. It does not believe, however, that such further engagement must
be by formal comment either to ensure robust engagement or for the sake
of procedural consistency with the Bureau's approach in HMDA.\865\
---------------------------------------------------------------------------
\864\ See part III above for additional information.
\865\ Unlike for HMDA, no data yet exists that the Bureau could
use to conduct a full privacy analysis and make modification and
deletion decisions.
---------------------------------------------------------------------------
The Bureau is not establishing a separate program by which
industry, community researchers, or academics will have access to
unmodified data; the published data, subject to the modifications and
deletions made by the Bureau, will be available to all users. However,
it intends the Bureau plans to exercise its discretion to provide
access to State or Federal regulators to the extent such disclosure is
relevant to the exercise of the agency's authorities, and subject to
appropriate restrictions. The Bureau plans to provide such access to
Federal regulators that enforce ECOA.\866\
---------------------------------------------------------------------------
\866\ Other regulators with authority to enforce ECOA include
the OCC, the Board, the FDIC, the NCUA, the Surface Transportation
Board, the Civil Aeronautics Board, the Secretary of Agriculture,
the Farm Credit Administration, the SEC, the SBA, the Secretary of
Transportation, and the FTC. See 15 U.S.C. 1691c; Regulation B Sec.
1002.16(a).
---------------------------------------------------------------------------
The Administrative Procedure Act and other laws do not require the
Bureau to seek comment on the full privacy analysis or to issue
modification and deletion decisions through a legislative rule with
formal notice and comment. Section 1071 states that the Bureau may ``at
its discretion, delete or modify data collected under [section 1071]
which is or will be available to the public, if the Bureau determines
that the deletion or modification of the data would advance a privacy
interest.'' \867\ Statutorily, this provides the Bureau with
flexibility to decide how it will make modification and deletion
decisions, including the flexibility to do so without a legislative
rulemaking. Other provisions of section 1071 plainly require the Bureau
to engage in formal rulemaking, indicating that Congress did not intend
such a requirement
[[Page 35464]]
here.\868\ The Bureau does not agree that it is implementing ECOA
section 704B(e)(4) and (f)(3) inconsistently. It is codifying and
implementing these provisions in final Sec. 1002.110(a) and (b) to
preserve its discretion to make publication decisions without
legislative rulemaking. Further, the circumstances of this rulemaking
are distinguishable from the relevant facts in the PPP litigation that
commenters cited.
---------------------------------------------------------------------------
\867\ ECOA section 704B(e)(4).
\868\ See, e.g., ECOA section 704B(g).
---------------------------------------------------------------------------
At the same time, the Bureau is also not committing at this time to
issuing modification and deletion decisions through a policy statement.
As the Bureau has not yet obtained a full year of reported data to use
in completing its privacy risk assessment, it is prudent to continue
considering specific timing and vehicle choice for issuing modification
and deletion decisions. Following further public engagement, including
further opportunities for input, the Bureau will announce these
decisions at a later date. Finally, the Bureau agrees with commenters
that it should produce and release aggregate analyses of 1071 data in
addition to releasing application-level data. The Bureau anticipates
releasing select aggregated data before it publishes application-level
data.
3. Publication Benefits
Proposed Approach
In the NPRM, the Bureau sought comment on its understanding of the
benefits of public disclosure of the 1071 dataset as a whole as well as
the disclosure benefits for individual proposed data fields. The Bureau
expected that users of the data would rely on this information to help
achieve the statutory purposes of facilitating the enforcement of fair
lending laws, and enabling communities, governmental entities, and
creditors to identify business and community development needs and
opportunities of women-owned, minority-owned, and small
businesses.\869\
---------------------------------------------------------------------------
\869\ See ECOA section 704B(a).
---------------------------------------------------------------------------
Comments Received
The Bureau received robust feedback on the general benefits of
public disclosure of application-level data from lenders, trade
associations, community groups, several members of Congress, individual
commenters, and others. It received comparatively few substantive
comments on the potential disclosure benefits associated with
particular individual data fields.
Many commenters supported the publication of application-level data
and agreed that the data will facilitate enforcement of fair lending
laws. Some community groups stated that the transparency afforded by
the publication of 1071 data generally would discourage predatory and
discriminatory practices in the small business lending market. One of
these commenters noted that action taken data, particularly categorical
information such as denials, incompletes, or approved but not accepted
by the applicant, were integral to promoting the fair lending purpose
of section 1071. Other commenters said that transparency would protect
responsible lenders from unfair scrutiny. Many community groups, along
with some lenders, individual commenters, and others also stated that
1071 data would allow governmental entities and community groups to
monitor individual lenders' lending practices, identify lending
disparities on a granular level, and enforce ECOA to the benefit of
women and minority business owners. Community groups, a business
advocacy group, and a CDFI lender further stated that HMDA data
reporting has demonstrated that loan-level data enables community
organizations, economists, and governmental entities to identify
disparities between populations, which facilitates enforcement of fair
lending laws. Other commenters expressed particular support for the
publication of agricultural lending data, noting that the inclusion of
data from agricultural creditors would help address discrimination in
farm credit lending. These commenters cited a long history of
discrimination targeting socially disadvantaged farmers and producers,
including women-owned and minority-owned farms, in the farm credit
market. Other stated that the 1071 dataset would help reveal where
responsible lenders are serving small businesses fairly, aiding in the
remediation of deficiencies, or removing barriers to equitable lending.
A joint letter from community groups, community-oriented lenders, and
business advocacy groups stated that the data would reveal disparities
in access to credit in immigrant communities. Other community group
commenters, along with two minority business advocacy groups, stated
that application-level data would improve the understanding of
demographic disparities in small business lending and support efforts
to identify, address, and eliminate practices that create lending gaps
for women-owned and minority-owned small businesses.
Commenters also asserted that the publication of application-level
data would promote the business and community development purpose of
section 1071, stating that the data would provide greater understanding
of small business credit trends, such as lending dynamics or credit
request cycles for different industries, and would improve
understanding of the small business lending market more broadly. Some
commenters, including a minority business advocacy group, stated that
disclosure would help facilitate development of targeted programs to
help address inequities and foster efficiency in the small business
credit marketplace. For example, commenters said disclosure would allow
community groups and lenders to compare how lenders are meeting
community credit needs, develop score cards on local lending, identify
gaps in lending, and advocate for low-income and microbusinesses. A
CDFI lender stated that pricing information data would allow
stakeholders to assess loan affordability in underserved communities.
Citing the benefits of increased transparency, a commenter noted that
publishing small business credit transaction data would support price
discovery by allowing the comparison of credit costs between
institutions, credit types, and business types, which is critical for
market efficiency. Commenters also said that disclosure would help
community groups educate small businesses, facilitate the development
of tools to effectively identify barriers small businesses face, and
empower owners to access credit on fair terms.
In contrast, several industry commenters saw little benefit from
publication because the data would not include all factors that lenders
rely on to make credit decisions. Some said that every small business
loan is unique and without contextual information the data would not
meaningfully increase understanding about the small business lending
market. Others asserted that the data would be insufficient to conduct
fair lending analyses, suggesting that data collection and publication
are less effective mechanisms for identifying discrimination than
examinations or disparate impact analyses. According to these
commenters, HMDA data do not effectively reveal discrimination in the
mortgage industry. One of these commenters also stated that publication
would be ineffective because, as proposed, the data would not enable
identification of additional types of discrimination, such as
discouragement of particular groups of applicants. Two
[[Page 35465]]
lenders suggested that the dataset duplicate data already required
under HMDA and the CRA. A trade association suggested that data from
credit unions would not be comparable to data from other lenders
because of community-based member restrictions. A joint trade
association letter disagreed with the Bureau's proposed analysis of the
disclosure benefits of application-level data, suggesting that the
Bureau's analysis was vaguely defined and not clearly linked to the
statutory purposes of section 1071.
Current Approach
The Bureau has considered the comments above, and also relied on
the NPRM's discussion of--and requests for comment on--the potential
benefits of disclosing particular data fields. Given the comparative
lack of comments on such benefits, the Bureau concludes that the NPRM's
initial assessments of the utility of individual data fields were
generally correct.
As Congress recognized, market transparency through publication of
application-level data will serve to realize their intended purposes in
section 1071. Publishing such data will help to identify and discourage
potential fair lending violations in small business lending, while
protecting responsible lenders from unfair scrutiny. The Bureau agrees
with commenters that published data will help address discrimination in
agricultural lending. Publication of this data will also improve
understanding of small business credit needs and will provide insights
into the small business lending market, promoting the business and
community development purposes of section 1071. Increased transparency
can make it easier for small businesses to access credit efficiently,
and easier for lenders and potential lenders to identify opportunities
in the market, thereby increasing access to credit. Moreover, data
users, such as community groups, researchers, and public officials,
will be able to use the data to help determine whether certain types of
credit are disproportionately available to different communities.
Insights gained from publication will enable lenders, advocates,
investors, and the public sector to better meet the needs of small
businesses.
These benefits are material even as the dataset may not include all
factors that lenders may rely on in making credit decisions. The Bureau
notes the feedback of SBREFA commenters discussed in the NPRM and the
numerous comments from lenders, trade associations, individual
commenters, and community groups discussed above who expressed general
agreement that public data will facilitate the observation of small
business lending practices in ways that are currently not possible. For
example, data points such as pricing information and census tract will
facilitate comparison of pricing data across discrete geographic
locations allowing data users to efficiently compare credit costs
offered by financial institutions. The relative lack of substantive
comments disagreeing with the NPRM's initial assessment of the benefits
of disclosing particular data fields also speaks to the utility of the
data fields in relation to the stated statutory purposes.
Commenters did not offer substantive evidence to back claims that
data collection and publication do not help facilitate fair lending
enforcement. In addition, whether other approaches to fair lending
enforcement are more or less effective misses the point that analysis
of data collected under this rule--as is true for data collected under
HMDA--will contribute to robust and effective fair lending analysis.
Further, publication of application-level data collected under the
final rule will not inappropriately duplicate efforts under HMDA or
CRA. Final Sec. 1002.104(b)(3) excludes HMDA-reportable transactions
from coverage. Data collected under the final rule will cover more
types of transactions from more institutions than existing CRA data,
and it will include applications as well as originations. As discussed
in part II.F.2.i and elsewhere, Federal prudential regulators have
proposed to use data collected under the CFPB's final rule, once it
becomes available, for purposes of CRA small business and small farm
lending assessments, rather than drawing data from FFIEC Call
Reports.\870\
---------------------------------------------------------------------------
\870\ 87 FR 33884, 33930 (June 3, 2022).
---------------------------------------------------------------------------
The benefits from publishing application-level data are so
substantial that the Bureau is now of the view that each data field
warrants inclusion in public data, subject to completion of the
Bureau's full privacy analysis. Accordingly, the Bureau intends to
publish application-level data except to the extent that it modifies or
deletes data consistent with its privacy analysis.
4. Privacy Risk
The NPRM considered the risks to privacy that might result from
publication of application-level data reported to the Bureau. Based on
its analysis at that time, the Bureau recognized that publication of
the complete data set, without any form of modification, could pose
risks to privacy interests. As discussed in more detail below, this was
because certain data fields could create re-identification risk and
disclosure of some fields would create a risk of harm or sensitivity.
Accordingly, the Bureau intended to consider whether pre-publication
modifications or deletions would reduce these risks to privacy and
appropriately balance them with the benefits of disclosure.
The Bureau sought comment on the range of privacy concerns
discussed in the NPRM, including potential re-identification of small
businesses and financial institutions, as well as the types of harms
and sensitivities that unmodified release of data could have caused to
financial institutions and small business applicants, which are
described further below. As discussed above, informed by the comments
on the NPRM, the Bureau's preliminary assessment is that it should
adjust the balancing test articulated in the NPRM to assess, primarily,
whether data, individually or in combination with other data, create
significant re-identification risk for small businesses and their
owners. Though this approach focuses primarily on re-identification
risk, the privacy harms or sensitivities discussed below clarify the
consequences of re-identification and underscore the importance of
managing re-identification risk. Because re-identification is a
prerequisite to any potential harms or sensitivities that may result
from publishing data, the Bureau also concludes that actions taken to
prevent re-identification will mitigate those harms or sensitivities
for small business applications and their owners. In addition, the
Bureau's preliminary view is that its privacy assessment should not
consider financial institution privacy interests except where the
Bureau identifies a compelling risk to such interests.
i. Re-Identification Risk
Proposed Approach
The NPRM explained that, while information that directly identifies
natural persons, such as name, address, date of birth, or Social
Security number would not be collected, publication of application-
level data in an unmodified format potentially could be used to re-
identify small business applicants and related natural persons and
potentially harm their privacy interests. The Bureau identified two re-
identification scenarios. First, a third party may use common data
fields to match a data record to a record in another dataset that
contains the identity of the applicant or related natural person.
Second, a third party may rely on pre-existing personal
[[Page 35466]]
knowledge to recognize an applicant's record in the unmodified data.
The Bureau used the term ``adversary'' to refer to either type of third
party.\871\
---------------------------------------------------------------------------
\871\ The term does not mean that the adversary's motives are
necessarily malicious or adverse to the interests of others. See,
e.g., Nat'l Inst. of Standards & Tech., De-Identification of
Personal Information (2015), https://nvlpubs.nist.gov/nistpubs/ir/2015/NIST.IR.8053.pdf (using the term ``adversary'').
---------------------------------------------------------------------------
Re-identification based on matching. Under the first scenario, the
Bureau explained that it might be possible to match a data record to an
identified dataset, either directly or through a combination of
intermediate datasets.\872\ However, successfully re-identifying a data
record would require several steps and could present a significant
challenge. An adversary generally would have to isolate a record that
is unique or rare within the data. A record is unique or rare when the
values of the data fields associated with it are shared by zero or few
other records. The Bureau stated that it believed actual data would be
needed to perform an accurate re-identification analysis. Thus, it did
not intend to apply the balancing test until after it had analyzed re-
identification risk with a full year of reported data.
---------------------------------------------------------------------------
\872\ For these purposes, an ``identified'' dataset is one that
directly identifies a natural or non-natural person.
---------------------------------------------------------------------------
The Bureau explained that a data record having unique combinations
of values would not automatically result in re-identification; an
adversary would also have to find a record corresponding to the
applicant or related natural person in another dataset by matching
similar combinations of data fields. Once a data record had been
matched, an adversary would possess any additional fields found in the
corresponding record but not found in the data record--including,
potentially, the applicant's identity. However, even after
accomplishing such a match, an adversary might not have accurately re-
identified the true applicant to whom the data record relates. For
example, if the corresponding record was not the only record in the
other dataset to share certain data fields with the unique data record,
an adversary would have to make a probabilistic determination as to
which corresponding record belongs to the applicant.
The Bureau expected that census tract and NAICS code, if published
as proposed and without modification, could significantly contribute to
re-identification risk. Geographic and industry information are
publicly available in a variety of sources and in a form that directly
identifies businesses or in a way that could be derived with reasonable
accuracy. This information is also likely to produce unique instances
in the data, both when used separately, but particularly when combined.
Other proposed data fields could have resulted in unique combinations
(particularly when combined with census tract), but the Bureau stated
it would need actual data to analyze their contribution to uniqueness.
In this context, the Bureau indicated that particularly relevant
sources of identified data for matching purposes were UCC filings,
property records, and titles. Such filings could pose a serious re-
identification risk because of the availability of information about
the lender, the applicant, and the date of transaction. For example, an
adversary might be able to use the date and financial institution
listed in UCC filings to identify the applicants of originated loans in
the public application-level data. UCC filings also typically have the
address of the borrower. With this information, combinations of
financial institution identity, action taken date, and census tract
data might result in unique combinations that an adversary could
connect to a publicly available source of information to re-identify
the applicant.
With respect to covered loans secured by residential and commercial
property, publicly available real estate transaction records and
property tax records would be particularly relevant sources of
identified data, as the Bureau described in its proposed policy
guidance on the disclosure of loan-level HMDA data.\873\ Because some
of the data fields in such public records are also present in
application-level data, publication without any modifications would
have created a risk that these public records could be directly matched
to a data record. UCC filings also frequently include the name of the
lender, the name of the business, and the date that the filing was
submitted. Though the availability differs by State, UCC filings are
often searchable in State databases, and are frequently mined by data
brokers. UCC statements are often filed against specific collateral and
business assets generally. The NPRM accordingly indicated that such
filings could pose a serious re-identification risk.
---------------------------------------------------------------------------
\873\ See 82 FR 44586, 44593 (Sept. 25, 2017).
---------------------------------------------------------------------------
The NPRM also explained that public records in loan-level datasets
for programs like the SBA's 7(a), 8(a), 504, and Paycheck Protection
Program, as well as State-level registries of women-owned and minority-
owned businesses for contracting purposes, could contribute to re-
identification risk. These datasets include information such as loan
program guarantee information, industry information or NAICS code,
demographic information about the business owners, time in business,
and number of employees. As a result, the time in business and number
of workers data fields might significantly contribute to
reidentification risk, especially in combination with other data fields
like census tract and NAICS code. Similarly, loan-level performance
datasets made available by the Government-Sponsored Enterprises include
information such as borrower demographic information, loan program
guarantee information, pricing data, loan term, loan purpose, and the
year of action taken. Asset-backed securities datasets for securitized
mortgage and auto loans are made available by the Securities and
Exchange Commission through the Electronic Data Gathering, Analysis,
and Retrieval system. These datasets, which include information about
the lender, the date of action taken, pricing data, loan term, loan
amount applied for and approved, are available online with limited
restrictions on access. But these datasets do not include the name of
the borrower; as described above, this means that an adversary who is
able to match a record in one of these datasets to a record in the data
would need to make an additional match to an identified dataset to re-
identify an applicant. And some of these datasets contain restrictions
on use, such as a prohibition on attempting to re-identify borrowers.
Finally, the Bureau noted the existence of private datasets that might
be matched to the data. For example, data brokers collect information
about small businesses from a wide range of sources and sell it for a
variety of purposes, including marketing, identity verification, and
fraud detection.\874\ These datasets typically include data collected
from commercial, government, and other publicly available sources and
could contain data such as NAICS code, location, and estimates of gross
annual income, number of workers, and information about related natural
persons, including the ethnicity and race of principal owners.
---------------------------------------------------------------------------
\874\ See generally Fed. Trade Comm'n, Data Brokers: A Call for
Transparency and Accountability (May 2014), https://www.ftc.gov/system/files/documents/reports/data-brokers-call-transparency-accountability-report-federal-trade-commission-may-2014/140527databrokerreport.pdf (describing the types of products offered
and the data sources used by data brokers).
---------------------------------------------------------------------------
In addition to considering the steps an adversary would need to
take to re-identify applicants and the various data sources that may be
required to accomplish re-identification, including
[[Page 35467]]
their limitations, the Bureau considered the capacity, incentives, and
characteristics of potential adversaries, including those that might
attempt re-identification for harm. In particular, a competitor or
potential competitor might seek information about a business's
expansion strategy or financial condition, including whether it was
able to obtain credit approval. As the Bureau explained, some
adversaries could possess the resources to use private datasets in
addition to publicly available records. However, the Bureau noted the
extent to which much of the commercial benefit to be obtained by re-
identifying the data would be more readily available from private
datasets to which these potential adversaries already have access
without the need for recourse to the data. In many cases, information
from other datasets could be timelier than that found in the data.
Furthermore, some of these potential adversaries might refrain from re-
identifying the small business applicant for reputational reasons or
because they have agreed to restrictions on using data for these
purposes.
Additionally, the Bureau stated that some academics, researchers,
and journalists may be interested in re-identifying published data for
research purposes. As noted above, however, some private datasets have
contractual terms prohibiting their use for re-identification purposes
and therefore these persons might be restricted from actually using the
data to re-identify applicants. Further, some academics or journalists
may be affiliated with organizations that have reputational or
institutional interests adverse to re-identification efforts.
The Bureau considered whether parties intending to commit identity
theft or financial fraud may have the incentive and capacity to re-
identify applicants, but it assessed that the data would be of minimal
use for these purposes. In addition, such adversaries are not law
abiding and may have easier, albeit illegal, ways to secure data for
these purposes than attempting to re-identify application-level data.
Re-identification based on personal knowledge. The NPRM also noted
the potential for re-identification based on personal knowledge.
Location, as well as demographic and industry information, might well
be known to an adversary familiar with an applicant, meaning that they
might be able to re-identify an applicant without matching a record to
another dataset. The Bureau explained that the personal knowledge
possessed by such an adversary would be limited to information about a
subset of applicants and related natural persons. Thus, any such re-
identification would impact a more limited number of applicants or
natural persons than might be re-identified by adversaries possessing
sophisticated matching techniques. The Bureau explained that
uncertainty over the extent of relevant personal knowledge posed
challenges for evaluating how much individual data fields contribute to
this re-identification risk. For these reasons, the NPRM generally
focused on matching-based risk. However, the Bureau sought comment on
how to assess re-identification risk arising from personal knowledge.
Applications that do not result in originations. In its final
policy guidance on the disclosure of loan-level HMDA data, the Bureau
explained that the risk of re-identification to applicants is
significantly lower for applications that do not result in originated
loans.\875\ A lack of public information about applications
significantly reduces the likelihood that an adversary could match the
record of a HMDA loan application that was not originated to an
identified record in another dataset. In the NPRM, the Bureau stated
that it had not identified any publicly available information about
applications for business loans. However, unmodified data might still
contain data fields that facilitate the re-identification of
applicants. For example, census tract and NAICS code data could result
in unique combinations that an adversary could use to match to an
identified public record, such as a business directory.
---------------------------------------------------------------------------
\875\ See 84 FR 649, 658 (Jan. 31, 2019); see also 82 FR 44586,
44593 n.55 (Sept. 25, 2017).
---------------------------------------------------------------------------
Overlap between HMDA and 1071 data generally. The Bureau proposed
that some covered applications would also be reported under HMDA.\876\
The public loan-level HMDA dataset contains data fields in addition to,
or that overlap with, the proposed data fields, and the proposed data
would have included data fields not included in the public loan-level
HMDA dataset. The Bureau recognized that, in cases of overlap, some
data fields may have required additional analysis with respect to risks
of harm or sensitivity and re-identification posed by such overlap. The
Bureau sought comment on this issue and the implications of potential
re-identification risk and potential risk of harm or sensitivity for
applications reported under both section 1071 and HMDA.
---------------------------------------------------------------------------
\876\ See the section-by-section analysis of Sec. 1002.104 for
additional details.
---------------------------------------------------------------------------
Comments Received
The Bureau received comments from lenders, trade associations,
community groups, a business advocacy group, a software vendor, and
several individuals on re-identification risk posed by the publication
of unmodified, application-level data. Nearly all of these commenters
agreed that re-identification risk, either through matching or via
personal knowledge, should be considered by the Bureau when determining
whether to modify or delete data for publication.
Many industry commenters and a business advocacy group saw a high
risk of data being used to re-identify applicants and related natural
persons and that this would disclose harmful or sensitive private
information. Some industry and individual commenters agreed that re-
identification risk will be higher as a result of data point
combinations; several pointed to the combination of NAICS and census
tract. One commenter stated that because re-identification risk depends
on the distinctness of the data being published and on the ability to
match that data to other datasets, the Bureau should consider privacy
risk for the overall dataset rather than for each data point. Another
stated that unpredictable changes in re-identification technologies may
make data that are currently impossible to re-identify susceptible to
re-identification in the future. Commenters also stated that businesses
in rural areas face particular re-identification risk because of the
likelihood that those areas have low populations and a low number of
small businesses. Several commenters also saw re-identification risk in
rural areas as more relevant to certain products, such as agricultural
lending, that are concentrated in such areas. A group of trade
associations said that CRA data are not published at the application-
level, in part because geography can contribute to the increased risk
of re-identification.
In contrast, some commenters, primarily consisting of community
groups, asserted that re-identification risk, either through matching
or because of personal knowledge, is low. Two commenters stated that
the risk is low because much of the information that would be included
in the 1071 dataset is already publicly available, either in commercial
data sources or as a result of data breaches. Some commenters also
stated that there have been no reported incidents of HMDA data, which
is similar to 1071 data, being used to re-identify individuals. One
said that the effectiveness of modifications and
[[Page 35468]]
deletion techniques for HMDA data suggest that similar modifications
and deletions will nullify the re-identification risk for 1071 data.
The Bureau did not receive comments about its assumption that data on
applications that do not result in originations pose lower re-
identification risk than data on originated applications.
Current Approach
In the Bureau's preliminary assessment, re-identification risk of
small business applicants and their owners is the core privacy risk
associated with data publication. While the primary focus of the
Bureau's intended privacy analysis is the impact of re-identification
risk on personal privacy interests, controlling reidentification risk
will naturally mitigate other privacy risks and harms, including
commercial privacy risks for small businesses. The prevailing view of
commenters was that unmodified application-level data poses re-
identification risks that the Bureau should consider when making
modification and deletion decisions. The Bureau also agrees with
commenters that data point combinations, particularly the combination
of NAICS and census tract, pose particular re-identification risks, and
it intends to take this into account in making modifications and
deletions.
The Bureau agrees that small businesses in small or rural areas may
face heightened re-identification risk. However, overall re-
identification risk depends on multiple factors. For example, while the
overall transaction volume in a rural area may be lower than in an
urban area, concentration of certain credit products in rural areas may
change how much of an impact low transaction volume has on re-
identification risk. Thus, the Bureau does not intend to rely on a
categorical determination that geographical area types or particular
census tracts will contribute to the risk of re-identification in every
circumstance. The Bureau intends to determine whether targeted
modification of individual data fields sufficiently mitigates privacy
risks from geographical identifiers, rather than relying on wholesale
deletion of data from rural areas.
The Bureau agrees that it is difficult to predict how technology
will evolve in the future and impact re-identification risk. This is
one reason it intends to track developments in the small business
lending market, continue to engage with stakeholders, and reassess its
privacy approach as necessary. The Bureau intends to preserve
flexibility so that its privacy analysis can evolve with changes to
privacy risks.
The Bureau assesses that modification and deletion techniques can
effectively limit re-identification risk and therefore concludes that
completely withholding data--which would be contrary to section 1071's
statutory purposes and express disclosure provisions--is not necessary
to manage re-identification risk. As noted by commenters, modification
and deletion techniques have effectively reduced re-identification risk
from HMDA data, and the Bureau anticipates the same result with this
data. The existence of some data that matches with existing data sets
is not grounds to forego the full privacy analysis of collected data
that will allow it to make targeted modification and deletion decisions
to protect privacy interests.
For the reasons given above and as discussed in part VIII.B.4.ii
below, the Bureau preliminarily views re-identification risk as the
most significant privacy risk associated with publishing application-
level data--and thus the most important privacy risk to consider in
making modification and deletion decisions. Re-identification is a
prerequisite to any potential harms or sensitivities that small
business applicants or related natural persons may experience from
publishing such data. As the risk of re-identification is reduced, the
risk of harm caused by disclosing harmful or sensitive information also
will be reduced. Further, as discussed below, because almost all the
harms and sensitivities to financial institutions result from concerns
about small business applicant or related natural person re-
identification, preventing such re-identification will also prevent the
most serious harms and sensitivities for financial institutions.
ii. Risk of Harm or Sensitivity
Proposed Approach
The NPRM considered whether a re-identified application-level
record would disclose information about an applicant, related natural
person, or financial institution that is not otherwise public and may
be harmful or sensitive. Specifically, the Bureau evaluated whether
such data could be used for harmful purposes such as fraud or identity
theft or the targeted marketing of products and services that may pose
other risks. The NPRM evaluated whether the data could cause
competitive harm to small business applicants or to financial
institutions. It also evaluated whether certain data fields might be
viewed as sensitive if associated with a particular applicant, related
natural person, or financial institution. In evaluating the potential
sensitivity of a data field, the Bureau considered whether disclosure
of the data field could cause dignitary or reputational harm to small
business applicants, related natural persons, and financial
institutions.
The NPRM explained that some identifiable information about small
business lending is already publicly available. Such information is
both in public records and in private datasets with varying barriers to
access and restrictions on use. The Bureau's analysis accordingly
considered the degree to which disclosure would increase this risk
relative to the risk that already exists. In general, where a data
field was already publicly available, the NPRM saw a reduced risk of
harm or sensitivity from its further disclosure.\877\
---------------------------------------------------------------------------
\877\ However, where a data field was already publicly
available, disclosing that data field in the data may have enabled
the matching of data to other datasets that may not have been
controlled by the Bureau, which could have substantially facilitated
re-identification or the disclosure of harmful or sensitive
information.
---------------------------------------------------------------------------
The Bureau considered whether the data could be used for harmful
purposes such as fraud or identity theft or the targeted marketing of
products and services that may pose other risks. The Bureau's initial
view was that unmodified application-level data would be of minimal use
for perpetrating identity theft or financial fraud against applicants
or related natural persons. As proposed, application-level data would
not include information typically required to open new accounts in the
name of a small business's principal owner, such as Social Security
number, date of birth, place of birth, passport number, or driver's
license number. Additionally, the data would not include information
useful to perpetrate existing account fraud, such as account numbers or
passwords. The Bureau acknowledged, however, that almost any
information relating to a small business could, in theory, be used for
these purposes. For example, unmodified data could potentially be used
in a phishing attack against an applicant, or for knowledge-based
authentication. Some such data, however, may already be available from
public and private sources. The Bureau also noted, on the basis of its
expertise and analysis, that the publication of HMDA data--which
contain many data fields that are similar to data fields that would be
disclosed under the proposal--has not resulted in any measurable
increase in fraud or identity theft against mortgage applicants.
[[Page 35469]]
The Bureau also considered potential impacts on targeted marketing
of products and services. The Bureau explained that although the data
could be used to market products and services that would have been
beneficial for small businesses--perhaps increasing competition among
creditors that could help small businesses receive better terms--they
could also be used to target potentially vulnerable small businesses
with marketing for products and services that may have posed risks that
were not apparent. For example, users might perceive certain data to
reveal negative information about an applicant's financial condition or
vulnerability to scams relating to debt relief or credit repair.
Information about a loan might also be used for a practice known as
``stacking,'' in which creditors may obtain lead lists based on
publicly available information and offer follow-on loans or advances
that add to the debt burden carried by small businesses. Some creditors
might also use the data for deceptive marketing practices. However, the
Bureau noted that the utility of the data for predatory marketing
practices may be limited by delay between action taken on a loan and
data publication.
The Bureau considered whether unmodified data would result in
competitive harm to small business applicants or related natural
persons by disclosing general information about a small business's use
of credit that was not currently available to the general public. The
Bureau acknowledged that certain data points in unmodified form could
reflect negatively on the financial condition of a business or its
owners. The Bureau also considered the potential for competitive harm
to financial institutions. As discussed below with respect to the
financial institution identifying information that would be reported
pursuant to proposed Sec. 1002.109(b), the Bureau proposed to identify
the financial institution in the public application-level data.
Therefore, the data could reveal general information about a financial
institution's lending practices that is not widely available to the
general public. As the Bureau explained, data fields such as census
tract, NAICS code, credit type, and pricing could disclose information
about where a financial institution is doing business, what industries
it is doing business with, what kinds of products it is offering, and
what kinds of prices it is charging, respectively. Additionally, if a
small business applicant were re-identified, a financial institution's
competitors could identify the small businesses to which the financial
institution is offering or providing credit. A financial institution
could then potentially offer credit to a particular small business at a
lower price than they currently received. However, the Bureau did not
assess that unmodified application-level data would include key inputs
for, or be detailed enough, to substantially facilitate reverse-
engineering of proprietary lending models. For example, it would not
have included information about an applicant's credit history. The NPRM
also noted stakeholder concern that data could harm financial
institutions by increasing the amount of litigation against them. The
Bureau sought comment on this risk.
With respect to feedback that disclosing information about
applicants in rural areas could lead them to seek financing elsewhere,
the Bureau noted that would not necessarily reduce the risk that
someone in the small business's community may ultimately re-identify
them because the data would be reported with respect to the location of
the business, as discussed in the section-by-section analysis of Sec.
1002.107(a)(13).
In addition to considering whether the disclosure of a data field
could lead to financial or other more tangible harms, the Bureau also
considered whether the data might be viewed as sensitive. In assessing
whether a data field creates a risk of sensitivity, the Bureau
evaluated whether its disclosure could lead to dignitary or
reputational harm to small business applicants or related natural
persons. For example, if re-identified, the data could reveal
information that casts a negative light on a small business's financial
condition, such as the fact that a loan was denied due to a business's
credit characteristics or cashflow.
The Bureau also evaluated whether the disclosure of a data field
could cause reputational harm to financial institutions. The Bureau
discussed stakeholder concerns that the data could lead users to draw
unfounded inferences about discrimination. The Bureau noted that
several of the data fields, if disclosed in unmodified form, would help
address this concern by serving as control variables. For example, many
financial institutions consider a small business's revenue when
assessing the risk of extending credit. As a result, disclosing gross
annual revenue data would help ensure that data users who are
evaluating potential disparities in underwriting or pricing can compare
small businesses with similar revenues, thereby controlling for a
factor that might provide a reason for some disparities. The Bureau
also noted that it does not expect that data alone could generally be
used to determine whether a lender is complying with fair lending laws.
The Bureau expected that, when regulators conduct fair lending
examinations, they would analyze additional information before reaching
compliance determinations.
The Bureau also considered general expectations with respect to
what information is available to the general public. For example, the
Bureau explained that disclosing gross annual revenue in unmodified
form could disclose sensitive information because it could reflect the
financial condition of a small business or, where a small business is a
sole proprietorship, a particular individual. This type of information
is typically not available to the general public. The Bureau also
acknowledged concerns that some small businesses and their owners would
consider seeking credit sensitive, or would consider the disclosure of
a banking relationship sensitive because others may draw adverse
inferences about the small business's financial condition. These are
concerns about sensitivity that would result from the re-identification
of the applicant, rather than from the disclosure of particular data
fields. The Bureau sought to address these concerns by mitigating the
risk of re-identification.
Comments Received
The Bureau received comments in this area from a range of
commenters including lenders, trade associations, business advocacy
groups, and community groups.
Risk of identity theft or fraud. Some industry and academic
commenters stated that the data points may subject small business
applicants and related natural persons to an increased risk of fraud or
identity theft. Commenters also stated that publication may expose
financial institution employees, such as the financial institution
contact reported under Sec. 1002.109(b)(3), to fraud or identity theft
actions, such as phishing attacks. Another commenter stated that rural
applicants will be easily identifiable in data and, as a result, at
greater risk of fraud.
Risk of targeted marketing harms. A group of bank trade
associations and a business advocacy group asserted that public data
could be collected and sold to interested third parties, potentially
for targeted marketing purposes. No commenters asserted financial
institutions would experience such harms.
[[Page 35470]]
Risk of competitive harms. Several industry commenters and a
business advocacy group expressed concern that the disclosure of
application-level data would pose risks of competitive harm to small
business applicants or related natural persons. Some commenters stated
that if an applicant is re-identified, competitors will gain non-public
insights into financial information directly bearing on that small
business's long term financial health and competitive goals. Some
commenters noted that larger competitors may be more likely to gain
information about the financial health and long-term business goals of
small businesses. For example, a lender asserted that larger companies
may use the data to outbid smaller competitors. Other commenters stated
that data may reveal non-public information about a small business's
use of credit, such as financing terms, that competitors may use to
their competitive advantage.
Some industry commenters and a business advocacy group stated that
small business applicants may experience reduced availability or
increased cost if other financial institutions learn of their small
business loans or loan terms, which would reduce their ability to
obtain liquidity or increase their operating costs as compared to their
competitors. These commenters asserted that publication may impose
increased compliance costs and litigation risks on financial
institutions that are passed on to small business applicants or that
cause financial institutions to limit credit to borrowers with higher
risk profiles to prevent losses.
Many industry commenters stated that publication will present
significant risk of competitive harms to financial institutions.
Commenters asserted that application-level data may be used to identify
or reverse-engineer proprietary lending information, such as
underwriting requirements or pricing models. One commenter asserted
that if the pricing information and action taken data points could be
used to determine a lender's limits for other credit terms that are not
collected under the rule, such as the APR limit, the lender's
competitors would be able to undercut or otherwise compete with those
terms, for example by offering lower rates. This commenter stated that
while lower APRs are generally beneficial for consumers, this may come
at the cost of lower quality service. A lender suggested that data
points such as gross annual revenue and the time in business may be
used to reverse-engineer a financial institution's proprietary lending
strategy. Another commenter asserted that data points for private label
credit, such as the pricing information or census tracts, are
particularly commercially sensitive to financial institutions and there
is risk that disclosure of this information will cause competitive
harm.
Other industry commenters indicated that competitive harm
experienced by financial institutions may have broader impacts on the
small business lending market. Some commenters suggested that if public
data reveals proprietary commercial lender information, financial
institutions may be compelled to engage in anti-competitive behavior,
such as price-fixing, that restricts credit or offers less favorable
terms, because it will effectively homogenize the market and limit
their ability to compete with one another. One asserted that compliance
concerns due to publication could result in reduced product
availability by financial institutions, as they asserted was seen after
publication of HMDA and CRA data.
Some industry and academic commenters stated that competitive harm
may particularly impact smaller or rural financial institutions. They
asserted that because these lenders have fewer small business customers
than larger financial institutions, their customers are at a higher
risk of re-identification. As such, it may be easier for the larger
competitors of smaller or rural financial institutions to approach
their small business applicants to underprice the loans and offer
better terms. These commenters stated that smaller and rural financial
institutions may have less flexibility to respond to resulting
competitive harms because of their size and lower applicant volume.
Risk of reputational harms. An industry commenter and a business
advocacy group stated that small business applicants and related
natural persons will be subject to reputational risks as a result of
publication. For example, one noted that if applicants are re-
identified, small business owners may experience harm, discrimination,
or stigmatization from disclosure of certain data points, such as race,
sex, and ethnicity. Other industry commenters stated that financial
institutions may also experience reputational harms. Many commenters
stated that risks of reputational harm and frivolous litigation will
result from incorrect conclusions about the data drawn by the public or
regulators. These commenters asserted that incorrect data conclusions
could result from the unique characteristics of small business lending
generally, particular credit scenarios common within small business
lending, and the fact that the data will not reflect all factors that
went into underwriting decisions. For example, some commenters asserted
that there is particular risk of misunderstanding with Farm Credit
System credit based on how dividends are provided and the legal
limitations for such loans. These commenters explained that because
statutory provisions for Farm Credit System credit have specific
coverage criteria, data may disclose a justified, but
disproportionately high, rate of application denial. Additionally,
commenters explained that Farm Credit System institutions may appear to
charge a higher interest rate to certain borrowers but that the
interest rates are offset by dividends based on the borrower's
patronage.
A few industry commenters cited potential discrepancies between
data points and those that appear in other sources, which could
increase the risk of reputational harm and litigation for financial
institutions. These commenters said that because data requirements for
these other sources are not the same as proposed requirements, but are
labeled with the same identifier, the resulting variations could
unfairly increase scrutiny or lead to inaccurate conclusions. These
commenters were especially concerned about this risk for loans subject
to HMDA or CRA. Additionally, some industry commenters stated that
financial institutions' reputations for protecting applicants' privacy
may be impacted by data publication. Commenters noted that applicants
may have concerns about providing information and may feel that
conversations with a financial institution are less confidential
because certain information is being disclosed to the government. One
commenter mentioned that if a financial institution or the Bureau
experiences a data breach, the financial institution may not be viewed
as trustworthy by applicants.
In contrast, other commenters stated that published data will
decrease reputational and litigation risks for financial institutions.
According to one commenter, the data will provide evidence of
responsible lenders' fair lending practices, which will give them a
competitive advantage over less scrupulous financial institutions.
Additionally, a few commenters stated that reputational and litigation
harm risks from publication can be mitigated by disclaimers, as well as
by data modifications and deletions. For example, these commenters
stated that any data publication should include a statement for
agricultural lending credit types that Farm Credit System entities
[[Page 35471]]
can only lend to applicants that are eligible under the Farm Credit
Act.
Other harms or sensitivities. Commenters identified three
additional harms that were not discussed in the NPRM: physical harms,
data security, and harm to applicants' relationship with, or trust in,
financial institutions.
A software vendor and several individual commenters stated the
Bureau should consider physical harm or personal security threats that
could result from publication. For example, a few commenters stated
that if an applicant's LGBTQI+ status was revealed, the applicant may
face threats to their personal security due to discrimination.
One industry commenter stated small business applicants or related
natural persons may be exposed to data breaches because financial
institutions will store and transmit data online. Some industry and
business advocacy group commenters asserted that a data breach could
cause privacy risks for financial institutions, including reputational
harm related to litigation. The commenters said this would be true even
if the Bureau were the breached entity, and that the Bureau must take
action to protect reported data from potential breaches. Some also
requested that the Bureau detail the steps it will take to protect data
from breach or to indemnify financial institutions impacted by data
breaches arising from a breach to the Bureau. One commenter stated that
the Bureau should seek comment on its data security safeguards.
Some commenters, mainly from industry, identified potential impacts
that privacy risks may have on the relationships between small business
applicants and financial institutions. Some commenters stated that the
publication may create friction in the lending process due to negative
public sentiment. These commenters asserted that, because small
business applicants may view the data collection methods as invasive or
because financial institutions may feel obligated to reduce tailored
credit underwriting to prevent misconceptions about lending practices,
financial institutions may not be able to provide customer service at
the level currently obtained. Other commenters noted that applicants
who are concerned about the privacy or security of this data may be
hesitant to seek credit or they might seek credit from more expensive
unregulated sources.
Current Approach
As discussed below, the Bureau's preliminary view is that the risk
of harm or sensitivity to small businesses and related natural persons
is significant and should be considered in its privacy assessment. The
Bureau's current intent is to address these risks primarily by
controlling for re-identification risk. The Bureau is particularly
focused on risks to personal privacy interests. Such interests may
involve protected demographic information or information about personal
finances that could have reputational impact if disclosed; for example,
this might include the reputational impact of a credit denial arising
from a personal credit score.\878\ The Bureau also intends to consider
certain commercial risks of harms and sensitivities to small businesses
when modifying or deleting data. The Bureau does not currently intend
to consider financial institution privacy interests in its analysis
unless there is a compelling privacy risk.
---------------------------------------------------------------------------
\878\ For example, Sec. 1002.107(a)(11) requires a covered
financial institution to report the principal reason or reasons the
financial institution denied a covered application. Comment
107(a)(11)-1.ii states that a covered financial institution reports
the denial reason as ``credit characteristics of the principal
owner(s) or guarantor(s)'' if it denies the application based on an
assessment of the principal owner(s) or guarantor(s)'s ability to
meet its current or future credit obligations. Examples include
principal owner(s) or guarantor(s)'s credit score, history of charge
offs, bankruptcy or delinquency, low net worth, limited or
insufficient credit history, or history of excessive overdraft.
Thus, data about a denial reason may provide personal information
about a principal owner's personal financial health that may not
otherwise be known to the public.
---------------------------------------------------------------------------
Risk of identity theft or fraud. Based on comments received, the
Bureau views any risk of identity theft or fraud for small business
applicants or related natural persons resulting from the publication of
data to be predicated on the small business applicant or related
natural person being re-identified. As to comments that publication of
financial institution contact information will subject financial
institution employees to identity theft or fraud, such as phishing
attempts, consistent with the NPRM, the Bureau plans to exclude from
publication the name and business contact information of a person who
may be contacted with questions about the financial institution's
submission from the public application-level data.
Risk of targeted marketing harms. Targeted marketing harms likewise
presuppose that a small business applicant or related natural person is
re-identified.
Risk of competitive harms. Potential competitive harms, including
information about a small business's long term financial health and
competitive goals, are also predicated on re-identification. For
example, commenters stating that an applicant's competitors may gain
insights into its financial health, competitive strategy, and goals all
assumed that the small business applicant is first re-identified.
The Bureau does not view data publication as increasing a financial
institution's compliance costs and litigation risks, such that
increased costs and risks would result in increased fees, reduction in
credit program availability, or reduce credit availability for
applicants with weak credit profiles. Historical evidence from HMDA
suggests that such impacts will be minimal. Notwithstanding similar
contentions prior to the 2015 HMDA Final Rule, the Bureau recently
reported that, based on 2021 HMDA data, trends in mortgage origination
continued to increase since the HMDA rule became effective in
2018.\879\ Based on this experience with HMDA, the Bureau does not
anticipate that this final rule will significantly increase the cost of
credit products, reduce credit product availability, or result in
otherwise unnecessary tightening of underwriting criteria.\880\
---------------------------------------------------------------------------
\879\ The 2015 HMDA Final Rule noted that SBREFA SERs and NPRM
commenters stated that compliance costs meant that financial
institutions would increase price, reduce availability, or exit
markets. See 80 FR 66127, 66296 (Oct. 28, 2015). But the Bureau's
2021 HMDA Data Point notes that mortgage origination trends have
continued to increase since that rule became effective in 2018.
Mortgage origination volume has increased from 4.14 million in 2018
to 5.13 million in 2021. Similar increases were seen in application
volume. See CFPB, Data Point: 2021 Mortgage Market Activity and
Trends (Sept. 19, 2022), https://files.consumerfinance.gov/f/documents/cfpb_data-point-mortgage-market-activity-trends_report_2022-09.pdf.
\880\ See part IX.F.4's analysis of small business costs for
more information about the magnitude of these effects.
---------------------------------------------------------------------------
The Bureau also disagrees that publication will reveal proprietary
lending information, thereby resulting in competitive harm to financial
institutions. Unmodified application-level data will not include key
inputs for, or be detailed enough, to substantially facilitate the
reverse-engineering of proprietary lending models. For example, it will
not include applicants' credit score data. Other comments expressing
concern that the data collected would provide only an incomplete
picture of the financial institution's lending practices confirmed that
other key information about underwriting will not be collected. These
omissions should prevent competitors from reverse-engineering
proprietary lending models and make it unlikely that financial
institutions could use the data to engage in anti-competitive behavior
like price-fixing.
By the same token, there is no basis for small or rural financial
institutions
[[Page 35472]]
to be at more significant risk of this type of harm. The Bureau
acknowledges that the risk of re-identification of small business
applicants and related natural persons may be greater in smaller or
rural areas, but that does not increase the risk of proprietary lending
models being disclosed.
Risk of reputational harms. Reputational harm to small business
applicants and related natural persons is also predicated on re-
identification.
The Bureau does not agree that publication will increase a
responsible financial institution's reputational risk. While the Bureau
recognizes that financial institutions may need to defend against some
increased litigation about their small business lending practices, it
agrees with commenters that publication will help responsible financial
institutions defend against such litigation, accordingly making it less
likely to occur in the first place. The Bureau similarly agrees with
commenters that responsible financial institutions will be able to use
the data as evidence of their fair lending compliance, as well as to
prevent or counter erroneous claims that the institution is engaging in
discriminatory practices. The Bureau has not seen any significant
detrimental impact on mortgage applicants' trust in financial
institutions, and HMDA-covered mortgage originations have increased
since the Bureau's amendments to Regulation C went into effect in
2018.\881\ As in the mortgage market, requesting and publishing data
from applicants does not have enough reputational impact on financial
institutions to impair origination activity.
---------------------------------------------------------------------------
\881\ Mortgage origination trends since the HMDA rule became
effective in 2018 suggest that any distrust resulting from financial
institutions seeking HMDA data has not deterred applicants from
continuing to seek credit. See CFPB, Data Point: 2021 Mortgage
Market Activity and Trends (Sept. 19, 2022), https://files.consumerfinance.gov/f/documents/cfpb_data-point-mortgage-market-activity-trends_report_2022-09.pdf.
---------------------------------------------------------------------------
With respect to reputational risk arising from overlapping
databases, the Bureau is finalizing a coverage exception for
transactions covered by the Bureau's HMDA rule.\882\ In addition, many
datasets contain data types that already overlap with HMDA and CRA
data. There is accordingly no compelling reason to expect that
publishing application-level data will significantly increase whatever
risk already exists from HMDA coverage.
---------------------------------------------------------------------------
\882\ See Sec. 1002.104(b)(2).
---------------------------------------------------------------------------
As to comments that assert that Farm Credit System products may be
incomparable to other credit product types, thereby creating the risk
of reputational harm or frivolous litigation, the data will provide
sufficient opportunity for Farm Credit System entities to prevent and
refute any erroneous conclusions. The Bureau agrees with commenters
that this harm can be averted by distinguishing Farm Credit System
loans in the dataset. The Farm Credit System is one of the identified
types of financial institutions for the data required under Sec.
1002.109(b)(9).\883\ As a result, users can filter the data
accordingly. Farm Credit System financial institutions can also filter
to defend against any conclusions they believe are inaccurate because
of comparisons outside the Farm Credit System.
---------------------------------------------------------------------------
\883\ See comment 109(b)(9)-1.vii.
---------------------------------------------------------------------------
Other harms or sensitivities. The Bureau agrees that the privacy
assessment should take account of risks of physical harm and personal
security threats to applicants or related natural persons, as well as
the potential for data, once available, to be used by third parties to
single out or target certain applicants or related natural persons for
discriminatory treatment. Re-identification in some circumstances could
result in significant risks, including threats of physical or personal
harm and discrimination. The risks raised by commenters are supported,
for example, by Hate Crime Statistics reported by the Federal Bureau of
Investigation (FBI) through its Uniform Crime Reporting Program,\884\
and by Equal Employment Opportunity Commission data.\885\ The Bureau
believes that the risk to personal privacy interests arising from
physical harm, personal security threats, and discrimination resulting
from information about protected characteristics warrant significant
consideration when the Bureau considers modifications or deletions to
data.
---------------------------------------------------------------------------
\884\ For 2019, the FBI's Uniform Crime Reporting Program
reported that in single-bias incidents, 1,492 victims were targeted
because of their sexual orientation and 227 victims because of their
gender identity. See Fed. Bureau of Investigation, 2019 Hate Crimes
Statistics, https://ucr.fbi.gov/hate-crime/2019/topic-pages/tables/table-1.xls (last visited Mar. 20, 2023).
\885\ The Equal Employment Opportunity Commission reports that
from FY 2014 through FY 2021, approximately $43.5 million dollars of
monetary benefits were paid on LGBTQ+-based sex discrimination
charges. The amount has increased from $2.2 million to $9.2 million
over this period. It also reports that it received 13,546 LGBTQ+-
based sex discrimination charges in the same time period, with
annual charges increasing from 1,100 in FY 2014 to 1,968 in FY 2021.
https://www.eeoc.gov/data/lgbtq-based-sex-discrimination-charges
(last visited Mar. 20, 2023). See also Off. of Mgmt. & Budget, Off.
of the Chief Statistician of the U.S., Recommendations on the Best
Practices for the Collection of Sexual Orientation and Gender
Identity Data on Federal Statistical Surveys 8-9.
---------------------------------------------------------------------------
However, historical evidence indicates that data publication will
have little long-term impact to relationships between applicants and
financial institutions. The Bureau reported in 2021 that mortgage
originations subject to HMDA continued to increase despite the HMDA
rule becoming effective in 2018.\886\ Based on this and earlier
experience with HMDA, the Bureau does not agree that publication will
drive small business applicants to seek alternative financing options
to avoid disclosure. The HMDA evidence also suggests that any potential
increase in costs after this rule becomes effective will not be
prohibitive for applicants seeking financing from a regulated financial
institution and that market volume will not be substantially impacted.
---------------------------------------------------------------------------
\886\ Compare 80 FR 66127, 66296 (Oct. 28, 2015), with CFPB,
Data Point: 2021 Mortgage Market Activity and Trends (Sept. 19,
2022), https://www.consumerfinance.gov/data-research/research-reports/data-point-2021-mortgage-market-activity-trends/.
---------------------------------------------------------------------------
Finally, the Bureau takes strong measures to mitigate and address
any risks to the security of sensitive data it receives, consistent
with the guidance and standards set for Federal information security
programs. The agency is accordingly committed to protecting the privacy
and information security of the data it receives from financial
institutions under this rule. In addition, the Bureau does not agree
that a financial institution could be held legally liable for the
exposure of data due to a breach at a government agency or for
reporting data to the Bureau if the institution was legally required to
provide the data and did so in accordance with other applicable law.
Based on the record to date, the Bureau intends to consider the
risk of harms to small business applicants and related natural persons
discussed above in its privacy risk assessment. However, the risks of
harms or sensitivities to small businesses and related natural persons
discussed by commenters logically assume re-identification already
occurred. The harms and sensitivities recognized above clarify the
consequences of re-identification and underscore the importance of
managing re-identification risk. Additionally, the Bureau's preliminary
view is that privacy risks to financial institutions are less
significant compared to both personal privacy interests and non-
personal commercial privacy risks to small business applicants and
related natural persons. Many of the harms attributable to financial
institutions
[[Page 35473]]
noted by commenters are only likely if small business applicants are
re-identified, are not likely to occur based on the history of HMDA
data publication, or exist independent of the data and therefore do not
result from publication. As a result, measures that the Bureau takes to
reduce re-identification risk will also reduce the risk of harms to
financial institutions. Thus, the Bureau intends to consider modifying
or deleting data to protect a financial institution privacy interest
where data publication creates a compelling privacy risk.
5. Privacy-Informed Modification and Deletion
Proposed Approach
Generally. The NPRM stated that where disclosure of an individual
data field, alone or in combination with other fields, would pose risks
to privacy that were not justified by the benefits of disclosure to
1071's purposes, the Bureau would consider whether it could
appropriately balance the privacy risks and disclosure benefits through
modification techniques or whether the field should be deleted from the
public dataset. The Bureau stated that it also would evaluate the risks
and benefits of disclosing a data field in light of modifications or
deletions considered for other data fields. Where the Bureau determines
that modification of a data field is appropriate, the Bureau stated
that its consideration of the available forms of modification for the
1071 data would also be informed by the operational challenges
associated with various forms of modification and the need to make
application-level data available to the public in a timely manner.
In general, the Bureau stated that deleting or modifying data
because the data would disclose general information about a financial
institution's lending practices--compared with information that could
substantially facilitate, for example, the reverse-engineering of a
financial institution's proprietary lending models--would be
inconsistent with section 1071, which directly contemplates disclosure
of financial institution identity in connection with the public
application-level dataset.\887\ Each of the data fields prescribed by
the statute--with the exception of the application number--could
provide some insight into a financial institution's lending practices.
If the Bureau were to exclude data on this basis, therefore, it would
exclude virtually all of the statutorily required 1071 data points from
the public data, frustrating both of the statutory purposes of section
1071.\888\ While the Bureau acknowledged financial institutions'
concern about the litigation and reputational risks involving 1071
data, the Bureau did not believe that this concern would justify the
exclusion of data from public disclosure. One of the statutory purposes
of section 1071 is to facilitate enforcement of fair lending laws,
which authorize enforcement by parties other than the Bureau.\889\
Additionally, section 1071 contemplates that financial institutions
would make their own application-level data available to the public,
which necessarily entails their identification.\890\
---------------------------------------------------------------------------
\887\ See ECOA section 704B(f)(2)(B).
\888\ See ECOA section 704B(a).
\889\ See, e.g., ECOA section 706 (providing for civil
liability).
\890\ See ECOA section 704B(f)(2).
---------------------------------------------------------------------------
In light of the statutory purposes, the Bureau intended to modify
or delete data only as needed under the balancing test prior to public
disclosure. The NPRM discussed associated modification techniques with
respect to specific data points. Where no specific modification
technique was described with respect to a particular data point, the
Bureau stated that it had not identified an obvious modification
technique other than swapping, suppression, or deletion.
While certain information that directly identifies applicants or
related natural persons generally would not be collected under the
proposed rule, the Bureau did not accept that this would eliminate
privacy risks that would arise from publishing the data in unmodified
form. The Bureau also rejected the idea that privacy risks could be
adequately resolved through rule coverage. While some re-identification
risk could be reduced by increasing the number of applications reported
to the Bureau, the Bureau did not believe the effects of doing so are
necessarily predictable because re-identification risk depends on the
characteristics of the data. Further, the Bureau did not believe that
increasing the number of applications would have addressed risks of
harm or sensitivity to re-identified applicants or natural persons.
Aggregate data. In the NPRM, the Bureau stated that it did not
intend to address privacy risks arising from application-level data by
disclosing aggregated data in its place. As required by section 1071,
the Bureau proposed in Sec. 1002.110(a) to make available to the
public the information submitted to it by financial institutions
pursuant to proposed Sec. 1002.109, subject to deletions or
modifications made by the Bureau. The Bureau stated that, as authorized
by the statute, proposed Sec. 1002.110(b) would have stated that the
Bureau may, at its discretion, compile and aggregate information
submitted by financial institutions pursuant to proposed Sec.
1002.109, and make any compilations or aggregations of such data
publicly available as the Bureau deems appropriate. The Bureau
initially anticipated making the data collected under section 1071
available at the application level--with appropriate potential
modifications and deletions--rather than providing aggregate data with
counts and averages for each data field. The Bureau stated that it may
consider releasing aggregated data in the future, after it determined
whether narrower modifications or deletions could address privacy
risks. The Bureau had received some suggestions to consider
``differential privacy'' techniques,\891\ which are typically used in
connection with aggregate statistics to reduce the identifiability of
more granular data. The Bureau sought comment on whether differential
privacy techniques might be appropriate for application-level data.
---------------------------------------------------------------------------
\891\ Differential privacy is a statistical method designed to
protect individuals from reidentification risk. A dataset is said to
be differentially private if, by looking at the dataset, one cannot
tell whether any individual's data was included in the dataset.
---------------------------------------------------------------------------
Recoding. The NPRM identified the Bureau's intention to consider
various methods to ``recode'' the proposed data fields as necessary.
The Bureau explained that recoding techniques decrease the number of
distinct categories for a data field. In this context, recoding would
involve providing the value of a data field in a higher-level category
that increases the number of records within a given combination. Some
data fields like census tract and NAICS code have structures that
permit recoding without developing new 1071-specific recoding
categories. For instance, if the Bureau were to determine that the re-
identification risk presented by the census tract data field does not
justify the benefits of unmodified disclosure, the Bureau could instead
provide geography at the county level because census tracts are
designed to be non-overlapping subdivisions of a county.
The Bureau also stated that it intended to consider recoding via
bins or intervals of values for data fields that, in unmodified form,
would have continuous values. The Bureau stated that unmodified
continuous data fields can be highly identifying, but binning can
significantly reduce this risk. It also
[[Page 35474]]
noted the possibility of top- or bottom-coding a data field to prevent
extreme--and potentially very re-identifiable--values from being
released.
Other techniques. The Bureau stated that it might also consider
``targeted suppression,'' which makes certain values of data points
unavailable when a certain combination of values is held by too few
records. The Bureau stated that it might consider treating certain
values of data points as ``not available'' if the application is the
only small business application from a particular census tract. The
Bureau explained that targeted suppression can be applied in several
ways. One way would be to remove the value of a field that makes the
record identifiable. For example, if census tract and NAICS code
identify a record, the microdata could delete the value of the NAICS
code for any applications that are in cells deemed sensitive. A second
approach could leave the census tract and NAICS code but suppress the
values of other data points. This method would reduce the potential
harm if the record were re-identified. A third approach could be to
remove the record from the dataset entirely. The Bureau stated that, in
general, suppression is a more common approach for aggregate data than
for application-level data.
The Bureau noted that one drawback to targeted suppression is that
it complicates data analysis for end users. A data user would be
presented with millions of rows, but in certain rows and for certain
data points, values would be missing.\892\ Another identified drawback
is that suppression would need to be done so that the remaining
unmodified data do not provide a user with the ability to back out the
modified field, sometimes involving complementary suppression or
deleting values of other applications to ensure that the missing value
cannot be reengineered. The Bureau sought comment on whether targeted
suppression techniques could preserve the benefits of publishing
application-level data, and, if so, what the Bureau should consider as
the minimum cell size to implement targeted suppression.
---------------------------------------------------------------------------
\892\ Data users would need to understand the method behind the
modifications and plan analyses to account for the fact that the
suppressed data would necessarily not reflect all small business
loans in a given year.
---------------------------------------------------------------------------
The Bureau sought comment on other modification techniques, such as
``data swapping'' (sometimes called ``switching''). Data swapping
involves finding two records that are similar on several dimensions and
swapping the values for other data fields between the two records. In
effect, data swapping would require that the Bureau preserve certain
data fields while swapping others. The Bureau stated that another set
of techniques for addressing privacy risks for continuous data would
involve adding ``random noise'' to the reported values. For example,
under ``additive noise techniques,'' a random value is added to the
existing value of the data field. Under ``multiplicative noise
techniques,'' the true value is multiplied by a random value. The
Bureau sought comment on whether such techniques would preserve the
benefits of publication. The Bureau explained that a drawback to these
approaches is that data would be released with values that do not match
the true values of the underlying data.\893\ Data users would need to
take such modifications into account when performing any analyses.
---------------------------------------------------------------------------
\893\ For example, with respect to the amount applied for data
field, a recoding technique would release the values of the data
field in broad categories, for instance ``$100,000-$150,000.'' In
such case, the broader category provides less information but
reflects the true value of the underlying data. Noise addition, by
contrast, would involve the Bureau manipulating (in a standardized
and documented way) the actual values of loan amount. An
application's loan amount may be released as $85,000 in the public
dataset when the true value was $78,000.
---------------------------------------------------------------------------
Comments Received
Generally. With regard to how the Bureau stated its intention to
assess privacy risks that would inform modification and deletion
decisions, several community group commenters, a minority business
advocacy group, and several members of Congress urged the Bureau to
apply the NPRM's balancing test in favor of public disclosure and to
make available a robust dataset. According to some commenters, the fair
lending and business and community development purposes of section 1071
militate in favor of data transparency. A number of community and
business advocacy group commenters stated that if published application
level data are not robust, or if specific data points are not
disclosed, the dataset will not adequately reveal whether these
statutory purposes of section 1071 are being met. Several commenters
asserted that society's interest in tackling discrimination and closing
the racial wealth gap supported robust disclosure. A business advocacy
group stated that robust 1071 data would promote financial stability in
the economy, and cited insufficiently granular HMDA data as
contributing to the 2008 subprime financial crisis.
Some community group commenters and a software vendor urged the
Bureau not to delete or modify public application-level data because it
would undermine the statutory purposes of section 1071. The software
vendor stated that modifications or deletions may reduce the utility of
the data for no privacy benefit. Several commenters asserted that the
Bureau should only modify public 1071 data to protect the privacy
interests of small business applicants. A joint letter from community
and business advocacy groups agreed with the Bureau's statement that
litigation and reputational risks faced by financial institutions do
not justify excluding data from public disclosure.
On the other hand, several industry commenters urged the Bureau to
make modification and deletion decisions to protect the privacy of
financial institutions, applicants, and related natural persons. They
stated that protecting these privacy interests was consistent with the
statutory purposes of section 1071 because limiting disclosure would
increase credit access and lower credit costs to minority-owned and
women-owned small businesses.
Several industry, community group, and academic commenters
supported modification and deletion of application-level data, stating
that it could adequately address privacy risks posed by publication. A
trade association asserted that publishing certain data points in an
unedited, application-level format would increase the risk of applicant
re-identification. Another trade association supported the liberal use
of modification and deletion techniques to protect privacy interests of
lenders, small business applicants, and related natural persons. Some
commenters stated that the lack of reported incidents in which an
individual has been re-identified in HMDA data suggests that
modifications or deletions can reduce re-identification risks here
also.
Some commenters offered views about what data points would be
modified or deleted. Several suggested that data modifications or
deletions should be consistent with HMDA. According to these
commenters, the Bureau should ensure that any data deleted in the HMDA
dataset is also deleted in the 1071 dataset, including the unique
identifier, the application date, and the action taken date. A software
vendor stated that the Bureau should modify data points that reflect
gender identity or sexual orientation information, which could result
in persons being subject to physical harm. Several individual
commenters likewise suggested that LGBTQI+ persons face particular
privacy risks. A joint letter from community and business advocacy
[[Page 35475]]
groups stated that if the Bureau modifies 1071 data, it should do so on
a loan-by-loan basis because the modification of a particular data
field may not be necessary for all records in the dataset.
Aggregate data. The Bureau received no comments about how
differential privacy techniques may be applied to application-level
data. However, the Bureau did receive comments about aggregating 1071
data. Several industry commenters suggested that the Bureau publish
aggregate data, instead of an application-level dataset, to mitigate
privacy risks. One stated that aggregate data are sufficient to analyze
the business needs and credit access of applicants, including minority-
owned and women-owned small businesses. Another said that disclosing
aggregate data, as opposed to application-level data, would be
consistent with the practices of other agencies. Other industry
commenters stated that, while some 1071 data could be disclosed at the
application level, the Bureau should aggregate any data points that
present re-identification risk.
Recoding. Several community group commenters stated that if the
disclosure of 1071 data fields present significant privacy risks, the
Bureau should consider binning data or disclosing intervals of values.
For example, these commenters stated that when disclosing gross annual
revenue data, the Bureau could consider publishing data in $10,000
increments. One stated that binning would be appropriate as long as the
modified public 1071 dataset could satisfy the fair lending and
business and community development statutory purposes of section 1071.
Other commenters stated that the use of binning should be limited.
A community group and a software vendor stated that if the Bureau bins
data, it should ensure that the public 1071 dataset remains
sufficiently detailed to allow meaningful analysis. To demonstrate this
point, the community group asserted that the current CRA system of
combining all loans for businesses with revenue under $1 million does
not allow for analysis of small businesses within that range. The
software vendor cautioned that binning may not always be effective.
Other techniques. With respect to other modification techniques
discussed in the NPRM, a community group stated that data swapping and
targeted suppression would be appropriate as long as the modified
public 1071 dataset could satisfy the fair lending and business and
community development statutory purposes of section 1071. The Bureau
received no comments about other potential modification techniques.
Current Approach
The Bureau intends to consider modification and deletion techniques
as necessary to reduce cognizable privacy risks. The Bureau agrees with
comments that a robust public dataset will serve the statutory
objectives of section 1071.\894\ By extension, a public application-
level dataset with less detailed data or that omits certain data points
entirely would confer relatively less public benefit. These benefits
notwithstanding, in some cases modification and deletion decisions may
be appropriate to protect privacy interests. The statute empowers the
Bureau to modify or delete data, and the Bureau believes that
modifications or deletions may be appropriate in some circumstances to
reduce the cognizable privacy risks set forth above.
---------------------------------------------------------------------------
\894\ The Bureau lacks evidence to assess the comment that
published data would promote financial stability. If true, this
result would align with the Bureau's authorizing statute whose
purpose, in part, is to ``promote the financial stability of the
United States by improving accountability and transparency in the
financial system.'' Dodd-Frank Wall Street Reform and Consumer
Protection Act, Public Law 111-203, 124 Stat. 1376 (2010).
---------------------------------------------------------------------------
Modifications or deletions will not necessarily undermine the
utility of the published data or will not be futile because they will
not mitigate risks. With respect to the effectiveness of modifications
and deletion techniques, the Bureau points to the lack of reported
incidents in which an individual has been re-identified in public HMDA
data, which the Bureau modifies to reduce re-identification risk. The
Bureau concludes that targeted modification and deletion decisions can
adequately reduce privacy risks while preserving the utility of 1071
data, as is the case with HMDA data. Modifications and deletions may be
necessary, for example, in cases where unmodified application-level
data will likely lead to re-identification of small business applicants
or related natural persons. The Bureau will also consider modifications
and deletions to the public 1071 dataset when data fields, individually
or in combination with other data, pose cognizable privacy risks, as
discussed above.
After obtaining a full year of reported data and conducting a full
privacy analysis, the Bureau intends to make modification and deletion
decisions tailored for individual data points where appropriate. The
Bureau will not delete or modify data solely to align with HMDA
practice. Small business lending and mortgage lending are distinct
markets which face their own unique privacy risks, and re-
identification risk depends on the characteristics of particular data.
With respect to comments about modifying or deleting data that may
convey the gender identity or sexual orientation of applicants'
principal owners or other individuals that own or control applicants,
the Bureau views this as sensitive information that implicates
important personal privacy interests. While the Bureau is not making
modification and deletion decisions about this information prior to
conducting the full privacy analysis, it does intend to give
significant consideration to personal privacy interests. However, it
would not be feasible to make modification and deletion decisions on a
loan-by-loan basis, as one comment suggested.
Regarding feedback on specific modification techniques, the Bureau
does not intend to publish aggregate data instead of application-level
data. Aggregate datasets do not permit the detailed, application-level
analyses that best facilitate the fair lending enforcement and business
and community development purposes of section 1071. In addition, the
Bureau can adequately mitigate privacy risks through targeted
modification and deletions of individual data fields--it is not
necessary to avoid publication of all application-level data. While the
Bureau does not intend to publish aggregate data in place of an
application-level dataset, it anticipates releasing select aggregated
data before it publishes application-level data.
The Bureau sees recoding, including binning data or disclosing
intervals, as an appropriate modification technique to address privacy
risks that may be posed by public release of unmodified data. While the
Bureau is not making specific modification decisions at this time, it
intends to consider recoding data in a targeted manner that preserves
the utility of the public dataset. The Bureau also views other
modification techniques, including data swapping and targeted
suppression, as appropriate tools to address privacy risks. Finalizing
the exact tool set, however, will depend on securing a full year of
data and will be informed by continued engagement with stakeholders.
When exercising its discretion to modify or delete 1071 data, the
Bureau anticipates publishing data in a manner that reduces privacy
risks, in particular re-identification risk. If the Bureau determines
that it is necessary to modify an individual data point to address a
privacy risk, the Bureau intends to consider a range of modification
techniques, including, but not limited to, recoding, data swapping, and
[[Page 35476]]
targeted suppression. The Bureau intends to engage with stakeholders in
the future about these issues, including providing opportunities for
additional input as the Bureau considers its privacy analysis further.
6. Preliminary Privacy Assessment of Particular Data Fields
In the NPRM, the Bureau identified certain data fields that it
believed would need modification or deletion to appropriately protect
privacy interests, while taking account of disclosure benefits:
individual contact information at reporting financial institutions;
free-form text data, which occurs in a number of data fields; and the
unique identifier for each application. Beyond these specific fields,
the NPRM explained that the Bureau lacked data under section 1071 or
comparable proxies that it could use for its privacy risk assessment.
Accordingly, it did not suggest specific modifications and deletions
with respect to any other data.
In order to benefit from stakeholder engagement, however, the
Bureau did set forth some initial analysis on how it would apply the
NPRM's balancing test to the proposed data fields. With respect to each
such data field, whether individually or in combination with others,
the Bureau sought comments on: (1) whether there are additional
benefits of unmodified public disclosure in light of the purposes of
the statute; (2) whether disclosure in unmodified form would reveal
additional information that might be considered harmful or sensitive by
an applicant, related natural person, or financial institution; and (3)
whether disclosure in unmodified form would significantly contribute to
the risk that an applicant or related natural person might be re-
identified. The Bureau also sought comment on modification techniques
it could use, and whether deletion would be appropriate. Where no
specific technique was described with respect to particular data
points, the Bureau did not identify any obvious technique besides
potentially swapping, suppression, or deletion.
The Bureau received feedback on this initial analysis from a range
of commenters, including industry and community group commenters. The
Bureau has taken this feedback into consideration to refine its
analysis of the qualitative risks associated with disclosing particular
data fields in unmodified form, although, consistent with the above
analysis, the Bureau's assessment remains preliminary.\895\
---------------------------------------------------------------------------
\895\ The Bureau sought and received feedback about several data
points that it did not propose. As it is not adopting those data
points, it does not address privacy risks or modification techniques
associated with reporting them.
---------------------------------------------------------------------------
Overall, with the exceptions noted with respect to unique
identifier, free-form text, and individual contact information, for all
other finalized data points, the Bureau intends to further consider
whether modification techniques may be appropriate when it analyzes
reported data and conducts its full privacy analysis. In doing so, the
Bureau intends to take into account existing feedback, as well as
conducting ongoing engagement, about potential modifications as it
examines what modifications or deletions may be appropriate for these
fields. In addition, the Bureau is mindful of the statutory purposes of
section 1071 and will only modify or delete data to advance a privacy
interest.
i. Unique Identifier
Proposed Sec. 1002.107(a)(1) would have required financial
institutions to collect and report an alphanumeric identifier, starting
with the legal entity identifier of the financial institution, unique
within the financial institution to the specific covered application,
and which can be used to identify and retrieve the specific file or
files corresponding to the application for or extension of credit. As
discussed in the section-by-section analysis of Sec. 1002.107(a)(1),
the Bureau is finalizing this data point substantially as proposed.
In the NPRM, the Bureau stated that disclosing the unique
identifier in the 1071 data in unmodified form by itself would likely
disclose minimal, if any, information about an applicant or related
natural person that may be harmful or sensitive if such person were re-
identified, or that may be harmful or sensitive to an identified
financial institution. Section 1071 prohibits financial institutions
from including in 1071 records certain personally identifiable
information that directly identifies a natural person applicant or
someone connected with the applicant.\896\ In addition, the Bureau
proposed to prohibit financial institutions from reporting information
that would directly identify a small business. For these reasons, the
Bureau did not expect that the unique identifier would be considered
harmful or sensitive.
---------------------------------------------------------------------------
\896\ ECOA section 704B(e)(3).
---------------------------------------------------------------------------
With respect to re-identification risk, the NPRM noted that
although publicly available datasets do not presently include the
unique identifier data field, financial institution legal entity
identifiers are publicly available, and the Bureau was aware of rare
instances in which a loan number was included in UCC filings. In
addition, the Bureau noted that many jurisdictions publicly disclose
real estate transaction records in an identified form, and the Bureau
stated that many financial institutions may include loan numbers on
these publicly recorded documents.\897\
---------------------------------------------------------------------------
\897\ See 82 FR 44586, 44599 (Sept. 25, 2017); see also 84 FR
649, 660 (Jan. 31, 2019).
---------------------------------------------------------------------------
The Bureau stated that inclusion of the proposed unique identifier,
rather than application or loan numbers, would limit the possibility of
using an application or loan number to match 1071 data to those
publicly recorded documents, thus reducing risk of re-identification.
However, the Bureau acknowledged that there is a risk that, after
financial institutions begin to report data under section 1071, they
may replace the loan numbers currently assigned to small business loans
with the unique identifier and, if they do, the unique identifier could
be included on publicly recorded documents. Considering the uniqueness
of the identifiers, the Bureau reasoned that this data field on a
publicly recorded document could be used to match a 1071 record to an
identified public record directly and reliably.
In light of these potential re-identification risks, the Bureau
stated that it did not intend to publish the unique identifier data
field in unmodified form. The Bureau sought comment on whether there
are modifications to the unique identifier data field that would
appropriately balance identified privacy risks and disclosure benefits.
The Bureau stated that it was considering the feasibility of disclosing
a separate unique identifier that the Bureau could create. The Bureau
also considered deleting the data field from the public application-
level data, but sought comment on whether such deletion would create
challenges for users of the data and, if so, how the Bureau could
address those challenges other than by creating a separate unique
identifier. The Bureau sought comment on this analysis as well as its
intent not to publish the unique identifier in unmodified form.
An academic research and policy organization agreed with the
Bureau's initial analysis, noting that public HMDA data do not include
a unique identifier. Several industry commenters stated that, because
lenders are allowed to use their own internal account numbers and
therefore the unique identifier may include a loan number or account
number, the data point in combination with the financial
[[Page 35477]]
institution's name provides substantial opportunity for fraud. Because
of the privacy risks discussed above, most of these commenters
supported the Bureau's suggestion not to publish the unmodified unique
identifier field. A CDFI lender stated that the Bureau should consider
publishing a modified identifier or a separate one created by the
Bureau.
After considering these comments, the Bureau intends not to publish
the unique identifier data field in an unmodified form. Although it has
not yet conducted a full re-identification analysis for the 1071 data,
the Bureau agrees with the re-identification risks raised by
commenters. The universal loan identifier for HMDA data, which is
similar to the unique identifier, is not published because of the re-
identification risk that it poses.\898\ While HMDA publication
practices are not dispositive here, the Bureau draws upon its
experience implementing HMDA and Regulation C where appropriate, and it
does so here.
---------------------------------------------------------------------------
\898\ See 84 FR 649, 660 (Jan. 31, 2019).
---------------------------------------------------------------------------
At this time, the Bureau has not decided whether to publish public
application-level data without any unique identifier information,
disclose instead a separate unique identifier created by the Bureau for
this purpose, or employ some other modification. The Bureau will
consider what modification or deletion techniques may be appropriate
when it analyzes application-level data and conducts its full privacy
analysis.
ii. Application Date
Proposed Sec. 1002.107(a)(2) would have required financial
institutions to collect and report the date the covered application was
received by the financial institution or the date shown on a paper or
electronic application form. As discussed in the section-by-section
analysis of Sec. 1002.107(a)(2), the Bureau is finalizing this data
point with modifications such that financial institutions must collect
and report the date the covered application was received or shown on a
paper or electronic application form.
The NPRM stated that, by itself, disclosing application date in
unmodified form would likely disclose minimal, if any, information
about an applicant or related natural person that may be harmful or
sensitive if such person were re-identified, or that may be harmful or
sensitive to an identified financial institution. The Bureau noted that
an adversary such as a competitor may conceivably find it helpful to
understand when a business is seeking credit. In addition, marketers
and creditors could use this information to target products to entities
recently in the market for credit, either to deploy new funds or to
refinance out of a current loan. However, the Bureau did not believe
that disclosing the application date would otherwise disclose sensitive
information about a small business or its owner. The Bureau also
reasoned that any utility of this data field for such purposes would be
curtailed by the time to publication.
The Bureau was not able to identify publicly available datasets
that include data fields an adversary could directly match to the
application date field. However, the Bureau acknowledged that an
adversary may be able to infer a likely origination date based on
typical time lags between application, credit decision, and
origination, potentially enabling matching to other datasets that
record these later dates. The Bureau stated that, if it determined that
application date should be modified, it may consider disclosing the
application date at a higher level; for example, disclosing the month
and year but not the specific date. In light of the potential re-
identification risk arising from this data field, the Bureau sought
comment on whether there are other specific modifications it should
consider, and whether it should consider deletion outright.
Several commenters provided feedback on the Bureau's analysis. In
supporting disclosure of the application date field, a community group
stated that it would promote understanding of small business lending.
However, an academic research and policy organization asserted that
disclosure of application date would pose re-identification risk to
applicants and noted that HMDA does not disclose application date. This
commenter, along with a group of trade associations, urged the Bureau
not to publish the application date field to ensure consistency between
1071 and HMDA.
As discussed in part VIII.B.3 above, the Bureau views the
disclosure of application date as having significant benefits. This
preliminary assessment is consistent with feedback that publication of
application date would promote understanding about small business
lending. The Bureau's preliminary assessment is that the application
date field does not pose re-identification risks such that the Bureau
should modify or delete it before publication. Commenters supporting
such modification or deletion did not provide additional evidence of
re-identification risk that would alter the partial privacy analysis
described above. The Bureau also preliminarily assesses that this
unmodified data field would present limited privacy risk if re-
identification occurred.
iii. Application Method and Application Recipient
Proposed Sec. 1002.107(a)(3) would have required financial
institutions to collect and report the means by which the applicant
submitted the covered application directly or indirectly to the
financial institution. A financial institution would have reported
whether the applicant submitted the application in person, by
telephone, by mail, or online. Proposed Sec. 1002.107(a)(4) would have
required financial institutions to collect and report whether the
applicant submitted the covered application directly to the financial
institution or its affiliate, or whether the applicant submitted the
covered application directly or indirectly to the financial
institution. As discussed in the section-by-section analyses of Sec.
1002.107(a)(3) and (4), the Bureau is finalizing these data points as
proposed, with certain modifications to related commentary.
In the NPRM, the Bureau stated that disclosing application method
and whether the application was submitted directly or indirectly, in
unmodified form, would likely disclose minimal, if any, information
about an applicant or related natural person that may be harmful or
sensitive if such person were re-identified. The Bureau reasoned that
the application method is likely to be of relatively limited utility to
an adversary because it conveys little information about a natural
person or a business's financial condition. While adversaries
interested in targeted marketing could direct future marketing efforts
to a business using the same application channel, the Bureau noted that
marketing firms already possess strategic information about methods for
establishing contact. Unmodified disclosure of application method and
whether the application was submitted indirectly may reveal information
that financial institutions regard as harmful or sensitive, but the
Bureau did not believe that disclosure would permit the reverse-
engineering of a financial institution's proprietary lending models.
The Bureau was not able to identify publicly available datasets
that include data fields an adversary could directly match to the
application method or application recipient data fields. While the
Bureau's HMDA data and the Government-Sponsored Enterprises loan-level
datasets include acquisition channel information in loan-level data,
the Bureau stated that these datasets do
[[Page 35478]]
not identify applicants or related natural persons. However, the Bureau
sought comment on whether there are other identifiable application/
loan-level datasets that include this information or whether HMDA data
or the Government-Sponsored Enterprises loan-level datasets could be
matched to other identifiable datasets.
The Bureau received two comments from trade associations on this
analysis. These questioned whether publishing the application method
and application recipient fields would provide disclosure benefits
related to section 1071's statutory purposes. One stated that lenders'
methods for receiving applications are strategic business decisions and
disclosing this information will cause financial institutions to suffer
commercial harm.
As discussed above in part VIII.B.3, the Bureau views these data
fields as having significant disclosure benefits. The Bureau does not
see disclosure causing significant commercial harm to financial
institutions. Disclosure of application method and application
recipient data would not permit the reverse-engineering of proprietary
lending models. Accordingly, the Bureau preliminarily assesses that
disclosing these data fields in unmodified form would present limited
privacy risk if re-identification occurred.
iv. Credit Type
Proposed Sec. 1002.107(a)(5) would have required financial
institutions to collect and report to the Bureau certain information
about the type of credit applied for or originated. The proposal would
have required financial institutions to report three categories of
information that together constitute the type of credit. First, the
proposal would have required financial institutions to report the type
of credit product. Second, the proposal would have required financial
institutions to report the type or types of guarantees that were
obtained for an extension of credit, or that would have been obtained
if the covered credit transaction had been originated. Third, the
proposal would have required financial institutions to report the
length of the loan term, in months, if applicable. As discussed in the
section-by-section analysis of Sec. 1002.107(a)(5), the Bureau is
finalizing this data point as proposed, with revisions to the related
commentary.
The NPRM stated that data on type of credit product, type of
guarantee, and loan term could disclose information that may be harmful
or sensitive to applicants or related natural persons. It also stated
that a business's competitors could use these data fields--in
conjunction with the loan amount and pricing data fields--to draw
inferences about the business's financial condition based on whether
the business obtained credit on favorable or unfavorable terms. Type of
guarantee data could indicate heightened credit risk for the
applicant.\899\ Credit type data also could be used for targeted
marketing of products and services that may pose risks.
---------------------------------------------------------------------------
\899\ For example, the ``SBA guarantee--7(a) program'' data
field is intended for businesses that have been unsuccessfully
applying for credit or have had some other difficulty in accessing
credit.
---------------------------------------------------------------------------
The Bureau further stated that disclosure of these data fields in
unmodified form may reveal information that financial institutions
regard as harmful or sensitive, such as the types of products they
offer or the government programs in which they participate. However,
the Bureau did not expect disclosure of these data fields to permit the
reverse-engineering of proprietary lending models. Furthermore, the
Bureau stated that general information about the types of credit a
financial institution is offering is already widely available.
The Bureau was aware that certain identified datasets include
application-level information on the type of credit product, type of
guarantee, or loan term. Government lending programs, such as the SBA's
7(a) and 504 programs, publish loan-level data that indicate the term
of the loan and whether the loan is a term loan or a line of credit. In
some States, UCC filings may include some information related to the
type of collateral. In the NPRM, the Bureau stated that the existing
public availability of this information decreased the potential harm or
sensitivity of disclosing information about the type of credit product,
type of guarantee, and loan term in the 1071 data. By the same token,
however, the Bureau recognized that an adversary could use these other
datasets, combined with other fields, to match a section 1071 record to
an identified publicly available record.
If it determined that modifications were ultimately needed, the
Bureau identified a number of possible approaches. The Bureau could
disclose ``Federal guarantee'' instead of disclosing the specific
program. Similarly, the Bureau could recode loan term data into bins--
for example, using intervals of two or five years.
The Bureau received feedback from two community group commenters.
One stated that publication of credit type data would promote
understanding of small business lending. The other stated that
combining loans from different Federal government guarantee programs
into a single category for publication would not reduce the utility of
1071 data. The commenter also stated that if the Bureau recodes length
of the loan term data into bins, the Bureau should test those bins to
ensure that the recoded data are useful to users.
Based on its earlier analysis and from the comments received, the
Bureau assesses that disclosing credit type data in unmodified form may
present significant privacy risks if re-identification occurred. For
example, the Bureau believes that these data could result in non-
personal commercial privacy risks to small businesses, including
revealing sensitive financial information or facilitating problematic
targeted marketing. However, the Bureau does not identify any
compelling privacy risks to financial institutions.
v. Credit Purpose
Proposed Sec. 1002.107(a)(6) would have required financial
institutions to collect and report the purpose or purposes of the
credit applied for or originated. As discussed in the section-by-
section analysis of Sec. 1002.107(a)(6), the Bureau is finalizing this
data point with modifications.
The NPRM stated that disclosing credit purpose in unmodified form
by itself would likely disclose minimal, if any, information about an
applicant or related natural person that may be harmful or sensitive if
such person were re-identified, or that may be harmful or sensitive to
an identified financial institution. It noted that information about
credit purpose could be useful to adversaries such as a small
business's competitors, potential acquirers, or new market entrants,
since it contains information about a business's strategy and
performance, such as whether a business is expanding. Even so, this
information would generally not be detailed enough to cause competitive
harm, and its competitive value would likely be mitigated by time to
publication.
The Bureau did not identify publicly available datasets that
include data fields an adversary could directly match to the credit
purpose data fields in unmodified form in the public application-level
data with respect to an applicant or related natural person. The Bureau
stated that identified public datasets pertaining to small business
loans generally do not contain information about the purpose of the
credit. Therefore, the Bureau reasoned that an adversary would have
difficulty
[[Page 35479]]
using the credit purpose data fields to match a section 1071 record to
an identified publicly available record accurately.
The Bureau stated that disclosure of credit purpose in unmodified
form may also reveal information that financial institutions regard as
harmful or sensitive, such as information that a financial institution
offers credit that is used for certain purposes. However, the Bureau
did not identify reasons that disclosure would permit reverse-
engineering of proprietary lending models.
Several lenders and one trade association provided feedback. These
commenters generally stated that credit purpose data created privacy
risks for small business applicants. For example, one commenter stated
that if re-identification occurred, credit purpose data could reveal
confidential commercial information, such as plans for business
acquisitions or expansions. As discussed in the NPRM, the Bureau
acknowledges that credit purpose data contains information about a
business's strategy and performance. However, the Bureau does not view
this information as posing a significant risk of harm because of its
relative lack of detail and the delay between the date of action taken
on a loan and the publication of 1071 data. Commenters did not offer
evidence to the contrary. Commenters also did not offer evidence that
indicates that this data point presents significant re-identification
risks.
Accordingly, the Bureau preliminarily assesses that disclosing
credit purpose data in unmodified form would present limited privacy
risk.
vi. Amount Applied For
Proposed Sec. 1002.107(a)(7) would have required financial
institutions to collect and report to the Bureau the initial amount of
credit or the initial credit limit requested by the applicant. As
discussed in the section-by-section analysis of Sec. 1002.107(a)(7),
the Bureau is finalizing the amount applied for data point as proposed.
The NPRM stated that disclosing this data field in unmodified form
would likely disclose information about an applicant or related natural
person that may be harmful or sensitive if such person were re-
identified. Business owners might view details about the amount applied
for as sensitive, particularly where they are concerned about the risk
of being re-identified as an applicant for credit. The Bureau also
noted that were re-identification to occur, the amount applied for
could lead to targeted marketing of products or services that pose
risks because it could help lenders target small businesses that
received less credit than they requested with offers for loans at
higher rates or fees. The Bureau stated that the amount applied for is
generally not included in other publicly available data, so it would
likely not be useful to adversaries seeking to match 1071 data with
other publicly available data. However, the Bureau believed that amount
applied for would be useful to an adversary in other ways. For example,
a significant shortfall between the amount applied for and the amount
approved could be used either by an applicant's competitor or by a
consumer to infer that the business has a relatively weak financial
position. With information on whether or not a business is granted a
loan, an adversary might gain insight into the scale of a business's
objectives based on the amount applied for or approved. The Bureau also
noted that the relative scarcity of this information at present would
also increase its value to adversaries. As an additional consideration,
the Bureau saw no reason that disclosure would permit the reverse-
engineering of proprietary lending models.
The Bureau received comments from several industry commenters and a
community group. A group of trade associations stated that if a small
business applicant is re-identified, disclosing the amount applied for
could reveal information about the financial status of that small
business that could harm its prospects for credit. Several industry
commenters expressed concern that data about the amount applied for
would create privacy risks for small business applicants by revealing
confidential information, such as plans for business acquisitions or
expansions. Another commenter stated that disclosing the amount applied
for can create privacy risks for financial institutions. This commenter
noted that the amounts applicants apply for can be arbitrary and,
therefore, comparing these amounts to any amounts approved could be
misleading and not a reliable metric for whether credit demand is met.
The Bureau stated that if it determined that the amount applied for
should be modified, it may consider recoding the data into bins. For
example, the Bureau could recode the amount applied for into bins of
$25,000. In response, a community group stated that the Bureau could
recode the amount applied for into bins that use the mid-point of
$10,000 intervals. As noted by the commenter, HMDA utilizes this
technique, and, according to the commenter, it would be sufficient for
privacy purposes while producing more accurate data.
After reviewing these comments, the Bureau assesses that disclosing
this data field may create some privacy risk where small business
applicants and related natural persons face re-identification risk that
could reveal non-public commercial information, such as an application
for credit or business acquisition or expansion plans. Further, to the
extent that this data point, combined with the amount approved or
originated data point, indicates business difficulties, this could
impact the reputational interests of small businesses and their owners.
The Bureau also assesses that in some circumstances disclosing amount
applied for could disclose personal information about an applicant or
related natural person that would be harmful or sensitive if such
person were re-identified. Comments asserting privacy risks for
financial institutions, however, provided no compelling evidence of
privacy risk to alter the NPRM analysis on point.
vii. Amount Approved or Originated
Proposed Sec. 1002.107(a)(8) would have required financial
institutions to collect and report to the Bureau: (i) for an
application for a closed-end credit transaction that is approved but
not accepted, the amount approved by the financial institution; or (ii)
for a closed-end credit transaction that is originated, the amount of
credit originated; or (iii) for an application for an open-end credit
transaction that is originated or approved but not accepted, the amount
of the credit limit approved. As discussed in the section-by-section
analysis of Sec. 1002.107(8), the Bureau is finalizing the amount
approved or originated data point as proposed.
The NPRM stated that disclosing this data in unmodified form would
likely disclose information about an applicant or related natural
person that might be harmful or sensitive if such person were re-
identified, or that might be harmful or sensitive to an identified
financial institution. The Bureau stated that information about the
amount approved or originated could be useful to potential adversaries.
For example, these data fields would provide creditors some insight
into competitors' lending practices, particularly when combined with
other data points such as gross annual revenue, number of workers, time
in business, and pricing. Likewise, these data might allow creditors to
make general inferences about the relative risk appetites of their
competitors. However, the Bureau did not see any reason that disclosure
[[Page 35480]]
would permit the reverse-engineering of proprietary lending models.
The Bureau stated that it had identified publicly available
datasets that include data fields an adversary could directly match to
the amount approved or originated data fields in unmodified form.
Credit amount approved or originated is often widely available in
public datasets, such as loan-level data for the SBA 7(a) and 504
programs, as well as property records and UCC filings. The Bureau
accordingly stated that adversaries would be able to match the amount
of credit approved or originated to an existing public record. The
Bureau further stated that if it determined that the amount approved or
originated should be modified, it may consider recoding.
The Bureau received comments from several industry and community
group commenters. The community groups generally supported publishing
these data fields. Several industry commenters disagreed. Two such
commenters stated that if re-identification occurred, the amount
approved or originated could harm small business applicants by
disclosing information about business expansions or acquisitions. A
community group stated that the Bureau could recode the amount applied
for into bins that use the mid-point of $10,000 intervals. As the
commenter noted, HMDA utilizes this technique and, according to the
commenter, it would be sufficient for privacy purposes while producing
more accurate data.
After reviewing these comments, the Bureau preliminarily assesses
that disclosing amount approved or originated data in unmodified form
may present significant privacy risk if re-identification occurred. In
some circumstances disclosing amount approved or originated could
disclose personal information about an applicant or related natural
person that would be harmful or sensitive if such person were re-
identified. For example, because amount approved or originated was
found in publicly available datasets, in combination with information
about the amount applied for, this data could facilitate targeted
marketing of higher interest or predatory credit products. This
combination of data could also have reputational impacts on small
business applicants and related natural persons. The Bureau does not
see any reason, however, that this data field will create compelling
privacy risks for financial institutions.
viii. Type of Action Taken and Denial Reasons
Proposed Sec. 1002.107(a)(9) and (11) would have required
financial institutions to collect and report to the Bureau the action
taken by the financial institution on the covered application, and for
denied applications, the principal reason or reasons the financial
institution denied the covered application. As discussed in the
section-by-section analysis of Sec. 1002.107(a)(9) and (11), the
Bureau is finalizing these data points as proposed.
The NPRM stated that reasons for denial data could be harmful or
sensitive for applicants or related natural persons. However, the
Bureau did not believe disclosing the fact that credit was sought, in
and of itself, likely would be harmful or sensitive to small businesses
because credit is so widely used by small businesses. Further, the harm
or sensitivity of disclosing information that credit was originated is
mitigated by the publication of originated loan details in other
databases such as UCC filings. Additionally, the Bureau did not assess
that disclosure of action taken would permit the reverse-engineering of
proprietary lending models.
The Bureau had not identified publicly available datasets that
include data fields an adversary could directly match to these data
fields in unmodified form. At a category level, however, the Bureau
noted that these data fields could tell adversaries which records it
may be possible to match against databases that include originated
loans. The Bureau stated that most of these data fields included in
this data point are not found in publicly available records that
contain the identity of an applicant; the only data field that would be
consistently available would be for originated loans. Without such an
identified publicly available record to match with, attempting to re-
identify an applicant by matching a 1071 record using these data fields
likely would be difficult. However, the Bureau stated that adversaries
may be able to use other data fields, such as census tract, NAICS code,
and identified public information, such as business directories, to
determine the identity of an applicant or related natural person. Thus,
if applicants and related natural persons could be re-identified, an
adversary could learn information about application denials for these
businesses and use this information for a variety of purposes.
The Bureau sought comment on this analysis, specifically in light
of potential harm and sensitivity arising from the disclosure of
application denials and the reasons for denial, whether there are
specific modification techniques that should be considered, and whether
modifying these data fields by grouping or deleting these data fields
would appropriately balance the privacy risks and benefits of
disclosure, in light of the purposes of section 1071.
Community group commenters stated that the Bureau should publish
data about action taken, including whether the loan was approved or
denied or whether it was withdrawn or left incomplete. One stated their
opposition to deleting action taken categories such as ``denied,''
``incomplete,'' or ``approved but not accepted,'' stating that such
data are fundamental to the fair lending purpose of the statute.
Several stated that publishing data on denial reasons would promote
fair lending and business and community development objectives by
helping lenders and policymakers assess whether creditors are denied
credit for legitimate reasons. An industry commenter said that action
taken data may also be misleading in the context of agricultural loans
because not all creditworthy applicants are eligible for loans through
the Farm Credit System.
Other trade associations and a lender commented that disclosure of
action taken could cause commercial or competitive harms to applicants
and related natural persons. These commenters specifically noted that
data about the action taken could reveal information about a business's
financial status, or acquisition or expansion plans. Other commenters
stated that including denial reasons in 1071 data, without including
contextual information surrounding individual credit decisions, would
result in unjustified reputational or litigation harm to smaller
financial institutions, which originate a lower loan volume--possibly
resulting in more pronounced statistical aberrations that could be
erroneously interpreted as discrimination.
In response to the Bureau's request for comment about whether these
data should be modified or deleted from the public dataset, a community
group stated that the Bureau should not modify or delete these fields
because they are fundamental to the fair lending purposes of the
statute. The commenter further noted that for decades, and without
adverse consequences, HMDA has included information on whether an
application for credit was originated, approved but not accepted,
denied, withdrawn by the applicant, or incomplete. This commenter
stated that if the Bureau found it necessary to
[[Page 35481]]
modify this data field, a higher level of disclosure that included
reasons of denial by category of business and for groupings of census
tracts could achieve important fair lending and community development
objectives.
As discussed above in part VIII.B.3, the Bureau views these data
fields as having significant disclosure benefits. Commenters did not
offer compelling evidence that disclosure of action taken, in and of
itself, would reveal information about a small business applicant's
financial status or strategic plans also lacked evidentiary
support.\900\ If re-identification were to occur, however, information
about an application for credit being denied could have detrimental
impacts to applicants or related natural persons when personal credit
qualifications are used in making credit decisions, including personal
embarrassment. Likewise, re-identification could cause non-personal
commercial harm to small businesses. Accordingly, the Bureau
preliminarily assesses that disclosing these data fields in unmodified
form may present significant privacy risk if re-identification
occurred.
---------------------------------------------------------------------------
\900\ When the Bureau previously assessed whether to include
action taken and denial reasons in HMDA loan-level public data, it
concluded that modification was unnecessary 84 FR 649, 658 (Jan. 31,
2019). The Bureau articulated its decision that ``action taken and
reasons for denial'' would be disclosed without modification.
---------------------------------------------------------------------------
ix. Action Taken Date
Proposed Sec. 1002.107(a)(10) would have required financial
institutions to collect and report the date of the action taken by the
financial institution. As discussed in the section-by-section analysis
of Sec. 1002.107(10), the Bureau is finalizing this data point as
proposed.
The Bureau stated that disclosing action taken date in the 1071
data in unmodified form would likely disclose minimal, if any,
information about an applicant or related natural person that may be
harmful or sensitive if such person were re-identified, or that may be
harmful or sensitive to an identified financial institution. The NPRM
noted that publicly available datasets include data fields an adversary
could directly match to the action taken date data field in unmodified
form in the public application-level data with respect to an applicant
or related natural person. Public availability of this data depends on
the type of action taken. The approval date of originated loans is
widely available in SBA 7(a), 504, and other program loan-level records
that identify borrowers, and the date of executed agreements, which
could be closely related to the action taken date, is often available
for property records and UCC filings. For originated loans, therefore,
the action taken date would substantially facilitate matching with
publicly available datasets that identify borrowers. The Bureau also
stated that action taken date may be less useful in re-identifying
applicants of loans that were not originated because the action taken
date for such loans is rarely publicly available.
The Bureau stated that if it ultimately determined that the action
taken date should be modified for publication, it may consider
disclosing at a higher level, such as month instead of a specific date.
The Bureau sought comment on this analysis, including about whether
there are specific modifications it should consider, and whether
deletion would better balance the risks and benefits of disclosure.
In response, a group of trade associations stated that the Bureau
should not disclose the action taken date, noting that this information
is not published in HMDA data. This commenter expressed a concern that
publishing the action taken date when the same data point is deleted or
modified in HMDA public data would constitute inconsistent treatment
without adequate explanation. The Bureau disagrees that it should omit
action taken date from the public 1071 data simply to ensure
consistency between this final rule and HMDA. Commenters did not
provide additional evidence related to re-identification risk.
Commenters did not provide additional evidence related to re-
identification risk that would alter the initial assessment provided in
the NPRM. In addition, the Bureau preliminarily assesses that the
action taken date would present limited privacy risk if re-
identification occurred. This data field presents minimal, if any,
personal information about an applicant or related natural person that
would be harmful or sensitive if such person were re-identified. The
Bureau also does not believe publication of these data would result in
non-personal commercial privacy risks to small businesses being
disclosed. The Bureau also identifies no compelling privacy risks to
financial institutions.
x. Pricing Information
Proposed Sec. 1002.107(a)(12) would have required financial
institutions to collect and report to the Bureau the following
information, where applicable, regarding the pricing of a covered
credit transaction that is originated, or approved but not accepted:
(i) the interest rate; (ii) total origination charges; (iii) broker
fees; (iv) initial annual charges; (v) additional costs for merchant
cash advances or other sales-based financing; and (vi) prepayment
penalties. As discussed in the section-by-section analysis of Sec.
1002.107(a)(12), the Bureau is finalizing the pricing information data
point largely as proposed.
The NPRM stated that information about the interest rates and fees
charged in connection with credit represents basic information about
the features of a product generally and would present low risk of harm
or sensitivity. It further noted that disclosure of pricing data in
unmodified form may reveal information that some applicants or related
natural persons may regard as harmful or sensitive, such as a
reflection of their perceived credit risk. However, the Bureau also
reported that it had received feedback during the SBREFA process that
multiple factors contribute to pricing for small business credit. While
the Bureau further stated that disclosure of pricing data in unmodified
form may also reveal information that financial institutions regard as
harmful or sensitive, the NPRM did not identify evidence that
disclosure of pricing information would permit the reverse-engineering
of proprietary lending models.
The NPRM also noted that publicly available datasets include data
fields an adversary could directly match to the pricing data fields in
unmodified form. Identified data about the interest rate and fees
charged for a given loan are available from a limited number of
publicly available datasets, such as data for the SBA 7(a) and 504
programs. The Bureau further stated that, if it were to determine that
pricing data should be modified, it may consider recoding the pricing
information data fields into bins, such as interest rates bins of 0.25
percentage points or origination fee bins of $500; and it also noted
that it could consider top-coding pricing data.
The Bureau received feedback from a range of commenters. Community
groups and some others generally agreed that publishing pricing
information would serve the objectives of section 1071. These
commenters saw pricing information as necessary to monitor loan
affordability and assess lending in underserved communities. A software
vendor stated that publishing pricing information will improve
competition and pricing efficiency by allowing applicants to compare
credit costs offered by financial institutions. However, industry
commenters stated that pricing information would have limited benefits.
Two lenders stated that
[[Page 35482]]
pricing information is not meaningful because it is based on a complex
set of factors that is unique to each transaction. A trade association
stated that pricing information in small business lending would have
little benefit compared to loan pricing data in HMDA because, unlike
consumer mortgage data reported in HMDA, commercial data that would be
reported in the 1071 dataset is not standardized or uniform. Others
said that pricing information has a high risk of being misinterpreted.
Several lenders also stated that small businesses would have
privacy concerns if pricing information on their loans was made public.
Two industry commenters stated that pricing information would create
re-identification risk, particularly in smaller and rural areas.
Another stated that farm loans present risks because such credit may be
extended in small markets with few customers which could increase the
possibility of re-identification of small business applicants or
related natural persons. Several other industry commenters said that if
re-identification were to occur, the publication of pricing data
information would create competitive risks for small businesses. One
said that this risk is particularly high in smaller communities where
it is possible to use published information to reveal pricing
information about individuals. Others stated that privacy risks are
especially potent for sole proprietorships because those entities'
pricing may be largely based on owners' individual credit performance
and personal information. A group of trade associations commented that
pricing information was the most sensitive data point and it could
reveal sensitive competitive information that would place businesses at
a substantial competitive disadvantage. Regarding non-personal
commercial harms to small business applicants, some industry commenters
aid that disclosing pricing information in 1071 data would cause some
financial institutions to limit their lending to reduce reputational or
litigation risk.
Other commenters addressed the risk of harm or sensitivity to
financial institutions. Some industry commenters stated that publishing
pricing data will create competitive risks for financial institutions
by revealing pricing models for small business loans, potentially
allowing competitors to undercut pricing. Two agricultural lenders
commented that rural financial institutions in markets with few
customers face unique risks and that they may lose customers to larger
financial institutions or online lenders that have larger customer
bases and thus lower re-identification risk. Several other industry
commenters stated that publishing pricing information would carry
reputational and competitive risks for financial institutions. Some
commenters were concerned that pricing information would not capture
the full context of credit decisions, risking misconceptions about the
underlying rationale for pricing and creating illusory disparities in
credit terms. A bank trade association stated that comparing pricing
information between different types of financial institutions can be
misleading and may result in reputational harm because certain lenders
like credit unions and farm credit system lenders receive tax or
funding advantages to offer lower interest rates. Other commenters
noted the risk of reputational harm from patronage dividends in
agricultural lending not being accounted for in disclosed pricing.
Other commenters asserted that disclosure of pricing information in
1071 data could create litigation risk for financial institutions.
Several commenters said that if regulators utilize pricing information
to analyze for fair lending without taking into account all variables
that went into underwriting, incorrect analyses could result in
unwarranted allegations of discrimination. A bank said that litigation
risk based on these misconceptions may be particularly high for smaller
banks that originate fewer loans because the lower volume could result
in greater variation in pricing information.
The Bureau also sought comment on whether pricing information, if
published, should be modified, and if so, what modification or deletion
techniques would preserve the benefits of the public application-level
data. A number of lenders and trade associations stated that pricing
information should not be published at all because of privacy risks.
Other commenters suggested modifications. A trade association stated
that published pricing information should be limited to interest rates
and origination fees. This commenter also supported disclosing pricing
information in bins to protect privacy without harming data utility. In
contrast, a community group opposed recoding interest rates or
origination fees because that might mask lending disparities, thereby
hindering fair lending enforcement.
As discussed in part VIII.B.3, the Bureau views pricing information
as having significant disclosure benefits. In light of the re-
identification risks discussed above, the Bureau appreciates
commenters' concerns that if re-identification were to occur, the
disclosure of pricing information in the public application-level data
could pose significant risk to sole proprietors for whom underwriting
could be based on personal credit performance. The Bureau also
recognizes that re-identification, if it occurred, could exacerbate
privacy risks, including personal privacy risks, presented by other
data fields in the dataset. Additionally, re-identification could
create a risk of non-personal commercial harms for applicants,
particularly in small or rural communities when combined with other
data fields like census tract or NAICS code. The Bureau acknowledges
commenters' concerns about potential risk of harm or sensitivity to
financial institutions, including reputation and litigation risks
resulting from possible misinterpretations of published pricing
information. However, the Bureau does not view privacy risks to
financial institutions as compelling enough to justify exclusion of the
data field. As discussed in part VIII.B.4, by mitigating re-
identification risk, other potential risks and harms, including those
faced by financial institutions, will also be mitigated.
The Bureau preliminarily assesses that some modification techniques
may be appropriate when publishing pricing information. Potential
modifications that the Bureau could consider include binning data or
top-coding pricing data fields. However, the Bureau is mindful that
modifying pricing information too much could mask discriminatory
pricing practices, thus hindering fair lending analyses. Similarly,
such modifications could hinder identification of community development
needs and opportunities.
xi. Census Tract
Proposed Sec. 1002.107(a)(13) would have required financial
institutions to collect and report the census tract containing the
address or location where the proceeds of the credit applied for or
originated will be or would have been principally applied; or if this
information is unknown, the tract containing the address or location of
the main office or headquarters of the applicant; or if this
information is also unknown, the tract containing another address or
location associated with the applicant. In addition to reporting the
census tract, the financial institution would have been required to
indicate which one of these three types of addresses or locations the
census tract is based on. As discussed above in the section-by-section
analysis of
[[Page 35483]]
Sec. 1002.107(a)(13), the Bureau is finalizing this data point as
proposed.
The NPRM observed that the census tract itself would likely
disclose minimal, if any, information about an applicant or related
natural person that may be harmful or sensitive if such person were re-
identified, or that may be harmful or sensitive to an identified
financial institution. The Bureau acknowledged that for sole
proprietors, the main office is often a home address, but it noted that
the applicant's actual street address would not be reported to the
Bureau. The Bureau also noted that small businesses commonly make their
locations available in the normal course of business--for example, to
reach prospective customers.
The Bureau stated that if the address reflects where the proceeds
of the credit will be or would have been principally applied,
disclosing the census tract may reveal some information about an
applicant's business strategy, particularly if paired with the loan
purpose data field. For example, the Bureau stated that the data could
indicate that a small business is pursuing or was pursuing an expansion
to a particular location. However, the Bureau believed the value of
this information to a small business's competitors is likely mitigated
by the time to publication. The Bureau stated that disclosure of the
census tract in unmodified form may also reveal information that
financial institutions regard as harmful or sensitive, such as a
financial institution's trade area. However, the Bureau did not
conclude that disclosure would permit the reverse-engineering of a
financial institution's proprietary lending models.
The Bureau identified publicly available datasets that include data
fields an adversary could directly match to the census tract data field
in unmodified form in the public application-level data with respect to
an applicant or related natural person. The Bureau expected that, in
most cases, the census tract that financial institutions would report
to the Bureau would be based on the address or location of the main
office or headquarters of the applicant, either because that is where
the proceeds of the credit will be applied, or because the financial
institution does not know the location or address where the proceeds of
the credit will be applied but does know the applicant's main office or
headquarters address. The Bureau also observed that, for many small
businesses, this address or location is likely to be publicly available
from sources such as the business's website and review websites.
Information about a business's location is also likely available from
loan-level data for public loan programs as well as from private
datasets, such as from data brokers. Therefore, in many cases, the
Bureau expected that an adversary could use the census tract data
fields, combined with other fields, to match a section 1071 record to
an identified publicly available record. The Bureau also sought comment
on whether disclosing county, State, or some other geographic
identifier--rather than the census tract--would affect the benefits of
disclosure, the potential for harm or sensitivity, and the potential
for re-identification of applicants or related natural persons.
A range of commenters provided feedback on the Bureau's analysis.
Community group commenters saw the publication of this data as
important to both the fair lending and business and community
development purposes of section 1071. Some said that because there are
currently no comprehensive data on the capital access problems faced by
marginalized communities, census tract data would provide insight into
small business credit challenges at the intersection of race, sex,
ethnicity, and geography. Other community groups and a business
advocacy group expressed support for publishing census tract data,
stating that including demographic and geographic data could positively
impact the reduction of economic inequality and generally would
encourage lending to underserved markets via specific policy making.
A number of lenders, along with a trade association and a community
group, expressed concern that publication of census tract data would
pose significant re-identification risk for applicants, especially in
smaller or rural communities with low levels of lending. Other industry
commenters said that the unmodified publication of census tract data
combined with other data points, in particular NAICS code data, would
pose significant re-identification risk.
While some community groups expressly supported the unmodified
disclosure of census tract data, others suggested specific modification
techniques. One commenter suggested that the Bureau consider switching
records for similarly situated applicants between nearby census tracts
to protect the privacy of applicants in smaller geographic areas while
preserving data utility. With respect to the Bureau's suggestion to
consider disclosing a broader location category, at least one trade
association expressed support for disclosing data at the State level.
Meanwhile, a community group generally opposed disclosure limited to
the county- or State-level, arguing that it would frustrate the
purposes of section 1071. But this commenter did suggest that the
Bureau consider combining and aggregating adjacent census tracts in
rural areas with low levels of lending.
As discussed above in part VIII.B.3, the Bureau views the
disclosure of census tract as having significant benefits. Further,
disclosing census tract data on its own would present limited privacy
risk. Application-level census tract by itself would likely disclose
minimal, if any, information about an applicant or related natural
person that would be harmful or sensitive if such person were re-
identified. In addition, the Bureau does not discern evidence of
compelling privacy risks for financial institutions. However, the
Bureau appreciates the potential re-identification risks to applicants
or related natural persons posed by the combination of census tract
data and other data fields, such as NAICS code. With respect to privacy
risks raised by commenters, as discussed above, the Bureau has
identified publicly available datasets that include data fields an
adversary could directly match to certain census tract data.
Accordingly, the Bureau assesses that census tract data, combined with
other data fields such as NAICS code, could be used to match to an
identified publicly available record, particularly in rural areas,
thereby potentially re-identifying a small business applicant or its
ownership. Re-identification could in turn exacerbate privacy risks,
including harm or sensitivity risks, presented by other data fields in
the dataset.
Considering this privacy risk, the Bureau's preliminary assessment
is that some modification techniques may be appropriate. Application-
level census tract would likely disclose minimal, if any, information
about an applicant or related natural person that would be harmful or
sensitive if such person were re-identified. In addition, the Bureau
does not discern evidence of a compelling privacy risks for financial
institutions. However, the Bureau appreciates the potential re-
identification risks to applicants or related natural persons posed by
the combination of census tract data and other data fields such as
NAICS code, and recognizes that there may be significant geographic
variation in the likelihood of re-identification risk from census tract
alone. The Bureau is mindful that modifying census tract data, like
disclosing a broader location category such as county or State, while
reducing re-identification risk to applicants and related natural
persons,
[[Page 35484]]
could also reduce the utility of the 1071 dataset.
xii. Gross Annual Revenue
Proposed Sec. 1002.107(a)(14) would have required financial
institutions to collect and report to the Bureau the gross annual
revenue of the applicant for the preceding full fiscal year prior to
when the information is collected. As discussed in the section-by-
section analysis of Sec. 1002.107(a)(14), the Bureau is finalizing
this data point substantively as proposed.
The NPRM stated that disclosing gross annual revenue in unmodified
form would likely disclose information about an applicant or related
natural person that may be harmful or sensitive if such person were re-
identified. The data field could reflect the financial condition of a
small business or its ownership. The Bureau stated that competitors of
the small business, other commercial entities, creditors, researchers,
or persons with criminal intent all may have an interest in using these
data to monitor the size or performance of an applicant that may be a
rival, partner, or target of inquiry, investigation, or illegal
activity. With respect to the risk of harm or sensitivity to financial
institutions, the NPRM acknowledged that other creditors might use
gross annual revenue data to learn more about the types of small
businesses with which their competitors do business. However, the
Bureau did not identify evidence that disclosure would permit reverse-
engineering of proprietary lending models.
The Bureau also noted that publicly available datasets include data
fields an adversary could directly match to this data field in
unmodified form. This availability is not widespread. Gross annual
revenue data are available from private databases. They are also
available for New York State's women- and minority-owned business
certification program, but those data are recoded into bins. The Bureau
stated that if it determined that gross annual revenue data should be
modified, it may consider recoding this data into bins, for example in
ranges of $25,000, or top-coding the data to mask particularly high
values, thereby reducing the identifiability of application data from
small businesses with especially high gross annual revenue.
Commenters did not provide additional evidence related to re-
identification risk. However, community groups and trade associations
commented on modifying this field prior to publication. Several
community groups and a CDFI lender generally favored the Bureau
publishing unmodified gross annual revenue data to maintain its
utility. One such commenter opposed modification here, stating that
aggregation of data by revenue size would limit the usefulness of the
data to all stakeholders, including technical assistance providers who
can help small businesses apply for loans, as well as parties seeking
to identify and respond to discriminatory lending patterns. Other
community groups and a trade association expressed support for
publishing gross annual revenue data in bins to mitigate privacy risks
for applicants. These community groups stated that modified data must
still be detailed enough to permit meaningful analysis, and they
criticized the current CRA system of identifying all loans to
businesses with revenue under $1 million as not allowing for such
analysis. One commenter suggested that if the Bureau decided to modify
the gross annual revenue data field it should select the mid-point and
recode the data in bins of $10,000 increments. They also expressed
support for top-coding provided that it did not mask any significant
differences in data for larger small businesses, and suggested that the
Bureau conduct testing within the first year of data to assess whether
the modification was appropriate.
As discussed above in part VIII.B.3, the Bureau views disclosure of
gross annual revenue data as having significant disclosure benefits.
After reviewing comments, the Bureau preliminarily assesses that if re-
identification were to occur, disclosing gross annual revenue data in
unmodified form may present significant privacy risk to small business
applicants and related natural persons. The Bureau also preliminarily
assesses that modifications to this field can be made while preserving
the utility of the data for statutory purposes. The Bureau will
continue to consider feedback about potential modification techniques,
such as binning at smaller intervals and conducting testing before top-
coding.
xiii. NAICS Code
Proposed Sec. 1002.107(a)(15) would have required financial
institutions to collect and report to the Bureau a 6-digit NAICS code.
As discussed above in the section-by-section analysis of Sec.
1002.107(a)(15), the Bureau is modifying how NAICS code is reported.
Under the final rule, financial institutions must collect and report a
3-digit NAICS subsector code. Using only 3-digit NAICS subsector codes
will decrease the risk of re-identification to applicants and owners
while adhering to the purposes of section 1071.
The NPRM stated that publishing 6-digit NAICS codes in unmodified
form by itself would likely disclose minimal, if any, information about
an applicant or related natural person that may be harmful or sensitive
if such person were re-identified, or that may be harmful or sensitive
to an identified financial institution. Information about a small
business's industry is likely apparent to anyone interacting with it.
The Bureau noted that disclosure of 6-digit codes in unmodified form
may reveal information that financial institutions regard as harmful or
sensitive, such as the industries with which the financial institution
does business, but it did not discern that such disclosure would permit
reverse-engineering of proprietary lending models.
The Bureau acknowledged that 6-digit codes were likely to produce
unique instances in the data, especially if combined with unmodified
census tract data. It noted the existence of 73,057 census tracts and
1,057 6-digit NAICS codes.\901\ With over 77 million resulting
combinations, there would likely be many instances of this data forming
unique combinations. The NPRM stated that if the Bureau modified 6-
digit codes for publication, it would consider disclosing 2-, 3-, or 4-
digit codes to reduce re-identification risk while maintaining data
utility.
---------------------------------------------------------------------------
\901\ See 2010 Census Tallies; Off. of Mgmt. & Budget, North
American Industry Classification System (NAICS) Updates for 2022, 86
FR 35350, 35352 (July 2, 2021).
---------------------------------------------------------------------------
Community group commenters supported disclosing 6-digit NAICS codes
to support the fair lending purpose of the statute. Many industry
commenters expressed concern that such codes, particularly in small or
rural communities where only a limited number of businesses share
certain NAICS codes, would create significant re-identification risks.
Several commenters expressed support for modifying the 6-digit
NAICS code in the public application-level data. One commenter stated
that the NAICS code should be truncated to general categories. Several
industry commenters expressed specific support for disclosing a 2-digit
NAICS code, and another supported a 4-digit modification, stating it
would provide sufficient information while mitigating re-identification
risk.
As discussed above in part VIII.B.3, the Bureau views disclosure of
a NAICS code as having significant disclosure benefits. In addition,
the Bureau's shift to requiring collection and reporting of a 3-digit
code will significantly reduce re-identification risk while preserving
[[Page 35485]]
the utility of the dataset. This shift acknowledges privacy concerns
raised by some commenters, reducing the risk of cognizable privacy
harms.
Overall, the Bureau preliminarily assesses that published 3-digit
codes by themselves present limited privacy risk. It is unlikely that
publication of these data would disclose personal information about an
applicant or related natural person that would be harmful or sensitive
if such person were re-identified. The Bureau also does not see
evidence of non-personal commercial privacy risks to small businesses,
or of any compelling privacy risk to financial institutions. However,
the Bureau appreciates that there is a heightened risk of re-
identification when a NAICS code is combined with other data fields,
such as census tract.
xiv. Number of Workers
Proposed Sec. 1002.107(a)(16) would have required financial
institutions to collect and report to the Bureau the number of non-
owners working for the applicant. In the final rule, however, a
financial institution complies with Sec. 1002.107(a)(16) by reporting
in ranges. The Bureau is adopting this change in response to concerns
expressed by commenters about the complexity of providing an exact
number.
The NPRM stated that disclosing number of workers in unmodified
form would likely disclose minimal, if any, information about an
applicant or related natural person that would be harmful or sensitive
if such person were re-identified. Additionally, the Bureau did not see
disclosure being harmful or sensitive to financial institutions.
Financial institutions may use such data to learn more about the types
of small businesses with which their competitors do business, but the
Bureau did not see evidence that disclosure would permit reverse-
engineering of proprietary lending models.
The Bureau noted that information about the number of workers is
likely to be publicly available for many businesses. For example, State
registries of businesses may include information about a business's
number of workers, and private databases also commonly include this
information. This decreases any potential sensitivity or harm of
disclosing this data point in the application-level data, and also the
direct utility of the data to potential adversaries. However, these
data sources also mean that in some cases an adversary could use number
of workers, combined with other fields, to match an identified publicly
available record. Data on a business's number of workers could easily
produce unique combinations when combined with other data fields,
particularly for businesses with higher numbers of workers. The NPRM
further stated that the Bureau would consider modification options,
including recoding and top-coding.
Several community group commenters and a group of State banking
regulators supported unmodified disclosure of this data as important to
the fair lending purposes of section 1071. However, an industry
commenter stated that the data point was not useful for achieving any
of the statutory purposes, particularly given the difficulties in
counting seasonal and part-time employees. Several industry commenters
stated that publishing the number of workers without modification could
create privacy risks. These commenters generally asserted that the data
point should not be published because the exact number of workers could
be used to re-identify applicants and would reveal sensitive commercial
information about the applicant's competitive strategy or business
plan. Some of these commenters also expressed concern that these data
are susceptible to misinterpretation and inaccuracy, particularly for
seasonal or cyclical businesses that experience routine variations in
employee volume over the course of a calendar year. Several commenters
expressed support for modifying the public number of workers data field
by recoding the data into bins. One commenter stated that the bins
would need to be developed such that they do not obscure differences in
smaller businesses.
As discussed above in part VIII.B.3, the Bureau views disclosure of
the number of workers to have significant disclosure benefits. In
addition, the Bureau's decision to have financial institutions report
this data in ranges will reduce the risk of re-identification for
applicants or related natural persons. In turn, that lowers the risk
that applicants or related natural persons are subject to competitive
harms, such as the disclosure of their proprietary business
information. Further, although the Bureau has identified publicly
available datasets that include number of workers, these data vary over
time and are difficult to align across multiple datasets. Reporting in
ranges will also help address concerns about data inaccuracy and
variance.
The Bureau preliminarily assesses that disclosing unmodified
application-level number of workers data in ranges would present
limited privacy risk if re-identification occurred. It is unlikely that
publication of this data would disclose personal information about an
applicant or related natural person that would be harmful or sensitive
if such person were re-identified; it is also unlikely that publication
would result in non-personal commercial privacy risks to small
businesses or compelling privacy risks to financial institutions.
xv. Time in Business
Proposed Sec. 1002.107(a)(17) would have required financial
institutions to collect and report to the Bureau the time the applicant
has been in business, described in whole years, as relied on or
collected by the financial institution. As discussed in the section-by-
section analysis of Sec. 1002.107(a)(17), however, the final rule
requires a financial institution to report this data in whole years
only if it collects or otherwise obtains that information as part of
its procedures for evaluating credit applications. Otherwise, the
financial institution reports whether the applicant has been in
existence for less or more than two years. This change responds to
commenter concerns about complexity in collecting this data.
The NPRM explained that disclosing time in business in unmodified
form would likely disclose minimal, if any, information about an
applicant or related natural person that may be harmful or sensitive if
such person were re-identified, or that may be harmful or sensitive to
an identified financial institution. The Bureau did not see evidence
that disclosure would permit the reverse-engineering of proprietary
lending models. In addition, information about time in business was
likely to be publicly available for many businesses in public
registration filings and other sources, decreasing any potential harm
or sensitivity from publishing this data. The Bureau noted that these
same data sources could enable an adversary to directly match the time
in business data field in unmodified form, particularly when combined
with other fields.
The Bureau stated that if it were to modify the time in business
data field, it may consider recoding time in business into bins--for
example, using two- or five-year intervals. It would also consider top-
coding time in business at a value such as 25 years, given that larger
values are more likely to be unique. The Bureau specifically sought
comment on what intervals the Bureau should use if it were to recode
time in business into bins and what value the Bureau should use if it
were to top-code this data field.
Several community group commenters and a group of State banking
regulators supported
[[Page 35486]]
unmodified disclosure of time in business in the dataset to facilitate
the fair lending purpose of the statute. A few industry commenters
expressed concern that publication of time in business data could
create re-identification risks for small business applicants and
reputational harm for financial institutions. In particular, one
commenter agreed that time in business data could be combined with
other data points to re-identify small business applicants. With
respect to potential modification options, a trade association and a
community group expressed support for either binning or top-coding. The
community group noted, however, that a bin that ranged from two to five
years may be too long. The commenter also stated that a top-code of 25
years may be reasonable but urged the Bureau to conduct further
analysis after it received the first year's data.
As discussed in part VIII.B.3, the Bureau views disclosure of time
in business as having significant benefits. The Bureau also preliminary
assesses that the availability of this data in existing datasets
decreases potential harm or sensitivity of disclosure if re-
identification occurs, but also increases the risk of re-identification
risk. The Bureau will consider whether binning, top-coding, or other
modification techniques may be appropriate when it analyzes
application-level data and conducts its full privacy analysis.
Commenters did not explain how the disclosure of the applicant's time
in business could lead to reputational harms to financial institutions.
xvi. Business Ownership Status
Proposed Sec. 1002.107(a)(18) and (19) would have required
financial institutions to collect and report to the Bureau whether the
applicant is a minority-owned business or a women-owned business and
whether minority-owned business status or women-owned business status
is being reported based on previously collected data pursuant to
proposed Sec. 1002.107(c)(2). As discussed in the section-by-section
analysis of Sec. 1002.107(a)(18), the Bureau is finalizing these data
points with modifications. Specifically, it is finalizing proposed
Sec. 1002.107(a)(18) and (19) as final Sec. 1002.107(a)(18). In
addition to the minority-owned and women-owned business statuses, the
final rule requires financial institutions to collect and report
LGBTQI+-owned business status.
The NPRM stated that publishing demographic ownership status in
unmodified form would have likely disclosed minimal, if any,
information about an applicant or related natural person that may be
harmful or sensitive if such person were re-identified, or that may be
harmful or sensitive to an identified financial institution. While some
applicants or related natural persons may regard this information as
harmful or sensitive, the Bureau believed this information generally
would present low risk of harm or sensitivity. The Bureau also believed
that this information already may be available to the general public
and would have relatively limited utility for adversaries if an
applicant or related natural person were re-identified.
However, the Bureau noted that in many cases an adversary could
have used women-owned or minority-owned business status, in combination
with other data, to match a section 1071 record to an identified
publicly available record. The Bureau identified several sources that
could have been used for such matching. Women- and minority-ownership
is likely to be publicly available for many businesses that publicly
register or certify with the SBA or State or local authorities as
women- or minority-owned. Businesses' websites may also provide this
information, and private commercial databases also include or estimate
this information.
The Bureau did not receive any comments on this aspect of its
privacy analysis. This lack of engagement suggests that the NPRM
generally correctly assessed the privacy impacts that disclosing women-
owned and minority-owned business statuses in the data in unmodified
form would have for an applicant or related natural person if such
person were re-identified. It also suggests the Bureau generally
correctly surmised there would be minimal, if any, harms or
sensitivities to financial institutions.
However, the Bureau received comments from several industry and
individual commenters on the Bureau's request for comment in proposed
Sec. 1002.107(a)(20) about whether the Bureau should require financial
institutions to ask separate questions regarding the sex, sexual
orientation, and gender identity, of principal owners. As discussed
below in part VIII.B.6.xvii, a few commenters urged the Bureau to not
collect or publish data on sexual orientation and gender identity of
principal owners. The commenters noted the significant risk of harm to
small business applicants and related natural persons, due to the
particularly sensitive nature of this information if re-identification
occurred.
The Bureau acknowledges that an individual's LGBTQI+ status likely
is sensitive personal information that could pose personal privacy
risks as well as non-personal commercial privacy risks. If re-
identification occurred, its disclosure could pose risks to privacy
interests of small business owners. Accordingly, while the Bureau views
disclosure of business ownership status as having significant
disclosure benefits, the Bureau preliminarily assesses that disclosing
this data may present significant privacy risks if re-identification
occurred. That is particularly so as to LGBTQI+-owned business status;
in contrast, women-owned and minority-owned business status information
would present relatively limited privacy risk. The Bureau does not see
evidence that LGBTQI+-owned status poses compelling privacy risks to
financial institutions.
xvii. Number and Demographic Status of Principal Owners
Proposed Sec. 1002.107(a)(20) would have required a financial
institution to collect and report to the Bureau the ethnicity, race,
and sex of the applicant's principal owners; whether ethnicity and race
were being collected by the financial institution on the basis of
visual observation and/or surname analysis; and whether ethnicity,
race, or sex were being reported based on previously collected data
pursuant to proposed Sec. 1002.107(c)(2). Proposed Sec.
1002.107(a)(21) would have required that financial institutions collect
and report to the Bureau the number of an applicant's principal owners.
As discussed in the section-by-section analyses of Sec.
1002.107(a)(19) and (20), the Bureau is finalizing the ethnicity, race,
and sex of principal owners and number of principal owners data points
with several modifications, including renumbering the sections,
changing how financial institutions are required to inquire about the
principal owners sex, and removing the requirement that a financial
institution report whether the ethnicity and race of an applicant's
principal owners was collected on the basis of visual observation and/
or surname analysis.
The NPRM stated that, in general, disclosing the ethnicity, race,
and sex of an applicant's principal owners in unmodified form would
likely have disclosed minimal, if any, information about an applicant
or related individual that may be harmful or sensitive if such person
were re-identified, or that may be harmful or sensitive to an
identified financial institution. As noted similarly above for the data
fields on women-owned and minority-owned business statuses, while some
applicants or
[[Page 35487]]
related natural persons may regard this information as harmful or
sensitive, this information generally would present low risk of harm or
sensitivity. The Bureau also noted that this information may be already
available to the general public, and that this information would have
relatively limited utility for adversaries if an applicant or related
natural person were re-identified.
The Bureau identified publicly available datasets that include data
fields an adversary could directly match to the ethnicity, race, and
sex of the applicant's principal owner(s) data fields in unmodified
form. For example, certain State business registries, including those
required to access women-owned and minority-owned business programs,
provide this information. Other public record databases, such as the
SBA's 8(a) program and the Paycheck Protection Program, also include
ethnicity, race, and sex data alongside the borrower's name. In many
cases, therefore, the Bureau stated that an adversary could use the
ethnicity, race, and sex of the applicant's principal owners, combined
with other fields, to directly or indirectly match a section 1071
record to an identified publicly available record.
As discussed in the section-by-section analysis of Sec.
1002.107(a)(19), the Bureau proposed that financial institutions would
report sex as described in proposed comment 107(a)(20)-8, which would
have permitted an applicant to self-describe a principal owner's sex by
selecting the ``I prefer to self-describe'' response option on a paper
or electronic form or by providing additional information for an oral
application, with the financial institution reporting the response
using free-form text. In the NPRM, the Bureau stated intention to
exclude free-form text from public application-level data. However, the
Bureau sought comment on whether there were additional specific
modifications it should consider with regard to applicants who choose
to self-describe their principal owners' sex. The Bureau also sought
comment on whether, if finalized, disclosure of sex, sexual
orientation, or gender identity could cause heightened sensitivity or
risk of harm and any specific modifications the Bureau should consider
if such data points were included in the final rule.
Many community group and minority business advocacy group
commenters supported disaggregated disclosure of ethnicity, race, and
sex of principal owners, and underscored its significance in achieving
the fair lending purpose of section 1071. Some of these commenters
stated that publication of disaggregated data would facilitate
development of policy solutions for issues of financial inequality as
it relates to ethnicity, race, and sex. A few trade associations
expressed concerns about publishing information collected on the basis
of visual observation or surname.
Some industry commenters expressed concerns that ethnicity, race,
and sex data would create significant privacy risks for small business
applicants, particularly in smaller or rural communities. Other
industry and individual commenters cautioned the Bureau against
collecting and publishing the sexual orientation and gender identity of
principal owners. Specifically, these commenters noted the significant
risk of harm to small business applicants, due to the particularly
sensitive personal nature of this information if re-identification
occurred.
Some trade associations noted concerns that publishing ethnicity,
race, and sex information, particularly where collected based on visual
observation or surname, will present the risk of harm to financial
institutions. Two such commenters asserted that financial institutions
faced the potential for reputational or litigation risks if the
ethnicity, race, or sex data are published because of potential
conflicts with State or Federal privacy laws. One commenter stated that
asking for this information without proper privacy precautions may
expose the financial institution to legal risk under certain State
privacy laws, such as the California Consumer Protection Act, that
protect against disclosure of ethnicity and race information. Two
others noted that State privacy laws may conflict with the requirement
to obtain ethnicity and race data based on visual observation. These
commenters also stated that the perceived intrusiveness from the
acquisition of these data and the knowledge that it would become public
could cause competitive and reputational harm to financial institutions
as institutions that do not protect their customers' privacy. For
example, one commenter asserted that visual observation collection may
reduce trust in the financial institution and increase the applicant's
apprehension regarding their privacy. As to whether the Bureau should
publish the unmodified, applicant-level data on the number of principal
owners, several industry commenters opposed the publication of these
data, should it be finalized. The commenters stated that publication of
the number of principal owners could facilitate re-identification,
particularly in small or rural areas.
As discussed above in part VIII.B.3, the Bureau views disclosure of
these data to have significant benefits. Commenters did not provide
additional evidence related to re-identification risk that would alter
the NPRM's partial privacy analysis. The current availability of these
data in existing databases likely limits the risk of harm or
sensitivity, although it may amplify re-identification risk. Comments
that the disclosure of ethnicity, race, and sex data present a risk of
reputational or litigation harm to financial institutions because it
may be based on visual observation or surname are moot because no
visual observation requirement is in the final rule. Commenters did not
explain with sufficient detail how the final rule will increase a
financial institution's litigation risks due to conflicts with State or
Federal privacy laws. To the extent that asking for an applicant's
principal owners' ethnicity, race, or sex must be done with proper
privacy protocols in place, it seems likely that a financial
institution could comply with both this final rule and other privacy
requirements.
Accordingly, the Bureau preliminarily assesses that disclosure in
unmodified form may increase re-identification risk and presents
significant risk of harm or sensitivity if re-identification occurred.
The possibility of significant privacy risk primarily results from the
fact that sex data will be reported as free-form text, which as
discussed in part VIII.B.6.xix below, the Bureau preliminarily assesses
it will include, in some form, in the public data. The disclosure of
information about the ethnicity and race of principal owners generally
will present lesser risk. The Bureau does not discern evidence of
compelling privacy risks to financial institutions.
xviii. Financial Institution Identifying Information
Proposed Sec. 1002.109(b) would have required a financial
institution to provide the Bureau with certain information with its
submission of its small business lending application register: (1) its
name; (2) its headquarters address; (3) the name and business contact
information of a person who may be contacted with questions about the
financial institution's submission; (4) its Federal prudential
regulator, if applicable; (5) its Federal Taxpayer Identification
Number; (6) its LEI; (7) its RSSD ID, if applicable; (8) parent and
top-parent entity information, if applicable; (9) the type of
[[Page 35488]]
financial institution that it is, indicated by selecting the
appropriate type or types of institution from the list provided or
entering free-form text; \902\ and (10) whether the financial
institution is voluntarily reporting covered applications for covered
credit transactions. As discussed above in the section-by-section
analysis of Sec. 1002.109(b), the Bureau is generally finalizing this
data point as proposed, with certain modifications.
---------------------------------------------------------------------------
\902\ Part VIII.B.6.xix further discusses the disclosure of
free-form text field information.
---------------------------------------------------------------------------
Regulation C requires financial institutions to report similar
information when submitting their loan-level HMDA data. Regulation C
also requires financial institutions to report the calendar year of
submission and the total number of entries in their loan-level HMDA
data. Regulation C does not require financial institutions to submit
their headquarters address, RSSD ID, or financial institution type or
indicate whether they are reporting data voluntarily. With the
exception of contact information for a person who can be reached about
the financial institution's submission, the information financial
institutions are required to submit with their HMDA submissions under
Sec. 1003.5(a)(3) is publicly available through the FFIEC website.
Financial institution identifying information other than individual
contact information. In the NPRM, the Bureau stated its intention to
disclose the financial institution identifying information data fields
in unmodified form, other than the name and business contact
information of a person who may be contacted with questions about the
submission. The Bureau stated that disclosing financial institution
identifying information in the 1071 data in unmodified form would
likely disclose minimal, if any, information about an applicant or
related natural person that may be harmful or sensitive if such person
were re-identified. While some businesses might view their
identification as an applicant as harmful or sensitive, revealing the
name of the financial institution would not significantly increase such
risks. In addition, the Bureau reasoned that this information is
already largely available from other identified public records, such as
UCC filings. For the same reason, revealing the name of the financial
institution would not significantly increase risk of fraud or identity
theft. The Bureau stated that disclosing financial institution
identifying information in the data in unmodified form would not, by
itself, reveal information that is harmful or sensitive, given
financial institutions' commercial interests. Additionally, other
public records, such as public HMDA data, tax records, and commercial
databases disclose Federal Taxpayer Identification number, RSSD ID, and
LEI.\903\ Disclosing financial institution identifying information in
unmodified form may reveal information that financial institutions
regard as harmful or sensitive, but the Bureau did not discern evidence
that it would permit reverse-engineering of proprietary lending models.
The Bureau acknowledged, however, that this information could, in some
circumstances, lead to reputational risks and increased costs for
financial institutions, which might be passed on to their customers in
the form of increased costs or decreased access to credit.
---------------------------------------------------------------------------
\903\ The FFIEC publishes transmittal sheet information,
including LEI and Federal Taxpayer Identification number, on its
website. Fed. Fin. Insts. Examination Council, Public Transmittal
Sheet--Schema, https://ffiec.cfpb.gov/documentation/2020/public-ts-schema/ (last visited Mar. 20, 2023).
---------------------------------------------------------------------------
The NPRM noted that the Bureau had received feedback that
publishing financial institution identifying information could increase
re-identification risk of applicants and related natural persons. This
included feedback that customers of captive wholesale finance companies
with applicant bases limited to franchises or licensees of a particular
distributor or manufacturer would face unique re-identification risks
because, in many instances, these applicants may be the financial
institution's only customer in a particular State, or one of only a
very small number of customers in the State, heightening the privacy
concerns for publication of data tied to these financial institutions.
The NPRM also noted that the Bureau had identified publicly available
datasets that include data fields an adversary could directly match to
financial institution identifying information data fields in unmodified
form. Therefore, in many cases, the Bureau reasoned that an adversary
could use identifying financial institution data fields, combined with
other section 1071 data fields, to match a section 1071 record to an
identified public record.
With respect to concerns about wholesale finance companies, the
Bureau acknowledged that financial institution identifying information
in unmodified form in the public application-level data could, in
combination with other data fields like census tract, NAICS codes, and
credit type or purpose, facilitate re-identification of applicants that
have a common name, without requiring that adversaries match 1071
records to other identified datasets. Under proposed Sec. 1002.104(b),
which the Bureau has finalized, trade credit and other transactions
would be excluded from the scope of covered credit transactions. The
Bureau indicated that this might eliminate some transactions involving
such lenders. The Bureau sought comment on the circumstances under
which a transaction involving a captive wholesale finance company would
be covered by the proposal notwithstanding the exemption. To the extent
there are such transactions, the Bureau also sought comment on the
instances in which captive wholesale finance companies lend exclusively
to businesses that are publicly branded in a way that can be easily
matched to the identity of the financial institution. The Bureau sought
comment on whether a final rule could include certain categories of
financial institution types that would allow the Bureau to easily
identify such financial institutions in the unmodified 1071 dataset
without an application-level analysis. Finally, the Bureau sought
comment on whether there are particular modification techniques that
would reduce re-identification risks and risks of harm or sensitivity
for applicants and related natural persons who might be re-identified
in the public application-level data.
In the NPRM, the Bureau stated its intention to publish financial
institution identifying information, other than individual contact
information, as reported and without modification. The Bureau stated
that risks to privacy interests from the disclosure of this data in
unmodified form would be justified by the benefits of disclosure for
section 1071's purposes. While the Bureau did not conduct a uniqueness
analysis, it stated that disclosure of financial institution
identifying information would very likely substantially facilitate the
re-identification of applicants or related natural persons. If such
persons were re-identified, the Bureau stated that disclosure of other
data fields would likely create a risk of harm or sensitivity. In
addition, the Bureau stated that the disclosure of other proposed data
fields in combination with a financial institution name likely would
reveal information that may be harmful or sensitive to financial
institutions. The Bureau nonetheless stated that these risks to privacy
would be justified by the benefits of disclosure in light of section
1071's purposes.
[[Page 35489]]
The Bureau sought comment on this analysis and its stated intention
to disclose these fields without modification in the public
application-level data. The Bureau received feedback on this proposed
analysis from trade association and community group commenters. Two
community group commenters generally supported the Bureau's proposal to
disclose unmodified financial institution identifying information,
other than individual contact information. A trade association opposed
the proposal. This commenter urged the Bureau to withhold all financial
institution identifying information data fields because, whether or not
it is available elsewhere, this information would create privacy risks
for financial institutions, including risks involving identity theft
and data security. With respect to the Bureau's request for comment
about whether these proposed data fields would pose risks to captive
wholesale companies and their customers, this commenter urged the
Bureau to provide additional protections for this market segment to
mitigate re-identification risk.
The Bureau acknowledges that publication of financial institution
identifying information may reveal information that may be harmful or
sensitive to financial institutions, leading to reputational risks and
increased costs. However, feedback received by the Bureau does not
explain how these data would pose previously unconsidered identity
theft or data security risks. Separately, the Bureau acknowledges
feedback that the proposed data fields may pose special risks to
captive wholesale companies and their customers. It intends to consider
what additional modifications or deletions may be appropriate to
protect the privacy interests of these entities.
As explained in the NPRM, this data point could potentially
increase re-identification risk and commenters did not provide
additional evidence related to re-identification risk that would alter
the partial privacy analysis described above. However, the Bureau
preliminarily assesses that disclosing the financial institution
identifying information data fields in unmodified form, other than data
fields containing the information for the financial institution's point
of contact, would present limited risk of harm or sensitivity if re-
identification occurred. The Bureau believes that it is unlikely that
publication of this data would disclose personal information about an
applicant or related natural person that would be harmful or sensitive
if such person were re-identified. The Bureau does not believe this
data will result in significant non-personal commercial risks to small
businesses. The disclosure of this data field does not pose compelling
privacy risks to financial institutions. The Bureau will continue to
give consideration to the scenario involving captive wholesale
companies and their customers as it conducts its full privacy analysis.
Individual contact information. Proposed Sec. 1002.109(b)(1)(iii)
would have required financial institutions to report the name and
business contact information of a person who may be contacted with
questions about the financial institution's submission. As discussed
above in the section-by-section analysis of Sec. 1002.109(b)(1)(iii),
the Bureau is finalizing this data point largely as proposed, but with
certain modifications. In contrast to the other financial institution
identifying information described above, in the NPRM the Bureau stated
its intention to delete this data field from the publicly available
data.
The Bureau stated that disclosing individual contact information in
the data in unmodified form would likely not disclose any information
about an applicant or related natural person if such person were re-
identified. However, the Bureau stated that disclosing the name and
contact information of natural persons designated by the financial
institution would disclose information that may be harmful or sensitive
to the identified financial institutions and their employees. Financial
institutions have a legitimate interest in protecting the identities of
their employees from the public, consistent with their job functions,
and persons identified for purposes of questions about the financial
institution's submission to the Bureau might not necessarily be
responsible for engaging with the general public.
The Bureau considered whether modification other than by excluding
individual contact information would appropriately balance identified
privacy risks and disclosure benefits. Because disclosure of this data
field in unmodified form would not promote the purposes of section 1071
and would likely reveal information that would be harmful or sensitive
to a financial institution and its employees, the Bureau did not
identify any such alternative. Accordingly, the Bureau stated that
deleting individual contact information would appropriately balance the
privacy risks and disclosure benefits of this data field.
The Bureau received feedback from one trade association commenter,
which supported the Bureau's analysis. The Bureau accordingly
determines that the publication of the name and business contact
information of a person who may be contacted by the Bureau or other
regulators with questions about the financial institution's submission
has minimal, if any, disclosure benefits. Moreover, the Bureau
concludes that the publication of this information presents significant
privacy risks because it may be harmful or sensitive to identified
financial institutions and their employees. Accordingly, the Bureau is
announcing its intention not to publish the name and business contact
information of a person who may be contacted by the Bureau or other
regulators with questions about the financial institution's submission.
xix. Free-Form Text
The Bureau proposed to require financial institutions to use free-
form text to report certain data where they are reporting information
that is not included in a list provided for the data fields. Under
proposed Sec. 1002.107(a)(5), (6), (11), (12), and (20), free-form
text could be used in reporting credit type (product and guarantee
information); credit purpose; denial reasons; pricing (the interest
rate index used); and principal owners' ethnicity, race, and sex.\904\
Financial institutions also would have had flexibility in describing
certain identifying information provided under proposed Sec.
1002.109(b). Free-form text used to report principal owners' ethnicity,
race, and sex would have been completed based on information provided
by applicants; all other free-form text would have been completed by
the financial institution. As discussed above in the section-by-section
analyses for particular data points within Sec. 1002.107(a), the
Bureau is finalizing these data points with certain modifications. The
free-form text aspect of Sec. 1002.109(b) is being finalized as
proposed.
---------------------------------------------------------------------------
\904\ Proposed Sec. 1002.107(a)(20) is being finalized as Sec.
1002.107(a)(19).
---------------------------------------------------------------------------
The Bureau explained that use of free-form text would allow the
reporting of any information, including information that may be harmful
or sensitive to applicants, related natural persons, and possibly the
interests of financial institutions. The Bureau stated that such
information might also create a significant risk of re-identification
for applicants or related natural persons. Given the amount of data
expected to be reported each year, the Bureau stated that it would not
be feasible for it to
[[Page 35490]]
review free-form text before publishing the application-level data.
Under the balancing test described in the NPRM, therefore, the Bureau
initially assessed that deleting free-form text from the public
application-level data (other than with respect to the financial
institution identifying information described in part VIII.B.6.xviii
above) would appropriately balance the benefits of disclosure with the
risks to the privacy interests of applicants, related natural persons,
and financial institutions.
Several industry commenters generally supported deleting free-form
text from the public application-level data. A bank noted that public
the HMDA data do not include free-form text fields. A group of trade
associations stated that deleting this information would appropriately
balance privacy risks and disclosure benefits. In contrast, a CDFI
lender urged the Bureau to publish free-form text fields arguing that
such fields would include important information. This commenter
suggested that the Bureau could adequately mitigate the risk that the
free-form text would contain sensitive or harmful information by
including a disclaimer on the data collection form that free-form text
may be published.
The Bureau reiterates that HMDA publication practices do not
dictate decisions in this rule and that consistency between public
section 1071 data and public HMDA data may not be appropriate in every
instance. As an additional matter, the Bureau believes that a general
disclaimer that free-form text may be published would not adequately
mitigate those privacy risks. Among other considerations, because
financial institutions will supply the content of most free-form text
fields, applicants and related natural persons have no direct control
over what information appears in those fields. Therefore, a disclaimer
would provide applicants or related natural persons limited ability to
mitigate their privacy risks.
The Bureau agrees that certain free-form text fields may contain
information that has some disclosure benefits. In particular, free-form
text for the ethnicity, race, and sex data may contain information that
is important to the statutory purposes of section 1071. As discussed in
the section-by-section analysis of Sec. 1002.107(a)(19), the Bureau is
finalizing a requirement whereby applicants will indicate principal
owners' sex via a write-in option. While the Bureau cannot feasibly
review for privacy risks all free-form text fields supplied by all
financial institutions reporting data, the Bureau expects to review the
free-form text provided by applicants regarding principal owners' sex.
The Bureau anticipates that this free-form text will permit
identification of certain response categories appropriate for
publication, based on the Bureau's assessment of privacy risks.
Similarly, the Bureau may be able to review ethnicity and race free-
form text, where it is provided, to discern response categories that
may be appropriate for publication.
The Bureau recognizes, however, that free-form text fields may
present significant privacy risks if re-identification occurred. Such
privacy risks would not be mitigated in the absence of pre-publication
review. Accordingly, the Bureau is announcing its intention to delete
free-form text from the public application-level data, other than with
respect to ethnicity, race, and sex of principal owners described in
part VIII.B.6.xvii and the financial institution identifying
information described in part VIII.B.6.xviii. The Bureau will continue
to consider whether modification techniques may be appropriate for the
data fields for ethnicity, race, and sex of principal owners and
certain financial institution identifying information.
IX. Dodd-Frank Act Section 1022(b)(2) Analysis
The Bureau has considered the potential benefits, costs, and
impacts of the final rule. The Bureau requested comment on the
preliminary discussion presented below, as well as submissions of
additional data that could inform the Bureau's consideration of the
benefits, costs, and impacts of the proposed rule. In developing the
rule, the Bureau has consulted or offered to consult with the
prudential regulators (the Board of Governors of the Federal Reserve
System, the Federal Deposit Insurance Corporation, the National Credit
Union Administration, and the Office of the Comptroller of the
Currency), the Department of Agriculture, the Department of Housing and
Urban Development, the Department of Justice, the Department of the
Treasury, the Economic Development Administration, the Farm Credit
Administration, the Federal Trade Commission, the Financial Crimes
Enforcement Network, and the Small Business Administration regarding,
among other things, consistency with any prudential, market, or
systemic objectives administered by such agencies.
In the Dodd-Frank Act, which was enacted ``[t]o promote the
financial stability of the United States by improving accountability
and transparency in the financial system,'' Congress directed the
Bureau to adopt regulations governing the collection of small business
lending data. Under section 1071 of that Act, covered financial
institutions must compile, maintain, and submit certain specified data
points regarding applications for credit for women-owned, minority-
owned, and small businesses, along with ``any additional data that the
Bureau determines would aid in fulfilling the purposes of [section
1071].'' Under the final rule, covered financial institutions are
required to collect and report the following data points: (1) a unique
identifier, (2) application date, (3) application method, (4)
application recipient, (5) credit type, (6) credit purpose, (7) amount
applied for, (8) amount approved or originated, (9) action taken, (10)
action taken date, (11) denial reasons, (12) pricing information, (13)
census tract, (14) gross annual revenue, (15) NAICS code, (16) number
of workers, (17) time in business, (18) minority-owned business status,
women-owned business status, and LGBTQI+-owned business status, (19)
ethnicity, race, and sex of principal owners, and (20) the number of
principal owners.
Under the final rule, financial institutions will be required to
report data on small business credit applications under section 1071 if
they originated at least 100 covered credit transactions in each of the
two preceding calendar years. The Bureau is defining an application as
an oral or written request for a covered credit transaction that is
made in accordance with the procedures used by a financial institution
for the type of credit requested, with some exceptions. Loans, lines of
credit, credit cards, and merchant cash advances (including such credit
transactions for agricultural purposes) all fall within the
transactional scope of this final rule. The Bureau is excluding trade
credit, transactions that are reportable under the Home Mortgage
Disclosure Act of 1975 (HMDA),\905\ insurance premium financing, public
utilities credit, securities credit, and incidental credit. Factoring,
leases, and consumer-designated credit that is used for business or
agricultural purposes are also not covered credit transactions. In
addition, the Bureau has made clear that purchases of originated
covered credit transactions are not reportable. For purposes of the
final rule, a business is a small business if its gross annual revenue
for its preceding fiscal year is $5 million or less.
---------------------------------------------------------------------------
\905\ 12 U.S.C. 2801 et seq.
---------------------------------------------------------------------------
[[Page 35491]]
A. Statement of Need
Congress directed the Bureau to adopt regulations governing the
collection of small business lending data. Specifically, section 1071
of the Dodd-Frank Act amended ECOA to require financial institutions to
compile, maintain, and submit to the Bureau certain data on
applications for credit for women-owned, minority-owned, and small
businesses. Congress enacted section 1071 for the purpose of
facilitating enforcement of fair lending laws and enabling communities,
governmental entities, and creditors to identify business and community
development needs and opportunities of women-owned, minority-owned, and
small businesses. The Bureau is issuing this final rule to implement
the section 1071 mandate.
Small businesses play a key role in fostering community development
and fueling economic growth both nationally and in their local
communities.\906\ However, comprehensive data on loans to small
businesses currently are limited. The largest sources of information on
lending by depository institutions (i.e., banks, savings associations,
and credit unions) are the FFIEC and NCUA Call Reports and reporting
under the CRA. Under the FFIEC Call Report and CRA reporting
requirements, small loans to businesses of any size are used in whole
or in part as a proxy for loans to small businesses. The FFIEC Call
Report captures banks' and savings associations' total outstanding
number and amount of small loans to businesses (that is, loans
originated under $1 million to businesses of any size; small loans to
farms are those originated under $500,000) by institution.\907\ The CRA
currently requires banks and savings associations with assets over a
specified threshold ($1.384 billion as of 2022) \908\ to report data on
loans to businesses with origination amounts of $1 million or less;
reporters are asked to indicate whether the borrower's gross annual
revenue is $1 million or less, if they have that information.\909\
Under the CRA, banks and savings associations currently report
aggregate numbers and values of originations at an institution level
and at various geographic levels. The NCUA Call Report captures credit
unions' total originations, but not applications, on all loans over
$50,000 to members for commercial purposes, regardless of any indicator
about the business's size.\910\ Some federally-funded loan programs,
such as the SBA's 7(a) or 504 programs and the CDFI Fund require
reporting of loan-level data, but only for loans that received support
under those programs. Nondepository institutions do not report small
business lending applications under any of these reporting regimes.
There are no similar sources of information about lending to small
businesses by nondepository institutions.
---------------------------------------------------------------------------
\906\ See generally White Paper.
\907\ See FFIEC Call Report at Schedule RC-C Part II.
\908\ See Fed. Fin. Insts. Examination Council, Explanation of
the Community Reinvestment Act Asset-Size Threshold Change (2022),
https://www.ffiec.gov/cra/pdf/2022_Asset_Size_Threshold.pdf.
\909\ See 2015 FFIEC CRA Guide at 11, 13. Small business loans
are defined for CRA purposes as loans whose original amounts are $1
million or less and that were reported on the institution's Call
Report or Thrift Financial Report (TFR) as either ``Loans secured by
nonfarm or nonresidential real estate'' or ``Commercial and
industrial loans.'' Small farm loans are defined for CRA purposes as
loans whose origination amounts are $500,000 or less and were
reported as either ``Loans to finance agricultural production and
other loans to farmers'' or ``Loans secured by farmland.''
\910\ See Nat'l Credit Union Admin., Call Report Form 5300 (June
2020), https://www.ncua.gov/files/publications/regulations/form-5300-june-2020.pdf.
---------------------------------------------------------------------------
There are also a variety of non-governmental data sources, issued
by both private and nonprofit entities, that cover small businesses
and/or the small business financing market. These include datasets and
surveys published by commercial data and analytics firms, credit
reporting agencies, trade associations, community groups, and academic
institutions. See part II.B for additional information on these
sources. While these non-public sources of data on small businesses may
provide a useful supplement to existing Federal sources of small
business lending data, these private and nonprofit sources often do not
have lending information, may rely on unverified research based on
public internet sources, and/or narrowly limit use cases for parties
accessing data. Further, commercial datasets are generally not free to
public users and can be costly, raising equity issues for stakeholders
who cannot afford access.
Under the final rule, covered financial institutions are required
to compile, maintain, and submit data regarding the ethnicity, race,
and sex of the principal owners of the business and whether the
business is women-owned, minority-owned, or LGBTQI+-owned. No other
source of data comprehensively collects this type of protected
demographic information on small business loan applications.
Section 1071 requires financial institutions to report detailed
application-level data to the Bureau, and for the Bureau to generally
make it available to the public on an annual basis (subject to any
deletions or modifications that the Bureau determines would advance a
privacy interest). Such information will constitute a public good that
illuminates the lending activities of financial institutions and the
small business lending market in general. In particular, the public
provision of application-level data, subject to any deletions or
modifications that the Bureau determines would appropriately protect
privacy interests, will: (1) provide communities, governmental
entities, and financial institutions additional information to help
identify business and community development needs and opportunities of
small businesses and (2) allow members of the public, public officials,
and other stakeholders to better assess compliance with
antidiscrimination statutes.
First, the data made public pursuant to the final rule and the
Bureau's subsequent privacy analysis will provide information that
could help to improve credit outcomes in the small business lending
market, furthering the community development purpose of the rule. As
discussed above, market-wide data on small business credit transactions
are currently limited. Neither the public nor private sectors provide
extensive data on credit products or terms. Small business owners have
access to very little information on typical rates or products offered
by different lenders. As a result of the data that will be made public
pursuant to the final rule and subject to modification and deletion
decisions by the Bureau, community development groups and commercial
services will be able to provide better information to small
businesses. For example, a commercial provider could provide small
businesses with information on what products lenders typically offer
and at what rates. These data will allow small business owners to more
easily compare credit terms and evaluate credit alternatives; without
these data, small business owners are limited in their ability to shop
for the credit product that best suits their needs at the best price.
By engaging in more informed shopping, small business owners may
achieve better credit outcomes.
Furthermore, communities will use data to identify gaps in access
to credit and capital for small businesses. Financial institutions can
analyze data to understand small business lending market conditions and
determine how best to provide credit to borrowers. Currently, financial
institutions are not able to conduct very granular or
[[Page 35492]]
comprehensive analyses because the data on small business lending are
limited. The data made public pursuant to the final rule and subsequent
privacy analysis will allow financial institutions to better understand
the demand for small business credit products and the conditions under
which they are being supplied by other covered financial institutions.
The data will help enable institutions to identify potentially
profitable opportunities to extend credit. They will additionally allow
governmental entities to better develop targeted lending programs, loan
funds, small business incubators, and other community-driven
initiatives. Small business owners, as a result, could benefit from
increased credit availability.
Second, while data made public pursuant to the final rule and
subsequent privacy analysis may not constitute conclusive evidence of
credit discrimination on its own, the data will enable members of the
public, regulators, and other stakeholders to better identify lending
patterns consistent with noncompliance with antidiscrimination
statutes. As described above, there are currently no application-level
data comprehensive enough or that contain the demographic information
required by the final rule to enable the public to conduct these kinds
of analyses. The data made public pursuant to the final rule and
subsequent privacy analysis will be comprehensive and contain the
necessary data fields for such analysis. Users will be able to examine
whether, for example, a lender denies applications from women-owned,
minority-owned, or LGBTQI+-owned businesses at higher rates than those
that are not or whether these businesses are charged higher prices.
This kind of transparency can place appropriate pressure on covered
financial institutions to ensure that their credit lending practices
comply with relevant laws. Additionally, data collected under the final
rule will contain the data fields that allow users to conduct more
accurate fair lending analyses by comparing applications for credit
products with similar characteristics.
B. Baseline for the Consideration of Costs and Benefits
In evaluating the benefits, costs, and impacts of the final rule,
the Bureau takes as a baseline the current legal framework governing
financial markets, i.e., the current state of the world before the
Bureau's rule implementing section 1071. Under this baseline, the
Bureau assumes that institutions are complying with regulations that
they are currently subject to, including reporting data under HMDA,
CRA, and any State commercial financing disclosure laws.\911\ The
Bureau believes that such a baseline will also provide the public with
better information about the benefits and costs of this rule.
---------------------------------------------------------------------------
\911\ See, e.g., N.Y. S.898 (signed Jan. 6, 2021) (amending
S.5470-B), https://legislation.nysenate.gov/pdf/bills/2021/s898;
Cal. S.B. 1235 (Sept. 30, 2018), https://leginfo.legislature.ca.gov/faces/billTextClient.xhtml?bill_id=201720180SB1235; Virginia H. 1027
(enacted Apr. 11, 2022), https://lis.virginia.gov/cgi-bin/legp604.exe?221+ful+CHAP0516; Utah S.B. 183 (enacted Mar. 24, 2022),
https://le.utah.gov/~2022/bills/static/SB0183.html.
---------------------------------------------------------------------------
The Bureau received no comments regarding its choice of baseline
for its section 1022(b)(2) analysis.
C. Basic Approach of the Bureau's Consideration of Benefits and Costs
and Data Limitations
Pursuant to section 1022(b)(2)(A) of the Dodd-Frank Act,\912\ in
prescribing a rule under the Federal consumer financial laws (which
include ECOA and title X of the Dodd-Frank Act), the Bureau is required
to consider the potential benefits and costs to ``consumers'' and
``covered persons,'' including the potential reduction of access by
consumers to consumer financial products or services resulting from
such rule, and the impact of final rules on covered persons as
described under section 1026 of the Dodd-Frank Act \913\ (i.e.,
depository institutions and credit unions with $10 billion or less in
total assets), and the impact on consumers in rural areas.
---------------------------------------------------------------------------
\912\ 12 U.S.C. 5512(b)(2)(A).
\913\ 12 U.S.C. 5516.
---------------------------------------------------------------------------
The Dodd-Frank Act defines the term ``consumer'' as an individual
or someone acting on behalf of an individual, while a ``covered
person'' is one who engages in offering or providing a ``consumer
financial product or service,'' which means a financial product or
service that is provided to consumers primarily for ``personal, family,
or household purposes.'' \914\ In the rulemaking implementing section
1071, however, the only parties directly affected by the rule are small
businesses (rather than individual consumers) and the financial
institutions from whom they seek credit (rather than covered persons).
Accordingly, a section 1022(b)(2)(A) analysis that considers only the
costs and benefits to individual consumers and to covered persons would
not meaningfully capture the costs and benefits of the rule.
---------------------------------------------------------------------------
\914\ 12 U.S.C. 5481(4) through (6).
---------------------------------------------------------------------------
Below, the Bureau conducts the statutorily required analysis with
respect to the rule's effects on consumers and covered persons.
Additionally, the Bureau is electing to conduct this same analysis with
respect to small businesses and the financial institutions required to
compile, maintain, and submit data under the final rule. This
discussion relies on data that the Bureau has obtained from industry,
other regulatory agencies, and publicly available sources. However, as
discussed further below, the data limit the Bureau's ability to
quantify the potential costs, benefits, and impacts of the final rule.
1. Analysis With Respect to Consumers and Covered Persons
The final rule implements a data collection regime in which certain
covered financial institutions must compile, maintain, and submit data
with respect to applications for credit for small businesses. The rule
will not directly impact consumers or consumers in rural areas, as
those terms are defined by the Dodd-Frank Act. However, some consumers
will be directly impacted in their separate capacity as sole owners of
small businesses covered by the rule. Some covered persons, including
some that are depository institutions or credit unions with $10 billion
or less in total assets, will be directly affected by the rule not in
their capacity as covered persons (i.e., as offerors or providers of
consumer financial products or services) but in their separate capacity
as financial institutions that offer small business credit covered by
the rule. The costs, benefits, and impact of the rule on those entities
are discussed below.
2. Costs to Covered Financial Institutions
The final rule establishes which financial institutions,
applicants, transactions, and data points are covered by its
requirements. In order to precisely quantify the costs to covered
financial institutions, the Bureau would need representative data on
the operational costs that financial institutions would incur to gather
and report 1071 data, one-time costs for financial institutions to
update or create reporting infrastructure to implement the final rule,
and information on the level of complexity of financial institutions'
business models and compliance systems. Currently, the Bureau does not
believe that data on section 1071 reporting costs with this level of
granularity are systematically available from any source. The Bureau
has made reasonable efforts to gather data on section 1071 reporting
costs.
[[Page 35493]]
Through outreach efforts with industry, community groups, and other
regulatory agencies, the Bureau has obtained some information about
potential ongoing operational and one-time compliance costs, and the
discussion below uses this information to quantify certain costs of the
final rule. Throughout the section 1022 discussion in the NPRM, the
Bureau also solicited feedback about data or methodologies that would
enable it to more precisely estimate the benefits, costs, and impacts
of the proposed rule. The Bureau has reviewed these comments and
considered the information provided by the commenters. The Bureau
believes that the discussion herein constitutes the most comprehensive
assessment to date of the costs of section 1071 reporting by financial
institutions, as well as the most accurate estimates of costs given
available information. However, the Bureau recognizes that these
estimations may not fully quantify the costs to each covered financial
institution, especially given the wide variation of section 1071
reporting costs among financial institutions.
The Bureau categorizes costs required to comply with the final rule
into ``one-time'' and ``ongoing'' costs. ``One-time'' costs refer to
expenses that the financial institution will incur initially and only
once to implement changes required in order to comply with the
requirements of this rule. ``Ongoing'' costs are expenses incurred as a
result of the ongoing reporting requirements of the rule, accrued on an
annual basis. In considering the costs and impacts of the rule, the
Bureau has engaged in a series of efforts to estimate the cost of
compliance by covered entities. The Bureau conducted a One-Time Cost
Survey, discussed in more detail in part IX.E.1 below, to learn about
the one-time implementation costs associated with implementing section
1071 and adapted ongoing cost calculations from previous rulemaking
efforts. The Bureau evaluated the one-time costs of implementing the
procedures necessary and the ongoing costs of annually reporting under
the rule in part IX.F.3 below. The discussion below provides details on
the Bureau's approach in performing these institution-level analyses.
The Bureau realizes that costs vary by institution due to many factors,
such as size, operational structure, and product complexity, and that
this variance exists on a continuum that is impossible to fully
represent. In order to conduct a cost consideration that is both
practical and meaningful in light of these challenges, the Bureau has
chosen an approach that focuses on three representative types of
financial institutions. For each type, the Bureau has produced
reasonable estimates of the costs of compliance given the limitations
of the available data. Part IX.F.3 below provides additional details on
this approach.
3. Costs to Small Businesses
The Bureau has elected to estimate the costs to small businesses in
addition to those for covered financial institutions. The Bureau
expects the direct costs of the final rule to small businesses will be
negligible. Therefore, the Bureau focuses its analysis on whether and
how the Bureau expects financial institutions to pass on the costs of
compliance with the final rule to small businesses and any possible
effects on the availability or terms of small business credit. The
Bureau relies on economic theory to understand the potential for costs
to financial institutions to be passed on to small businesses. Further,
the Bureau describes feedback received through the One-Time Cost Survey
process, the SBREFA process, and comments from the NPRM process on how
creditors might react to increased compliance costs due to the final
rule.
4. Benefits to Small Businesses and Covered Financial Institutions
Quantifying benefits to small businesses presents substantial
challenges. As discussed above, Congress enacted section 1071 for the
purpose of facilitating enforcement of fair lending laws and enabling
communities, governmental entities, and creditors to identify business
and community development needs and opportunities of women-owned,
minority-owned, and small businesses. The Bureau is unable to readily
quantify any of these benefits with precision, both because the Bureau
does not have the data to quantify all benefits and because the Bureau
is not able to assess completely how effective the implementation of
section 1071 will be in achieving those benefits. The Bureau believes
that its final rule appropriately implements the statutory mandate of
section 1071 to effectuate the section's stated purposes. As discussed
further below, as a data reporting rule, most provisions of the final
rule will benefit small businesses in indirect ways, rather than
directly. Nevertheless, the Bureau believes that the impact of enhanced
transparency will substantially benefit small businesses. For example,
the final rule will facilitate the detection (and thus remediation) of
discrimination; promote public and private investment in certain
underserved markets; and promote competitive markets. Quantifying and
monetizing these benefits would require identifying all possible uses
of data collected under this rule, establishing causal links to the
resulting public benefits, and then quantifying the magnitude of these
benefits.
Similar issues arise in attempting to quantify the benefits to
covered financial institutions. Certain benefits to covered financial
institutions are difficult to quantify. For example, the Bureau
believes that the data collected under this rule will reduce the
compliance burden of fair lending reviews for lower risk financial
institutions by reducing the ``false positive'' rates during fair
lending prioritization by regulators. That is, by providing more
comprehensive application-level data about a covered institution's
lending to small businesses, regulators will be able to better identify
fair lending risks and, as such, more efficiently prioritize their fair
lending examinations and enforcement activities. The Bureau also
believes that data made public pursuant to the final rule will allow
financial institutions to better understand the demand for small
business credit products and the conditions under which they are being
supplied by other covered financial institutions and to identify
potentially profitable opportunities to extend credit. The Bureau
believes that such benefits to financial institutions could be
substantial. However, quantifying them would require data that are
currently unavailable.
In light of these data limitations, the discussion below generally
provides a qualitative consideration of the benefits and impacts of the
final rule. General economic principles, together with the limited data
available, provide insight into these benefits and impacts. Where
possible, the Bureau makes quantitative estimates based on these
principles and the data that are available. Quantifying these benefits
is difficult because the size of each effect cannot be known in
advance. Given the number of small business credit transactions and the
size of the small business credit market, however, small changes in
behavior can have substantial aggregate effects.
5. General Comments on the Impact Analyses in the Proposed Rulemaking
Throughout the Dodd-Frank Act section 1022 discussion in the
NPRM,\915\ the Bureau solicited feedback that would enable it to
estimate the benefits, costs, and impacts of the
[[Page 35494]]
proposed regulation more precisely. The Bureau, for example, solicited
comments on its methodology for estimating one-time and ongoing costs,
the estimates of the specific costs themselves, and any information
that would help it better quantify the benefits and potential impacts
on small businesses and covered financial institutions. Many commenters
made general statements, while several provided comments specific to
certain methodologies or estimates. In this section, the Bureau
describes the comments more generally, while in subsequent sections, it
discusses comments specific to those sections.
---------------------------------------------------------------------------
\915\ See 86 FR 56356, 56540-64 (Oct. 8, 2021).
---------------------------------------------------------------------------
Commenters offered general remarks on the quality of the Bureau's
one-time and ongoing cost estimates. Several community groups described
the Bureau's estimates as ``well-considered'' or described the costs of
the proposed rule as being outweighed by the benefits. In contrast,
some industry commenters and an office of a Federal agency generally
asserted that the Bureau's cost estimates were too low. The Bureau has
reviewed its estimates and considered the information provided by the
commenters. In the sections below, the Bureau describes specific
comments related to each section of benefits, costs, and the potential
impact on small entities. The methodology described in the sections
below for the final rule is the same methodology that the Bureau used
in the NPRM unless otherwise noted.
D. Coverage of the Final Rule
1. Coverage in General
The final rule provides that financial institutions (both
depository and nondepository) that meet all the other criteria for a
``financial institution'' in Sec. 1002.105(a) would only be required
to collect and report section 1071 data if they originated at least 100
covered credit transactions in each of the two preceding calendar
years. See final Sec. 1002.105(b).
As discussed above, market-wide data on small business lending are
currently limited. The Bureau is unaware of any comprehensive data
available on small business originations for all financial
institutions, which are needed in order to precisely identify all
institutions covered by the rule. To estimate coverage of the final
rule, the Bureau uses publicly available data for financial
institutions divided into two groups: depository (i.e., banks, savings
associations, and credit unions) and nondepository institutions.
To estimate coverage of depository institutions, the Bureau relies
on NCUA Call Reports to estimate coverage for credit unions, including
for those that are not federally insured, and FFIEC Call Reports and
the CRA data to estimate coverage for banks and savings associations.
For the purposes of the analysis in this section of part IX, the Bureau
estimates the number of depository institutions that would have been
required to report small business lending data in 2019, based on the
estimated number of originations of covered products for each
institution in 2017 and 2018.\916\ The Bureau accounts for mergers and
acquisitions between 2017 and 2019 by assuming that any depository
institutions that merged in those years report as one institution.
---------------------------------------------------------------------------
\916\ The Bureau uses 2019 instead of 2020 or 2021 in order to
estimate coverage during, or based on, a year unaffected by COVID-19
pandemic conditions.
---------------------------------------------------------------------------
As discussed above, the NCUA Call Report captures the number and
dollar value of originations on all loans over $50,000 to members for
commercial purposes, regardless of any indicator about the business's
size. For the purposes of estimating the impacts of the final rule, the
Bureau uses the annual number of originated commercial loans to members
reported by credit unions as a proxy for the annual number of
originated covered credit transactions under the rule.\917\ These are
the best data available for estimating the number of credit unions that
may be covered by the final rule. However, the Bureau acknowledges that
the true number of covered credit unions may be different than what is
presented here. For example, this proxy would overestimate the number
of credit unions that will be covered if some commercial loans to
members are not covered because the member is taking out a loan for a
business considered large under the definition of a small business in
the final rule. Alternatively, this proxy would underestimate the
number of credit unions covered by the final rule if credit unions
originate a substantial number of covered credit transactions with
origination values under $50,000.
---------------------------------------------------------------------------
\917\ For this analysis, the Bureau includes all types of
commercial loans to members except construction and development
loans and loans secured by multifamily residential property. This
includes loans secured by farmland; loans secured by owner-occupied,
non-farm, non-residential property; loans secured by non-owner
occupied, non-farm, non-residential property; loans to finance
agricultural production and other loans to farmers; commercial and
industrial loans; unsecured commercial loans; and unsecured
revolving lines of credit for commercial purposes.
---------------------------------------------------------------------------
The FFIEC Call Report captures banks' and savings associations'
outstanding number and amount of small loans to businesses (i.e., loans
originated under $1 million to businesses of any size; small loans to
farms are those originated under $500,000). The CRA requires banks and
savings associations with assets over a specified threshold ($1.384
billion as of 2022) \918\ to report loans to businesses in original
amounts of $1 million or less. For the purposes of estimating the
impacts of the final rule, the Bureau follows the convention of using
small loans to businesses as a proxy for loans to small businesses and
small loans to farms as a proxy for loans to small farms. These are the
best data available for estimating the number of banks and savings
associations that may be covered by the final rule. However, the Bureau
acknowledges that the true number of covered banks and savings
associations may be different than what is presented here. For example,
this proxy would overestimate the number of banks and savings
associations covered by the rule if a significant number of small loans
to businesses and farms are to businesses or farms that are considered
large under the definition of a small business in the final rule.
Alternatively, this proxy would underestimate the number of banks and
savings associations covered by the rule if a significant number of
businesses and farms that are small under the final rule take out loans
that are larger than $1 million for businesses or $500,000 for farms.
---------------------------------------------------------------------------
\918\ See Fed. Fin. Insts. Examination Council, Explanation of
the Community Reinvestment Act Asset-Size Threshold Change (2022),
https://www.ffiec.gov/cra/pdf/2022_Asset_Size_Threshold.pdf.
---------------------------------------------------------------------------
Although banks and savings associations reporting under the CRA are
required to report the number of originations of small loans to
businesses and farms, the Bureau is not aware of any comprehensive
dataset that contains originations made by banks and savings
associations below the CRA reporting threshold. To fill this gap, the
Bureau simulated plausible values for the annual number and dollar
value of originations for each bank and savings association that falls
below the CRA reporting threshold for 2017, 2018, and 2019.\919\ The
Bureau generated simulated originations in order to account for the
uncertainty around the exact number and value of originations
[[Page 35495]]
for these banks and savings associations. To simulate these values, the
Bureau assumes that these banks have the same relationship between
outstanding and originated small loans to businesses and farms as banks
and savings associations above the CRA reporting threshold. First, the
Bureau estimated the relationship between originated and outstanding
numbers and balances of small loans to businesses and farms for CRA
reporters. Then the Bureau used this estimate, together with the
outstanding numbers and balances of small loans to businesses and farms
of non-CRA reporters, to simulate these plausible values of
originations. The Bureau has documented this methodology in more detail
in its Supplemental estimation methodology for institutional coverage
and market-level cost estimates in the small business lending rule
released concurrently with this final rule.\920\
---------------------------------------------------------------------------
\919\ Based on FFIEC Call Report data as of December 2019, of
the 5,177 banks and savings associations that existed in 2019, only
about 11 percent were required to report under CRA. That is, only
about 11 percent of banks and savings associations had assets below
$1.284 billion, the CRA reporting threshold in 2019. See Fed. Fin.
Insts. Examination Council, 2019 Reporting Criteria, https://www.ffiec.gov/cra/reporter19.htm (last visited Mar. 20, 2023).
\920\ This document is available at https://www.consumerfinance.gov/data-research/research-reports/supplemental-estimation-methodology-institutional-coverage-market-level-cost-estimates-small-business-lending-rulemaking/.
---------------------------------------------------------------------------
Based on 2019 data from FFIEC and NCUA Call Reports and the CRA
data, using the methodology described above, the Bureau estimates that
the number of depository institutions that will be required to report
under the final rule is between approximately 1,800 and 2,000, as shown
in Table 3 below. The Bureau estimates that between 1,700 and 1,900
banks and savings associations and about 100 credit unions will be
required to report under the final rule. These ranges represent 95
percent confidence intervals over the number of credit unions, banks
and savings associations that will be covered under the final rule. The
Bureau presents this range to reflect the uncertainty associated with
the estimates and notes that the uncertainty is driven by the lack of
data on originations by banks and savings associations below the CRA
reporting threshold.
Table 3--Estimated Depository Institution Coverage
[As of 2019]
------------------------------------------------------------------------
Coverage category Estimated coverage
------------------------------------------------------------------------
Institutions Subject to 1071 Reporting.. 1,800-2,000 depository
institutions (17%-19% of all
depository institutions).
Banks and Savings Associations (SAs) 1,700-1,900 banks and SAs (33%-
Subject to Reporting. 36% of all banks and SAs).
Credit Unions Subject to Reporting...... 100 credit unions (2% of all
credit unions).
Share of Total Small Business Credit by 94.2%-95.1%.
Depository Institutions (Number of
Loans Originated) Captured.
Share of Total Small Business Credit by 81.0%-83.0%.
Depository Institutions (Dollar Value
of Loans Originated) Captured.
------------------------------------------------------------------------
For nondepositories, the Bureau estimates that about 620
nondepository institutions will be covered by the final rule: about 140
nondepository CDFIs; about 70 merchant cash advance providers; about 30
online lenders; about 240 commercial finance companies; about 70
governmental lending entities; and 71 Farm Credit System members.\921\
See part II.D above for more detail on how the Bureau arrived at these
estimates.
---------------------------------------------------------------------------
\921\ The Bureau provides estimates for the majority of
nondepository institutions but knows an exact number of members of
the Farm Credit System. To estimate the number of Farm Credit System
members, the Bureau considers the Young, Beginning, and Small
Farmers Reports for all Farm Credit System members as of December
31, 2019. The reports can be found at https://reports.fca.gov/CRS/
(last visited Mar. 20, 2023). A Farm Credit System is covered if it
reported more than 100 total number of loans on its Young,
Beginning, and Small Farmers Report in 2019.
---------------------------------------------------------------------------
Comments on the estimates of coverage of the proposed rule. In the
NPRM, the Bureau sought comment on whether there are additional data
sources that could provide better estimates of coverage and on the
methods used to estimate coverage. Two trade associations commented
that the Bureau substantially underestimates the coverage of credit
unions because it does not account for small business loans under
$50,000. The Bureau acknowledges this limitation of the estimation
methodology, as discussed above, but did not receive any information
upon which to base better coverage estimates for credit unions for
purposes of the final rule.
2. Coverage Based on Tiered Compliance Dates
The final rule provides that the initial compliance date for
covered financial institutions will occur in three tiers; a covered
financial institution will determine its compliance date tier based on
the number of covered credit transactions that it originated in each of
the calendar years 2022 and 2023.\922\ In this section, the Bureau
presents estimates of the share of covered financial institutions that
will report in each tier.
---------------------------------------------------------------------------
\922\ A covered financial institution is in Tier 1, as specified
by final Sec. 1002.114(b)(1), if it has at least 2,500 originations
of covered credit transactions in each of 2022 and 2023, with a
compliance date of October 1, 2024. A covered financial institution
is in Tier 2, as specified by final Sec. 1002.114(b)(2), if it has
at least 500 originations in each of 2022 and 2023 (but isn't in
Tier 1) with a compliance date of April 1, 2025. A covered financial
institution is in Tier 3, as specified by final Sec. 1002.114(b)(3)
and (4), if it has at least 100 originations in each of 2022 and
2023 (but isn't in Tiers 1 or 2), with a compliance date of January
1, 2026. Financial institutions that do not fall into any of the
compliance tiers based on 2022 and 2023 originations, but that
originate 100 more covered credit transactions in subsequent years,
would comply beginning January 1, 2026 at the earliest.
---------------------------------------------------------------------------
The Bureau uses the estimates of originations of covered products
by depository institutions in 2017 and 2018, discussed above, to
estimate how many covered depository institutions will report in each
tier. A covered depository institution is expected to report in Tier 1
if it originated at least 2,500 covered credit transactions in each of
2017 and 2018. A covered depository institution is expected to report
in Tier 2 if it originated at least 500 covered credit transactions in
each of 2017 and 2018 and was not required to report in Tier 1. A
covered depository institution is expected to report in Tier 3 if it
originated at least 100 covered credit transactions in each of 2017 and
2018 and was not required to report in Tier 1 or Tier 2. The Bureau
also estimates the percent of covered applications from 2019 that are
received by depository institutions in each tier.
Table 4, below, presents estimates of percentages of covered banks
and credit unions that will report in each tier. The Bureau estimates
that most covered banks, savings associations, and credit unions will
not be required to report until Tier 3, as seen in the first two rows
[[Page 35496]]
of the table. However, the next two rows show that most applications to
banks and savings associations (and overall) for covered products in
the first reporting year will be received by the 5 percent to 6 percent
of covered banks and savings associations that are expected to report
in Tier 1.
Table 4--Estimated Depository Institution Coverage by Compliance Tier \923\
----------------------------------------------------------------------------------------------------------------
Coverage category Tier 1 Tier 2 Tier 3
----------------------------------------------------------------------------------------------------------------
Percent Covered Banks and SAs 5%-6% of covered banks 17%-19% of covered 75%-77% of covered
Reporting in Tier. and SAs. banks and SAs. banks and SAs.
Percent Covered Credit Unions 0% of covered credit 13% of covered credit 87% of covered credit
Reporting in Tier. unions. unions. unions.
Percent of Covered Small Business 90%-92% of covered bank 4%-5% of covered bank 4%-5% of covered bank
Credit Applications by Banks and SAs and SA applications. and SA applications. and SA applications.
Captured in Tier.
Percent of Covered Small Business 0% of covered credit 55% of covered credit 46% of covered credit
Credit Applications by Credit Unions union applications. union applications. union applications.
Captured in Tier.
----------------------------------------------------------------------------------------------------------------
As discussed above, the Bureau is unaware of any institution-level
data of originations for nondepository institutions that would allow
for precise estimates of when these institutions are expected to
report. Consistent with assumptions made below to generate market-level
estimates, the Bureau assumes that online lenders and merchant cash
advance providers each originate 2,000 covered credit transactions per
year and all other nondepository institutions originate 200 loans per
year. These assumptions imply that all online lenders and merchant cash
advance providers would be required to report in Tier 2 and all other
nondepository institutions would be required to report in Tier 3.
---------------------------------------------------------------------------
\923\ To estimate applications, the Bureau assumes that
depository institutions with that originate 1,000 or more covered
credit transactions per year receive 3 applications per origination
and depository institutions that originate fewer than 1,000 covered
credit transactions per year receive 2 applications per origination.
---------------------------------------------------------------------------
E. Methodology for Generating Cost Estimates
The Bureau used its 2015 HMDA final rule estimates as the basis for
its review of 1071 data collection and reporting tasks that would
impose one-time and ongoing costs. In developing its ongoing cost
methodology to estimate the impacts of its 2015 HMDA final rule, the
Bureau used interviews with financial institutions to understand the
processes of complying with a regulation that requires collecting and
reporting credit application data and to generate estimates of how
changes to the reporting requirements would impact the ongoing costs of
collecting and reporting mortgage application data.\924\ To analyze the
potential impacts of this final rule, the Bureau adapted its
methodology from its 2015 HMDA rulemaking activities to the small
business lending market. The methodology described below to estimate
costs of the final rule is the same as the methodology used in the NPRM
unless otherwise noted.
---------------------------------------------------------------------------
\924\ Home Mortgage Disclosure (Regulation C), 80 FR 66128,
66269 (Oct. 28, 2015).
---------------------------------------------------------------------------
The Bureau expects that the tasks required for data collection,
checking for accuracy, and reporting under the final rule will be
similar to those under the 2015 HMDA final rule. The similarities in
data collection and reporting tasks allowed the Bureau to leverage its
previous rulemaking experience in its analysis of the impacts of this
final rule. Outreach to industry, as well as feedback during the SBREFA
process and in NPRM comments, validated this approach in general. The
Bureau received no comments objecting to its use of the 2015 HMDA final
rule impacts estimates as the basis for its methodology for the final
rule implementing section 1071.
However, there are significant differences between the home
mortgage and small business lending markets. For example, small
business lending is generally less automated, and has a wider variety
of products, smaller volumes, and smaller credit amounts. The Bureau
used the SBREFA process, NPRM comments, research using publicly
available information, and the Bureau's general expertise regarding the
small business lending market to determine how these differences would
change the tasks required for data collection, checking for accuracy,
and reporting under the final rule.
During the 2015 HMDA rulemaking process, the Bureau identified
seven key aspects or dimensions of compliance costs with a data
collection and reporting rule: (1) the reporting system used; (2) the
degree of system integration; (3) the degree of system automation; (4)
the tools for geocoding; (5) the tools for performing completeness
checks; (6) the tools for performing edits; and (7) the compliance
program. The Bureau assumes that financial institutions will set up
their section 1071 reporting in a manner similar to how HMDA reporting
was implemented.\925\ As discussed in more detail below, this approach
was generally supported by the SBREFA process and NPRM commenters.
---------------------------------------------------------------------------
\925\ For example, the Bureau assumes that financial
institutions will integrate their small business data management
system with their other data systems the same way that similar
institutions integrated their HMDA management system.
---------------------------------------------------------------------------
The Bureau found during the HMDA rulemaking process that,
generally, the complexity of a financial institution's approach across
key aspects or dimensions was consistent--that is, a financial
institution generally would not use less complex approaches on some
dimensions and more complex approaches on others.\926\ This allowed the
Bureau to classify financial institutions, including depository
institutions and nondepository institutions, into three broad types
according to the overall level of complexity of their compliance
operations. Using very similar assumptions to those used in the 2015
HMDA rulemaking, the Bureau's estimation of the costs of this final
rule also assumes that complexity across key aspects or dimensions of a
financial institution's small business lending data collection and
reporting system is consistent.
---------------------------------------------------------------------------
\926\ 80 FR 66128, 66269 (Oct. 28, 2015).
---------------------------------------------------------------------------
Table 5, below, summarizes the typical approach to those seven key
aspects or dimensions of compliance costs across three representative
types of financial institutions based on level of complexity in
compliance operations. Financial institutions that are Type A have the
lowest level of complexity in
[[Page 35497]]
compliance operations, while Type B and Type C have the middle and
highest levels of complexity, respectively.
Table 5--Typical Approach to Certain Aspects/Dimensions of Compliance Costs Based on Level of Complexity for
Types of Financial Institutions
----------------------------------------------------------------------------------------------------------------
Typical approach by low Typical approach by Typical approach by
complexity financial medium complexity high complexity
Aspect/dimension of compliance costs institutions (Type A financial institutions financial institutions
FIs) (Type B FIs) (Type C FIs)
----------------------------------------------------------------------------------------------------------------
Data storage system used............. Store data in Excel.... Use LOS and SBL DMS.... Use multiple LOS, FI's
central SoR, SBL DMS.
Degree of system integration......... (None)................. Have forward Have backward and
integration (LOS to forward integration.
SBL DMS).
Degree of system automation.......... Highly manual process Use manual edit checks. Have high automation
for entering and (only verifying edits
checking data. manually).
Tools for geocoding.................. Use FFIEC tool (manual) Use batch processing... Use batch processing
with multiple sources.
Tools for completeness checks........ Conduct manual checks Use LOS, which includes Use multiple stages of
and rely on CFPB completeness checks. checks.
quality/validity
checks.
Tools for edits...................... Use CFPB edits only.... Use CFPB and customized Use CFPB and customized
edits. edits run multiple
times.
Compliance program................... Have a joint compliance Have basic internal and Have in-depth accuracy
and audit office. external accuracy and fair lending
audit. audit.
----------------------------------------------------------------------------------------------------------------
Note: LOS is ``Loan Origination System''; SoR is ``System of Record''; SBL DMS is ``Small Business Lending Data
Management System.'' \927\
During the rulemaking process for the 2015 HMDA final rule, the
Bureau found that the number of loan applications received was largely
correlated with overall complexity of financial institutions'
compliance operations.\928\ The Bureau used this observation of
financial institution practices under the previous HMDA rulemaking
work, in addition to early outreach to financial institutions and data
from Call Reports and publicly available data from the CDFI Fund, to
generate assumptions about the annual number of small business lending
applications for covered credit transactions processed by each type of
financial institution. These assumptions adapt the volume assumptions
from the mortgage lending context to address the fact that financial
institutions typically process fewer small business credit applications
than mortgage applications. The Bureau assumes that Type A FIs receive
fewer than 300 applications per year, Type B FIs receive between 300
and 2,000 applications per year, and Type C FIs receive more than 2,000
applications per year. The Bureau assumes that, for Type A and B FIs,
one out of two small business applications will result in an
origination. Thus, the Bureau assumes that Type A FIs originate fewer
than 150 covered credit transactions per year and Type B FIs originate
between 150 and 999 covered credit transactions per year. The Bureau
assumes that Type C FIs originate one out of three small business
applications and at least 1,000 covered credit transactions per
year.\929\ As described in the comment review below, these methodology
assumptions were generally supported by the SBREFA process and comments
on the NPRM.
---------------------------------------------------------------------------
\927\ The Bureau expects the development of a market for small
business data management systems, similar to HMDA management
systems, that financial institutions will license or purchase from
third parties.
\928\ 80 FR 66128, 66270 (Oct. 28, 2015).
\929\ The Bureau chose the 1:2 and 1:3 application to
origination ratios based on two sources of information. First see
Biz2Credit, Small Business Loan Approval Rates Rebounded in May
2020: Biz2Credit Small Business Lending Index (May 2020), https://cdn.biz2credit.com/appfiles/biz2credit/pdf/report-may-2020.pdf,
which shows that, in December of 2019, large banks approved small
business loans at a rate of 27.5 percent, while small banks and
credit unions had approval rates of 49.9 percent and 40.1 percent.
Additionally, the Bureau's supervisory data supports a 33 percent
approval rate as a conservative measure among these estimates for
complex financial institutions (Type C FIs).
---------------------------------------------------------------------------
The Bureau understands that costs vary by financial institution due
to many factors, such as size, operational structure, and product
complexity, and that this variance exists on a continuum that is
impossible to fully represent. Due to data limitations, the Bureau is
unable to capture many of the ways in which costs vary by institution,
and therefore uses these representative financial institutions with the
above assumptions for its analysis. In order to aggregate costs to a
market level, the Bureau must map financial institutions onto its types
using discrete volume categories.
For the hiring costs discussion in part IX.F.3.i and ongoing costs
discussion in part IX.F.3.ii below, the Bureau discusses costs in the
context of representative institutions for ease of exposition. The
Bureau assumes that a representative Type A FI receives 100 small
business credit applications per year, a representative Type B FI
receives 400 small business credit applications per year, and a
representative Type C FI receives 6,000 small business credit
applications per year. The Bureau further assumes that a representative
Type A FI originates 50 covered credit transactions per year,\930\ a
representative Type B FI originates 200 covered credit transactions per
year, and a representative Type C FI originates 2,000 covered credit
transactions per year.
---------------------------------------------------------------------------
\930\ The Bureau discusses a representative Type A FI that will
not be covered by the final rule to make the final estimates easier
to compare with those in the NPRM and to highlight what the costs of
the rule would have been for a financial institution that is not
covered by the final rule.
---------------------------------------------------------------------------
1. Methodology for Estimating One-Time Costs of Implementation of the
Final Rule
The one-time cost estimation methodology for the final rule
described in this section is the same methodology that the Bureau used
in the NPRM unless otherwise noted. The primary differences are the
addition of hiring costs, in response to comments, and changes in the
wages to reflect the most recent data.
The Bureau has identified the following nine categories of one-time
costs that will likely be incurred by financial institutions to develop
the infrastructure to collect and report data under the final rule:
1. Preparation/planning
2. Updating computer systems
3. Testing/validating systems
4. Developing forms/applications
[[Page 35498]]
5. Training staff and third parties (such as brokers)
6. Developing policies/procedures
7. Legal/compliance review
8. Post-implementation review of compliance policies and procedures
9. Hiring costs \931\
---------------------------------------------------------------------------
\931\ The Bureau added this category after the NPRM and did not
ask about it in the survey.
Pre-NPRM outreach with financial institutions has informed the
Bureau's understanding of one-time costs. Financial institutions will
likely have to spend time and resources understanding the final rule,
developing the required policies and procedures for their employees to
follow, and engaging a legal team to review their draft policies and
procedures. Additionally, financial institutions may require new
equipment, such as new computer systems that can store and check the
required data points; new or revised application forms or related
materials to collect any data required under the final rule that they
do not currently collect, including minority-owned, women-owned, and
LGBTQI+-owned business statuses and the ethnicity, race, and sex of
applicants' principal owners, and to provide any related disclosures
required by the rule. Some financial institutions mentioned that they
may store, check, and report data using third-party providers such as
Fiserv, Jack Henry, LaserPro, or Fidelity Information Systems, while
others may use more manual methods of data storage, checking, and
reporting using software applications such as Microsoft Excel.
Financial institutions will also engage in a one-time training of all
small business lending staff to ensure that employees understand the
new policies and procedures. After all new policies and procedures have
been implemented and systems/equipment deployed, financial institutions
will likely undertake a final internal review to ensure that all the
requirements of the final rule have been satisfied.
The Bureau presented one-time cost categories 1 through 8 in the
SBREFA Outline and during the SBREFA process in 2020.\932\ The small
entity representatives generally confirmed that these eight categories
listed above accurately capture the components of one-time costs. Small
entity representatives did not mention hiring costs during the SBREFA
process. The Bureau added the hiring costs category after receiving
comments in response to the NPRM.
---------------------------------------------------------------------------
\932\ SBREFA Outline at 49-52.
---------------------------------------------------------------------------
The Bureau also conducted a survey in 2020 regarding one-time
implementation costs for section 1071 compliance targeted at financial
institutions who extend small business credit.\933\ The Bureau
developed the survey instrument based on guidance from industry on the
potential types of one-time costs institutions might incur if required
to report under a rule implementing section 1071 and tested the survey
instrument on a small set of financial institutions, incorporating
their feedback prior to implementation. The Bureau worked with several
major industry trade associations to recruit their members to respond
to the survey. A total of 105 financial institutions responded to the
survey.
---------------------------------------------------------------------------
\933\ The One-Time Cost Survey was released on July 22, 2020;
the response period closed on October 16, 2020. The OMB control
number for this collection is 3170-0032.
---------------------------------------------------------------------------
Estimates from survey respondents form the basis of the Bureau's
estimates for one-time costs in assessing the impact of this final
rule. The survey was broadly designed to ask about the one-time costs
of reporting data under a regime that only included mandatory data
points, used a reporting structure similar to HMDA, used the Regulation
B definition of an ``application,'' and used the respondent's own
internal small business definition. The survey was divided into three
sections: Respondent Information, One-Time Costs, and the Cost of
Credit to Small Entities.
In the Respondent Information section, the Bureau obtained basic
information about the respondent, including information on the type of
institution, its size, and its volume of small business lending. (The
Bureau did not, however, obtain the actual name or other directly
identifying information about respondents.) The One-Time Costs section
of the survey measured the total hours, staff costs, and non-salary
expenses associated with the different tasks comprising one-time costs.
Using the reported costs of each task, the Bureau estimated the total
one-time cost for each respondent. The Cost of Credit to Small Entities
section dealt with the respondent's anticipated response to the
increased compliance costs of being covered by a rule implementing
section 1071 in order to understand the potential impacts of the rule
on its small business lending activity, including any anticipated
potential changes to underwriting standards, volume, prices, product
mix, or market participation.
To estimate one-time costs, the Bureau needs information on a
financial institution's one-time costs by category and number of
originations. Of the 105 total respondents, 49 answered these
questions. The Bureau refers to these respondents as the ``cost
estimation sample.'' Of these respondents, 42 (86 percent) self-
reported that they were a depository institution (bank, saving
association, or credit union). The remaining seven (14 percent) were
nondepository institutions. Table 6 presents the self-reported asset
size of the 42 depository institution respondents in the cost
estimation sample.\934\
---------------------------------------------------------------------------
\934\ Nondepository institutions also reported assets. The
Bureau separately reports asset category for depository institutions
because asset sizes are not as comparable between depositories and
nondepositories. The Bureau does not report asset sizes for
nondepository respondents because there were too few respondents to
report separately without risking re-identification of respondents.
Table 6--Asset Sizes of Depository Institutions in One-Time Cost
Estimation Sample
------------------------------------------------------------------------
Asset category Count Percent of sample
------------------------------------------------------------------------
Less than $250 million.............. 9 21.43
$250 million to $500 million........ 9 21.43
$500 million to $1 billion.......... 7 16.67
$1 billion to $10 billion........... 8 19.05
$10 billion to $500 billion......... 9 21.43
------------------------------------------------------------------------
For the purposes of estimating one-time costs, the Bureau
distinguishes between depository institutions and nondepository
institutions. The majority of nondepository institutions are not
currently subject to any similar data reporting requirements, with the
notable exception of nondepository CDFIs. The Bureau anticipates that
covered financial institutions that are not currently subject to data
reporting requirements will need to make more changes to their existing
business operations in order to comply with the requirements of the
final rule. This
[[Page 35499]]
expectation is confirmed by the higher estimated one-time costs for
nondepository institutions relative to depository institutions from the
survey and discussed in part IX.F.3.i.
The Bureau categorizes depository institution respondents in the
cost estimation sample into four groups according to the respondents'
self-reported total originations. The first group contains the two
depository institutions that reported fewer than 25 originations; the
Bureau assumes these institutions would not report under the final
rule. The second group contains ten depository institutions that
reported between 25 and 149 originations.\935\ The Bureau categorizes
these as Type A DIs (that is, a DI that is a Type A FI as defined
above.) The third group contains the 19 depository institutions that
reported between 150 and 999 originations. The Bureau categorizes these
as Type B DIs. The final group contains the 11 depository institutions
that reported 1,000 or more originations. The Bureau categorizes these
as Type C DIs.
---------------------------------------------------------------------------
\935\ The Bureau acknowledges that it uses information collected
from institutions that will not be covered by the final rule to
estimate the costs of implementing the rule. The Bureau uses these
observations to maintain a large enough sample size.
---------------------------------------------------------------------------
There are not enough nondepository institutions in the cost
estimation sample to separate nondepository institutions into Types A,
B, and C and obtain meaningful estimates. Instead, the Bureau is
relying on the assumption that nondepository institutions (referred to
as Non-DIs for purposes of this analysis) will incur the same one-time
costs regardless of the complexity of existing business operations,
CDFI status, or coverage by State commercial financing laws.
The Bureau estimated the one-time costs for each of the four
categories of financial institutions (Type A DI, Type B DI, Type C DI,
and Non-DI) using the following methodology.
For each of the first eight categories of one-time costs, the
Bureau asked financial institutions to estimate and report the total
number of hours that junior, mid-level, and senior staff would spend on
each task, along with any additional non-salary expenses. If a
respondent did not provide estimates for any component (i.e., staff
hours or non-salary expenses) of any category, it is not counted as
part of the cost estimation sample. If a respondent provided estimates
for some components but did not provide an estimate for a particular
component (e.g., non-salary expenses for preparation/planning) then the
Bureau assumed that the respondent estimated zero for that component.
The Bureau asked survey respondents to report the average hourly
wage for junior, mid-level, and senior/executive staff involved in the
one-time cost categories. However, for the purposes of estimating one-
time costs, the Bureau assumes a constant wage across financial
institutions for each level of staff. The Bureau has updated the wages
for the final rule from the wages used in the NPRM. For junior staff,
the Bureau uses $15.64, the 10th percentile hourly wage estimate for
``loan officers'' according to the 2021 Occupational Employment
Statistics compiled by the Bureau of Labor Statistics.\936\ For mid-
level staff, the Bureau uses $38.74, the estimated mean hourly wage
estimate for ``loan officers.'' For senior staff, the Bureau used
$66.50, the 90th percentile hourly wage estimate for ``loan officers.''
To account for non-monetary compensation, the Bureau also scaled these
hourly wages up by 43 percent.\937\ The Bureau assumes a total hourly
compensation of $22.37 for junior staff, as compared to $28.76, the
mean of the junior wages reported by respondents to the survey. The
Bureau assumes a total hourly compensation of $55.40 for mid-level
staff, as compared to $48.94, the mean of the mid-level wages reported
by respondents. The Bureau assumes a total hourly compensation of
$95.10, as compared to $90.19, the mean of the senior/executive wages
reported by respondents.
---------------------------------------------------------------------------
\936\ See U.S. Bureau of Labor Stat., U.S. Dep't of Labor,
Occupational Employment and Wage Statistics (May 2021), https://www.bls.gov/oes/current/oes132072.htm.
\937\ The June 2022 Employer Costs for Employee Compensation
from the Bureau of Labor Statistics documents that wages and
salaries are, on average, about 70 percent of employee compensation
for private industry workers. The Bureau inflates the hourly wage to
account for 100 percent of employee compensation ((100/70)-1) * 100
= 43 percent). See U.S. Bureau of Labor Stat., U.S. Dep't of Labor,
Employer Costs for Employee Compensation (June 2022), https://www.bls.gov/news.release/archives/eci_07292022.pdf.
---------------------------------------------------------------------------
For each respondent in the cost estimation sample, the Bureau
calculates the cost of each one-time cost category as the sum of the
junior wage multiplied by the reported junior hours, the mid-level wage
multiplied by the reported mid-level hours, and the senior wage
multiplied by the reported senior-level hours and the reported non-
salary expenses. The total cost of the first eight categories that the
Bureau calculates for each respondent is the sum of the costs across
all eight categories.
After calculating the total costs of the first eight categories for
each respondent, the Bureau identifies outliers within the four groups
of financial institutions (Type A DI, Type B DI, Type C DI, and Non-DI)
using the interquartile range method, a standard outlier identification
method. For each group of financial institutions, an observation is
considered an outlier if the estimated total cost is greater than 1.5
*(P75 - P25) + P75 or less than
P25-1.5 *(P75 - P25) where
P75 and P25 are the 75th and 25th percentiles,
respectively, of total costs within that group. Using this method, the
Bureau identified one outlier in each Type A DI, Type B DI, and Type C
DI group and no outliers in the Non-DI group.
In addition to the total estimated one-time costs, the Bureau is
interested in the hours, non-salary expenses, and total costs
associated with each of the different one-time cost categories. For
each group, the Bureau estimates each component of one-time costs by
taking the mean of the estimated component within the group, after
excluding outliers. For example, the estimated number of junior hours
required by Type A DIs to update computer systems is the mean number of
junior hours reported by the nine Type A DIs that were in the cost
estimation sample, excluding one outlier. The Bureau estimated the cost
associated with each category as the sum of the junior wage multiplied
by the estimated junior hours, the mid-level wage multiplied by the
estimated mid-level hours, and the senior-level wage multiplied by the
estimated senior hours, and the estimated non-salary expenses.
The Bureau did not include one-time hiring costs in the estimates
for the NPRM. In response to comments, the Bureau estimates hiring
costs for the final rule estimates. To estimate hiring costs, the
Bureau assumes that, prior to implementing the final rule, current
staff at a covered financial institution will not have extra capacity
to take on new tasks. This assumption implies that each institution
will need to hire at least one new employee. The Bureau anticipates
that institutions will rearrange tasks across new and existing
employees so that the new employees alone will not conduct all work
associated with the final rule.
The Bureau assumes that a covered financial institution will need
to hire enough full-time equivalent workers (FTEs) to cover the
estimated number of staff hours necessary to comply with the final rule
on an annual, ongoing basis. In part IX.E.2 below, the Bureau describes
how it estimates the ongoing costs to comply with the rule, including
the number of hours of staff time an institution needs per application.
The Bureau assumes that an FTE will work
[[Page 35500]]
about 2,080 hours each year (40 hours per week x 52 weeks = 2,080). The
Bureau calculates that the total number of FTEs that a covered
financial institution will need to hire as the number of hours per
application multiplied by the estimated number of applications received
per year divided by 2,080, rounded up to the next full FTE. For
example, if an institution receives 500 applications per year and
spends one hour on each application, it will need to hire one FTE ((1 *
500)/2080 = 0.24, which is round up to the next full FTE, i.e., 1). In
part IX.F.3.i, the Bureau also confirms that the estimated additional
staff can cover the estimated staff hours required for implementing
other one-time changes.
The Bureau calculates the hiring costs using the estimated cost-
per-hire of $4,425, estimated by the Society for Human Resource
Management.\938\ This estimated cost includes advertising fees,
recruiter pay and benefits, and employee referrals, among other
categories. For each covered financial institution, the estimated
hiring cost is $4,425 multiplied by the estimated new FTEs. The
estimated total one-time costs are the sum of the estimated hiring
costs and the other one-time costs for that institution discussed
above.
---------------------------------------------------------------------------
\938\ See Soc'y for Hum. Res. Mgmt., SHRM Customized Talent
Acquisition Benchmarking Report, at 11 (2017), https://www.shrm.org/ResourcesAndTools/business-solutions/Documents/Talent-Acquisition-Report-All-Industries-All-FTEs.pdf.
---------------------------------------------------------------------------
Comments on the one-time cost methodology of the proposed
rulemaking. In the NPRM, the Bureau sought comment on the methods used
for estimating one-time costs of implementation. Many industry
commenters provided information on the categories of costs that they
expect to incur to develop the infrastructure to collect and report
data under the proposed rule. In general, the costs these commenters
discussed fall in the original eight one-time cost categories listed.
Many of these commenters responded to the NPRM that they would incur
costs associated with hiring new staff. The Bureau's one-time and
ongoing cost methodologies account for the costs associated with paying
staff to implement the final rule. The Bureau agrees, however, that the
one-time cost methodology outlined in the NPRM could have more
fulsomely accounted for the initial cost of hiring new staff to perform
these tasks. As described above, the Bureau added hiring costs to one-
time cost estimates in response to these comments. Except for hiring
costs, commenters did not provide any additional one-time cost
categories.
Two trade associations asserted that the Bureau's estimates of one-
time costs are too low because the estimates are based on insufficient
data for nondepository lenders and, in particular, merchant cash
advance providers. The Bureau acknowledges that the scarcity of data
for nondepositories pose a challenge when estimating the costs,
benefits, and impacts of the final rule. This is particularly true for
nondepositories that are not currently subject to a data reporting
regime. Through outreach efforts with nondepository institutions and
trade associations, the SBREFA process, and the one-time cost survey,
the Bureau obtained information about the costs for nondepositories of
complying with the final rule. Throughout the section 1022 discussion
in the proposed rule, the Bureau also solicited feedback about data and
methodologies that would enable it to more precisely estimate the costs
of the proposed. The Bureau has reviewed these comments, considered the
information provided by the commenters, and adjusted the methodology as
described above.
2. Methodology for Estimating Ongoing Costs of Implementation of the
Final Rule
The Bureau identified 15 specific data collection and reporting
activities that would impose ongoing costs. Table 7 presents the full
list of 15 activities. Activities 1 through 3 can broadly be described
as data collection activities: these tasks are required to intake data
and transfer it to the financial institution's small business data
entry system. Activities 4 through 10 are related to reporting and
resubmission: these tasks are required to collect required data,
conduct internal checks, and report data consistent with the final
rule. Activities 11 through 13 are related to compliance and internal
audits: employee training, and internal and external auditing
procedures required to ensure data consistency and reporting in
compliance with the rule. Finally, activities 14 and 15 are related to
small business lending examinations by regulators: these tasks will be
undertaken to prepare for and assist during regulatory compliance
examinations. For the sake of this analysis, the Bureau assumes that
all covered financial institutions will be subject to regulatory
compliance examinations and thus incur costs related to activities 14
and 15.
Table 7--1071 Data Collection and Reporting Activities Imposing Ongoing
Costs
------------------------------------------------------------------------
Number Activity
------------------------------------------------------------------------
1.......................... Transcribing data.
2.......................... Resolving reportability questions.
3.......................... Transferring to Data Entry System, Loan
Origination System, or other data storage
system.
4.......................... Geocoding data.
5.......................... Standard annual edit and internal checks.
6.......................... Researching questions.
7.......................... Resolving question responses.
8.......................... Checking post-submission edits.
9.......................... Filing post-submission documents.
10......................... Small business data reporting/geocoding
software.
11......................... Training.
12......................... Internal audit.
13......................... External audit.
14......................... Exam preparation.
15......................... Exam assistance.
------------------------------------------------------------------------
Table 8 provides an example of how the Bureau calculates ongoing
compliance costs associated with each compliance task. The table shows
the calculation for each activity and notes whether the task would be a
``variable
[[Page 35501]]
cost,'' which would depend on the number of applications the
institution receives, or a ``fixed cost'' that does not depend on the
number of applications. Table 8 shows these calculations for a Type A
FI, or the institution with the least amount of complexity. Table 9
below summarizes the activities whose calculation differs by
institution complexity and shows the calculations for Type B FIs and
Type C FIs (where they differ from those for a Type A FI).
Table 8--Ongoing Compliance Cost Calculations for a Type A FI
------------------------------------------------------------------------
Number Activity Calculation Type \939\
------------------------------------------------------------------------
1.......... Transcribing data Hourly compensation x Variable.
hours per app. x
applications.
2.......... Resolving Hourly compensation x Variable.
reportability hours per app. with
questions. question x
applications with
questions.
3.......... Transfer to Data Hourly compensation x Variable.
Entry System. hours per app. x
applications.
4.......... Complete Hourly compensation x Variable.
geocoding data. hours per app. x
applications.
5.......... Standard annual Hourly compensation x Fixed.
edit and hours spent on edits
internal checks. and checks.
6.......... Researching Hourly compensation x Variable.
questions. hours per app. with
question x
applications with
questions.
7.......... Resolving Hourly compensation x Variable.
question hours per app. with
responses. question x
applications with
questions.
8.......... Checking post- Hourly compensation x Variable.
submission edits. hours checking post-
submission edits per
application.
9.......... Filing post- Hourly compensation x Fixed.
submission hours filing post-
documents. submission docs.
10......... Small business Uses free geocoding Fixed.
data reporting/ software.
geocoding
software.
11......... Training......... Hourly compensation x Fixed.
hours of training per
year x number of loan
officers.
12......... Internal audit... No internal audit Fixed.
conducted by
financial institution
staff.
13......... External audit... One external audit per Fixed.
year.
14......... Exam preparation. Hourly compensation x Fixed.
hours spent on
examination
preparation.
15......... Exam assistance.. Hourly compensation x Fixed.
hours spent on
examination
assistance.
------------------------------------------------------------------------
Many of the activities in Table 8 require time spent by loan
officers and other financial institution employees. To account for time
costs, the calculation uses the hourly compensation of a loan officer
multiplied by the amount of time required for the activity. The Bureau
uses a mean hourly wage of $38.74 for loan officers, based on data from
the Bureau of Labor Statistics.\940\ To account for non-monetary
compensation, the Bureau scales this hourly wage by 43 percent to
arrive at a total hourly compensation of $55.40 for use in these
calculations.\941\ The Bureau uses assumptions from its 2015 HMDA final
rule analysis, updated to reflect differences between mortgage lending
and small business lending, to estimate time spent on ``ongoing
tasks.'' \942\ As an example of a time calculation, the Bureau
estimates that transcribing the required data points would require
approximately 11 minutes per application for a Type A FI. The
calculation multiplied the number of minutes by the number of
applications and the hourly compensation to arrive at the total cost,
on an annual basis, of transcribing data. As another example, the
Bureau estimates that ongoing training for loan officers to comply with
a financial institution's 1071 policies and procedures would take about
two hours per loan officer per year. The cost calculation multiplies
the number of hours by the number of loan officers and by the hourly
compensation.
---------------------------------------------------------------------------
\939\ In this table, the term ``variable'' means the compliance
cost depends on the number of applications. The term ``fixed'' means
the compliance cost does not depend on the number of applications
(even if there are other factors upon which it may vary).
\940\ These data reflect the mean hourly wage for ``loan
officers'' according to the 2021 Occupational Employment Statistics
compiled by the Bureau of Labor Statistics. See U.S. Bureau of Labor
Stat., U.S. Dep't of Labor, Occupational Employment and Wages (May
2021), https://www.bls.gov/oes/current/oes132072.htm.
\941\ The June 2022 Employer Costs for Employee Compensation
from the Bureau of Labor Statistics documents that wages and
salaries are, on average, about 70 percent of employee compensation
for private industry workers. The Bureau inflates the hourly wage to
account for 100 percent of employee compensation ((100/70)-1) * 100
= 43 percent). U.S. Bureau of Labor Stat., U.S. Dep't of Labor,
Employer Costs for Employee Compensation (June 2022), https://www.bls.gov/news.release/archives/eci_07292022.pdf.
\942\ Home Mortgage Disclosure (Regulation C), 80 FR 66128 (Oct.
28, 2015). Some differences, for example, are reflected in the
number of applications, the number of data points per application,
and the number of loan officers for the representative institutions.
---------------------------------------------------------------------------
To arrive at the amount of time required per application for each
of the 15 tasks covered financial institutions would conduct to
collect, check, and report 1071 data, the Bureau begins with the
assumptions made for each task for the 35 data points under the 2015
HMDA final rule and then adjusts these required times relative to the
number of data points required under the final rule. The final rule
requires covered financial institutions to collect 20 data points for
each covered application. Several of these data points have multiple
components. For example, the credit type data point has three
subcomponents: the product type, the type of guarantee, and the term.
The data points for pricing information and the ethnicity, race, and
sex of principal owners also have multiple subcomponents.
Some activity costs in Table 8 depend on the number of
applications. It is important to differentiate between these variable
costs and fixed costs because the type of cost impacts whether and to
what extent covered institutions might be expected to pass on their
costs to small business loan applicants in the form of higher interest
rates or fees (discussed in more detail in part IX.F.4 below). Data
collection, reporting, and submission activities such as geocoding
data, standard annual edits and internal checks, researching questions,
and resolving question responses are variable costs. All other
activities are fixed cost because they do not depend on the overall
number of applications being processed. An example of a fixed cost
calculation is exam preparation, where the hourly compensation is
multiplied by the number of total hours required by loan officers to
prepare for 1071-related compliance examinations.
Table 9 shows where and how the Bureau assumes Type B FIs and Type
C FIs differ from Type A FIs in its ongoing cost methodology. Type B
FIs and Type C FIs use more automated procedures, which result in
different cost calculations. For example, for Type B FIs and Type C
FIs, transferring data to the data entry system and geocoding
applications are done automatically by business application data
management software licensed annually by the financial institution. The
relevant address is submitted for geocoding via batch processing,
rather than done manually for each application. The additional ongoing
geocoding costs reflect the time spent by loan officers on ``problem''
applications--that is, a percentage of overall applications that the
geocoding software misses--rather than time spent on all applications.
However, Type B FIs and Type C FIs have the additional ongoing cost of
a
[[Page 35502]]
subscription to a geocoding software or service as well as a data
management software that represents an annual fixed cost of reporting
1071 data. This is an additional ongoing cost that less complex Type A
FIs (that are covered financial institutions) will not incur. The
Bureau expects that Type A FIs will use free geocoding software
available from the FFIEC or the Bureau, which may include a new batch
function that could be developed by either the FFIEC or the Bureau.
Additionally, audit procedures differ between the three
representative institution types. The Bureau expects a Type A FI would
not conduct an internal audit but would pay for an annual external
audit. A Type B FI would be expected to conduct a simple internal audit
for data checks and also pay for an external audit on an annual basis.
Type C FIs would have a sophisticated internal audit process in lieu of
an external audit.
Table 9--Differences in Ongoing Cost Calculations for Type B FIs and
Type C FIs Versus Type A FIs
------------------------------------------------------------------------
Difference for a Difference for a
Number Activity Type B FI Type C FI
------------------------------------------------------------------------
3........... Transfer to Data No employee time No employee time
Entry System. cost. cost.
Automatically Automatically
transferred by transferred by
data management data management
software software
purchased/ purchased/
licensed. licensed.
4........... Complete geocoding Cost of time per Few applications
data. application that require
unable to be manual attention.
geocoded by Completed by
software. third-party
software vendor.
10.......... Small business Uses geocoding Uses geocoding
data reporting/ software and/or software and/or
geocoding data management data management
software. software that software that
requires annual requires annual
subscription. subscription.
12.......... Internal Audit.... Hourly Hourly
compensation x compensation x
hours spent on hours spent on
internal audit. internal audit.
13.......... External Audit.... Yearly fixed Only an extensive
expense on internal audit
external audit. and no expenses
on external
audits.
------------------------------------------------------------------------
Table 10 below shows major assumptions that the Bureau makes for
each activity for each type of financial institution. Table 10 provides
the total number of hours the Bureau assumes are required for each task
that requires labor.\943\ For example, the Bureau assumes that
transcribing data for 100 applications will require 19 hours of labor.
The table also shows the assumed fixed cost of software and audits, as
well as areas where the Bureau assumes there will be cost savings due
to technology. In several cases, the activity does not apply to
financial institutions of a certain type, and are therefore not
displayed.
---------------------------------------------------------------------------
\943\ Compared to the assumptions in the Bureau's proposal, this
table includes additional time assumptions due to the collection of
the business's LGBTQI+-owned status.
\944\ The representative Type A, Type B, and Type C FIs are
assumed to receive, respectively, 100, 400 and 6,000 applications.
Table 10--Major Assumptions for the Representative Type A FIs, Type B FIs, and Type C FIs \944\
----------------------------------------------------------------------------------------------------------------
Number Activity Type A FI Type B FI Type C FI
----------------------------------------------------------------------------------------------------------------
1............... Transcribing data..... 19 hours total........ 38 hours total........ 571 hours total.
2............... Resolving 11 hours total........ 23 hours total........ 34 hours total.
reportability
questions.
3............... Transfer to 1071 data 19 hours total........ N/A................... N/A.
management software.
4............... Complete geocoding 7 hours total; 10 hours total (0.5 N/A.
data. reduction in time hours per ``problem''
cost relative to HMDA loan x 5% of loans
for software with that are ``problem'').
batch processing.
5............... Standard annual edit 18 hours total; 357 hours total; 741 hours total;
and internal checks. reduction for online reduction for online reduction for online
submission platform. submission platform. submission platform.
6............... Researching questions. 6 hours total......... 11 hours total........ 17 hours total.
7............... Resolving question 1 hour total.......... 1 hour total.......... 1 hour total.
responses.
8............... Checking post- 1 hour total.......... 5 hours total......... 18 hours total.
submission edits.
9............... Filing post-submission <1 hour total......... <1 hour total......... <1 hour total.
documents.
10.............. 1071 data management N/A................... $8,000................ $13,271.
system/geocoding
software.
11.............. Training.............. 24 hours total........ 120 hours total....... 800 hours total.
12.............. Internal audit........ N/A................... 8 hours total......... 2,304 hours total.
13.............. External audit........ $3,500................ $5,000................ N/A.
14.............. Exam preparation...... <1 hour total......... 80 hours total........ 480 hours total.
15.............. Exam assistance....... 2 hours total......... 12 hours total........ 80 hours total.
----------------------------------------------------------------------------------------------------------------
Comments on the ongoing cost methodology of the proposed
rulemaking. In the NPRM, the Bureau sought comment on the Bureau's
proposed methods to estimate the ongoing costs of the small business
lending rule. Many industry commenters described categories of ongoing
costs that fell within the categories of ongoing cost activities set
forth in the NPRM. Commenters, for example, described needing to
transcribe data from the application, train employees, conduct external
audits, or prepare for exams. Given the volume of comments affirming
these existing categories, the Bureau has retained those existing
categories of ongoing cost activities.
Some commenters suggested other categories of ongoing costs not
considered by the Bureau in the NPRM. A credit union and a trade
association suggested that more time was needed per application to
explain to customers the new collection requirements; a bank said more
time was needed to explain the requirements to collect ethnicity, race,
and sex information. The Bureau believes that its one-time costs
categories of ``developing forms and applications'' and ``developing
policies and procedures'' already account for these types of costs and
any remaining ongoing cost of explaining collection requirements will
be minimal. The commenters also did not provide specific estimates for
these categories of ongoing costs.
A joint trade association letter described how the rule has the
potential to create a new ongoing cost of retaining
[[Page 35503]]
the records. These comments focused on the information technology
infrastructure associated with the retention of records. The Bureau
believes that these costs are best described as one-time costs and are
captured in the ``updating computer systems'' category of its one-time
costs estimation. The Bureau thus has not included these as additional
categories of ongoing costs.
Comments on one-time and ongoing cost estimates based on levels of
financial institution complexity. The Bureau received several comments
related to its approach to defining complexity and using complexity
categories in its one-time and ongoing cost estimation. Several smaller
banks and credit unions explained that many of their processes related
to collecting, checking, and reporting data to the Bureau under the
proposed rule would largely be manual. The Bureau believes that its
Type A institution category already takes into account the various
manual processes described by these commenters and decided against
adding additional categories of complexity.
3. Methodology for Generating Market-Level Estimates of One-Time and
Ongoing Costs
To generate market-level cost estimates, the Bureau relies on the
estimates of the volume of small business lending originations
described in part IX.D above. As with institutional coverage, the
Bureau separates market-level cost estimates into estimates for
depository institutions and for nondepository institutions. The
methodology described below for the final rule is the same methodology
that the Bureau used in the NPRM.
For depository institutions, the Bureau estimates which
institutions of those that existed at the end of 2019 would likely be
covered or not covered by the final rule. For this analysis, the Bureau
uses 2019 to represent the first year of coverage. An institution would
be required to report data on applications received in 2019 if it
originated at least 100 covered originations in each of the preceding
two years (i.e., 2017 and 2018). If two depository institutions merged
between the end of 2017 and the end of 2019, the Bureau assumes that
those institutions would report as one entity. The Bureau then
categorizes each institution as a Type A DI, Type B DI, or Type C DI
based on its originations in 2019. Depository institutions with 0 to
149 covered originations in 2019 are categorized as Type A. Depository
institutions with 150 to 999 covered originations are categorized as
Type B. Depository institutions with 1,000 or more covered originations
are categorized as Type C. For each depository institution, the Bureau
assigns the appropriate estimated one-time cost (including hiring cost
as a function of estimated applications), ongoing fixed cost, ongoing
variable cost per application, and applications per origination
estimates associated with its institution type. The estimated number of
annual applications for each institution is the estimated number of
originations multiplied by the assumed number of applications per
origination for that institution type. The annual ongoing cost for each
institution is the ongoing fixed cost plus the ongoing variable cost
per application multiplied by the estimated number of applications. The
one-time hiring cost for each institution is the estimated number of
applications multiplied by the annual staff hours per application
divided by 2,080, rounded up to the next full FTE, multiplied by the
cost-per-hire.
To generate market-level estimates, the Bureau first calculates the
estimated one-time costs, including hiring costs, and annual ongoing
costs for each depository institution covered by the rule based on the
estimated number of originations for that institution in 2019. The
Bureau then sums these costs over the covered depository institutions
to find market-level statistics of total costs. As with coverage
estimates, the Bureau presents a range for market-level estimates. The
range reflects the uncertainty associated with the estimate of costs
for banks and savings associations below the CRA reporting threshold.
The Bureau has documented how it calculates these ranges in its
Supplemental estimation methodology for institutional coverage and
market-level cost estimates in the small business lending
rulemaking.\945\
---------------------------------------------------------------------------
\945\ See https://www.consumerfinance.gov/data-research/research-reports/supplemental-estimation-methodology-institutional-coverage-market-level-cost-estimates-small-business-lending-rulemaking/.
---------------------------------------------------------------------------
The Bureau is unaware of institution-level data on originations by
nondepository institutions that are comprehensive enough to estimate
costs using the same method as that for depository institutions.
Therefore, to generate market-level estimates for nondepository
institutions, the Bureau relies on the estimates discussed above and
several key assumptions. The Bureau assumes that online lenders and
merchant cash advance providers are Type C FIs because they generally
have more automated systems and originate more loans. The Bureau
assumes that the remaining nondepository institutions are Type B FIs.
The Bureau assumes that each nondepository receives the same number of
applications as the representative institution for each type, as
described above. Hence, the Bureau assumes that online lenders and
merchant cash advance providers each receive 6,000 applications per
year and all other nondepository institutions receive 400 applications
per year. As explained above, the Bureau also assumes that all
nondepository institutions have the same one-time costs.
F. Potential Benefits and Costs to Covered Financial Institutions and
Small Businesses
The benefits of the final rule to covered financial institutions
and small businesses described in this section are largely the same as
the benefits discussed in the NPRM. The discussions have been updated
to reflect policy differences between the NPRM and final rule.
1. Benefits to Small Businesses
The final rule will benefit small businesses by collecting data
that further the two statutory purposes of section 1071. Those purposes
are to facilitate the enforcement of fair lending laws and enable
communities, governmental entities, and creditors to identify business
and community development needs and opportunities of women-owned,
minority-owned, and small businesses. Some of the benefits to small
businesses discussed below stem from the public release of the data
collected under the rule. As discussed in more detail in part VIII.B.1,
the Bureau intends to exercise its discretion under ECOA section
704B(e)(4) to delete or modify data collected under section 1071 which
are or will be available to the public where it determines that such
deletion or modification appropriately protects privacy interests. The
discussion below considers the benefits of releasing unmodified data,
but the Bureau acknowledges that the benefits derived from public
disclosure may be lower if modifications or deletions are made.
Data collected and reported under the final rule will be the
largest and most comprehensive dataset in the United States on credit
availability for small businesses. These data will provide important
insight into lending patterns in the small business lending market.
Visibility into those patterns should provide important benefits for
facilitating fair lending enforcement and enabling identification of
community development needs and opportunities.
[[Page 35504]]
The data could lead to a more efficient use of government resources
in enforcing fair lending laws through more efficient prioritization of
fair lending examinations and investigations. The public nature of the
dataset will allow for members of the public to review the dataset
(subject to modification and deletion decisions by the Bureau) for
possible violations of antidiscrimination statutes. The increased
transparency will benefit women-owned, minority-owned, and LGBTQI+-
owned small businesses directly, in the form of remediation in the
event that lenders ultimately are found to have violated fair lending
laws, and indirectly, with increased access to credit resulting from
the increased transparency as to the lending practices of financial
institutions.
Important to the fair lending benefit of the small business lending
dataset is the action taken data point. Existing datasets that collect
transaction-level data only contain data on originated small business
loans. Application-level data, including the action taken data point,
will allow users to construct approval or denial rates, for example,
for particular financial institutions. Such analyses could indicate
whether, for example, women-owned, minority-owned, or LGBTQI+-owned
small businesses are being discouraged or denied credit at higher rates
than other small businesses, which would warrant further exploration.
Also important are several data fields on the pricing of covered
credit transactions that are originated or approved but not accepted.
Data users will be able to examine, for example, whether women-owned,
minority-owned, or LGBTQI+-owned small businesses are charged higher
interest rates, or face higher origination charges or initial annual
charges than similarly situated businesses that are not women-owned,
minority-owned, or LGBTQI+-owned. The final rule also requires
information on prepayment penalties, which can be an important aspect
of the total costs of credit for small business owners.\946\ Users will
be able to examine whether women-owned, minority-owned, or LGBTQI+-
owned small businesses are more likely to face prepayment penalties on
extended credit.
---------------------------------------------------------------------------
\946\ California, for example, to include prepayment policies as
a required component of pricing disclosures in commercial financing
(see Cal. S.B. 1235 (Sept. 30, 2018), https://leginfo.legislature.ca.gov/faces/billTextClient.xhtml?bill_id=201720180SB1235).
---------------------------------------------------------------------------
Several data points included in the final rule will contribute to
more accurate fair lending analyses by allowing users to compare credit
products with similar characteristics. For example, differences in the
risk of extending credit likely lead to differences in approval rates
and prices for covered credit transactions based on credit amount
applied for and approved, all three aspects of credit type (type of
credit product, types of guarantees, and loan term), and credit
purpose. Many creditors also consider characteristics about the small
business, such as industry, gross annual revenue, or time in business,
during their underwriting or pricing processes. Supply and demand for
small business credit also varies over time and by location, so the
inclusion of census tract, application date, and action taken date
could lead to more accurate analyses. More accurate screening for fair
lending risk will, for example, reduce the false positive rate observed
during fair lending prioritization and increase the efficiency of fair
lending reviews.
Communities may use these data to identify gaps in access to credit
for small businesses. Identifying those gaps can fuel community
development, in partnership with creditors and governmental entities
through the development of targeted lending programs, loan funds, small
business incubators, and other community-driven initiatives to support
small businesses.
Creditors will likely use the data to understand small business
lending market conditions more effectively and at a more granular level
than is possible with existing data sources, such as Call Reports, data
from public lending programs, or privately purchased data. Data
collected under the final rule, combined with the institution's
existing information on the small business lending market, can help
creditors identify potentially profitable opportunities to extend
credit. For example, creditors will be able to use census tract
information to find areas of high credit demand into which they could
consider expanding and other business opportunities for the creditor.
Governmental entities will likely use the data to develop solutions
that achieve policy objectives. For example, loan guarantees provided
by the SBA's 7(a) and 504 programs are designed to increase the
availability of business credit for businesses that otherwise have
difficulty accessing credit. Governmental entities will be able to use
the comprehensive data on applications for covered credit transactions
collected under the final rule to identify additional opportunities to
create new--or tailor existing--programs to advance their small
business lending policy objectives. Additionally, the data could help
facilitate emergency governmental interventions such as disaster
relief.
The data collected under the final rule will be the most extensive
data on credit access for women-owned, minority-owned, and LGBTQI+-
owned small businesses, and such information will help various data
users in understanding the needs and opportunities of such businesses.
For example, governmental entities often create programs, such as those
that reserve government contracts or those that provide grants, that
specifically target women-owned and minority-owned businesses.
Governmental entities could use data collected under the final rule to
alter existing programs or create new ones to meet the needs of these
business owners. Private lenders could also use the data to find
untapped markets of credit demand from women-owned, minority-owned, and
LGBTQI+-owned small businesses.
As one of the premier data sources on the small business credit
market, data collected under the final rule will also facilitate
rigorous research by academics and advocates. HMDA data, which are
similar in many ways to the data that will be collected under the final
rule, have been analyzed in many scholarly publications. The data
collected under section 1071 will provide public- and private-sector
academics and other researchers a clearer window into potential
discrimination in the small business credit market, as well as a better
understanding of small business credit market trends and dynamics. As
in the case of HMDA, data collected under the final rule will be more
broadly used to understand how business owners make borrowing
decisions, respond to higher prices, and respond to risk.\947\
---------------------------------------------------------------------------
\947\ For examples of how HMDA data has facilitated research on
the mortgage market, see, e.g., CFPB, Data Point: Asian American and
Pacific Islanders in the Mortgage Market (July 2021), https://files.consumerfinance.gov/f/documents/cfpb_aapi-mortgage-market_report_2021-07.pdf; CFPB, Manufactured Housing Finance: New
Insights from the Home Mortgage Disclosure Act Data (May 2021),
https://files.consumerfinance.gov/f/documents/cfpb_manufactured-housing-finance-new-insights-hmda_report_2021-05.pdf; Neil Bhutta &
Benjamin J. Keys, Moral Hazard during the Housing Boom: Evidence
from Private Mortgage Insurance, 35(2) Review of Fin. Studies
(2021), https://academic.oup.com/rfs/advance-article/doi/10.1093/rfs/hhab060/6279755; Sumit Agarwal et al., The Effectiveness of
Mandatory Mortgage Counseling: Can One Dissuade Borrowers from
Choosing Risky Mortgages? (Nat'l Bureau of Econ. Research, Working
Paper No. 19920, 2014), https://www.nber.org/system/files/working_papers/w19920/w19920.pdf; Alexei Alexandrov & Sergei
Koulayev, No Shopping in the U.S. Mortgage Market: Direct and
Strategic Effects of Providing Information (CFPB, Off. of Research
Working Paper No. 2017-01, 2018), https://papers.ssrn.com/sol3/papers.cfm?abstract_id=2948491.
---------------------------------------------------------------------------
[[Page 35505]]
The final rule's data points will provide the above benefits in
several ways. For example, the action taken and pricing information
data points will allow various entities to monitor the tightness of the
small business credit market and identify areas where there are high
denial rates for small business credit or where it is provided only at
high cost, especially to women-owned, minority-owned, or LGBTQI+-owned
small businesses. Conversely, the data may also be used to identify
areas of business opportunity for creditors or help assess the
characteristics of successful business lending. Data on census tract,
NAICS code, gross annual revenue, and number of workers will provide
insight into the availability of small business credit by geography,
industry, and business size. Credit type and credit purpose will
provide more information on how women-owned, minority-owned, and
LGBTQI+-owned small businesses use credit and whether their use differs
from that of other small businesses. Time in business information will
allow data users to understand the credit needs of young small
businesses, and specifically young women-owned, minority-owned, and
LGBTQI+-owned small businesses. Recent research has shown that women-
owned and minority-owned businesses face different financing challenges
early in the business lifecycle than other firms, primarily driven by
less access to external financing.\948\
---------------------------------------------------------------------------
\948\ See, e.g., JPMorgan Chase & Co. Inst., Small business
ownership and liquid wealth (Mar. 2021), https://www.jpmorganchase.com/institute/research/small-business/small-business-ownership-and-liquid-wealth-report.
---------------------------------------------------------------------------
As creditors, communities, and governmental entities use these data
to identify business opportunities, gaps in existing supports and
capital access for small businesses, and more targeted policy
interventions to support small businesses, small businesses will
benefit from increased access to credit. Small businesses will also
benefit from credit offerings more closely tailored to their needs as
the data are used by creditors and others to develop more targeted
credit products.
As described above, the Bureau believes that setting a threshold
for coverage at 100 originated loans in each of the preceding two
calendar years provides substantial coverage of the small business
credit market. While the Bureau could theoretically have collected even
more data pursuant to the final rule if it retained the 25-loan
threshold proposed in the NPRM, the Bureau is not adopting this
threshold in order to ensure that financial institutions with the
lowest volume of small business lending experience no pressure to
reduce their small business lending activity in order to avoid the
fixed costs of coming into compliance with this final rule. While some
commenters expressed concern that institutions with a low volume of
small business lending might reduce their lending in order to stay
under the threshold, the Bureau cannot quantify this risk, particularly
given the paucity of data on small business lending.
Comments on the Bureau's estimation of the benefits to small
businesses. The Bureau sought comment on its analysis of potential
benefits to small businesses as set forth in the NPRM. Many community
groups and several business owners agreed that the rule would support
fair lending. A small business, a CDFI lender, and some community
groups said collecting data will improve visibility and understanding
of small businesses, particularly those that are minority- and women-
owned. The CDFI lender and a joint letter from community groups,
community oriented lenders, and business advocacy groups stated that
the data from this rule could be used to identify which products and
business models best meet the needs of underserved entrepreneurs. One
commenter pointed to agricultural products as a particular sector that
would benefit from increased transparency afforded by the rule,
particularly regarding the status of minority- and women-owned small
businesses. Two community groups and a business advocacy group pointed
to how data collected on ethnicity and race under HMDA preceded an
increase in lending to minority borrowers, suggesting that a similar
pattern may emerge in the small business lending market after the rule
goes into effect. Similarly, a few commenters pointed to how data from
the Paycheck Protection Program and studies and surveys surrounding the
program allowed researchers, regulators, financial institutions, and
others to identify disparate lending patterns on the basis of ethnicity
and race.
An individual commenter said collecting the data will help improve
the collective understanding of small business lending and its
interaction with regulations, and noted that other countries, such as
Norway, already collect small business lending data on a Federal level.
An individual commenter and two community groups suggested that the
data could reveal patterns of disparities that are already well-known
through lived experiences within their respective communities,
particularly Black communities and farming and agricultural
communities. A joint letter from community and business advocacy groups
pointed to how disaggregation of those identified as Asian has revealed
wide variances in income and lending patterns within these diverse
communities in the mortgage lending market, suggesting similar
disaggregation of race data in the final rule would improve the
understanding of these diverse communities in the small business
lending market.
A few commenters noted potential positive spillover effects of the
rule. One community group noted positive interaction effects between
fair lending to small businesses and fair housing, as more people might
purchase housing close to where local businesses flourish. An
individual and a joint letter from community and business advocacy
groups noted that investing in small businesses, particularly in
historically underfunded neighborhoods, could provide pathways to
economic opportunities for members of marginalized groups and even
alleviate wealth gaps based on ethnicity and race. Another commenter
similarly noted that the growth of small businesses could reduce
unemployment, housing insecurity, and poverty in the surrounding
community.
Finally, a few minority small business owners predicted that they
would benefit if the rule improved fair lending. These commenters
identified the disadvantages minority-owned small businesses face when
fair lending is not enforced, including business closure. One of these
commenters, along with some community groups, pointed to studies that
suggested fair access to credit, such as loan modifications, during the
pandemic could have prevented the closure of minority-owned firms,
added millions in revenue to the U.S. economy, and created millions of
jobs.
A number of commenters described ways in which the final rule would
provide benefits consistent with the statutory purposes of section
1071, including the establishment of a comprehensive dataset of small
business lending, and the collection of detailed data points that will
allow for more accurate analyses of underwriting and pricing patterns.
These data, in turn, will permit for better understanding of the supply
and demand of credit, and financial institutions' treatment of small
business applicants and borrowers, including those that are owned by
women and minorities. Commenters corroborated other benefits identified
by the Bureau, such as positive spillover effects to fair housing and
the local
[[Page 35506]]
economy surrounding small businesses. Data from the final rule will
help researchers (including, but not limited to, those in the
government, private sector, and academia) observe and quantify these
benefits, just as researchers have used data from HMDA and the Paycheck
Protection Program to identify areas of potential fair lending risk.
On the other hand, many financial institutions and trade
associations disagreed with the Bureau's assessment of potential
benefits to small businesses. First, several commenters asserted there
would be minimal or even no benefit. One bank said there would be no
benefit at all. Two banks said there will be ``minimal'' benefit to
their clients, to their communities, and to themselves.
Second, other commenters asserted the Bureau overestimated
benefits. One bank said the usefulness of standardized data is undercut
by the fact that small business lending by small lenders is highly
specialized. Two trade associations specified this could be problematic
because standardized data ``could result in small business borrowers
appearing to be similarly situated, when, in fact, the unique
attributes of each borrower would result in different loan pricing by
the bank.''
Third, several commenters asserted any benefits would be outweighed
by costs, i.e., that there would be little benefit relative to costs.
Other comments asserted the Bureau failed to adequately consider the
potential benefits and costs to ``consumers'' and ``covered persons''
as required by section 1022(b)(2)(A) of the Dodd-Frank Act. While some
of these arguments are discussed in detail in following sections
regarding costs, we present some of the arguments here as well. Two
community banks and a trade association said costs would outweigh
benefits for community banks and small lenders in particular. Another
trade association stated data points adopted pursuant to ECOA section
704B(e)(2)(H) in particular will only provide ``minimal'' benefits
compared to the cost of collecting the data. Along a similar line of
reasoning, three trade associations said the rule would harm the
institutions that the rule is designed to benefit. Of these, two
asserted that the small, women-owned, and minority-owned businesses the
rule is designed to benefit in particular would be harmed.
As detailed above, the Bureau believes that the final rule will
have benefits consistent with its two statutory purposes. The data
collected under the final rule will be the most extensive data on
credit access for women-owned, minority-owned, and LGBTQI+-owned small
businesses, and such information will facilitate the enforcement of
fair lending laws and help identify business and community development
needs.
With respect to comments that asserted the Bureau overestimated the
benefits of the rule, the Bureau acknowledges in part IX.C the
difficulty of precisely estimating the benefits of the data collection
but also details how it estimates the benefits to small businesses
using the best information available. With respect to commenters who
described how data collected under the final rule would not have all
relevant information about a credit application, the Bureau
acknowledges this limitation in part IX.C above, but also describes, in
part IX.F, how the data will provide significant benefits consistent
with the statutory purposes of the rule despite these limitations.
With respect to comments that the costs would outweigh any benefits
or that the Bureau did not adequately fulfill the requirements of
section 1022(b)(2)(A) of the Dodd-Frank Act, in part IX.E, the Bureau
details its methodology for estimating benefits and costs and, in part
IX.F, details its estimates of benefits and costs, incorporating
feedback from comments on the proposed rule. In doing so the Bureau
fulfills its requirement to consider the potential benefits and costs
to ``consumers'' and ``covered persons'' as required by section
1022(b)(2)(A) of the Dodd-Frank Act.
2. Benefits to Covered Financial Institutions
The final rule will provide some benefits to some covered financial
institutions--i.e., the financial institutions that will be required to
collect and report 1071 data on small business applications for credit.
The first is some reduction of the compliance burden of fair lending
reviews for lower risk financial institutions, by reducing the ``false
positive'' rates during fair lending review prioritization by
regulators. Currently, financial institutions are subject to fair
lending reviews by regulators to ensure that they are complying with
ECOA in their small business lending. Data reported under the rule will
allow regulators to prioritize fair lending reviews of financial
institutions with higher risk of fair lending violations, which reduces
the burden on institutions with lower fair lending risk. Covered
financial institutions will also be able to use the data to monitor,
identify, and address their own fair lending risks and thereby reduce
the potential liability from enforcement actions and adverse exam
findings requiring remedial action.
The rule's data collection will also provide an unprecedented
window into the small business lending market, and such transparency
may benefit financial institutions. Comprehensive information on small
business credit applications and originations are currently
unavailable. The data made public pursuant to this rule will allow
financial institutions to better understand the demand for small
business credit products and the conditions under which they are being
supplied by other covered financial institutions.
Comments on the Bureau's estimation of the benefits to covered
financial institutions. The Bureau sought comment on its analysis of
potential benefits to covered financial institutions as set forth in
the NPRM. A broad range of commenters, including lenders, community
groups, small business owners, business advocacy groups, and others,
asserted that the final rule will provide an unprecedented window into
the small business lending market and thereby facilitate fair lending
enforcement.
However, several industry commenters suggested that the Bureau
overstated the benefits of the data collection to financial
institutions. To reiterate some of the comments in the previous
section, a trade association stated that they do not believe the
Bureau's rule to implement section 1071 would provide ``any significant
benefit'' to financial institutions. Two banks said there will be
``minimal'' benefit to their clients, to their communities, and to
themselves. Another trade association noted that lenders are likely
already highly aware of the market in which they lend, especially
considering that small business loans often require a relatively high
degree of customization. Several industry commenters said the
usefulness of standardized data is undercut by the fact that small
business lending by small lenders is highly specialized to accommodate
the highly individualized nature of each business.
The Bureau describes in detail above the potential benefits to
financial institutions. The Bureau acknowledges that many lenders may
have a high awareness of the local markets in which they lend but
believes that the data will still shed light on additional information
about areas where lenders do not currently operate and may also shed
light on currently underserved markets within the areas lenders
currently operate. Comprehensive, application-level data on small
business lending will provide financial
[[Page 35507]]
institutions better understand their local markets as well as
information about markets which they do not currently serve.
3. Costs to Covered Financial Institutions
i. One-Time Costs to Covered Financial Institutions
Using the methodology described in part IX.E.1 above, Table 11
shows the estimated total expected one-time costs of the final rule for
the first eight cost categories for financial institutions covered by
the final rule as well as a breakdown by the eight component categories
that comprise the one-time costs for Type A DIs, Type B DIs, Type C
DIs, and Non-DIs.\949\ The final cost category, hiring costs, is
discussed later in this section. The Bureau notes that the estimated
costs presented in Table 11 differ slightly from the estimated costs
presented in the NPRM. This difference comes only from the update in
wages between the two calculations due to a release of new data.
---------------------------------------------------------------------------
\949\ The estimated one-time costs by cost category for each FI
type is the sum of the wages multiplied by the estimated staff hours
plus the non-salary expenses. For example, the Bureau expects that
for preparation and planning for the final rule, on average, a Type
A DI will pay senior staff $95.10 x 38 hours (= $3,613.80), mid-
level staff $55.40 x 43 hours (= $2,382.20), and junior staff $22.37
x 21 hours (= $469.77). The total estimated cost is $6,465.77,
rounded to $6,500, because Type A DI is not expected to pay non-
salary expenses for preparation and planning.
---------------------------------------------------------------------------
Table 12 shows the estimated number of junior, mid-level, and
senior staff hours and non-salary expenses for each component activity
for Type A DIs. Tables 13 through 15 show the same estimates for Type B
DIs, Type C DIs and Non-DIs respectively. As discussed above, the
Bureau estimates all one-time costs to covered financial institutions
using the One-Time Cost Survey results.
Table 11--Estimated One-Time Costs by Cost Category and FI Type
----------------------------------------------------------------------------------------------------------------
Category Type A DI Type B DI Type C DI Non-DI
----------------------------------------------------------------------------------------------------------------
Preparation/planning............................ $6,500 $7,400 $20,500 $13,900
Updating computer systems....................... 17,000 17,400 6,900 57,300
Testing/validating systems...................... 11,100 3,200 11,400 7,600
Developing forms/applications................... 4,300 3,200 4,600 4,400
Training staff and third parties................ 3,500 3,900 5,300 3,100
Developing policies/procedures.................. 4,200 2,500 3,600 4,300
Legal/compliance review......................... 7,700 3,000 7,300 3,900
Post-implementation review...................... 5,000 4,300 18,000 1,700
---------------------------------------------------------------
Total....................................... 59,400 44,800 77,800 96,400
----------------------------------------------------------------------------------------------------------------
Table 12--Estimated Staff Hours and Non-Salary Expenses by Cost Category for Type A DIs
----------------------------------------------------------------------------------------------------------------
Mid-level Non-salary
Category Senior hours hours Junior hours expenses
----------------------------------------------------------------------------------------------------------------
Preparation/planning............................ 38 43 21 0
Updating computer systems....................... 34 52 41 $10,000
Testing/validating systems...................... 18 52 41 5,600
Developing forms/applications................... 14 34 51 0
Training staff and third parties................ 18 26 16 0
Developing policies/procedures.................. 24 30 11 0
Legal/compliance review......................... 28 26 15 3,300
Post-implementation review...................... 26 38 19 0
---------------------------------------------------------------
Total....................................... 200 301 215 18,900
----------------------------------------------------------------------------------------------------------------
Table 13--Estimated Staff Hours and Non-Salary Expenses by Cost Category for Type B DIs
----------------------------------------------------------------------------------------------------------------
Mid-level Non-salary
Category Senior hours hours Junior hours expenses
----------------------------------------------------------------------------------------------------------------
Preparation/planning............................ 50 35 21 $200
Updating computer systems....................... 25 20 12 13,600
Testing/validating systems...................... 18 19 12 100
Developing forms/applications................... 21 14 7 200
Training staff and third parties................ 23 29 20 400
Developing policies/procedures.................. 16 13 7 100
Legal/compliance review......................... 14 16 5 700
Post-implementation review...................... 15 22 27 1,100
---------------------------------------------------------------
Total....................................... 182 168 111 16,400
----------------------------------------------------------------------------------------------------------------
Table 14--Estimated Staff Hours and Non-Salary Expenses by Cost Category for Type C DIs
----------------------------------------------------------------------------------------------------------------
Mid-level Non-salary
Category Senior hours hours Junior hours expenses
----------------------------------------------------------------------------------------------------------------
Preparation/planning............................ 92 190 37 $500
Updating computer systems....................... 6 46 35 3,000
[[Page 35508]]
Testing/validating systems...................... 34 110 50 1,000
Developing forms/applications................... 13 46 34 100
Training staff and third parties................ 11 61 36 100
Developing policies/procedures.................. 14 30 14 300
Legal/compliance review......................... 9 56 44 2,300
Post-implementation review...................... 3 246 103 1,800
---------------------------------------------------------------
Total....................................... 182 785 353 9,100
----------------------------------------------------------------------------------------------------------------
Table 15--Estimated Staff Hours and Non-Salary Expenses by Cost Category for Non-DIs
----------------------------------------------------------------------------------------------------------------
Mid-level Non-salary
Category Senior hours hours Junior hours expenses
----------------------------------------------------------------------------------------------------------------
Preparation/planning............................ 38 47 29 $7,100
Updating computer systems....................... 27 147 39 45,700
Testing/validating systems...................... 26 24 39 2,900
Developing forms/applications................... 30 15 19 300
Training staff and third parties................ 14 18 17 400
Developing policies/procedures.................. 32 15 14 200
Legal/compliance review......................... 26 18 11 200
Post-implementation review...................... 16 2 1 100
---------------------------------------------------------------
Total....................................... 209 286 169 56,900
----------------------------------------------------------------------------------------------------------------
The Bureau estimates that updating computer systems will be the
biggest driver of one-time costs for Type A DIs, Type B DIs, and Non-
DIs. Type A DIs and Type B DIs are expected to spend similar amounts on
updating computer systems, but Type A DIs would rely somewhat more on
staff.
The Bureau expects that Non-DIs will have the highest one-time
costs and the highest costs to update computer systems. To update
computer systems, Non-DIs will rely on mid-level staff and third-party
vendors. Non-DIs will also spend relatively more on preparation and
planning than Type A DIs or Type B DIs. These estimates are consistent
with the expectation that Non-DIs will incur higher costs because they
are less likely to already report data to regulators.
The Bureau estimates that the biggest drivers of one-time costs for
Type C DIs will be preparation and planning and post-implementation
review. These depository institutions will generally rely on mid-level
staff to implement the required one-time changes and, in particular,
will rely on mid-level staff for these two key activities. The Bureau
estimates that Type C DIs will spend the most of all financial
institution types on staff hours to implement one-time changes and the
least on non-salary expenses.
The Bureau estimates that one-time costs will be higher for Type A
DIs than for Type B DIs. These two types of depository institutions
have similar estimated costs for most activities, but Type A DIs are
expected to spend more on testing/validating systems and legal/
compliance review.
In addition to these one-time costs, the Bureau estimates the one-
time hiring costs for the additional FTEs a financial institution
expects to hire based on the number of applications the institution
expects to receive each year. In the ongoing cost discussion in part
IX.F.3.ii below, the Bureau explains how it estimates the number of
staff hours per application required to comply with the final rule on
an ongoing basis. The Bureau estimates that a Type A FI requires 1.1
hours per application, a Type B FI requires 1.6 hours per application,
and a Type C FI requires 0.83 hours per application.
For the purposes of exposition, the Bureau presents the estimated
number of FTEs for representative financial institutions. For the
market-level estimates, the Bureau estimates the number of staff hours
required based on the estimated number of applications each depository
institution receives.
The representative Type A FI receives 100 applications annually,
requiring 110 hours to comply with the final rule.\950\ Under the
assumptions described in part IX.E.1 above, the representative Type A
FI will need to hire one additional FTE at a one-time cost of $4,425 to
cover the expected annual staff hours required to comply with the rule
on an ongoing basis. This additional staff will also be able to cover
the staff hours required to implement one-time changes because, on
average, a Type A DI will require 716 staff hours for one-time changes
(see Table 12). The Bureau estimates that the representative Type A DI
will incur total one-time costs of $63,825 to implement the final rule.
---------------------------------------------------------------------------
\950\ The Bureau discusses a representative Type A FI that will
not be covered by the final rule to make the final estimates easier
to compare with those in the NPRM and to highlight what the costs of
the rule would have been for a financial institution that is not
covered by the final rule.
---------------------------------------------------------------------------
The representative Type B FI receives 400 applications annually,
requiring 654 hours to comply with the final rule. This FI will need to
hire one additional FTE at a one-time cost of $4,425. This additional
staff will also be able to cover the 461 staff hours, on average,
required to implement one-time changes for a Type B DI. The Bureau
estimates that the representative Type B DI will incur total one-time
costs of $49,225 to implement the final rule.
The representative Type C FI receives 6,000 applications annually,
requiring 5,009 hours to comply with the final rule. This FI will need
to hire 3 additional FTE at a one-time cost of $13,275. This additional
staff will also be able to cover the 1,320 staff hours, on average,
required to implement one-time changes for a Type C DI. The Bureau
estimates that the representative Type C DI will incur total one-time
costs of $91,075 to implement the final rule.
[[Page 35509]]
The Bureau assumes that most nondepository institutions are
primarily Type B and Type C FIs, so the estimated staff hours to cover
ongoing tasks discussed above apply here. For one-time tasks, the
Bureau estimates that a nondepository institution will require about
664 staff hours, on average, to implement one-time changes. One
additional FTE would be sufficient to cover these hours if the
institution reallocates some tasks across staff. The Bureau estimates
that the representative Non-DI will incur total one-time costs of
$100,825 to implement the final rule.
As mentioned above, the Bureau realizes that one-time costs vary by
institution due to many factors, and that this variance exists on a
continuum that is impossible to fully represent. The Bureau focuses on
representative types of financial institutions in order to generate
practical and meaningful estimates of costs. As a result, the Bureau
expects that individual financial institutions will have slightly
different one-time costs than the average estimates presented here.
The One-Time Cost Survey instructed respondents to assume that
covered institutions would be required to report data at the
application level on small business financing that constitutes
``credit'' for purposes of ECOA for the 13 statutorily mandated data
points one time per year, and be responsible for validating the
accuracy of all data. Respondents were further instructed to use their
own institution's internal definition of small business, assume the
Regulation B definition of an application, and assume a reporting
structure similar to that under HMDA. Finally, respondents were
instructed to not include any costs associated with creating a firewall
(that is, shielding applicants' protected demographic information from
certain employees). As such, respondents estimated one-time costs
assuming that the final rule would be different in some ways from what
the Bureau described as the requirements in the survey. One small
entity representative provided feedback during the SBREFA Panel that it
was hard to estimate one-time costs in the survey without knowing all
the details of the rule. The Bureau sought comment on the one-time
costs associated with the additional data points it proposed but did
not receive any information on which to base estimates. The Bureau
expects that accounting for the additional data points would only
increase the one-time cost estimates by a small amount because most of
the one-time costs come from a financial institution moving from not
reporting 1071 data to being required to report such data.
The Bureau estimates that the overall market impact of one-time
costs for depository institutions will be between $147,000,000 and
$159,000,000.\951\ These estimates include between $47,700,000 and
$49,700,000 that depository institutions are estimated to spend on
hiring additional staff.\952\ Using a 7 percent discount rate and a
five-year amortization window, the annualized one-time costs for
depository institutions will be $35,700,000 to $38,600,000. The Bureau
estimates that the overall market impact of one-time costs for
nondepository institutions will be $59,800,000. This estimate includes
the $3,630,000 that nondepository institutions are estimated to spend
on hiring additional staff. Using a 7 percent discount rate and a five-
year amortization window, the annualized one-time costs for
nondepository institutions will be $15,500,000. As a frame of reference
for these market-level one-time cost estimates, the estimated total
non-interest expenses from the FFIEC and NCUA Call Reports for
depository institutions that the Bureau estimates would be covered
under the proposed rule was between $407 billion and $410 billion in
2019.\953\ The upper bound estimate of total one-time costs is
approximately 0.04 percent of the total annual non-interest expenses.
---------------------------------------------------------------------------
\951\ The Bureau notes that the variation in this range comes
primarily from the uncertainty in the number of originations made by
small banks and savings associations. The range does not fully
account for the uncertainty associated with estimates of the one-
time costs for each type of institution.
\952\ The Bureau notes that the estimated hiring costs for the
largest depository institutions may be an upper bound on the
eventual realized costs and may be inflating the total hiring costs
for depository institutions. The Bureau's methodology for estimating
hiring costs implies that financial institutions with the most
applications will need to hire several hundred employees to comply
with the final rule. However, the Bureau anticipates that the
largest institutions will likely save on these costs by automating
some processes instead of hiring staff.
\953\ The Bureau estimates this number by summing non-interest
expenses over DIs that it estimates will be covered by the final
rule.
---------------------------------------------------------------------------
The Bureau estimated that the overall market impact of one-time
costs from the NPRM would have been between $218,000,000 and
$229,000,000 for depository institutions and $94,400,000 for
nondepository institutions. The estimated market impacts for the final
rule are lower than the estimated impacts from the NPRM because, based
on changes made to the thresholds for the coverage of financial
institutions in the final rule, the Bureau estimates that fewer
financial institutions will be covered by the final rule. The estimates
are also different because in the estimates for the final rule, the
Bureau updated wages and included hiring costs.
Comments on the one-time cost estimates of the proposed rulemaking.
In the NPRM, the Bureau sought comment on its analysis of one-time
costs. A few industry commenters expressed the difficulty in estimating
these costs. Several other industry comments provided an overall
estimate of what they believed the overall one-time costs would be for
their institution. These estimates ranged from slightly less than to
considerably higher than the Bureau's estimates from the NPRM. For
example, a bank with about 300 small business originations per year (a
Type B DI in the Bureau's framework) estimated that the one-time
implementation costs would be about $36,000. Another bank commenter
estimated that it would cost well over $100,000 to implement changes.
A few industry commenters provided estimates of the costs
associated with the individual cost categories used by the Bureau to
estimate one-time costs. A few commenters provided estimates of the
costs associated with updating computer systems in terms of staff hours
or software (non-salary) expenses. For example, a State bankers
association conveyed an estimate by a member of $5,000 for 1071 data
submission software. A credit union commented that it anticipates
initial costs of up to $100,000 to reconfigure or replace current
reporting systems. A few other commenters provided estimates for other
categories. For example, one credit union that originates about 150
small business loans per year estimated that staff would require 200
hours of training to prepare for the rule. A bank commented that it
would require 30 to 80 hours to develop policies and procedures.
The Bureau has reviewed these estimates and considered the
information reported by the commenters, together with the existing
evidence provided in the one-time cost survey. The Bureau reiterates
that the costs of implementing the rule are all institution-specific.
As discussed above, the one-time cost estimates should be considered
the average expected costs for an institution based on the complexity
of the institution's operations. In addition, the Bureau expects that
financial institutions will use a variety of methods to prepare for the
rule. Some institutions will update systems using staff, while other
institutions will purchase updates from third-party vendors. For
example, one institution might use 50 staff hours to
[[Page 35510]]
update computer systems and another institution might pay $10,000 for
an updated system. In this case, the Bureau would estimate that, on
average, an institution would use 25 staff hours and $5,000 to update
computer systems. For another example, a group of trade associations
estimated, based on a survey of their members, that it would cost about
$40,000 on average for small institutions to update commercial loan
software. However, they also estimate that only a third of small
institutions would need to update the software. This implies that the
average cost associated with updating computer systems, including
financial institutions that spend $0, is about $13,000, much closer to
the Bureau's non-salary costs of updating computer systems for Type A
DIs of $10,000. Overall, the trade association presented estimates only
moderately higher than the Bureau's, after accounting for DIs that do
not need to update computer systems. The Bureau considers most
estimates provided by commenters as broadly consistent with the
Bureau's one-time cost estimates.
A few industry commenters asserted that the firewall would be very
costly to implement. However, the Bureau believes that, based on
comments made on the firewall provision, it would not be feasible for
many financial institutions to implement the firewall. In that case,
the financial institution would be permitted to determine that one or
more employees or officers should have access to protected demographic
information and provide a notice to applicants informing them that
employees and officers involved in making determinations regarding
their applications may have access to protected demographic
information. As a result, the Bureau has not changed its one-time cost
estimates based on the cost of implementing the firewall.
Many industry commenters specifically stated that the Bureau
underestimated one-time costs. Most of these commenters considered the
training costs as too low and a few others thought that the technology
costs were too low. Some commenters stated that staff would require
multiple follow up training sessions to prepare for implementing the
rule. However, none of the commenters provided specific information on
how much training or technology would cost. The Bureau has not changed
the training or technology cost estimates, preferring to rely on the
evidence provided through the One-Time Cost Survey.
Many industry commenters expressed concern about being unable to
implement the necessary one-time changes in the proposed 18-month
implementation time. Several commenters noted the trial and error
nature of implementing a new regulation and that this process could
take a long time. Several other industry commenters said that third-
party software providers would require significant time to develop new
technology to comply with the proposed rule and financial institutions
would still need to test the technology, conduct due diligence, and
develop policies and procedures. A few others commented that small
financial institutions, and particularly those unfamiliar with Federal
reporting regimes like HMDA, would find it more difficult to implement
one-time changes in time to comply with the proposed 18-month timeline.
On the one-time costs survey, the Bureau did not ask about the time to
make changes to prepare to comply with the eventual rule, nor did it
specify an assumed time-frame. The Bureau interprets the survey
responses as realistic estimates conditional on having enough time to
implement changes. The comments received suggest that most financial
institutions, particularly those that receive relatively fewer small
business credit applications, would not have had enough time to
implement changes in the proposed 18 months. The Bureau expects that
the adoption of tiered compliance dates in the final rule, giving most
lenders 24 or 33 months to comply with the rule, will give most
financial institutions enough time to implement one-time changes in a
manner consistent with the Bureau's estimates.
Several industry commenters asserted that the cost of complying
with the proposed rule for small entities would be relatively higher
than for larger entities. For example, a trade association commented
that smaller banks will not be able to exploit the economies of scale
necessary to mitigate costs. The Bureau has tried to account for some
of these differences by estimating the costs for the different
representative types of institutions. The Bureau in its final rule
increased the reporting activity threshold from the proposed 25 covered
originations in each of the two preceding calendar years to 100 covered
originations in each of the two preceding calendar years. The Bureau
estimates that many small financial institutions will no longer be
required to report 1071 data because of this change in the coverage of
financial institutions in the final rule.
ii. Ongoing Costs to Covered Financial Institutions
Using the methodology described in part IX.E.2 above, Table 16
shows the total expected annual ongoing costs of the final rule as well
as a breakdown by the component 15 activities that comprise the ongoing
costs for Type A FIs, Type B FIs, and Type C FIs. The bottom of the
table shows the total estimated annual section 1071 ongoing compliance
cost for each type of institution, along with the total cost per
application the financial institution processes. To produce the
estimates in Table 16, the Bureau used the calculations described in
Tables 8 and 9 above and the assumptions for each activity in Table 10.
In the following analysis, the Bureau provides examples of these cost
calculations for the largest drivers of ongoing costs.
Compared to the NPRM, these estimated ongoing costs account for
several changes. The first is a change in the assumed compensation for
an hour of employee time, which was discussed in IX.E.2. The second is
the inclusion of an additional data point, the LGBTQI+-owned indicator.
Lastly, the new estimates account for an increased estimate of ongoing
training costs in response to comments received, which is discussed in
more detail in the comment review below. Besides these changes, the
methodology for estimating ongoing costs remains the same as with
respect to the proposed rule, unless explicitly stated otherwise.
Table 16--Estimated Ongoing Costs per Compliance Task and FI Type
----------------------------------------------------------------------------------------------------------------
Number Activity Type A FI Type B FI Type C FI
----------------------------------------------------------------------------------------------------------------
1................................. Transcribing data........... 1,108 2,110 31,657
2................................. Resolving reportability 222 443 665
questions.
3................................. Transfer to 1071 data 1,108 0 0
management software.
4................................. Complete geocoding data..... 139 554 300
5................................. Standard annual edit and 510 11,126 27,972
internal checks.
6................................. Researching questions....... 275 551 826
[[Page 35511]]
7................................. Resolving question responses 0 0 0
8................................. Checking post-submission 7 26 105
edits.
9................................. Filing post-submission 14 14 14
documents.
10................................ 1071 data management 0 8,000 13,650
software/geocoding software.
11................................ Training.................... 1,336 6,681 44,542
12................................ Internal audit.............. 0 443 127,642
13................................ External audit.............. 3,500 5,000 0
14................................ Exam preparation............ 14 4,432 26,592
15................................ Exam assistance............. 116 698 4,654
-----------------------------------------------
Total.................... $8,349 $40,079 $278,618
Per application.......... $83 $100 $46
----------------------------------------------------------------------------------------------------------------
The Bureau estimates that a representative low complexity
institution (i.e., a Type A FI) would incur around $8,349 in total
annual ongoing costs, or about $83 in total cost per application
processed (assuming a representative 100 applications per year). For
financial institutions of this type, the largest driver of ongoing
costs is the fixed cost of the external audit, $3,500. Besides the
audit cost, the largest drivers of the ongoing costs are activities
that require employee time to complete. Activities like transcribing
data, transferring data to the data management software, standard edits
and internal checks, and training all require loan officer time. The
Bureau expects training (activity number 11) to cost approximately
$1,336 annually for six representative loan officers and an equivalent
number of other staff to engage in two hours of training. The Bureau
expects other time-dependent activities to cost around $1,000 each. For
example, the Bureau assumes that Type A FIs will spend around 19 hours
transferring data to 1071 data management software (activity number 3)
based on estimates of the required time to transfer data to HMDA data
management software. At the assumed hourly compensation, our estimate
is around $1,108 for the Type A FI institutions to transfer data. An
assumption of around 18 total hours to conduct standard annual editing
checks (activity number 5) with some savings assumed due to an online
submission platform that automatically checks for errors, results in an
estimated annual ongoing cost of $510.
The Bureau estimates that a representative middle complexity
institution (i.e., a Type B FI), which is somewhat automated, would
incur approximately $40,079 in additional ongoing costs per year, or
around $100 per application (assuming a representative 400 applications
per year). The largest components of this ongoing cost are the expenses
of the small business application management software and geocoding
software (activity number 10) in the form of an annual software
subscription fee, and the external audit of the data (activity number
13). Using interviews of financial institutions conducted to determine
compliance costs with HMDA, the Bureau found mid-range HMDA data
management systems to be approximately $8,000 in annual costs; the
Bureau believes that cost would be comparable in the small business
lending context and thus applies that estimate here. This analysis
assumes that the subscription purchase would be separate from HMDA
management systems, but the development of a software to jointly manage
HMDA and small business lending-related data would likely result in
cost savings for both products. The Bureau also estimates that a Type B
FI would spend around $5,000 on external audits of their small business
loan application data. The Type B FI incurs employee time-related fixed
costs conducting internal checks ($11,126), training ($6,681), and
prepping for examinations ($4,432) but saves time and expense on data
entry and geocoding by using data management software. As an example,
the Bureau expects Type B FIs to have two full-time employees spend 40
hours each to prepare for an examination (activity number 14) resulting
in a cost of $4,432, and have employees spend around 12 hours assisting
with an examination (activity number 15) costing $698 annually.
The Bureau estimates a representative high complexity institution
(i.e., a Type C FI), would incur $278,618 of annual ongoing costs, or
$46 per application (assuming a representative 6,000 applications per
year). The largest driver of costs for a Type C FI is the employee time
required to conduct an internal audit. The assumed 2,304 hours of
employee time results in nearly $127,642 of ongoing costs annually.
Exam preparation, training, and standard annual and internal checks
would be expected to cost $26,592, $44,542, and $26,592 each year,
respectively. The Bureau also assumes that a Type C institution would
need a subscription to a small business data management software near
the upper bound of the range found in interviews with financial
institutions during the 2015 HMDA rulemaking, of $13,650.
The Bureau estimates that the total annual ongoing costs for
depository institutions will be between about $297,000,000 and
$313,000,000 per year, about $190,000,000 to $199,000,000 of which will
be annual variable costs. The Bureau estimates that the total annual
ongoing costs for nondepository institutions would be about
$48,700,000, about $9,900,000 of which would be annual variable costs.
The Bureau estimated that the total annual ongoing costs from the
NPRM would have been between $310,000,000 and $330,000,000 for
depository institutions and $62,300,000 for nondepository institutions.
The estimated total ongoing costs decreased between the proposal and
the final rule because the Bureau raised the financial institution
coverage threshold from 25 to 100 covered originations in each of the
two preceding calendar years. However, the cost estimates per
institution increased because the Bureau, taking into account comments
received on the proposed rule, raised the ongoing costs per application
by changing training costs. These changes almost offset each other
because, while the final rule covers about 2,200 fewer institutions
relative to the proposal due to the change in the financial institution
coverage threshold, these institutions that are no longer covered had
the fewest number of applications, and ongoing costs are commensurate
with the number of applications.
To understand the impacts of these cost estimates on the profits of
[[Page 35512]]
depository institutions, the Bureau estimates the average total net
income across all products per small business origination for all DIs
by type.\954\ There is no comprehensive published source of data on
profits earned on small business credit transactions. The Bureau
presents estimates of total net income per origination as an indication
of a financial institution's ability to cover the additional expenses
associated with the final rule. The Bureau relies on its estimates of
originations for each depository institution, described in part IX.D.
and its Supplemental estimation methodology for institutional coverage
and market-level cost estimates in the small business lending
rulemaking. The Bureau estimates that banks and savings associations of
Type A that will be covered by the final rule have an average net
income per origination between $134,000 and $167,000. Credit unions of
Type A that will be covered by the final rule have an average net
income per origination of $144,000. Assuming two applications per
origination, a covered bank or savings association of Type A has a net
income per application of approximately $67,000 to $83,000 and a
covered credit union of the same type has a net income per application
of about $72,000. The Bureau estimates that covered banks and savings
associations of Type B have an average net income per origination
between $65,000 and $75,000 or a net income per application between
$33,000 and $38,000. The Bureau estimates that covered credit unions of
Type B have an average net income per origination of $229,000 or an
average net income per application of $115,000. The Bureau estimates
that covered banks and savings associations of Type C have a net income
per origination between $252,000 and $278,000, or, assuming three
applications per origination, a net income per application between
$84,000 and $93,000. The Bureau estimates that covered credit unions of
Type C have an average net income per origination of $8,000, and
average net income per application of about $4,000. The Bureau notes
that these estimates are slightly higher than reported in the proposal
due to the higher financial institution coverage threshold in the final
rule.
---------------------------------------------------------------------------
\954\ There are no broadly available data on profit per
application for nondepository institutions. The Bureau uses the
FFIEC Bank and NCUA Credit Union Call Report data from December 31,
2019, accessed on June 25, 2021. The Bureau uses the same internal
estimates of small business loan originations as discussed in part
VI.B above and total net income across all products. For estimates
of net income per origination and per application, the Bureau uses
only net income per origination for depository institutions with
over 25 originations in 2019.
---------------------------------------------------------------------------
With the publicly disclosed data, users would be able to assess
fair lending risks at the institution and market level, furthering
section 1071's fair lending purpose. Several commenters to the Bureau's
2017 request for information expressed concerns, however, about costs
related to these analyses.\955\ During the SBREFA process, some small
entity representatives were concerned that published 1071 data could be
used against financial institutions in class action litigation or to
harm their public reputations.\956\ Depending on the extent of publicly
disclosed data, the Bureau expects that some financial institutions
could incur ongoing costs responding to reports of disparities in their
small business lending practices. Some financial institutions could
also experience reputational risks associated with high profile reports
of existing disparities where more complete analysis of its business
practices would conclude that the disparities do not support a finding
of discrimination on a prohibited basis. In anticipation of needing to
respond to outside analysis and potential reputational risks, it is
possible that some financial institutions may choose to change their
product offerings available to small businesses, underwriting or
pricing practices, or overall participation in the small business
lending market. Several commenters expressed similar concerns that fair
lending analyses on incomplete data could lead to false positives
(i.e., determinations of fair lending violations where none have
occurred), that false positives could lead to reputational risk, and
that lenders could change their lending behavior to avoid the potential
for false positives. These costs associated with reputational risks are
difficult to quantify, and commenters on the proposed rule did not
provide any specific estimates of these costs.
---------------------------------------------------------------------------
\955\ 82 FR 22318 (May 15, 2017).
\956\ For example, one small entity representative was concerned
that published 1071 data could lead to increased litigation and thus
a higher cost of credit for small businesses. Another expressed
concern that pricing information could be misinterpreted by users of
1071 data (for example, according to the small entity
representative, higher pricing for one race might be used to infer
discrimination when the pricing was in fact unrelated to the race of
the applicant). Such a misinterpretation may cause reputational
damage and consequently decrease applications.
---------------------------------------------------------------------------
The Bureau also received feedback that financial institutions could
face potential costs with the publication of a public dataset under the
final rule either because potential clients would be concerned about
their data being collected or because of the additional competitive
pressure brought by a publicly available dataset. The costs associated
with customer privacy, reputational risk to financial institutions, and
additional competitive pressure for financial institutions are
difficult to quantify, and commenters on the proposed rule did not
provide any specific estimates of these costs.
Comments on the ongoing cost estimates of the proposed rulemaking.
Several industry commenters provided estimates of what they believed
the overall ongoing costs would be for their institution. These
estimates ranged from estimates that were quite similar to the Bureau's
estimate for institutions of similar small business credit volume to
estimates that were considerably higher than the Bureau's estimates.
For example, a group of trade associations estimated that institutions
under $500 million in assets, that on average originate 276 small
business loans annually, would incur $145 per origination in ongoing
cost. The Bureau's estimate in the proposal, for institutions of a
similar size was $178 per origination ($89 per application). At the
high end, a lender suggested over $1,000 per origination. The Bureau
has reviewed these estimates and considered the information provided by
the commenters.
The most voluminous category of comments was with respect to future
staffing needs in response to the proposed rule. While not specific to
any individual category of ongoing cost activity, a number of banks,
credit unions, and Farm Credit System lenders, and several trade
associations, described the need to hire additional staff to perform
several of the ongoing cost activities that require staff time. Many
provided estimates of the additional FTEs that the institution would
have to hire to comply with the proposed rule. These estimates ranged
from one additional FTE to up to 10 additional FTEs. A survey of
community banks by a national trade association found that 88 percent
of respondents would need to hire an additional FTE and, on average,
institutions would have to hire 2-3 FTEs. Several commenters asserted
that the hiring of additional staff alone showed that the Bureau's
ongoing cost estimates in the proposal were inadequate.
In the ongoing cost estimates of the Bureau's proposal, the Bureau
calculated the number of hours required to be spent on section 1071-
related tasks, without distinguishing between existing or newly-hired
staff. The Bureau assumes that the time spent on
[[Page 35513]]
section 1071-related tasks necessarily takes time away from otherwise
profitable activity to which the hours would be put in the rule's
absence. Since the Bureau is accounting for time spent in this way, the
Bureau believes that its estimates account for the additional staff
activity required to be spent to collect, check, and report data under
the final rule. For this reason, the Bureau did not change any staffing
time estimates, with the below exceptions.
However, hiring additional FTEs would lead some institutions to
incur one-time costs of hiring, including search and administrative
burden, that they would not have incurred in the absence of the final
rule. The Bureau categorizes this type of cost as a one-time cost,
where the institution staffs up to be able to comply with the final
rule. The Bureau is therefore incorporating the fixed cost of hiring
new staff in the manner described in part IX.E.1.
Several commenters also suggested that the specific ongoing costs
for training staff were too low in the proposal. As described in the
proposal, the Bureau received similar comments during the SBREFA
process, but wished to learn additional information through comments on
the proposed rule to better estimate the cost of training. Several
institutions provided specific annual costs of training employees or
estimates of the overall employee time. Others more generally described
the need to train more staff than just loan officers, but also
administrative and other staff.
The Bureau's ongoing costs estimates only reflected the assumed
training time required to train loan officers that directly handle the
underwriting process. Based on the comments, the estimates in this
final rule reflect a doubling of the number of assumed training hours
required on an annual basis in order to account for the additional
staff that would have to be trained on an annual basis besides simply
the loan officers.
Lastly, the Bureau received several comments specifically about the
ongoing cost of 1071 data management software. In addition to
confirming this as an appropriate category of ongoing cost activity,
several commenters provided specific estimates of the ongoing costs.
One commenter's estimate was similar to the estimates the Bureau
provided in its proposal, while others provided significantly larger
estimates. A survey by a national trade organization found ongoing
software cost estimates that were quite similar to the estimates the
Bureau provided in its proposal for institutions of Types B and C. As
an example, the survey average for institutions similar to Type B
institutions in the Bureau's proposal was around $7,000 per year, while
the Bureau's estimate in the proposal was $8,000. Taking this
information into account, the Bureau has not adjusted its ongoing cost
estimates of the annual cost of 1071 data management or geocoding
software.
4. Costs to Small Businesses
The Bureau expects that any direct costs of the final rule on small
businesses will stem from additional fields that the applicant may have
to complete on credit applications due to the final rule compared to a
financial institution's existing application process. This could
include information such as the race, ethnicity, and sex of the
principal owners or number of workers were not previously required on
business credit applications. However, the Bureau expects the cost of
completing the new section 1071 fields on applications to be
negligible. Therefore, the Bureau focuses the rest of the discussion on
the costs of small businesses to whether and how the Bureau expects
financial institutions to pass on the costs of compliance with the
final rule to small businesses and any possible effects on the
availability of small business credit.
Three types of costs (one-time, fixed ongoing, and variable
ongoing) have the potential to influence the price and availability of
credit to small businesses. In a competitive marketplace, standard
microeconomics suggests that lenders will extend loans up to the point
at which the revenue from granting an additional loan is equal to the
additional cost associated with the financial institution providing the
loan. One-time costs and fixed ongoing costs affect the overall
profitability of a lender's loan portfolio but do not affect the added
profit from extending an additional loan. Variable ongoing costs,
however, affect the profitability of each additional loan and will
influence the number of loans a lender provides. Based on the Bureau's
available evidence, it expects that the variable ongoing costs will be
passed on in full to small business credit applicants in the form of
higher prices or fees and does not expect there to be a significant
reduction in small businesses' ability to access credit.
One-time and fixed ongoing costs affect the overall profitability
of the loan portfolio and will be considered in the lender's decision
to continue supplying small business credit at their current levels.
The Bureau believes that a financial institution would find it
worthwhile to incur the one-time costs associated with complying with
the final rule if it expects to generate enough profit over multiple
years to cover those costs. Each year, a financial institution would
find it worthwhile to continue extending credit if the total expected
revenue from its chosen quantity of loans is greater than the sum of
its ongoing fixed and variable costs. As such, the Bureau believes a
financial institution would find it worthwhile to reduce their supply
of small business credit, even if it had already incurred the one-time
costs, if the total expected revenue from that year were less than the
total expected ongoing costs.\957\ As discussed in detail below, the
Bureau believes that a significant disruption in small business credit
supply is unlikely.
---------------------------------------------------------------------------
\957\ SBREFA Outline at 50-52. The small entity representative
feedback discussed herein can be found in the SBREFA Panel Report at
40.
---------------------------------------------------------------------------
In the One-Time Cost Survey, the Bureau asked respondents to rank a
list of potential actions they may take in response to the compliance
costs of implementing section 1071. Respondents ranked the following
list: ``Raise rates or fees on small business products''; ``Raise
rates/fees on other credit products''; ``Accept lower profits''; ``Exit
some geographic markets''; ``Tighten underwriting standards''; ``Offer
fewer or less complex products''; ``No longer offer small business
credit products''; or ``Other'' with two write-in options. Respondents
ranked these options from ``1'' to ``9'' indicating their most to least
likely responses, where ``1'' was the most likely.
In order to analyze these responses, the Bureau pooled data only
from respondents that answered both the ranking question and the number
of originations question. The Bureau implemented these restrictions to
the pool to eliminate responses from institutions that would not be
required to report under the final rule. Of the 105 total respondents
to the One-Time Cost Survey, 44 ranked every option and reported more
than 25 originations in the last year.\958\ The Bureau will henceforth
refer to these respondents as the ``impacts of implementation'' sample.
---------------------------------------------------------------------------
\958\ The Bureau discusses a representative Type A FI that will
not be covered by the final rule to make the final estimates easier
to compare with those in the NPRM and to highlight what the costs of
the rule would have been for a financial institution that is not
covered by the final rule. The Bureau includes survey respondents
with originations below the origination threshold to ensure a large
enough sample size for analysis.
---------------------------------------------------------------------------
Table 17 presents the potential responses to implementing section
1071 and the average ranking assigned by respondents in the impacts of
implementation sample. The responses
[[Page 35514]]
are listed in order of most to least likely on average, where a lower
average ranking number means that respondents ranked that response most
likely. These ranked responses shed light on potential disruptions to
small business credit supply as a result of the final rule's
implementation. Notably, respondents were least likely to report that
they would reduce their small business lending activity, with
respondents on average indicating that they would be more likely to
accept lower profits than to reduce their small business lending
activity.
Table 17--One-Time Cost Survey Responses to Impacts of Implementation
------------------------------------------------------------------------
Response Average ranking
------------------------------------------------------------------------
Raise rates or fees on small business products....... 1.77
Raise rates/fees on other credit products............ 2.93
Tighten underwriting standards....................... 3.73
Accept lower profits................................. 3.82
Offer fewer or less complex products................. 4.59
Exit some geographic markets......................... 5.75
No longer offer small business credit products....... 6.57
------------------------------------------------------------------------
Consistent with economic theory, respondents reported that they
would be most likely to raise rates or fees on small business products
and other credit products. The Bureau expects that the variable ongoing
costs would be passed on in full to small business credit applicants in
the form of higher prices or fees. Per application, the variable costs
are approximately $32, $26, and $7.5 for Type A FIs, Type B FIs, and
Type C FIs, respectively. Even if the variable costs were passed on in
full to small business applicants in the form of higher interest rates
or fees associated with a loan or line of credit, the Bureau expects
that this would comprise a small portion of the total cost of the
average loan to the small business applicant. Therefore, the Bureau
expects this increase in cost to have limited impact on the
availability or affordability of small business credit. The Bureau
estimates that the total market impact of these costs for small
businesses will be between $200,000,000 and $208,000,000.
The relative ranking of other survey response options provides
additional insight into the potential for small business credit supply
disruptions. In Table 17, financial institutions ranked ``tighten[ing]
credit standards,'' on average, in the middle of their potential
responses. The lowest three responses were ``offer fewer or less
complex products,'' ``exit some geographic markets,'' and ``no longer
offer small business credit products.'' For these reasons, the Bureau
believes the survey responses indicate limited likelihood of
significant small business credit supply disruptions.
The Bureau's total estimated one-time and ongoing costs are non-
negligible and could potentially affect the supply of small business
credit by financial institutions that do not regularly originate many
covered credit transactions. The Bureau's final institutional coverage
threshold of 100 covered credit transactions in two consecutive years
could prevent some low-volume financial institutions from reducing
small business lending activity in response to the compliance costs of
the final rule. For example, the Bureau estimates that a Type A DI
would incur one-time costs of $63,825 and fixed ongoing costs of
$5,195. A depository institution that originates very few covered
transactions every year may reduce its small business lending activity
if it does not expect that profits, even over several years, would
cover that one-time cost or if it does not expect annual revenues to
exceed the annual ongoing costs. However, based on the net income per
application estimates discussed above, and the responses to the One-
Time Cost Survey, the Bureau believes that institutions that are
covered under the final rule are unlikely to find either the one-time
costs of implementation or the ongoing costs of compliance a meaningful
influence in their business decision regarding small business lending
activity. It is possible that some lenders just above the coverage
threshold might reduce their small business lending to below the
threshold to avoid reporting but, even if this does occur, the Bureau
does not anticipate that this will significantly decrease aggregate
credit supply. Furthermore, the Bureau's findings from the respondents
to the One-Time Cost Survey (discussed above) additionally support the
Bureau's conclusion that the increase in compliance costs will likely
be passed through to customers in the form of higher prices or fees,
rather than a significant reduction in financial institutions'
willingness to supply small business credit.\959\
---------------------------------------------------------------------------
\959\ As stated in the SBREFA Panel Report at 40, ``[g]enerally,
[small entity representatives] did not suggest that they would leave
the small business lending market in response to increased costs
under the eventual 1071 rule.''
---------------------------------------------------------------------------
If the Bureau were to release the data in unmodified form, the
Bureau acknowledges there would be an ongoing risk of re-
identification, which may bring with it reputational risk for covered
financial institutions and more significant privacy risks for small
business applicants and related natural persons. Examples of such
scenarios and their potential risks are detailed in part VIII.B.4.ii.
See part VIII generally for more about how the Bureau's modification
and deletion decisions will mitigate these risks.
Comments on the Bureau's estimation of the costs to small
businesses. The Bureau sought comment on other potential costs to small
businesses not discussed above, and on its analysis of costs to small
businesses as described herein. Several trade associations conducted
their own surveys, which largely provided support for the Bureau's
estimations, specifically that price increases would be the most likely
response, and showed limited support for significant market exit.
A number of commenters, mainly lenders and trade associations,
described how they expected costs would be passed on to borrowers,
namely through higher interest rates or fees, though one lender said
they would not raise fees or restrict access to credit. Two trade
associations asserted the price of motor vehicles could increase
because of the rule's effect on automobile financing. Several industry
commenters who cited potential price increases also noted they might
have to reduce their overall volume of small business lending. Others
who cited potential price increases noted they might reduce the number
of product offerings, such as small dollar lending products or
insurance premium financing transactions.
Consistent with results from the Bureau's One-Time Cost Survey,
comments also provided little evidence to indicate that lenders would
exit the
[[Page 35515]]
small business credit market. While some lenders and trade associations
cited business exit as a potential consequence, only one lender stated
they themselves might consider exiting. A group of trade associations
noted that in the survey it administered to its own members, there
seemed to be little evidence that any of its own members would exit. A
few lenders and trade associations asserted that some smaller lenders
could exit the market due to increased regulatory burdens and costs. A
group of trade associations asserted lenders could even close
altogether or merge with other institutions.
One bank estimated how much of its portfolio would be affected by
compliance costs; if it were to stop offering loans of less than
$50,000 because it decided they were no longer profitable, it would
lose up to 59 percent of its agricultural and commercial customers, or
13 percent of its total lending volume. If the bank were to stop
offering loans of less than $10,000, it would lose 20 percent of its
agricultural and commercial loans, or 1 percent of its total lending
volume. The bank observed that because the percentage of customers
affected would be greater than the percentage of lending volume
affected, these estimates show that borrowers of small loan amounts
would be negatively impacted by the rule.
A few lenders noted that, other than price increases, decreased
competition from market exit could impact small businesses, namely a
lower degree of customization in loan processing and underwriting.
Several industry commenters claimed that processing times will increase
because of the collection of data fields required by the rule but not
otherwise collected in the normal course of business.
The Bureau believes that the comments generally supported the
Bureau's expectation that the most likely response to the compliance
costs of the final rule will be an increase in interest rates or fees
to pass on financial institutions' ongoing variable costs to small
business credit applicants. While the Bureau acknowledges the potential
for other effects, such as changes in product offerings, changes in
loan sizes, increased processing time, tightening of credit standards,
or a reduction in market participation by financial institutions, the
Bureau does not expect these effects to be large enough to
significantly impact the availability of small business credit.
Additionally, the Bureau expects that its increased coverage threshold
of one hundred loans for each of the two preceding years should reduce
the likelihood of reduced small business credit supply by financial
institutions who originate few loans per year.
5. Alternatives Considered
This section discusses two categories of alternatives considered:
other methods for defining a covered financial institution and limiting
the data points to those mandated by section 1071. The Bureau uses the
methodologies discussed in parts IX.D and IX.E to estimate the impacts
of these alternatives.
First, the Bureau considered multiple reporting thresholds for
purposes of defining a covered financial institution. In particular,
the Bureau considered whether to exempt financial institutions with
fewer than 25, 50, 200, or 500 originations in each of the two
preceding calendar years instead of 100 originations, as finalized in
the rule. The Bureau also considered whether to exempt depository
institutions with assets under $100 million or $200 million from
section 1071's data collection and reporting requirements.
Under a 25-origination threshold, which was proposed in the NPRM,
the Bureau estimates that about 4,000 to 4,200 depository institutions
would report, which is approximately 2,200 more depository institutions
relative to the final threshold of 100 originations. The Bureau
estimates that about 3,600 to 3,800 banks and savings associations and
about 400 credit unions would be covered under a 25-origination
threshold. The Bureau estimates that about 98 percent of small business
loans originated by depository institutions would be covered under a
25-origination threshold, an increase of about 4 percentage points
relative to the final rule. The Bureau does not have sufficient
information to precisely estimate how many more nondepository
institutions would report under this alternative threshold. The Bureau
estimates that the total one-time costs across all financial
institutions associated with a 25-origination threshold would be about
$338,000,000 to $350,000,000, an increase of about $132,000,000
relative to the 100-origination threshold. The Bureau estimates that
the total annual ongoing costs associated with the 25-origination
threshold would be about $392,000,000 to $413,000,000, an increase of
between $47,000,000 and $52,000,000 per year relative to the 100-
origination threshold.
Under a 50-origination threshold, the Bureau estimates that about
2,900 to 3,100 depository institutions would report, which is
approximately 1,100 more depository institutions relative to the final
threshold of 100 originations. The Bureau estimates that about 2,700 to
2,900 banks and savings associations and about 200 credit unions would
be covered under a 50-origination threshold. The Bureau estimates that
about 97 percent of small business loans originated by depository
institutions would be covered under a 50-origination threshold, an
increase of about 3 percentage points relative to the final rule. The
Bureau estimates that the total one-time costs across all financial
institutions associated with a 50-origination threshold would be about
$272,000,000 to $285,000,000, an increase of about $66,000,000 relative
to the 100-origination threshold. The Bureau estimates that the total
annual ongoing costs associated with this threshold would be about
$373,000,000 to $393,000,000, an increase of about $28,000,000 to
$32,000,000 per year relative to the 100-origination threshold. Again,
the Bureau does not have sufficient information to precisely estimate
how many more nondepository institutions would be required to report
under this alternative.
Under a 200-origination threshold, the Bureau estimates that about
1,000 to 1,100 depository institutions would report, which is
approximately 800 fewer depository institutions relative to the final
threshold of 100 originations. The Bureau estimates that about 900 to
1,100 banks and savings associations and fewer than 100 credit unions
would be covered under a 200-origination threshold. The Bureau
estimates that about 91 percent of small business loans originated by
depository institutions would be covered under a 200-origination
threshold, a decrease of about 3 to 4 percentage points relative to the
final rule. The Bureau estimates that the total one-time costs across
all financial institutions associated with a 200-origination threshold
would be about $159,000,000 to $167,000,000, a decrease of about
$47,000,000 to $51,000,000 relative to the 100-origination threshold.
The Bureau estimates that the total annual ongoing costs associated
with this threshold would be about $314,000,000 to $328,000,000, a
decrease of about $31,000,000 to $33,000,000 per year relative to the
100-origination threshold. The Bureau does not have sufficient
information to precisely estimate how many more nondepository
institutions would be required to report under this alternative.
Under a 500-origination threshold, the Bureau estimates that about
400 to 500 depository institutions would report, which is approximately
1,500 fewer depository institutions relative to the final threshold of
100 originations. The
[[Page 35516]]
Bureau estimates that about 400 to 500 banks and savings associations
and fewer than 20 credit unions would be covered under a 500-
origination threshold. The Bureau estimates that about 88 percent of
small business loans originated by depository institutions would be
covered under a 500-origination threshold, a decrease of about 3 to 6
percentage points relative to the final rule. The Bureau estimates that
the total one-time costs across all financial institutions associated
with a 500-origination threshold would be about $128,000,000 to
$131,000,000, a decrease of about $78,000,000 to $87,000,000 relative
to the 100-origination threshold. The Bureau estimates that the total
annual ongoing costs associated with this threshold would be about
$281,000,000 to $290,000,000, a decrease of about $64,000,000 to
$71,000,000 per year relative to the 100-origination threshold. The
Bureau does not have sufficient information to precisely estimate how
many more nondepository institutions would be required to report under
this alternative.
The Bureau's NPRM discussed the possibility of exempting depository
institutions with assets under $100 million or $200 million assets from
the final rule. For the purposes of considering these alternatives, the
Bureau estimates how institutional coverage and costs would be
different if the Bureau required a 25-origination threshold in addition
to an asset-based threshold for depository institutions. The Bureau
assumes that the alternative proposal would have been that a depository
institution would be required to report its small business lending
activity for 2019 if it had more than 25 originations in 2017 and 2018
and had assets over the asset-based threshold on December 31, 2018. The
Bureau further assumes that if two institutions merged in 2019 then the
resulting institution would be required to report if the sum of the
separate institutions' assets on December 31, 2018, exceeded the asset-
based threshold.
Under a $100 million asset-based and 25-origination threshold, the
Bureau estimates that between 3,500 and 3,600 depository institutions
would report, approximately 1,600 to 1,700 more depository institutions
relative to a 100-origination threshold with no asset-based threshold.
The Bureau estimates that about 3,100 to 3,300 banks and savings
associations and about 300 credit unions would be covered under a 25-
origination and $100 million asset-based threshold. The Bureau
estimates that about 98 percent of small business loans originated by
depository institutions would be covered under a 25-origination and
$100 million asset-based threshold, an increase of about 4 percentage
points relative to the final rule. The Bureau estimates that the total
one-time costs across all financial institutions associated with the
addition of a $100 million asset-based threshold would be about
$307,000,000 to $314,000,000, an increase of between $101,000,000 and
$104,000,000 relative to the final rule. The Bureau estimates that the
total annual ongoing costs associated with this threshold would be
about $383,000,000 to $403,000,000, an increase of about $38,000,000 to
$42,000,000 per year relative to the 100-origination threshold with no
asset-based threshold.
Under a $200 million asset-based and 25-origination threshold, the
Bureau estimates that about 2,700 depository institutions would report,
approximately between 700 and 900 fewer depository institutions
relative to a 100-origination threshold with no asset-based threshold.
The Bureau estimates that about 2,400 banks and savings associations
and about 300 credit unions would be covered under a 25-origination and
$200 million asset-based threshold. The Bureau estimates that about 96
percent of small business loans originated by depository institutions
would be covered under a 25-origination and $100 million asset-based
threshold, an increase of about 2 percentage points relative to the
final rule. The Bureau estimates that the total one-time costs across
all financial institutions associated with the addition of a $200
million asset-based threshold would be about $259,000,000 to
$264,000,000, an increase of between $46,000,000 and $53,000,000
relative to the final rule. The Bureau estimates that the total annual
ongoing costs associated with this threshold would be about
$364,000,000 to $380,000,000, an increase of about $19,000,000 per year
relative to the 100-origination threshold with no asset-based
threshold.
Second, the Bureau considered the costs and benefits for limiting
its data collection to the data points specifically enumerated in ECOA
section 704B(e)(2)(A) through (G). In addition to those data points,
the statute also requires financial institutions to collect and report
any additional data that the Bureau determines would aid in fulfilling
the purposes of section 1071. The final rule includes several
additional data points that rely solely on that latter authority in
section 704B(e)(2)(H). Specifically, the final rule requires that
financial institutions collect and report data on application method,
application recipient, denial reasons (for denied applications only),
pricing information (for applications that are originated or approved
but not accepted), NAICS code, number of workers, time in business, and
number of principal owners, all of which are adopted based on the
Bureau's authority pursuant to section 704B(e)(2)(H). The Bureau has
considered the impact of instead finalizing only the collection of
those data points enumerated in section 704B(e)(2)(A) through (G).
Requiring the collection and reporting of only the data points
enumerated in ECOA section 704B(e)(2)(A) through (G) would result in a
reduction in the fair lending benefit of the data compared to the final
rule. For example, not collecting pricing information would obscure
possible fair lending risk by covered financial institutions. Potential
discriminatory behavior is not limited to the action taken on an
application, but rather includes the terms and conditions under which
applicants can access credit. If the Bureau did not collect pricing
information, it would not be able to evaluate potential discriminatory
lending practices. As mentioned in part IX.F.1 above, several of the
data points the Bureau is finalizing under its ECOA section
704B(e)(2)(H) authority are critical to conducting more accurate and
complete fair lending analyses. A reduction in the rule's ability to
facilitate the enforcement of fair lending laws would negatively impact
small businesses and small business owners and thus run counter to that
statutory purpose of section 1071.
Limiting the rule's data collection to only the data points
required under the statute would also reduce the ability of the rule to
support the business and community development needs and opportunities
of small businesses, which is the other statutory purpose of section
1071. For example, not including pricing information would
significantly reduce the ability of communities, governmental entities,
and creditors to understand credit conditions available to small
businesses. Not including NAICS code or time in business would also
reduce the ability of governmental entities to tailor programs that can
specifically benefit young businesses or businesses in certain
industries.
Only requiring the collection and reporting of the data points
enumerated in ECOA section 704B(e)(2)(A) through (G) would have reduced
the annual ongoing cost of complying with the final rule. Under this
alternative, the estimated total annual ongoing costs for Type A FIs,
Type B FIs, and Type C FIs would be $7,644; $38,296 and $265,809,
[[Page 35517]]
respectively. Per application, the estimated ongoing cost would be $76,
$96, and $44 for Type A FIs, Type B FIs, and Type C FIs, respectively.
Under this alternative, the estimated total ongoing costs for Type A
FIs would be $705 less per year and $7 less per application than the
final rule; the estimated total ongoing costs for Type B FIs would be
$1,783 less per year and $4 less per application than the final rule;
and the estimated total ongoing costs for Type C FIs would be $12,809
per year and $2 per application than the final rule. The estimated
total annual market-level ongoing cost of reporting would be between
$326,000,000 and $340,000,000, or between about $19,000,000 to
$21,000,000 per year less than under the final rule. As discussed
above, respondents to the One-Time Cost Survey were instructed to
assume that they would only report the statutorily mandated data
fields. Hence, the Bureau can only estimate how ongoing costs would be
different under this alternative.
G. Potential Impact on Depository Institutions and Credit Unions With
$10 Billion or Less in Total Assets
As discussed above, the final rule will exclude financial
institutions with fewer than 100 originated covered credit transactions
in both of the two preceding calendar years. The Bureau believes that
the benefits of the final rule to banks, savings associations, and
credit unions with $10 billion or less in total assets will be similar
to the benefits to covered financial institutions as a whole, discussed
above. Regarding costs, other than as noted here, the Bureau also
believes that the impact of the final rule on banks, savings
associations, and credit unions with $10 billion or less in total
assets will be similar to the impact for covered financial institutions
as a whole. The primary difference in the impact on these institutions
is likely to come from differences in the level of complexity of
operations, compliance systems, and software, as well as number of
product offerings and volume of originations of these institutions, all
of which the Bureau has incorporated into the cost estimates using the
three representative financial institution types.
Based on FFIEC and NCUA Call Report data for December 2019, 10,375
of 10,525 banks, savings associations, and credit unions had $10
billion or less in total assets. The Bureau estimates that between
1,700 and 1,900 of such institutions would be subject to the final
rule. The Bureau estimates that the market-level impact of the final
rule on annual ongoing costs for banks, savings associations, and
credit unions with $10 billion or less in assets would be between
$124,000,000 and $140,000,000. Regarding one-time costs, the Bureau
estimates that the market-level impact of the final rule for banks,
savings associations, and credit unions with $10 billion or less in
assets would be between $102,000,000 and $114,000,000. Using a 7
percent discount rate and a five-year amortization window, the
estimated annualized one-time costs would be between $25,000,000 and
$28,000,000.
H. Potential Impact on Small Businesses in Rural Areas
The Bureau expects that small businesses in rural areas will
directly experience many of the benefits of the rule described above in
IX.F.1. Small businesses in rural areas will directly benefit from
facilitating the enforcement of fair lending laws and the enabling of
communities, governmental entities, and creditors to identify business
and community development needs and opportunities of women-owned,
minority-owned, and small businesses. As with all small businesses,
small businesses in rural areas may bear some indirect costs of the
rule. This would occur if financial institutions serving rural areas
are covered by the final rule and if those institutions pass on some or
all of their cost of complying with the final rule to small businesses.
The source data from CRA submissions that the Bureau uses to
estimate institutional coverage and market estimates provide
information on the county in which small business borrowers are
located. However, approximately 89 percent of all banks did not report
CRA data in 2019, and as a result the Bureau does not believe the
reported data are robust enough to estimate the locations of the small
business borrowers for the banks that do not report CRA data. The NCUA
Call Report data do not provide any information on the location of
credit union borrowers. Nonetheless, the Bureau is able to provide some
geographical estimates of institutional coverage based on depository
institution branch locations.
The Bureau used the FDIC's Summary of Deposits to identify the
location of all brick and mortar bank and savings association branches
and the NCUA Credit Union Branch Information to identify the location
of all credit union branch and corporate offices.\960\ A bank, savings
association, or credit union branch was defined as rural if it is in a
rural county, as specified by the USDA's Urban Influence Codes.\961\ A
branch is considered covered by the final rule if it belongs to a bank,
savings association, or credit union that the Bureau estimated would be
included if they exceed 100 originations in 2017 and 2018. Using the
estimation methodology discussed in part IX.D above, the Bureau
estimates that about 65 to 70 percent of rural bank and savings
association branches and about 95 percent of non-rural bank and savings
association branches would be covered under the final rule. The Bureau
estimates that about 14 percent of rural credit union branches and
about 11 percent of non-rural credit union branches would be covered
under the final rule.\962\
---------------------------------------------------------------------------
\960\ See Fed. Deposit Ins. Corp., Summary of Deposits (SOD)--
Annual Survey of Branch Office Deposits (last updated June 1, 2022),
https://www.fdic.gov/regulations/resources/call/sod.html. The NCUA
provides data on credit union branches in the quarterly Call Report
Data files. See Nat'l Credit Union Admin., Call Report Quarterly
Data, https://www.ncua.gov/analysis/credit-union-corporate-call-report-data/quarterly-data (last visited Mar. 20, 2023).
\961\ This is a similar methodology as used in the Bureau's
rural counties list. See CFPB, Rural and underserved counties list,
https://www.consumerfinance.gov/compliance/compliance-resources/mortgage-resources/rural-and-underserved-counties-list/ (last
visited Mar. 20, 2023).
\962\ The Bureau notes that most credit union branches do not
belong to covered credit unions because most credit unions did not
report any small business loans in the NCUA Call Report data. Of the
5,437 credit unions that existed in December 2019, 4,359 (or 81.5
percent) reported no small business originations in 2017 or 2018.
---------------------------------------------------------------------------
In a competitive framework in which financial institutions are
profit maximizers, financial institutions would pass on variable costs
to future small business applicants, but absorb one-time costs and
increased fixed costs in the short run.\963\ Based on previous HMDA
rulemaking efforts, the following seven operational steps affect
variable costs: transcribing data, resolving reportability questions,
transferring data to a data entry system, geocoding, researching
questions, resolving question responses, and checking post-submission
edits. Overall, the Bureau estimates that the impact of the final rule
on variable costs per application is $32 for Type A FIs, $26 for Type B
FIs, and $7.50 for Type C FIs. The Bureau believes that the covered
financial institutions that serve rural areas will attempt to pass
these variable costs on to future small business applicants.
[[Page 35518]]
Amortized over the life of the loan, this expense would represent a
negligible increase in the overall cost of a covered credit
transaction.
---------------------------------------------------------------------------
\963\ If markets are not perfectly competitive or financial
institutions are not profit maximizers, then what financial
institutions pass on may differ. For example, they may attempt to
pass on one-time costs and increases in fixed costs, or they may not
be able to pass on variable costs. Furthermore, some financial
institutions may exit the market in the long run. However, other
financial institutions may also enter the market in the long run.
---------------------------------------------------------------------------
The One-Time Cost Survey can shed light on how financial
institutions that serve rural communities will respond to the final
rule. The Bureau asked respondents to the survey to report whether
their institution primarily served rural or urban communities or an
even mix. All respondents in the impacts of implementation sample
answered this question. Of the 44 respondents in the impacts of
implementation sample, 13 primarily serve rural communities, 15
primarily serve urban communities, and 16 serve an even mix. Table 18
presents the potential responses to implementing section 1071 and the
average ranking assigned by respondents that serve rural communities,
urban communities, an even mix, and all of the respondents in the
impacts of implementation sample. The responses are listed in order of
most to least likely on average across all respondents, where a lower
average ranking number means that respondents ranked that response most
likely. Respondents that primarily serve rural communities or an even
mix rank raising rates or fees on small business or other credit
products as the most likely response. These institutions also rank
exiting some geographic markets and no longer offering small business
credit products as the least likely response to a rule implementing
section 1071.
Table 18--One-Time Cost Survey Responses to Impacts of Implementation by Type of Community Served
----------------------------------------------------------------------------------------------------------------
Rural (n = Urban (n = Even mix (n =
Response 13) 15) 16) All (n = 44)
----------------------------------------------------------------------------------------------------------------
Raise rates or fees on small business products.. 1.62 1.6 2.06 1.77
Raise rates/fees on other credit products....... 2.54 2.73 3.44 2.93
Tighten underwriting standards.................. 3.46 4.27 3.44 3.73
Accept lower profits............................ 3.77 4.2 3.5 3.82
Offer fewer or less complex products............ 4.62 4.07 5.06 4.59
Exit some geographic markets.................... 5.69 5.13 6.38 5.75
No longer offer small business credit products.. 6.62 6.13 6.94 6.57
----------------------------------------------------------------------------------------------------------------
The Bureau thus does not anticipate any material adverse effect on
credit access in the long or short term to rural small businesses.
X. Regulatory Flexibility Act Analysis
The Regulatory Flexibility Act (RFA) \964\ generally requires an
agency to conduct an initial regulatory flexibility analysis (IRFA) and
a final regulatory flexibility analysis (FRFA) of any rule subject to
notice-and-comment rulemaking requirements. These analyses must
``describe the impact of the proposed rule on small entities.'' \965\
An IRFA or FRFA is not required if the agency certifies that the rule
will not have a significant economic impact on a substantial number of
small entities.\966\ The Bureau also is subject to certain additional
procedures under the RFA involving the convening of a panel to consult
with small business representatives prior to proposing a rule for which
an IRFA is required.\967\
---------------------------------------------------------------------------
\964\ 5 U.S.C. 601 et seq.
\965\ 5 U.S.C. 603(a). For purposes of assessing the impacts of
the proposed rule on small entities, ``small entities'' is defined
in the RFA to include small businesses, small not-for-profit
organizations, and small government jurisdictions. 5 U.S.C. 601(6).
A ``small business'' is determined by application of SBA regulations
and reference to the NAICS classifications and size standards. 5
U.S.C. 601(3). A ``small organization'' is any ``not-for-profit
enterprise which is independently owned and operated and is not
dominant in its field.'' 5 U.S.C. 601(4). A ``small governmental
jurisdiction'' is the government of a city, county, town, township,
village, school district, or special district with a population of
less than 50,000. 5 U.S.C. 601(5).
\966\ 5 U.S.C. 605(b).
\967\ 5 U.S.C. 609.
---------------------------------------------------------------------------
In the proposal, the Bureau did not certify that the proposed rule
would not have a significant economic impact on a substantial number of
small entities within the meaning of the RFA. Accordingly, the Bureau
convened and chaired a Small Business Review Panel under SBREFA to
consider the impact of the proposals under consideration on small
entities that would be subject to the rule implementing section 1071
and to obtain feedback from representatives of such small entities. The
proposal preamble included detailed information on the Small Business
Review Panel. The Panel's advice and recommendations are found in the
Small Business Review Panel Final Report \968\ and were discussed in
the section-by-section analysis of the proposed rule.\969\ The proposal
also contained an IRFA pursuant to section 603 of the RFA. In this
IRFA, the Bureau solicited comment on any costs, recordkeeping
requirements, compliance requirements, or changes in operating
procedures arising from the application of the proposed rule to small
businesses; comment regarding any Federal rules that would duplicate,
overlap or conflict with the proposed rule; and comment on alternative
means of compliance for small entities. Comments addressing individual
provisions of the proposed rule are addressed in the section-by-section
analysis above. Comments addressing the impact on small entities are
discussed below. Many of these comments implicated individual
provisions of the final rule or the Bureau's Dodd-Frank Act section
1022 discussion and are also addressed in those parts.
---------------------------------------------------------------------------
\968\ CFPB, Final Report of the Small Business Review Panel on
the CFPB's Proposals Under Consideration for the Small Business
Lending Data Collection Rulemaking (Dec. 14, 2020), https://files.consumerfinance.gov/f/documents/cfpb_1071-sbrefa-report.pdf.
\969\ 86 FR 56356, 56378-510 (Oct. 8, 2021).
---------------------------------------------------------------------------
Based on the comments received, and for the reasons stated below,
the Bureau believes the final rule will have a significant economic
impact on a substantial number of small entities. Accordingly, the
Bureau has prepared the following final regulatory flexibility analysis
pursuant to section 604 of the RFA.
Final Regulatory Flexibility Analysis
Under RFA section 604(a), when promulgating a final rule under 5
U.S.C. 553, after publishing a notice of proposed rulemaking, the
Bureau must prepare a FRFA. Section 603(a) of the RFA also sets forth
the required elements of the FRFA. Section 604(a)(1) requires the FRFA
to contain a statement of the need for, and objectives of, the rule.
Section 604(a)(2) requires the FRFA to contain a statement of the
significant issues raised by the public comments in response to the
initial regulatory flexibility analysis, a statement of the assessment
of the agency of such issues, and a statement of any changes made in
the proposed rule as a result of such comments. Section 604(a)(3)
requires the Bureau to respond to any comments filed by the
[[Page 35519]]
Chief Counsel for Advocacy of the SBA in response to the proposed rule
and provide a detailed statement of any change made to the proposed
rule in the final rule as a result of the comments.
The FRFA further must contain a description of and an estimate of
the number of small entities to which the rule will apply or an
explanation of why no such estimate is available.\970\ Section
603(b)(5) requires a description of the projected reporting,
recordkeeping, and other compliance requirements of the rule, including
an estimate of the classes of small entities that will be subject to
the requirement and the type of professional skills necessary for the
preparation of the report or record. In addition, the Bureau must
describe any steps it has taken to minimize the significant economic
impact on small entities consistent with the stated objectives of
applicable statutes, including a statement of the factual, policy, and
legal reasons for selecting the alternative adopted in the final rule
and why each one of the other significant alternatives to the rule
considered by the agency which affect the impact on small entities was
rejected. Finally, as amended by the Dodd-Frank Act, RFA section
604(a)(6) requires that the FRFA include a description of the steps the
agency has taken to minimize any additional cost of credit for small
entities.
---------------------------------------------------------------------------
\970\ 5 U.S.C. 603(a)(4).
---------------------------------------------------------------------------
A. Statement of the Need for, and Objectives of, the Rule
As discussed in part I above, section 1071 of the Dodd-Frank Act
amended ECOA to require that financial institutions collect and report
to the Bureau certain data regarding applications for credit for women-
owned, minority-owned, and small businesses.\971\ Section 1071's
statutory purposes are (1) to facilitate enforcement of fair lending
laws, and (2) to enable communities, governmental entities, and
creditors to identify business and community development needs and
opportunities of women-owned, minority-owned, and small businesses.
---------------------------------------------------------------------------
\971\ ECOA section 704B.
---------------------------------------------------------------------------
Section 1071 specifies a number of data points that financial
institutions are required to collect and report, and also provides
authority for the Bureau to require any additional data that the Bureau
determines would aid in fulfilling 1071's statutory purposes. Section
1071 also contains a number of other requirements, including those that
address restricting the access of underwriters and other persons to
certain data, publication of data, and the Bureau's discretion to
modify or delete data prior to publication in order to advance a
privacy interest.
As discussed throughout this document, Congress amended ECOA by
adding section 1071, which directs the Bureau to adopt regulations
governing the collection and reporting of small business lending data.
Section 1071 directs the Bureau to prescribe such rules and issue such
guidance as may be necessary to carry out, enforce, and compile data
pursuant to section 1071, and permits the Bureau to adopt exceptions to
any requirement or to exempt financial institutions from the
requirements of section 1071 as the Bureau deems necessary or
appropriate to carry out the purposes of section 1071.
In addition, as discussed in part II above, currently available
data on small business lending are fragmented, incomplete, and not
standardized, making it difficult to make meaningful comparisons across
products, financial institutions, and over time. This hinders attempts
by policymakers and other stakeholders to understand the size,
composition, and dynamics of the small business lending marketplace,
including the interaction of supply and demand, as well as potentially
problematic lending practices, gaps, or trends in funding that may be
holding back some communities.\972\
---------------------------------------------------------------------------
\972\ While Call Report and CRA data provide some indication of
the level of supply of small business credit, the lack of data on
small business credit applications makes demand for credit by small
businesses more difficult to assess, including with respect to local
markets or protected classes.
---------------------------------------------------------------------------
Data collected under the final rule will constitute the largest and
most comprehensive data in the United States on credit availability for
small businesses. The data collection will also provide an
unprecedented window into the small business lending market, and such
transparency will benefit financial institutions covered by the rule.
The public data published under the final rule will allow financial
institutions to better understand the demand for small business credit
products and the conditions under which they are being supplied by
other lenders. Lenders will likely use the data to understand small
business lending market conditions more effectively and at a more
granular level than is possible with existing data sources, such as
Call Reports, data from public lending programs, or privately purchased
data. Data collected under the final rule will enable lenders to
identify promising opportunities to extend credit to small businesses.
The final rule will also provide some reduction of the compliance
burden of fair lending reviews for lower risk financial institutions by
reducing the ``false positive'' rates during fair lending review
prioritization by regulators. Currently, financial institutions are
subject to fair lending reviews by regulators to ensure that they are
complying with ECOA in their small business lending. Data reported
under the final rule will allow regulators to prioritize fair lending
reviews of lenders with higher risk of potential fair lending
violations, which reduces the burden on institutions with lower fair
lending risk.
The final rule effectuates Congress's specific mandate to the
Bureau to adopt rules to implement section 1071. For a further
description of the reasons why agency action is being considered, see
the background discussion for the final rule in part II above.
This rulemaking has multiple objectives. The final rule is intended
to advance the two statutory purposes of section 1071, which are (1)
facilitating enforcement of fair lending laws and (2) enabling
communities, governmental entities, and creditors to identify business
and community development needs and opportunities of women-owned,
minority-owned, and small businesses. To achieve these objectives, the
rule will require covered financial institutions to collect and report
certain data on applications for covered credit transactions for small
businesses, including minority-owned, women-owned, and LGBTQI+-owned
small businesses. The data to be collected and reported will include a
number of statutorily required data fields regarding small business
applications, as well as several additional data fields that the Bureau
determined will help fulfill the purposes of section 1071. The Bureau
will make available to the public, annually on the Bureau's website,
the data submitted to it by financial institutions, subject to
deletions or modifications made by the Bureau if the Bureau determines
that such deletions or modifications would advance a privacy interest.
B. Statement of the Significant Issues Raised by the Public Comments in
Response to the Initial Regulatory Flexibility Analysis, a Statement of
the Assessment of the Agency of Such Issues, and a Statement of Any
Changes Made to the Proposed Rule in the Final Rule as a Result of Such
Comments
In accordance with section 603(a) of the RFA, the Bureau prepared
an IRFA. In the IRFA, the Bureau estimated the possible compliance cost
for small entities with respect to a pre-statute
[[Page 35520]]
baseline. Additionally, the IRFA discussed possible impacts on small
entities, such as small businesses to whom lenders provide credit.
Very few commenters specifically address the IRFA included in the
proposal. Comments made by the SBA Office of Advocacy related to the
estimates included in the IRFA are addressed below in part X.B.3. A
comprehensive discussion of comments that relate to parts of the
regulatory flexibility analysis can be found throughout part IX above.
This section addresses specific significant comments that affects the
FRFA analysis.
Commenters provided feedback on the overall magnitudes of the one-
time and ongoing cost estimates, which form a core part of the IRFA
analysis. Some industry commenters provided their own estimates of
either their institution's specific one-time or ongoing costs. With
respect to one-time costs, the Bureau has reviewed estimates and
considered the information provided by the commenters, together with
the existing evidence provided in the One-Time Cost Survey. The Bureau
considers most estimates provided by commenters as broadly consistent
with the Bureau's one-time cost estimates. With respect to ongoing
costs, industry commenters' estimates ranged from estimates that were
quite similar to the Bureau's estimate for institutions of similar
small business credit volume to estimates that were considerably higher
than the Bureau's estimates. The Bureau has reviewed these estimates
and considered the information provided by the commenters.
Many industry commenters claimed a need to hire additional staff,
both with respect to the one-time cost of implementing the rule and the
ongoing cost of reporting 1071 data annually. Many provided estimates
of the additional FTEs that the institution would have to hire to
comply with the proposed rule. These estimates ranged from one
additional FTE to up to 10 additional FTEs. A survey of community banks
by a national trade association found that 88 percent of respondents
would need to hire an additional FTE and, on average, institutions
would have to hire 2-3 FTEs. Several commenters asserted that the
hiring of additional staff alone showed that the Bureau's one-time and
ongoing cost estimates in the proposal were inadequate. In the ongoing
costs estimates of the Bureau's proposal, the Bureau calculated the
number of hours required to be spent on 1071-related tasks, without
distinguishing between existing or newly-hired staff. The Bureau
assumes that the time spent on 1071-related tasks necessarily takes
time away from otherwise profitable activity to which the hours would
be put in the rule's absence. Since the Bureau is accounting for time
spent in this way, the Bureau believes that its estimates account for
the additional staff activity required to be spent to collect, check,
and report data under the final rule. For this reason, the Bureau did
not change any staffing time estimates, with exceptions mentioned
below.
However, hiring additional FTEs would lead some institutions to
incur fixed one-time costs of hiring, including search, administrative
burden, and additional training, that they would not have incurred in
the absence of the final rule. The Bureau categorizes this type of cost
as a one-time cost, where the institution staffs up to be able to
comply with the rule. So, while the Bureau has not changed ongoing
costs estimates with respect to staff hours, it is incorporating the
fixed cost of hiring new staff in its estimation of one-time costs.
Several commenters also suggested that the specific ongoing costs
for training staff were too low in the proposal. As described in the
proposal, the Bureau received similar comments during the SBREFA
process, but wished to learn additional information through comments on
the proposed rule to better estimate the cost of training. Several
institutions provided specific annual costs of training employees or
estimates of the overall employee time expected to be required to
comply with the final rule. Others more generally described the need to
train more staff than just loan officers, but also administrative and
other staff.
The Bureau's ongoing cost estimates only reflected the assumed
training time required to train loan officers that directly handle the
underwriting process. The Bureau decided, based on the comments to the
proposed rule, to double the amount of assumed training hours required
on an annual basis to account for the additional staff that would have
to be trained on an annual basis besides simply the loan officers. The
estimates in this final rule reflect the doubling of annual training
hours.
C. Response of the Agency to Any Comments Filed by the Chief Counsel
for Advocacy of the Small Business Administration in Response to the
Proposed Rule, and a Detailed Statement of Any Change Made to the
Proposed Rule in the Final Rule as a Result of the Comments
SBA Office of Advocacy provided a formal comment letter to the
Bureau in response to the proposed rule. This letter expressed concerns
that the Bureau underestimated the costs of the proposed rule, that the
Bureau did not adequately consider the scope of coverage, and that the
Bureau additionally underestimated the effect of the proposed rule on
the cost of credit to small entities. Additionally, SBA Office of
Advocacy provided specific feedback related to certain provisions of
the proposed rule, which are addressed below.
Comments related to the Bureau's cost estimates. SBA Office of
Advocacy asserted that the Bureau's estimated costs of compliance in
the proposal were too low, arguing, specifically, that training costs
were too low and stated that the Bureau had acknowledged that small
entity representatives, during the SBREFA process, had noted that the
Bureau's training costs might be low because they did not account for
enough staff being trained. Regarding these training costs, the Bureau
notes that, as SBA Office of Advocacy observed, the proposal identified
the feedback from small entity representatives that the training costs
might be underestimated. In part VIII.F.3 of the proposal the Bureau
sought comments on the training and other estimates to inform the
ongoing cost estimation. As noted in part IX.F above, the Bureau has
increased its estimates of training costs in response to SBA Office of
Advocacy and other comments to account for additional staff that would
need to be trained on an ongoing basis.
SBA Office of Advocacy expressed concerns that the Bureau has
underestimated the one-time costs, specifically with regard to training
costs. As noted in the above methods (part IX.E) and estimations (part
IX.F) discussions, the Bureau estimated one-time costs from the
Bureau's One-Time Cost Survey, which was conducted of industry
participants potentially subject to the Bureau's rule implementing
section 1071. The Bureau's Tables 14 through 16 provide averages of
survey responses. To obtain final estimates, the Bureau combined this
information with relevant information from comments on the proposal.
The Bureau reviewed and considered comments on the cost estimates
included in its proposal.
SBA Office of Advocacy also asserted that the Bureau underestimated
the pass through of compliance costs to small businesses in the form of
rates and fees. SBA Office of Advocacy also asserted that, because
institutions could charge an application fee, the fee may be a
disincentive for small businesses to shop for a better priced loan, and
[[Page 35521]]
therefore the overall cost of credit may be higher than indicated.
Regarding these comments on the pass through of costs, the Bureau
notes in part IX.F.4 above that it expects the variable portion of
ongoing costs to be passed on to small business credit borrowers in the
form of higher interest rates and fees. It made this determination from
the results to its One-Time Cost Survey, economic theory, and comments
on the proposed rule. Additionally, lenders presently have the ability
to charge applicants application fees, something that the potential
increase in fees from compliance costs associated with this final rule
does not change.
Comments related to other aspects of the proposed rule. In the
section-by-section analysis of the final rule in part V above, the
Bureau has responded to the SBA Office of Advocacy's comments
concerning a number of topics in the proposed rule, including the
definition of financial institution, the small business definition, the
coverage of automobile dealers, the data points generally, the proposed
visual observation and surname requirement related to applicants'
demographic information, data points adopted pursuant to ECOA section
704B(e)(2)(H), and the compliance date of the rule. SBA Office of
Advocacy's comments and the Bureau's responses on these topics are
summarized below.
Scope of coverage/definition of financial institution. Initially,
SBA Office of Advocacy expressed concern about the scope of coverage,
particularly as related to who would be a covered financial institution
required to collect and report 1071 data. SBA Office of Advocacy argued
that the proposed 25-origination threshold may be too low, and that the
Bureau has not analyzed the data fully to determine whether a higher
threshold would garner an appropriate amount of information to fulfill
the purposes of section 1071. SBA Office of Advocacy further urged the
Bureau to consider additional alternative thresholds, and supplement
its analysis, including 50-, 100-, 200- and 500-origination threshold
alternatives. In the final rule, the Bureau has increased the
institutional coverage threshold from 25 to 100 originations annually
to address industry concerns regarding the impact on the smallest
financial institutions. Smaller lenders play an integral role in
lending to parts of the small business sector and the Bureau does not
want to risk disruption to this sector, which would run contrary to the
business and community development purpose of section 1071. The Bureau
also considered higher thresholds, but believes that raising the
threshold further would undermine the purposes of section 1071.
Definition of small business. Next, SBA Office of Advocacy
commended the Bureau for proposing an alternative size standard to
SBA's approach to defining a small business, noting prior feedback
concerning the need for a simpler definition that is easy for small
business applicants to understand and financial institutions to
implement. However, SBA Office of Advocacy noted concern from
stakeholders that the $5 million gross annual revenue threshold may be
too high for small financial institutions to implement and may cause
some of those entities to forgo making business loans. SBA Office of
Advocacy urged the Bureau to analyze other possible thresholds at a
lower amount that would garner sufficient data, without the risk of
smaller banks discontinuing business loans. Although the Bureau
considered different threshold amounts and different size standards, it
believes that a $5 million gross annual revenue threshold strikes the
right balance in terms of broadly covering the small business credit
market to fulfill section 1071's statutory purposes while meeting the
SBA's criteria for an alternative size standard. The final rule also
anticipates updates to this threshold every five years to account for
inflation.
Data points--collection of ethnicity and race via visual
observation or surname, and data points adopted pursuant to ECOA
section 704B(e)(2)(H). SBA Office of Advocacy raised two concerns
related to data points required to be collected under section 1071.
First, SBA Office of Advocacy argued that the requirement in the
proposed rule to collect ethnicity and race information based on visual
observation or surname should be removed. SBA Office of Advocacy
reiterated concerns expressed during the SBREFA panel about a visual
observation requirement. SBA Office of Advocacy further argued that
data collected through visual observation or surname could be corrupted
by bias or other forms of discrimination, and would therefore be in
opposition to the intent of section 1071. They further stated that even
well trained and well-motivated financial institutions could make wrong
assumptions and taint the quality of the data. After considering the
issue further as explained in the section-by-section analysis of Sec.
1002.107(a)(19) above, the final rule does not include a requirement to
collect applicant demographic information based on visual observation
or surname.
Second, SBA Office of Advocacy urged the Bureau to remove from the
rule all data points proposed pursuant to its statutory authority set
forth in ECOA section 704B(e)(2)(H), arguing that such data points are
not required by section 1071, are costly, and potentially raise privacy
concerns. SBA Office of Advocacy noted that these data points could be
reverse engineered to determine what businesses were denied credit,
particularly in small communities. They focused particularly on pricing
data, asserting that these data would be costly and could damage the
reputation of the institution by creating unjustified inferences that
pricing disparities are due to fair lending violations. The Bureau
believes that pricing and the other data points provide valuable
information that furthers the dual purposes of section 1071. The Bureau
believes that any risks to privacy interests can be addressed through
modifications or deletions to public, application-level data, as
appropriate.
Next, SBA Office of Advocacy urged the Bureau to work with small
automobile dealers to make the direct and indirect impacts of the
rulemaking as least burdensome as possible. SBA Office of Advocacy
stated that dealers may either directly issue credit or, as noted by a
trade association, in many cases, act as intermediaries between buyers
and financial institutions, and in those roles may be asked to support
financial institutions' compliance with the rule. The Bureau's rule
does not apply to motor vehicle dealers.\973\ The Bureau has also made
revisions to the rule's provisions addressing reporting obligations
when multiple financial institutions are involved in originating a
single covered credit transaction, which the Bureau believes will
provide greater clarity to motor vehicle dealers and the covered
financial institutions that work with them, as well as to other covered
financial institutions that originate covered credit transactions for
small businesses through third parties. In addition, the Bureau has
sought to reduce burden on small covered financial institutions through
many provisions in the final rule, including, for example, by issuing a
sample data collection form that institutions can use to collect
protected demographic data from applicants. Finally, SBA Office of
Advocacy encouraged the Bureau to consider an implementation period of
three years or longer for the rule, rather
[[Page 35522]]
than 18 months as proposed. SBA Office of Advocacy reiterated feedback
from a roundtable session it held that an 18-month compliance period
would not be sufficient, and it may take up to three years for small
financial institutions to comply. They noted that unlike HMDA,
financial institutions are not building off a system already in place,
and instead need to develop new systems. SBA Office of Advocacy also
reiterated feedback during the SBREFA process that supported a two- to
three-year implementation period. The Bureau is adopting a tiered
compliance date schedule because it believes that smaller and mid-sized
lenders would have particular difficulties complying within the single
18-month compliance period proposed in the NPRM. Compliance with the
rule beginning October 1, 2024 is required for financial institutions
that originate the most covered credit transactions for small
businesses. However, institutions with a moderate transaction volume
have until April 1, 2025 to begin complying with the rule, and those
with the lowest volume have until January 1, 2026.\974\ The Bureau
believes that approximately 90 percent of all covered financial
institutions that are themselves ``small'' under the SBA's size
standards will fall under the latest compliance date, giving them
nearly three years to prepare for compliance with the Bureau's final
rule.
---------------------------------------------------------------------------
\973\ The Bureau's rules, including this final rule to implement
section 1071, generally do not apply to motor vehicle dealers, as
defined in section 1029(f)(2) of the Dodd-Frank Act, that are
predominantly engaged in the sale and servicing of motor vehicles,
the leasing and servicing of motor vehicles, or both. 12 U.S.C.
5519.
\974\ The Bureau estimates that most small depository
institutions will fall into Tier 3 and will be required to begin
complying with the final rule in 2026.
---------------------------------------------------------------------------
D. Description of and an Estimate of the Number of Small Entities to
Which the Rule Will Apply
For the purposes of assessing the impacts of the final rule on
small entities, ``small entities'' is defined in the RFA to include
small businesses, small nonprofit organizations, and small government
jurisdictions.\975\ A ``small business'' is determined by application
of SBA regulations in reference to the North American Industry
Classification System (NAICS) classification and size standards.\976\
Under such standards, the Bureau identified several categories of small
entities that may be subject to the proposed provisions: depository
institutions; online lenders and merchant cash advance providers;
commercial finance companies; nondepository CDFIs; Farm Credit System
members; and governmental lending entities. The NAICS codes covered by
these categories are described below.
---------------------------------------------------------------------------
\975\ 5 U.S.C. 601(6).
\976\ The current SBA size standards are found on the SBA's
website, Small Bus. Admin., Table of size standards (Mar. 17, 2023),
https://www.sba.gov/document/support-table-size-standards.
---------------------------------------------------------------------------
The following table provides the Bureau's estimate of the number
and types of entities that may be affected by the proposed rule:
Table 19--Estimated Number of Affected Entities and Small Entities by Category
----------------------------------------------------------------------------------------------------------------
Est. total Est. number of
Small entity covered small
Category NAICS threshold financial financial
institutions institutions
----------------------------------------------------------------------------------------------------------------
Depository Institutions........... 522110, 522180, $850 million in 1,900 1,000
522130, 522210. assets.
Online Lenders and Merchant Cash 522299, 522291, $40 million (NAICS 100 90
Advance Providers. 522320, 518210. 518210); $47 million
(NAICS 522299,
522291, 522320).
Commercial Finance Companies...... 513210, 532411, $47 million (NAICS 240 216
532490, 522220, 513210, 522220,
522291. 522291); $40 million
(NAICS 532490);
$45.5 million (NAICS
532411).
Nondepository CDFIs............... 522390, 523910, $9.5 million (NAICS 139 132
813410, 522310. 813410); $15 million
(NAICS 522310); $47
million (NAICS
523910, 522390).
Farm Credit System members........ 522299............... $47 million.......... 71 31
Governmental Lending Entities..... NA................... Population below 70 0
50,000.
----------------------------------------------------------------------------------------------------------------
The following paragraphs describe the categories of entities that
the Bureau expects would be affected by the final rule.
Depository institutions (banks and credit unions): The Bureau
estimates that there are about 1,900 banks, savings associations, and
credit unions engaged in small business lending that originate enough
covered transactions to be covered by the final rule.\977\ These
companies potentially fall into four different industry categories,
including ``Commercial Banking'' (NAICS 522110), ``Savings
Institutions'' (NAICS 522120), ``Credit Unions'' (NAICS 522130), and
``Credit Card Issuing'' (NAICS 522210). All of these industries have a
size standard threshold of $850 million in assets. The Bureau estimates
that about 1,000 of these institutions are small entities according to
this threshold. See part IX.D above for more detail on how the Bureau
arrived at these estimates.
---------------------------------------------------------------------------
\977\ The Bureau notes that the category of depository
institutions also includes CDFIs that are also depository
institutions.
---------------------------------------------------------------------------
Online lenders and merchant cash advance providers: As discussed in
more detail in part II.D above, the Bureau estimates that there are
about 100 fintech lenders and merchant cash advance providers engaged
in small business lending that originate enough covered transactions to
be covered by the final rule. These companies span multiple industries,
including ``All Other Nondepository Credit Intermediation'' (NAICS
522298), ``Consumer Lending'' (NAICS 522291), ``Financial Transactions,
Processing, Reserve, and Clearinghouse Activities'' (NAICS 522320), and
``Data Processing, Housing and Related Services'' (NAICS 518210). All
of these industries have a size standard threshold of $40 million in
sales (NAICS 518210) or $47 million in sales (all other NAICS). The
Bureau assumes that about 90 percent, or 90, of these entities are
small according to these size standards.
Commercial finance companies: As discussed in more detail in part
II.D above, the Bureau estimates that there are about 240 commercial
finance companies, including captive and independent financing, engaged
in small business lending that originate enough covered credit
transactions to be covered by the final rule. These companies span
multiple industries, including ``Software Publishers'' (NAICS 513210),
``Commercial Air, Rail, and Water Transportation Equipment Rental and
Leasing'' (NAICS 532411), ``Other Commercial and Industrial Machinery
and Equipment Rental and Leasing'' (NAICS 532490), ``Sales financing''
(NAICS 522220) and ``Consumer Lending'' (NAICS 522291). These
industries have size standard thresholds of $47 million in sales (NAICS
513210, 522220, 522291), $45.5
[[Page 35523]]
million in sales (NAICS 532411), or $40 million in sales (NAICS
532490). The Bureau assumes that about 90 percent, or 216, commercial
finance companies are small according to these size standards.
Nondepository CDFIs: As discussed in more detail in part II.D
above, the Bureau estimates that there are 139 nondepository CDFIs
engaged in small business lending that originate enough covered credit
transactions to be covered by the final rule. CDFIs generally fall into
``Activities Related to Credit Intermediation (Including Loan
Brokers)'' (NAICS 522390), ``Miscellaneous Intermediation'' (NAICS
523910), ``Civic and Social Organizations'' (NAICS 813410), and
``Mortgage and Nonmortgage Loan Brokers'' (NAICS 522310). These
industries have size standard thresholds of $9.5 million in sales
(NAICS 813410), $15 million in sales (NAICS 522310), and $47 million in
sales (NAICS 522390, 523910). The Bureau assumes that about 95 percent,
or 132, nondepository CDFIs are small entities.
Farm Credit System members: The Bureau estimates that there are 71
members of the Farm Credit System (banks and associations) that are
engaged in small business lending and that originate enough covered
credit transactions to be covered by the final rule.\978\ These
institutions are in the ``International, Secondary Market, and All
Other Credit Intermediation'' (NAICS 522299) industry. The size
standard for this industry is $47 million in sales. The Bureau
estimates that 18 members of the Farm Credit System are small entities.
---------------------------------------------------------------------------
\978\ Fed. Farm Credit Banks Funding Corp., Farm Credit 2019
Annual Information Statement of the Farm Credit System, at 7 (Feb.
28, 2020), https://www.farmcreditfunding.com/ffcb_live/serve/public/pressre/finin/report.pdf?assetId=395570. The Bureau notes that Farm
Credit System banks do not report FFIEC Call Reports and are thus
not counted in the number of banks and savings associations
discussed above. To estimate the number of small Farm Credit System
members, the Bureau considered FCA Call Reports and Young,
Beginning, and Small Farmers Reports for all Farm Credit System
members as of December 31, 2019. The reports can be found at https://reports.fca.gov/CRS/. A Farm Credit System is covered if it
reported more than 100 total number of loans on its Young,
Beginning, and Small Farmers Report in 2019. A Farm Credit System
member is considered small if its net interest income plus total
non-interest income is less than $41.5 million.
---------------------------------------------------------------------------
Governmental lending entities: As discussed in more detail in part
II.D above, the Bureau estimates that there are about 70 governmental
lending entities engaged in small business lending that originate
enough covered credit transactions to be covered by the final rule.
``Small governmental jurisdictions'' are the governments of cities,
counties, towns, townships, villages, school districts, or special
districts, with a population of less than fifty thousand. The Bureau
assumes that none of the governmental lending entities covered by the
final rule are considered small.
E. Projected Reporting, Recordkeeping, and Other Compliance
Requirements of the Final Rule, Including an Estimate of the Classes of
Small Entities Which Will Be Subject to the Requirement and the Type of
Professional Skills Necessary for the Preparation of the Report or
Record
Reporting requirements. ECOA section 704B(f)(1) provides that
``[t]he data required to be compiled and maintained under [section
1071] by any financial institution shall be submitted annually to the
Bureau.'' Section 1071 requires financial institutions to collect and
report information regarding any application for ``credit'' made by
women-owned, minority-owned, and small businesses. In its rule to
implement section 1071, the Bureau is not covering the following
transactions: leases, factoring, consumer-designated credit used for
business purposes, HMDA-reportable transactions, insurance premium
financing, trade credit, public utilities credit, securities credit,
and incidental credit.
Under the final rule, financial institutions would be required to
report data on small business credit applications if they originated at
least 100 covered transactions in each of the previous two calendar
years. The Bureau is requiring that data collection occur on a
calendar-year basis and submitted to the Bureau by the following June
1. Under the final rule, covered financial institutions are required to
collect and report the following data points: (1) a unique identifier,
(2) application date, (3) application method, (4) application
recipient, (5) credit type, (6) credit purpose, (7) amount applied for,
(8) amount approved or originated, (9) action taken, (10) action taken
date, (11) denial reasons, (12) pricing information, (13) census tract,
(14) gross annual revenue, (15) NAICS code, (16) number of workers,
(17) time in business, (18) minority-owned business status, women-owned
business status, and LGBTQI+-owned business status, (19) ethnicity,
race, and sex of principal owners, and (20) the number of principal
owners. The section-by-section analyses in part V above discuss the
required data points and the scope of the final rule in greater detail.
Recordkeeping requirements. ECOA section 704B(f)(2)(A) requires
that information compiled and maintained under section 1071 be
``retained for not less than 3 years after the date of preparation.''
The Bureau is requiring that financial institutions retain 1071 data
for at least three years after it is submitted to the Bureau. In
accordance with 704B(e)(3), the Bureau is also instituting a
prohibition on including certain personally identifiable information
about any individuals associated with small business applicants in the
data that a financial institution is required to compile, maintain, and
report to the Bureau, other than information specifically required to
be collected and reported (such as the ethnicity, race, and sex of
principal owners and whether the business is women-owned, minority-
owned, or LGBTQI+-owned). Financial institutions must, unless subject
to an exception, limit the access of certain officers and employees to
applicants' responses to the inquiries regarding women-owned, minority-
owned, and LGBTQI+-owned business status, as well as the ethnicity,
race, and sex of principal owners. In addition, applicants' responses
to the inquiries regarding women-owned, minority-owned, and LGBTQI+-
owned business status, as well as the ethnicity, race, and sex of
principal owners, must be maintained separately from the application
and accompanying information.
Costs to small entities. The Bureau expects that the proposed rule
may impose one-time and ongoing costs on small-entity providers of
credit to small businesses. The Bureau has identified eight categories
of one-time costs that make up the components necessary for a financial
institution to develop the infrastructure to collect and report data
required by the rule. Those categories are preparation/planning;
updating computer systems; testing/validating systems; developing
forms/applications; training staff and third parties (such as dealers
and brokers); developing policies/procedures; legal/compliance review;
and post-implementation review of compliance policies and procedures.
The Bureau conducted a survey regarding potential one-time
implementation costs for section 1071 compliance targeted at financial
institutions who extend small business credit. The Bureau used the
results of this survey to estimate the one-time costs for financial
institutions covered by the proposed rule using the methodology
described in part VIII.E.1 above. The Bureau estimates that depository
institutions with the lowest level of complexity in compliance
[[Page 35524]]
operations (i.e., Type A DIs) would incur one-time costs of $63,825,
including expected hiring costs. The Bureau estimates that depository
institutions with a middle level of complexity in compliance operations
(i.e., Type B DIs) would incur one-time costs of $49,225, including
expected hiring costs. The Bureau estimates that depository
institutions with the highest level of complexity in compliance
operations (i.e., Type C DIs) would incur one-time costs of $91,075,
including expected hiring costs. Finally, the Bureau estimates that
Non-DIs would incur one-time costs of $105,250, including the costs of
hiring two additional staff.
The Bureau estimates that the overall market impact of one-time
costs for small depository institutions will be between $56,000,000 and
$67,000,000.\979\ The Bureau estimates that the overall market impact
of one-time costs for Non-DIs will be about $45,000,000.
---------------------------------------------------------------------------
\979\ The Bureau notes that the variation in this range comes
primarily from the uncertainty in the number of originations made by
small banks and savings associations. The range does not fully
account for the uncertainty associated with estimates of the one-
time costs for each type of institution.
---------------------------------------------------------------------------
Adapting ongoing cost methodology from previous HMDA rulemaking
efforts, the Bureau identified 15 specific data collection and
reporting activities that would impose ongoing costs to financial
institutions covered by the rule.\980\ The Bureau estimates that
representative financial institutions with the lowest level of
complexity in compliance operations (i.e., Type A FIs) would incur
around $8,349 in total annual ongoing costs, or about $83 in total cost
per application processed (assuming a representative 100 applications
per year). For financial institutions of this type, the largest drivers
of the ongoing costs are activities that require employee time to
complete. Activities like transcribing data, transferring data to the
data management software, standard edits and internal checks, and
training all require loan officer time. The Bureau estimates that
financial institutions with a middle level of complexity in compliance
operations (i.e., Type B FIs), which are somewhat automated, would
incur approximately $40,079 in additional ongoing costs per year, or
around $100 per application (assuming a representative 400 applications
per year). The largest components of this ongoing cost are the expenses
of the small business application management software and geocoding
software (in the form of an annual software subscription fee) and the
external audit of the data. The Bureau estimates that financial
institutions with the highest level of complexity in compliance
operations (i.e., Type C FIs), which are significantly automated, would
incur approximately $278,618 in additional ongoing costs per year, or
around $46 per application (assuming a representative 6,000
applications per year). The largest components of this ongoing cost are
the cost of an internal audit, transcribing data, and annual edits and
internal checks.
---------------------------------------------------------------------------
\980\ The Bureau applied the same methodology for the ongoing
costs for small entities as that found in part IX.E.2 above.
---------------------------------------------------------------------------
The Bureau estimates that the overall market impact of ongoing
costs for small entities will be between $83,000,000 and $96,000,000
per year.
Estimate of the classes of small entities that will be subject to
the requirement and the type of professional skills necessary for the
preparation of the report or record. Section 603(b)(4) of the RFA also
requires an estimate of the type of professional skills necessary for
the preparation of the reports or records. The recordkeeping and
compliance requirements of the final rule that would affect small
entities are summarized above. Based on outreach with financial
institutions, vendors, and governmental agency representatives, the
Bureau classified the operational activities that financial
institutions would likely use for section 1071 data collection and
reporting into 15 operational ``tasks'' which can be further grouped
into four ``primary tasks.'' These are:
1. Data collection: Transcribing data, resolving reportability
questions, and transferring data to a 1071 data management system.
2. Reporting and resubmission: Geocoding, standard annual edit and
internal checks, researching questions, resolving question responses,
checking post-submission edits, filing post-submission documents, and
using vendor data management software.
3. Compliance and internal audits: Training, internal audits, and
external audits.
4. Section 1071-related exams: Exam preparation and exam
assistance.
All these tasks are related to the preparation of reports or
records and most of them are performed by compliance personnel in the
compliance department of financial institutions. For some financial
institutions, however, the data intake and transcribing stage could
involve loan officers or processors whose primary function is to
evaluate or process loan applications. For example, at some financial
institutions the loan officers would take in information from the
applicant to complete the application and input that information into
the reporting system. However, the Bureau believes that such roles
generally do not require any additional professional skills related for
the recordkeeping or other compliance requirements of this final rule
that are not otherwise required during the ordinary course of business
for small entities. The Bureau also notes that small nondepository
institutions might not be subject to fair lending exams and might,
therefore, have reduced costs.
The type of professional skills required for compliance varies
depending on the particular task involved. For example, data
transcribing requires data entry skills. Transferring data to a data
entry system and using vendor data management software requires
knowledge of computer systems and the ability to use them. Researching
and resolving reportability questions requires a more complex
understanding of the regulatory requirements and the details of the
relevant line of business. Geocoding requires skills in using the
geocoding software, web systems, or, in cases where geocoding is
difficult, knowledge of the local area in which the property is
located. Standard annual editing, internal checks, and post-submission
editing require knowledge of the relevant data systems, data formats,
and section 1071 regulatory requirements in addition to skills in
quality control and assurance. Filing post-submission documents
requires skills in information creation, dissemination, and
communication. Training, internal audits, and external audits require
communications skills, educational skills, and regulatory knowledge.
Section 1071-related exam preparation and exam assistance involve
knowledge of regulatory requirements, the relevant line of business,
and the relevant data systems.
The Standard Occupational Classification code has compliance
officers listed under code 13-1041. The Bureau believes that most of
the skills required for preparation of the reports or records related
to this rule are the skills required for job functions performed in
this occupation. However, the Bureau recognizes that under this general
occupational code there is a high level of heterogeneity in the type of
skills required as well as the corresponding labor costs incurred by
the financial institutions performing these functions. During the
SBREFA process, some small entity representatives noted that, for
instance, high-level corporate officers
[[Page 35525]]
such as CEOs and senior vice presidents could be directly involved in
some regulatory tasks. The Bureau acknowledges the possibility that
certain aspects of the final rule may require some small entities to
hire additional compliance staff. The Bureau received many comments on
its proposal that asserted that industry participants would have to
hire additional employees to comply with the rule. The Bureau made
changes to its estimates of one-time costs to reflect the additional
one-time cost of hiring new staff. Compliance with the final rule may
emphasize certain skills. For example, new data points may increase
demand for skills involved in researching questions, standard annual
editing, and post-submission editing. Nevertheless, the Bureau believes
that compliance would still involve the general set of skills
identified above. The recordkeeping and reporting requirements
associated with the final rule would also involve skills for
information technology system development, integration, and
maintenance. Financial institutions required to report data under HMDA
often use data management systems called HMDA Management Systems for
existing regulatory purposes. A similar software for reporting the data
required under the final rule could be developed by the institution
internally or purchased from a third-party vendor. It is possible that
other systems used by financial institutions, such as loan origination
systems, might also need to be upgraded to capture new data fields
required to be collected and reported under the final rule. The
professional skills required for this one-time upgrade would be related
to software development, testing, system engineering, information
technology project management, budgeting and operation.
F. Description of the Steps the Agency Has Taken To Minimize the
Significant Economic Impact on Small Entities Consistent With the
Stated Objectives of Applicable Statutes, Including a Statement of the
Factual, Policy, and Legal Reasons for Selecting the Alternative
Adopted in the Final Rule and Why Each One of the Other Significant
Alternatives to the Rule Considered by the Agency Which Affect the
Impact on Small Entities Was Rejected; and for a Covered Agency, as
Defined in Section 609(d)(2), a Description of the Steps the Agency Has
Taken To Minimize Any Additional Cost of Credit for Small Entities
In drafting this final rule, the Bureau considered multiple
financial institution reporting thresholds. In particular, the Bureau
considered whether to exempt financial institutions with fewer than 25,
50, 200, or 500 originations of covered credit transactions for small
businesses in each of the two preceding calendar years, instead of 100
originations as finalized. The Bureau also considered whether to exempt
depository institutions with assets under $100 million or $200 million
from section 1071's data collection and reporting requirements. The
Bureau expects that some burden reduction will result from the higher
threshold of 100 loans.
The following table shows the estimated impact that different
reporting thresholds the Bureau considered would have had on financial
institution coverage. For the purposes of considering the asset-based
threshold alternatives, the Bureau estimates how institutional coverage
and costs would be different if the Bureau required a 25-origination
threshold in addition to an asset-based threshold for depository
institutions. For the asset-based threshold alternatives, the Bureau
assumes that the alternative proposal would have been that a depository
institution would be required to report its small business lending
activity for 2019 if it had more than 25 originations in both 2017 and
2018 and had assets over the asset-based threshold on December 31,
2018. The Bureau further assumes that if two institutions merged in
2019 then the resulting institution would be required to report if the
sum of the separate institutions' assets on December 31, 2018 exceeded
the asset-based threshold.
Table 20--Estimated Impact of Different Reporting Thresholds on the Number and Percentage of Small Depository
Institutions Covered
----------------------------------------------------------------------------------------------------------------
Number of small
Threshold considered depository institutions % of small depository
covered institutions covered
----------------------------------------------------------------------------------------------------------------
25 originations............................................... 2,900-3,000 32-33
50 originations............................................... 1,900-2,100 21-23
100 originations.............................................. 1,000-1,100 11-12
200 originations.............................................. 400-500 4-6
500 originations.............................................. 50-100 0.6-1
25 originations AND $100 million in assets.................... 2,400-2,500 26-28
25 originations AND $200 million in assets.................... 1,600-1,700 18-19
----------------------------------------------------------------------------------------------------------------
Further, the Bureau is finalizing several data points pursuant to
its authority under ECOA section 704B(e)(2)(H) that is has concluded
would help the data collection fulfill the purposes of section 1071:
application method, application recipient, pricing, number of principal
owners, NAICS code, number of workers, and time in business.
During the SBREFA process, small entity representatives provided
detailed feedback on the data points that the Bureau was considering
proposing pursuant to ECOA section 704B(e)(2)(H).\981\ One small entity
representative stated that the cost of collecting and reporting such
data points under consideration would be significant, and another
stated that the Bureau should include as few data points as possible to
avoid unnecessary costs. Another small entity representative stated
that the Bureau should finalize a rule with just the data points
enumerated in 704B(e)(2)(A) through (G) and avoid adding any additional
data points. Other small entity representatives favored or opposed the
inclusion of some or all of the individual data points under
consideration during the SBREFA process. Many industry commenters and
SBA Office of Advocacy opposed the collection of any data points
pursuant to section 704B(e)(2)(H). These commenters stated that such
data points would be burdensome to collect and report, while some,
particularly the
[[Page 35526]]
pricing data point, could be subject to misinterpretation by data
users.
---------------------------------------------------------------------------
\981\ The small entity representative feedback discussed herein
can be found in the SBREFA Panel Report at 30-32.
---------------------------------------------------------------------------
The Bureau understands that certain data points may introduce
additional burden to small entities. However, the Bureau has determined
that these data points would aid in fulfilling the statutory purposes
of section 1071--facilitating enforcement of fair lending laws and
enabling communities, governmental entities, and creditors to identify
business and community development needs and opportunities of women-
owned, minority-owned, and small businesses.
Three types of costs (one-time, fixed ongoing, and variable
ongoing) have the potential to influence the price and availability of
credit to small businesses. In a competitive marketplace, standard
microeconomics suggests that lenders will extend loans up to the point
at which the value of granting an additional loan is equal to the
additional cost associated with the financial institution providing the
loan. One-time costs and fixed ongoing costs affect the overall
profitability of a lender's loan portfolio but do not affect the
profitability of extending an additional loan. Variable ongoing costs,
however, affect the profitability of each additional loan and will
influence the number of loans a lender provides. Based on the Bureau's
available evidence, it expects that the variable ongoing costs to
comply with the proposed rule will be passed on in full to small
business credit applicants in the form of higher prices or fees to
small businesses.
In the One-Time Cost Survey, the Bureau asked respondents to rank a
list of potential actions they may take in response to the compliance
costs of implementing section 1071.\982\ Respondents ranked the
following list: ``Raise rates or fees on small business products'';
``Raise rates/fees on other credit products''; ``Accept lower
profits''; ``Exit some geographic markets''; ``Tighten underwriting
standards''; ``Offer fewer or less complex products''; ``No longer
offer small business credit products''; or ``Other'' with two write-in
options. Respondents ranked these options from ``1'' to ``9''
indicating their most to least likely responses. Respondents also had
the opportunity to write in their own responses. Consistent with
economic theory, respondents reported that they would be most likely to
raise rates or fees on small business products and other credit
products. On average, respondents reported that they would be least
likely to exit some geographic markets or cease offering small business
credit products. Accordingly, the Bureau expects the likely impact of
the rule on the cost of credit to small entities to be higher rates and
fees because financial institutions pass on the variable ongoing costs
of the required data collection. The Bureau estimates that $32, $26,
and $7.50 in variable costs would be passed through per application to
Type A, B, and C FIs, respectively. To put these values in context, the
Bureau estimates that the per application net income is in a range of
$66,000-$83,000; $33,000-$38,000; and $83,000-$92,000 for covered banks
and savings associations of Types A, B, and C, respectively.
---------------------------------------------------------------------------
\982\ See One-Time Cost Survey at 11.
---------------------------------------------------------------------------
The Bureau also carefully considered the rule's potential impact on
small entities in its decision related to transactional scope. For
example, the Bureau is not covering trade credit in its 1071 final rule
because it believes that trade credit is categorically different from
products like loans, lines of credit, credit cards, and merchant cash
advances and that there are several reasons to exclude it from
coverage. As discussed in the section-by-section analysis of Sec.
1002.104(b)(1), one such reason is that the Bureau understands that
trade credit can be offered by entities that are themselves very small
businesses; these entities, in particular, may incur large costs
relative to their size to collect and report 1071 data in an accurate
and consistent manner.\983\ The Bureau is also adding new Sec.
1002.104(b)(5) to exclude all HMDA reportable transactions (i.e.,
covered loans as defined by Regulation C, 12 CFR 1003.2(e)). The Bureau
is finalizing this exclusion of HMDA-reportable transactions in order
to alleviate concerns from a broad range of industry commenters,
including small entities, about the difficulties associated with dual
reporting, particularly in light of potential inconsistences related to
demographic data collection and recordkeeping. Moreover, the final rule
makes clear that the term covered credit transaction does not include
consumer-designated credit used for business or agricultural purposes,
because such transactions are not business credit. The Bureau believes
that this interpretation will reduce burden for financial institutions
(including smaller ones) that offer only consumer-designated credit.
---------------------------------------------------------------------------
\983\ See Leora Klapper et al., Trade Credit Contracts, 25(3)
Review of Fin. Studies 838-67 (2012), https://academic.oup.com/rfs/article/25/3/838/1616515, and Justin Murfin & Ken Njoroge, The
Implicit Costs of Trade Credit Borrowing by Large Firms, 28(1)
Review of Fin. Studies 112-45 (2015) https://academic.oup.com/rfs/article/28/1/112/1681329.
---------------------------------------------------------------------------
In response to the suggestion to exempt agricultural lending
because of the impact on small local community financial institutions,
such as credit unions, the Bureau is not defining a ``covered credit
transaction'' in a way that would exclude agricultural credit from the
final rule. As detailed in the section-by-section analysis of Sec.
1002.104(a), the Bureau believes that covering agricultural credit in
this rulemaking is important for both of section 1071's statutory
purposes. The Bureau does note, however, that it is increasing its
institutional coverage threshold, as discussed above, to minimize
compliance costs for smaller financial institutions with lower lending
volumes.
The Bureau believes that its adoption of a simplified small
business definition better meets the needs of small entities. The final
rule provides that a business is a small business if its gross annual
revenue for its preceding fiscal year is $5 million or less. As
discussed in the section-by-section analysis of Sec. 1002.106(b)(1),
the Bureau believes that this approach addresses the concerns that the
Bureau has heard (during the SBREFA process and in response to the
NPRM) with respect to determining whether applicants are small
businesses for purposes of complying with section 1071, particularly
with respect to the concerns regarding determining the applicant's
NAICS code.
XI. Paperwork Reduction Act
Under the Paperwork Reduction Act of 1995 (PRA),\984\ Federal
agencies are generally required to seek approval from the Office of
Management and Budget (OMB) for information collection requirements
prior to implementation. Under the PRA, the Bureau may not conduct nor
sponsor, and, notwithstanding any other provision of law, a person is
not required to respond to, an information collection unless the
information collection displays a valid control number assigned by OMB.
---------------------------------------------------------------------------
\984\ 44 U.S.C. 3501 et seq.
---------------------------------------------------------------------------
As part of its continuing effort to reduce paperwork and respondent
burden, the Bureau conducted a preclearance consultation program to
provide the general public and Federal agencies with an opportunity to
comment on the information collection requirements in accordance with
the PRA. This helps ensure that the public understands the Bureau's
requirements or instructions, respondents can provide the requested
data in the desired format,
[[Page 35527]]
reporting burden (time and financial resources) is minimized,
information collection instruments are clearly understood, and the
Bureau can properly assess the impact of information collection
requirements on respondents. The Bureau conducted several rounds of
message, form, and user testing that were approved under OMB control
number 3170-0022 after appropriate public notice and a 30-day comment
period.
The final rule amends 12 CFR part 1002 (Regulation B), which
implements ECOA. The Bureau's OMB control number for Regulation B is
3170-0013. This final rule will revise the information collection
requirements contained in Regulation B that OMB has approved under that
OMB control number.
Under the rule, the Bureau adds four information collection
requirements to Regulation B:
1. Compilation of reportable data (Sec. 1002.107), including a
notice requirement (in Sec. 1002.107(a)(18) and (19)).
2. Reporting data to the Bureau (Sec. 1002.109).
3. Firewall notice requirement (Sec. 1002.108(d)).
4. Recordkeeping (Sec. 1002.111).
The information collection requirements in this final rule are
mandatory. Certain data fields will be modified or deleted by the
Bureau, in its discretion, to advance a privacy interest before the
1071 data are made available to the public (as permitted by section
1071 and the Bureau's final rule). The data that are not modified or
deleted will be made available to the public. The rest of the data will
be considered confidential if the information:
Identifies any applicants or natural persons who might not
be applicants (e.g., owners of a business where a legal entity is the
applicant); or
Implicates the relevant privacy interests of applicants,
related natural persons, or financial institutions.
The collections of information contained in this rule, and
identified as such, have been submitted to OMB for review under section
3507(d) of the PRA. A complete description of the information
collection requirements (including the burden estimate methods) is
provided in the information collection request that the Bureau has
submitted to OMB under the requirements of the PRA. The information
collection request submitted to OMB requesting approval under the PRA
for the information collection requirements contained herein is
available at www.regulations.gov as well as on OMB's public-facing
docket at www.reginfo.gov.
Title of Collection: Regulation B: Equal Credit Opportunity Act.
OMB Control Number: 3170-0013.
Type of Review: Revision of a currently approved collection.
Affected Public: Private Sector; Federal and State Governments.
Estimated Number of Respondents: 2,470 (subpart B only).
Estimated Total Annual Burden Hours: 8,302,000 (subpart B only).
The Bureau will publish a separate Federal Register notice once OMB
concludes its review announcing OMB approval of the information
collections contained in this final rule.
In the NPRM, the Bureau invited comments on: (a) Whether the
collection of information is necessary for the proper performance of
the functions of the Bureau, including whether the information will
have practical utility; (b) the accuracy of the Bureau's estimate of
the burden of the collection of information, including the validity of
the methods and the assumptions used; (c) ways to enhance the quality,
utility, and clarity of the information to be collected; and (d) ways
to minimize the burden of the collection of information on respondents,
including through the use of automated collection techniques or other
forms of information technology.
No comments pertaining specifically to this section were received.
The other comments on the rule generally are summarized above.
XII. Congressional Review Act
Pursuant to the Congressional Review Act,\985\ the Bureau will
submit a report containing this rule and other required information to
the U.S. Senate, the U.S. House of Representatives, and the Comptroller
General of the United States at least 60 days prior to the rule's
published effective date. The Office of Information and Regulatory
Affairs has designated this rule as a ``major rule'' as defined by 5
U.S.C. 804(2).
---------------------------------------------------------------------------
\985\ 5 U.S.C. 801 et seq.
---------------------------------------------------------------------------
List of Subjects in 12 CFR Part 1002
Banks, banking, Civil rights, Consumer protection, Credit, Credit
unions, Marital status discrimination, National banks, Penalties.
Authority and Issuance
For the reasons set forth in the preamble, the Bureau amends
Regulation B, 12 CFR part 1002, as set forth below:
PART 1002--EQUAL CREDIT OPPORTUNITY ACT (REGULATION B)
0
1. The authority citation for part 1002 is revised to read as follows:
Authority: 12 U.S.C. 5512, 5581; 15 U.S.C. 1691b. Subpart B is
also issued under 15 U.S.C. 1691c-2.
0
2. Designate Sec. Sec. 1002.1 through 1002.16 as subpart A under the
following heading:
Subpart A--General
Sec. 1002.1 [Amended
0
3. In Sec. 1002.1 amend the second sentence of paragraph (a) by
removing the phrase ``this part applies'' and adding in its place
``this subpart applies''.
0
4. Section 1002.2 is amended by revising the introductory text to read
as follows:
Sec. 1002.2 Definitions.
For the purposes of this part, unless the context indicates
otherwise or as otherwise defined in subpart B, the following
definitions apply:
* * * * *
0
5. Section 1002.5 is amended by revising the introductory text of
paragraph (a)(4) and adding paragraphs (a)(4)(vii) through (x) to read
as follows:
Sec. 1002.5 Rules concerning requests for information.
(a) * * *
(4) Other permissible collection of information. Notwithstanding
paragraph (b) of this section, a creditor may collect information under
the following circumstances provided that the creditor collects the
information in compliance with Sec. 1002.107(a)(18) and (19) and
accompanying commentary, or appendix B to 12 CFR part 1003, as
applicable:
* * * * *
(vii) A creditor that was required to report small business lending
data pursuant to Sec. 1002.109 for any of the preceding five calendar
years but is not currently a covered financial institution under Sec.
1002.105(b) may collect information pursuant to subpart B of this part
for covered applications from small businesses as defined in Sec. Sec.
1002.103 and 1002.106(b) regarding whether an applicant is a minority-
owned business, a women-owned business, or an LGBTQI+-owned business,
and the ethnicity, race, and sex of the applicant's principal owners if
it complies with the requirements for covered financial institutions
pursuant to Sec. Sec. 1002.107(a)(18) and (19), 1002.108, 1002.111,
and 1002.112 for that
[[Page 35528]]
application. Such a creditor is permitted, but not required, to report
data to the Bureau collected pursuant to subpart B of this part if it
complies with the requirements of subpart B as otherwise required for
covered financial institutions pursuant to Sec. Sec. 1002.109 and
1002.110.
(viii) A creditor that exceeded the loan-volume threshold in the
first year of the two-year threshold period provided in Sec.
1002.105(b) may, in the second year, collect information pursuant to
subpart B of this part for covered applications from small businesses
as defined in Sec. Sec. 1002.103 and 1002.106(b) regarding whether an
applicant is a minority-owned business, a women-owned business, or an
LGBTQI+-owned business, and the ethnicity, race, and sex of the
applicant's principal owners if it complies with the requirements for
covered financial institutions pursuant to Sec. Sec. 1002.107(a)(18)
and (19), 1002.108, 1002.111, and 1002.112 for that application. Such a
creditor is permitted, but not required, to report data to the Bureau
collected pursuant to subpart B of this part if it complies with the
requirements of subpart B as otherwise required for covered financial
institutions pursuant to Sec. Sec. 1002.109 and 1002.110.
(ix) A creditor that is not currently a covered financial
institution under Sec. 1002.105(b), and is not otherwise a creditor to
which Sec. 1002.5(a)(4)(vii) or (viii) applies, may collect
information pursuant to subpart B of this part for covered applications
from small businesses as defined in Sec. Sec. 1002.103 and 1002.106(b)
regarding whether an applicant for a covered credit transaction is a
minority-owned business, a women-owned business, or an LGBTQI+-owned
business, and the ethnicity, race, and sex of the applicant's principal
owners for a transaction if it complies with the requirements for
covered financial institutions pursuant to Sec. Sec. 1002.107 through
1002.112 for that application.
(x) A creditor that is collecting information pursuant to subpart B
of this part or as described in paragraphs (a)(4)(vii) through (ix) of
this section for covered applications from small businesses as defined
in Sec. Sec. 1002.103 and 1002.106(b) regarding whether an applicant
for a covered credit transaction is a minority-owned business, a women-
owned business, or an LGBTQI+-owned business, and the ethnicity, race,
and sex of the applicant's principal owners may also collect that same
information for any co-applicants provided that it also complies with
the relevant requirements of subpart B of this part or as described in
paragraphs (a)(4)(vii) through (ix) of this section with respect to
those co-applicants.
* * * * *
0
6. Section 1002.12 is amended by revising paragraphs (b)(1)
introductory text, (b)(2) introductory text, (b)(3), (4), and (5), and
paragraph (b)(7) introductory text to read as follows:
Sec. 1002.12 Record retention.
* * * * *
(b) * * * (1) Applications. For 25 months (12 months for business
credit, except as provided in paragraph (b)(5) of this section or
otherwise provided for in subpart B of this part) after the date that a
creditor notifies an applicant of action taken on an application or of
incompleteness, the creditor shall retain in original form or a copy
thereof:
* * * * *
(2) Existing accounts. For 25 months (12 months for business
credit, except as provided in paragraph (b)(5) of this section or
otherwise provided for in subpart B of this part) after the date that a
creditor notifies an applicant of adverse action regarding an existing
account, the creditor shall retain as to that account, in original form
or a copy thereof:
* * * * *
(3) Other applications. For 25 months (12 months for business
credit, except as provided in paragraph (b)(5) of this section or
otherwise provided for in subpart B of this part) after the date that a
creditor receives an application for which the creditor is not required
to comply with the notification requirements of Sec. 1002.9, the
creditor shall retain all written or recorded information in its
possession concerning the applicant, including any notation of action
taken.
(4) Enforcement proceedings and investigations. A creditor shall
retain the information beyond 25 months (12 months for business credit,
except as provided in paragraph (b)(5) of this section or otherwise
provided for in subpart B) if the creditor has actual notice that it is
under investigation or is subject to an enforcement proceeding for an
alleged violation of the Act or this part, by the Attorney General of
the United States or by an enforcement agency charged with monitoring
that creditor's compliance with the Act and this part, or if it has
been served with notice of an action filed pursuant to section 706 of
the Act and Sec. 1002.16 of this part. The creditor shall retain the
information until final disposition of the matter, unless an earlier
time is allowed by order of the agency or court.
(5) Special rule for certain business credit applications. With
regard to a business that had gross revenues in excess of $1 million in
its preceding fiscal year, or an extension of trade credit, credit
incident to a factoring agreement, or other similar types of business
credit, the creditor shall retain records for at least 60 days, except
as otherwise provided for in subpart B, after notifying the applicant
of the action taken. If within that time period the applicant requests
in writing the reasons for adverse action or that records be retained,
the creditor shall retain records for 12 months.
* * * * *
(7) Prescreened solicitations. For 25 months after the date on
which an offer of credit is made to potential customers (12 months for
business credit, except as provided in paragraph (b)(5) of this section
or otherwise provided for in subpart B), the creditor shall retain in
original form or a copy thereof:
* * * * *
0
7. Subpart B is added to read as follows:
Subpart B--Small Business Lending Data Collection
Sec.
Sec. 1002.101 Authority, purpose, and scope.
Sec. 1002.102 Definitions.
Sec. 1002.103 Covered applications.
Sec. 1002.104 Covered credit transactions and excluded
transactions.
Sec. 1002.105 Covered financial institutions and exempt
institutions.
Sec. 1002.106 Business and small business.
Sec. 1002.107 Compilation of reportable data.
Sec. 1002.108 Firewall.
Sec. 1002.109 Reporting of data to the Bureau.
Sec. 1002.110 Publication of data and other disclosures.
Sec. 1002.111 Recordkeeping.
Sec. 1002.112 Enforcement.
Sec. 1002.113 Severability.
Sec. 1002.114 Effective date, compliance date, and special
transitional rules.
Subpart B--Small Business Lending Data Collection
Sec. 1002.101 Authority, purpose, and scope.
(a) Authority and scope. This subpart to Regulation B is issued by
the Bureau pursuant to section 704B of the Equal Credit Opportunity Act
(15 U.S.C. 1691c-2). Except as otherwise provided herein, this subpart
applies to covered financial institutions, as defined in Sec.
1002.105(b), other than a person excluded from coverage of this part by
section 1029 of the Consumer Financial Protection Act of 2010, title X
of the Dodd-Frank Wall Street Reform and Consumer Protection Act,
Public Law 111-203, 124 Stat. 1376, 2004 (2010).
(b) Purpose. This subpart implements section 704B of the Equal
Credit
[[Page 35529]]
Opportunity Act, which Congress intended:
(1) To facilitate enforcement of fair lending laws; and
(2) To enable communities, governmental entities, and creditors to
identify business and community development needs and opportunities of
women-owned, minority-owned, and small businesses.
Sec. 1002.102 Definitions.
In this subpart:
(a) Affiliate means, with respect to a financial institution, any
company that controls, is controlled by, or is under common control
with, another company, as set forth in the Bank Holding Company Act of
1956 (12 U.S.C. 1841 et seq.). With respect to a business or an
applicant, affiliate shall have the same meaning as in 13 CFR 121.103.
(b) Applicant means any person who requests or who has received an
extension of business credit from a financial institution.
(c) Business is defined in Sec. 1002.106(a).
(d) Business credit shall have the same meaning as in Sec.
1002.2(g).
(e) Closed-end credit transaction means an extension of business
credit that is not an open-end credit transaction under paragraph (n)
of this section.
(f) Covered application is defined in Sec. 1002.103.
(g) Covered credit transaction is defined in Sec. 1002.104.
(h) Covered financial institution is defined in Sec. 1002.105(b).
(i) Credit shall have the same meaning as in Sec. 1002.2(j).
(j) Financial institution is defined in Sec. 1002.105(a).
(k) LGBTQI+ individual includes an individual who identifies as
lesbian, gay, bisexual, transgender, queer, or intersex.
(l) LGBTQI+-owned business means a business for which one or more
LGBTQI+ individuals hold more than 50 percent of its ownership or
control, and for which more than 50 percent of the net profits or
losses accrue to one or more such individuals.
(m) Minority-owned business means a business for which one or more
American Indian or Alaska Native, Asian, Black or African American,
Native Hawaiian or Other Pacific Islander, or Hispanic or Latino
individuals hold more than 50 percent of its ownership or control, and
for which more than 50 percent of the net profits or losses accrue to
one or more such individuals.
(n) Open-end credit transaction means an open-end credit plan as
defined in Regulation Z, 12 CFR 1026.2(a)(20), but without regard to
whether the credit is consumer credit, as defined in Sec.
1026.2(a)(12), is extended by a creditor, as defined in Sec.
1026.2(a)(17), or is extended to a consumer, as defined in Sec.
1026.2(a)(11).
(o) Principal owner means an individual who directly owns 25
percent or more of the equity interests of a business.
(p) Small business is defined in Sec. 1002.106(b).
(q) Small business lending application register or register means
the data reported, or required to be reported, annually pursuant to
Sec. 1002.109.
(r) State shall have the same meaning as in Sec. 1002.2(aa).
(s) Women-owned business means a business for which more than 50
percent of its ownership or control is held by one or more women, and
more than 50 percent of its net profits or losses accrue to one or more
women.
Sec. 1002.103 Covered applications.
(a) Covered application. Except as provided in paragraph (b) of
this section, covered application means an oral or written request for
a covered credit transaction that is made in accordance with procedures
used by a financial institution for the type of credit requested.
(b) Circumstances that are not covered applications. A covered
application does not include:
(1) Reevaluation, extension, or renewal requests on an existing
business credit account, unless the request seeks additional credit
amounts.
(2) Inquiries and prequalification requests.
Sec. 1002.104 Covered credit transactions and excluded transactions.
(a) Covered credit transaction means an extension of business
credit that is not an excluded transaction under paragraph (b) of this
section.
(b) Excluded transactions. The requirements of this subpart do not
apply to:
(1) Trade credit. A financing arrangement wherein a business
acquires goods or services from another business without making
immediate payment in full to the business providing the goods or
services.
(2) Home Mortgage Disclosure Act (HMDA)-reportable transactions. A
covered loan, or application therefor, as defined by Regulation C, 12
CFR 1003.2(e).
(3) Insurance premium financing. A financing arrangement wherein a
business agrees to pay to a financial institution, in installments, the
principal amount advanced by the financial institution to an insurer or
insurance producer in payment of premium on the business's insurance
contract or contracts, plus charges, and, as security for repayment,
the business assigns to the financial institution certain rights,
obligations, and/or considerations (such as the unearned premiums,
accrued dividends, or loss payments) in its insurance contract or
contracts. Insurance premium financing does not include the financing
of insurance policy premiums obtained in connection with the financing
of goods and services.
(4) Public utilities credit. Public utilities credit as defined in
Sec. 1002.3(a)(1).
(5) Securities credit. Securities credit as defined in Sec.
1002.3(b)(1).
(6) Incidental credit. Incidental credit as defined in Sec.
1002.3(c)(1), but without regard to whether the credit is consumer
credit, as defined in Sec. 1002.2(h).
Sec. 1002.105 Covered financial institutions and exempt institutions.
(a) Financial institution means any partnership, company,
corporation, association (incorporated or unincorporated), trust,
estate, cooperative organization, or other entity that engages in any
financial activity.
(b) Covered financial institution means a financial institution
that originated at least 100 covered credit transactions for small
businesses in each of the two preceding calendar years.
Sec. 1002.106 Business and small business.
(a) Business has the same meaning as the term ``business concern or
concern'' in 13 CFR 121.105.
(b) Small business definition--(1) Small business has the same
meaning as the term ``small business concern'' in 15 U.S.C. 632(a), as
implemented in 13 CFR 121.101 through 121.107. Notwithstanding the size
standards set forth in 13 CFR 121.201, for purposes of this subpart, a
business is a small business if its gross annual revenue, as defined in
Sec. 1002.107(a)(14), for its preceding fiscal year is $5 million or
less.
(2) Inflation adjustment. Every 5 years after January 1, 2025, the
gross annual revenue threshold set forth in paragraph (b)(1) of this
section shall adjust based on changes to the Consumer Price Index for
All Urban Consumers (U.S. city average series for all items, not
seasonally adjusted), as published by the United States Bureau of Labor
Statistics. Any adjustment that takes effect under this paragraph shall
be rounded to the nearest multiple of $500,000. If an adjustment is to
take
[[Page 35530]]
effect, it will do so on January 1 of the following calendar year.
Sec. 1002.107 Compilation of reportable data.
(a) Data format and itemization. A covered financial institution
shall compile and maintain data regarding covered applications from
small businesses. The data shall be compiled in the manner prescribed
herein and the Filing Instructions Guide for this subpart for the
appropriate year. The data compiled shall include the items described
in paragraphs (a)(1) through (20) of this section.
(1) Unique identifier. An alphanumeric identifier, starting with
the legal entity identifier of the financial institution, unique within
the financial institution to the specific covered application, and
which can be used to identify and retrieve the specific file or files
corresponding to the application for or extension of credit.
(2) Application date. The date the covered application was received
or the date shown on a paper or electronic application form.
(3) Application method. The means by which the applicant submitted
the covered application directly or indirectly to the financial
institution.
(4) Application recipient. Whether the applicant submitted the
covered application directly to the financial institution or its
affiliate, or whether the applicant submitted the covered application
indirectly to the financial institution via a third party.
(5) Credit type. The following information regarding the type of
credit applied for or originated:
(i) Credit product. The credit product.
(ii) Guarantees. The type or types of guarantees that were obtained
for an extension of credit, or that would have been obtained if the
covered credit transaction were originated.
(iii) Loan term. The length of the loan term, in months, if
applicable.
(6) Credit purpose. The purpose or purposes of the credit applied
for or originated.
(7) Amount applied for. The initial amount of credit or the initial
credit limit requested by the applicant.
(8) Amount approved or originated. (i) For an application for a
closed-end credit transaction that is approved but not accepted, the
amount approved by the financial institution; or
(ii) For a closed-end credit transaction that is originated, the
amount of credit originated; or
(iii) For an application for an open-end credit transaction that is
originated or approved but not accepted, the amount of the credit limit
approved.
(9) Action taken. The action taken by the financial institution on
the covered application, reported as originated, approved but not
accepted, denied, withdrawn by the applicant, or incomplete.
(10) Action taken date. The date of the action taken by the
financial institution.
(11) Denial reasons. For denied applications, the principal reason
or reasons the financial institution denied the covered application.
(12) Pricing information. The following information regarding the
pricing of a covered credit transaction that is originated or approved
but not accepted, as applicable:
(i) Interest rate. (A) If the interest rate is fixed, the interest
rate that is or would be applicable to the covered credit transaction;
or
(B) If the interest rate is adjustable, the margin, index value,
initial rate period expressed in months (if applicable), and index name
that is or would be applicable to the covered credit transaction;
(ii) Total origination charges. The total amount of all charges
payable directly or indirectly by the applicant and imposed directly or
indirectly by the financial institution at or before origination as an
incident to or a condition of the extension of credit, expressed in
dollars;
(iii) Broker fees. The total amount of all charges included in
paragraph (a)(12)(ii) of this section that are fees paid by the
applicant directly to a broker or to the financial institution for
delivery to a broker, expressed in dollars;
(iv) Initial annual charges. The total amount of all non-interest
charges that are scheduled to be imposed over the first annual period
of the covered credit transaction, expressed in dollars;
(v) Additional cost for merchant cash advances or other sales-based
financing. For a merchant cash advance or other sales-based financing
transaction, the difference between the amount advanced and the amount
to be repaid, expressed in dollars; and
(vi) Prepayment penalties. (A) Notwithstanding whether such a
provision was in fact included, whether the financial institution could
have included a charge to be imposed for paying all or part of the
transaction's principal before the date on which the principal is due
under the policies and procedures applicable to the covered credit
transaction; and
(B) Notwithstanding the response to paragraph (a)(12)(vi)(A) of
this section, whether the terms of the covered credit transaction do in
fact include a charge imposed for paying all or part of the
transaction's principal before the date on which the principal is due.
(13) Census tract. The census tract in which is located:
(i) The address or location where the proceeds of the credit
applied for or originated will be or would have been principally
applied; or
(ii) If the information in paragraph (a)(13)(i) of this section is
unknown, the address or location of the main office or headquarters of
the applicant; or
(iii) If the information in both paragraphs (a)(13)(i) and (ii) of
this section is unknown, another address or location associated with
the applicant.
(iv) The financial institution shall also indicate which one of the
three types of addresses or locations listed in paragraphs (a)(13)(i),
(ii), or (iii) of this section the census tract is based on.
(14) Gross annual revenue. The applicant's gross annual revenue for
its preceding fiscal year.
(15) NAICS code. A 3-digit North American Industry Classification
System (NAICS) code for the applicant.
(16) Number of workers. The number of non-owners working for the
applicant.
(17) Time in business. The time the applicant has been in business.
(18) Minority-owned, women-owned, and LGBTQI+-owned business
statuses. Whether the applicant is a minority-owned, women-owned, and/
or LGBTQI+-owned business. When requesting minority-owned, women-owned,
and LGBTQI+-owned business statuses from an applicant, the financial
institution shall inform the applicant that the financial institution
cannot discriminate on the basis of minority-owned, women-owned, or
LGBTQI+-owned business statuses, or on whether the applicant provides
this information.
(19) Ethnicity, race, and sex of principal owners. The ethnicity,
race, and sex of the applicant's principal owners. When requesting
ethnicity, race, and sex information from an applicant, the financial
institution shall inform the applicant that the financial institution
cannot discriminate on the basis of a principal owner's ethnicity,
race, or sex, or on whether the applicant provides this information.
(20) Number of principal owners. The number of the applicant's
principal owners.
(b) Reliance on and verification of applicant-provided data. Unless
otherwise provided in this subpart, the financial institution may rely
on information from the applicant, or appropriate third-party sources,
when compiling data. If the financial institution verifies applicant-
provided data, however, it shall report the verified data.
[[Page 35531]]
(c) Time and manner of collection--(1) In general. A covered
financial institution shall not discourage an applicant from responding
to requests for applicant-provided data under paragraph (a) of this
section and shall otherwise maintain procedures to collect such data at
a time and in a manner that are reasonably designed to obtain a
response.
(2) Applicant-provided data collected directly from the applicant.
For data collected directly from the applicant, procedures that are
reasonably designed to obtain a response shall include provisions for
the following:
(i) The initial request for applicant-provided data occurs prior to
notifying an applicant of final action taken on a covered application;
(ii) The request for applicant-provided data is prominently
displayed or presented;
(iii) The collection does not have the effect of discouraging an
applicant from responding to a request for applicant-provided data; and
(iv) Applicants can easily respond to a request for applicant-
provided data.
(3) Procedures to monitor compliance. A covered financial
institution shall maintain procedures to identify and respond to
indicia of potential discouragement, including low response rates for
applicant-provided data.
(4) Low response rates. A low response rate for applicant-provided
data may indicate discouragement or other failure by a covered
financial institution to maintain procedures to collect applicant-
provided data that are reasonably designed to obtain a response.
(d) Previously collected data. A covered financial institution is
permitted, but not required, to reuse previously collected data to
satisfy paragraphs (a)(13) through (20) of this section if:
(1) To satisfy paragraphs (a)(13) and (a)(15) through (20) of this
section, the data were collected within the 36 months preceding the
current covered application, or to satisfy paragraph (a)(14) of this
section, the data were collected within the same calendar year as the
current covered application; and
(2) The financial institution has no reason to believe the data are
inaccurate.
Sec. 1002.108 Firewall.
(a) Definitions. For purposes of this section, the following terms
shall have the following meanings:
(1) Involved in making any determination concerning a covered
application from a small business means participating in a decision
regarding the evaluation of a covered application from a small business
or the creditworthiness of a small business applicant for a covered
credit transaction.
(2) Should have access means that an employee or officer may need
to collect, see, consider, refer to, or otherwise use the information
to perform that employee's or officer's assigned job duties.
(b) Prohibition on access to certain information. Unless the
exception under paragraph (c) of this section applies, an employee or
officer of a covered financial institution or a covered financial
institution's affiliate shall not have access to an applicant's
responses to inquiries that the financial institution makes pursuant to
this subpart regarding whether the applicant is a minority-owned
business, a women-owned business, or an LGBTQI+-owned business under
Sec. 1002.107(a)(18), and regarding the ethnicity, race, and sex of
the applicant's principal owners under Sec. 1002.107(a)(19), if that
employee or officer is involved in making any determination concerning
that applicant's covered application.
(c) Exception to the prohibition on access to certain information.
The prohibition in paragraph (b) of this section shall not apply to an
employee or officer if the financial institution determines that it is
not feasible to limit that employee's or officer's access to an
applicant's responses to the financial institution's inquiries under
Sec. 1002.107(a)(18) or (19) and the financial institution provides
the notice required under paragraph (d) of this section to the
applicant. It is not feasible to limit access as required pursuant to
paragraph (b) of this section if the financial institution determines
that an employee or officer involved in making any determination
concerning a covered application from a small business should have
access to one or more applicants' responses to the financial
institution's inquiries under Sec. 1002.107(a)(18) or (19).
(d) Notice. In order to satisfy the exception set forth in
paragraph (c) of this section, a financial institution shall provide a
notice to each applicant whose responses will be accessed, informing
the applicant that one or more employees or officers involved in making
determinations concerning the covered application may have access to
the applicant's responses to the financial institution's inquiries
regarding whether the applicant is a minority-owned business, a women-
owned business, or an LGBTQI+-owned business, and regarding the
ethnicity, race, and sex of the applicant's principal owners. The
financial institution shall provide the notice required by this
paragraph (d) when making the inquiries required under Sec.
1002.107(a)(18) and (19) and together with the notices required
pursuant to Sec. 1002.107(a)(18) and (19).
Sec. 1002.109 Reporting of data to the Bureau.
(a) Reporting to the Bureau--(1) Annual reporting. (i) On or before
June 1 following the calendar year for which data are compiled and
maintained as required by Sec. 1002.107, a covered financial
institution shall submit its small business lending application
register in the format prescribed by the Bureau.
(ii) An authorized representative of the covered financial
institution with knowledge of the data shall certify to the accuracy
and completeness of the data reported pursuant to this paragraph (a).
(iii) When the last day for submission of data prescribed under
paragraph (a)(1) of this section falls on a Saturday or Sunday, a
submission shall be considered timely if it is submitted on the next
succeeding Monday.
(2) Reporting by subsidiaries. A covered financial institution that
is a subsidiary of another covered financial institution shall complete
a separate small business lending application register. The subsidiary
shall submit its small business lending application register, directly
or through its parent, to the Bureau.
(3) Reporting obligations where multiple financial institutions are
involved in a covered credit transaction. Where it is necessary for
more than one financial institution to make a credit decision in order
to approve a single covered credit transaction, only the last covered
financial institution with authority to set the material terms of the
covered credit transaction is required to report the application.
Financial institutions report the actions of their agents.
(b) Financial institution identifying information. A financial
institution shall provide each of the following with its submission:
(1) Its name.
(2) Its headquarters address.
(3) The name and business contact information of a person that the
Bureau or other regulators may contact about the financial
institution's submission.
(4) Its Federal prudential regulator, if applicable.
(5) Its Federal Taxpayer Identification Number (TIN).
(6) Its Legal Entity Identifier (LEI).
(7) Its Research, Statistics, Supervision, and Discount
[[Page 35532]]
identification (RSSD ID) number, if applicable.
(8) Parent entity information, if applicable, including:
(i) The name of the immediate parent entity;
(ii) The LEI of the immediate parent entity, if available;
(iii) The RSSD ID number of the immediate parent entity, if
available;
(iv) The name of the top-holding parent entity;
(v) The LEI of the top-holding parent entity, if available; and
(vi) The RSSD ID number of the top-holding parent entity, if
available.
(9) The type of financial institution that it is, indicated by
selecting the appropriate type or types of institution from the list
provided.
(10) Whether the financial institution is voluntarily reporting
covered applications from small businesses.
(c) Procedures for the submission of data to the Bureau. The Bureau
shall make available a Filing Instructions Guide, containing technical
instructions for the submission of data to the Bureau pursuant to this
section, as well as any related materials, at https://www.consumerfinance.gov/data-research/small-business-lending/filing-instructions-guide/.
Sec. 1002.110 Publication of data and other disclosures.
(a) Publication of small business lending application registers and
associated financial institution information. The Bureau shall make
available to the public generally the data reported to it by financial
institutions pursuant to Sec. 1002.109, subject to deletions or
modifications made by the Bureau if the Bureau determines that the
deletion or modification of the data would advance a privacy interest.
The Bureau shall make such data available on an annual basis.
(b) Publication of aggregate data. The Bureau may compile and
aggregate data submitted by financial institutions pursuant to Sec.
1002.109, and make any compilations or aggregations of such data
publicly available as the Bureau deems appropriate.
(c) Statement of financial institution's small business lending
data available on the Bureau's website. A covered financial institution
shall make available to the public on its website, or otherwise upon
request, a statement that the covered financial institution's small
business lending application register, as modified by the Bureau
pursuant to Sec. 1002.110(a), is or will be available from the Bureau.
A financial institution shall use language provided by the Bureau, or
substantially similar language, to satisfy the requirement to provide a
statement pursuant to this paragraph (c).
(d) Availability of statements. A covered financial institution
shall make the notice required by paragraph (c) of this section
available to the public on its website when it submits a small business
lending application register to the Bureau pursuant to Sec.
1002.109(a)(1), and shall maintain the notice for as long as it has an
obligation to retain its small business lending application registers
pursuant to Sec. 1002.111(a).
(e) Further disclosure prohibited--(1) Disclosure by a financial
institution. A financial institution shall not disclose or provide to a
third party the information it collects pursuant to Sec.
1002.107(a)(18) and (19) except to further compliance with the Act or
this part or as required by law.
(2) Disclosure by a third party. A third party that obtains
information collected pursuant to Sec. 1002.107(a)(18) and (19) for
the purpose of furthering compliance with the Act or this part is
prohibited from any further disclosure of such information except to
further compliance with the Act or this part or as required by law.
Sec. 1002.111 Recordkeeping.
(a) Record retention. A covered financial institution shall retain
evidence of compliance with this subpart, which includes a copy of its
small business lending application register, for at least three years
after the register is required to be submitted to the Bureau pursuant
to Sec. 1002.109.
(b) Certain information kept separate from the rest of the
application. A financial institution shall maintain, separately from
the rest of the application and accompanying information, an
applicant's responses to the financial institution's inquiries pursuant
to this subpart regarding whether an applicant for a covered credit
transaction is a minority-owned business, a women-owned business, and/
or an LGBTQI+-owned business under Sec. 1002.107(a)(18), and regarding
the ethnicity, race, and sex of the applicant's principal owners under
Sec. 1002.107(a)(19).
(c) Limitation on personally identifiable information in certain
records retained under this section. In reporting a small business
lending application register pursuant to Sec. 1002.109, maintaining
the register pursuant to paragraph (a) of this section, and maintaining
a separate record of information pursuant to paragraph (b) of this
section, a financial institution shall not include any name, specific
address, telephone number, email address, or any other personally
identifiable information concerning any individual who is, or is
connected with, an applicant, other than as required pursuant to Sec.
1002.107 or paragraph (b) of this section.
Sec. 1002.112 Enforcement.
(a) Administrative enforcement and civil liability. A violation of
section 704B of the Act or this subpart is subject to administrative
sanctions and civil liability as provided in sections 704 (15 U.S.C.
1691c) and 706 (15 U.S.C. 1691e) of the Act, where applicable.
(b) Bona fide errors. A bona fide error in compiling, maintaining,
or reporting data with respect to a covered application is one that was
unintentional and occurred despite the maintenance of procedures
reasonably adapted to avoid such an error. A bona fide error is not a
violation of the Act or this subpart. A financial institution is
presumed to maintain procedures reasonably adapted to avoid such errors
with respect to a given data field if the number of errors found in a
random sample of the financial institution's submission for the data
field does not equal or exceed a threshold specified by the Bureau for
this purpose in appendix F to this part. However, an error is not a
bona fide error if either there is a reasonable basis to believe the
error was intentional or there is evidence that the financial
institution does not or has not maintained procedures reasonably
adapted to avoid such errors.
(c) Safe harbors--(1) Incorrect entry for application date. A
financial institution does not violate the Act or this subpart if it
reports on its small business lending application register an
application date that is within three business days of the actual
application date pursuant to Sec. 1002.107(a)(2).
(2) Incorrect entry for census tract. An incorrect entry for census
tract is not a violation of the Act or this subpart if the financial
institution obtained the census tract by correctly using a geocoding
tool provided by the FFIEC or the Bureau.
(3) Incorrect entry for NAICS code. An incorrect entry for a 3-
digit NAICS code is not a violation of the Act or this subpart,
provided that the financial institution obtained the 3-digit NAICS code
by:
(i) Relying on an applicant's representations or on an appropriate
third-party source, in accordance with Sec. 1002.107(b), regarding the
NAICS code; or
(ii) Identifying the NAICS code itself, provided that the financial
institution maintains procedures reasonably adapted to correctly
identify a 3-digit NAICS code.
[[Page 35533]]
(4) Incorrect determination of small business status, covered
credit transaction, or covered application. A financial institution
that initially collects data regarding whether an applicant for a
covered credit transaction is a minority-owned business, a women-owned
business, or an LGBTQI+-owned business, and the ethnicity, race, and
sex of the applicant's principal owners pursuant to Sec.
1002.107(a)(18) and (19) but later concludes that it should not have
collected such data does not violate the Act or this regulation if the
financial institution, at the time it collected this data, had a
reasonable basis for believing that the application was a covered
application for a covered credit transaction from a small business
pursuant to Sec. Sec. 1002.103, 1002.104, and 1002.106, respectively.
A financial institution seeking to avail itself of this safe harbor
shall comply with the requirements of this subpart as otherwise
required pursuant to Sec. Sec. 1002.107, 1002.108, and 1002.111 with
respect to the collected data.
Sec. 1002.113 Severability.
If any provision of this subpart, or any application of a
provision, is stayed or determined to be invalid, the remaining
provisions or applications are severable and shall continue in effect.
Sec. 1002.114 Effective date, compliance date, and special
transitional rules.
(a) Effective date. The effective date for this subpart is August
29, 2023.
(b) Compliance date. The dates by which covered financial
institutions are initially required to comply with the requirements of
this subpart are as follows:
(1) A covered financial institution that originated at least 2,500
covered credit transactions for small businesses in each of calendar
years 2022 and 2023 shall comply with the requirements of this subpart
beginning October 1, 2024.
(2) A covered financial institution that is not subject to
paragraph (b)(1) of this section and that originated at least 500
covered credit transactions for small businesses in each of calendar
years 2022 and 2023 shall comply with the requirements of this subpart
beginning April 1, 2025.
(3) A covered financial institution that is not subject to
paragraphs (b)(1) or (2) of this section and that originated at least
100 covered credit transactions for small businesses in each of
calendar years 2022 and 2023 shall comply with the requirements of this
subpart beginning January 1, 2026.
(4) A financial institution that did not originate at least 100
covered credit transactions for small businesses in each of calendar
years 2022 and 2023 but subsequently originates at least 100 such
transactions in two consecutive calendar years shall comply with the
requirements of this subpart in accordance with Sec. 1002.105(b), but
in any case no earlier than January 1, 2026.
(c) Special transitional rules--(1) Collection of certain
information prior to a financial institution's compliance date. A
financial institution as described in paragraphs (b)(1), (2), or (3) of
this section is permitted, but not required, to collect information
regarding whether an applicant for a covered credit transaction is a
minority-owned business, a women-owned business, and/or an LGBTQI+-
owned business under Sec. 1002.107(a)(18), and the ethnicity, race,
and sex of the applicant's principal owners under Sec. 1002.107(a)(19)
beginning 12 months prior to its applicable compliance date as set
forth in paragraphs (b)(1), (2), or (3) of this section. A financial
institution collecting such information pursuant to this paragraph
(c)(1) must do so in accordance with the requirements set out in
Sec. Sec. 1002.107(a)(18) and (19), 1002.108, and 1002.111(b) and (c).
(2) Determining which compliance date applies to a financial
institution that does not collect information sufficient to determine
small business status. A financial institution that is unable to
determine the number of covered credit transactions it originated for
small businesses in each of calendar years 2022 and 2023 for purposes
of determining its compliance date pursuant to paragraph (b) of this
section, because for some or all of this period it does not have
readily accessible the information needed to determine whether its
covered credit transactions were originated for small businesses as
defined in Sec. 1002.106(b), is permitted to use any reasonable method
to estimate its originations to small businesses for either or both of
the calendar years 2022 and 2023.
[[Page 35534]]
0
7. Appendices E and F are added to read as follows:
Appendix E to Part 1002--Sample Form for Collecting Certain Applicant-
Provided Data Under Subpart B
BILLING CODE 4810-AM-P
[GRAPHIC] [TIFF OMITTED] TR31MY23.211
[[Page 35535]]
[GRAPHIC] [TIFF OMITTED] TR31MY23.212
BILLING CODE 4810-AM-C
Appendix F to Part 1002--Tolerances for Bona Fide Errors in Data
Reported Under Subpart B
As set out in Sec. 1002.112(b) and in comment 112(b)-1, a
financial institution is presumed to maintain procedures reasonably
adapted to avoid errors with respect to a given data field if the
number of errors found in a random sample of a financial
institution's data submission for a given data field do not equal or
exceed the threshold in column C of the following table (Table 1,
Tolerance Thresholds for Bona Fide Errors):
[[Page 35536]]
Table 1 to Appendix F--Tolerance Thresholds for Bona Fide Errors
----------------------------------------------------------------------------------------------------------------
Random sample
Small business lending application register count size \986\ Threshold (#) Threshold (%)
(A) (B) (C) (D)
----------------------------------------------------------------------------------------------------------------
100-130........................................................ 47 3 6.4
131-190........................................................ 56 3 5.4
191-500........................................................ 59 3 5.1
501-100,000.................................................... 79 4 5.1
100,001+....................................................... 159 4 2.5
----------------------------------------------------------------------------------------------------------------
The size of the random sample, under column B, shall depend on
the size of the financial institution's small business lending
application register, as shown in column A of the Threshold Table.
---------------------------------------------------------------------------
\986\ For a financial institution with fewer than 30 entries in
its small business lending application register, the full sample
size is the financial institution's total number of entries. The
threshold number for such financial institutions remains three.
Accordingly, the threshold percentage will be higher for financial
institutions with fewer than 30 entries in their registers
---------------------------------------------------------------------------
The thresholds in column C of the Threshold Table reflect the
number of unintentional errors a financial institution may make
within a particular data field (e.g., the credit product data field
within the credit type data point or the ethnicity data field for a
particular principal owner within the ethnicity, race, and sex of
principal owners data point) in a small business lending application
register that would be deemed bona fide errors for purposes of Sec.
1002.112(b).
For instance, a financial institution that submitted a small
business lending application register containing 105 applications
would be subject to a threshold of three errors per data field. If
the financial institution had made two errors in reporting loan
amount and two errors reporting gross annual income, all of these
errors would be covered by the bona fide error provision of Sec.
1002.112(b) and would not constitute a violation of the Act or this
part. If the same financial institution had made four errors in
reporting loan amount and two errors reporting gross annual income,
the bona fide error provision of Sec. 1002.112(b) would not apply
to the four loan amount errors but would still apply to the two
gross annual income errors.
Even when the number of errors in a particular data field do not
equal or exceed the threshold in column C, if either there is a
reasonable basis to believe that errors in that field were
intentional or there is evidence that the financial institution did
not maintain procedures reasonably adapted to avoid such errors,
then the errors are not bona fide errors under Sec. 1002.112(b).
For purposes of determining bona fide errors under Sec.
1002.112(b), the term ``data field'' generally refers to individual
fields. Some data fields may allow for more than one response. For
example, with respect to information on the ethnicity or race of an
applicant's principal owners, a data field may identify more than
one race or more than one ethnicity for a given person. If one or
more of the ethnicities or races identified in a data field are
erroneous, they count as one (and only one) error for that data
field.
0
8. In Supplement I to part 1002:
0
a. Under Section 1002.5--Rules Concerning Requests for Information,
revise Paragraph 5(a)(2) and Paragraph 5(a)(4);
0
b. Under Section 1002.12--Record Retention, revise 12(b)(7)
Preapplication marketing information;
0
c. Under Section 1002.13--Information for Monitoring Purposes, revise
13(b) Obtaining of information; and
0
d. Add: Section 1002.102--Definitions; Section 1002.103--Covered
Applications; Section 1002.104--Covered Credit Transactions and
Excluded Transactions; Section 1002.105--Covered Financial Institutions
and Exempt Institutions; Section 1002.106--Business and Small Business;
Section 1002.107--Compilation of Reportable Data; Section 1002.108--
Firewall; Section 1002.109--Reporting of Data to the Bureau; Section
1002.110--Publication of Data and Other Disclosures; Section 1002.111--
Recordkeeping; Section 1002.112--Enforcement; and Section 1002.114--
Effective Date, Compliance Date, and Special Transition Rules.
The revisions and additions read as follows:
Supplement I to Part 1002--Official Interpretations
* * * * *
Section 1002.5--Rules Concerning Requests for Information
* * * * *
5(a)(2) Required Collection of Information
1. Local laws. Information that a creditor is allowed to collect
pursuant to a ``state'' statute or regulation includes information
required by a local statute, regulation, or ordinance.
2. Information required by Regulation C. Regulation C, 12 CFR part
1003, generally requires creditors covered by the Home Mortgage
Disclosure Act (HMDA) to collect and report information about the race,
ethnicity, and sex of applicants for certain dwelling-secured loans,
including some types of loans not covered by Sec. 1002.13.
3. Collecting information on behalf of creditors. Persons such as
loan brokers and correspondents do not violate the ECOA or Regulation B
if they collect information that they are otherwise prohibited from
collecting, where the purpose of collecting the information is to
provide it to a creditor that is subject to subpart B of this part, the
Home Mortgage Disclosure Act, or another Federal or State statute or
regulation requiring data collection.
4. Information required by subpart B. Subpart B of this part
generally requires creditors that are covered financial institutions as
defined in Sec. 1002.105(b) to collect and report information about
the ethnicity, race, and sex of the principal owners of applicants for
certain small business credit, as well as whether the applicant is a
minority-owned business, a women-owned business, or an LGBTQI+-owned
business, as defined in Sec. 1002.102(m), (s), and (l), respectively.
5(a)(4) Other Permissible Collection of Information
1. Other permissible collection of information. Information
regarding ethnicity, race, and sex that is not required to be collected
pursuant to Regulation C, 12 CFR part 1003, or subpart B of this part,
may nevertheless be collected under the circumstances set forth in
Sec. 1002.5(a)(4) without violating Sec. 1002.5(b). The information
collected pursuant to 12 CFR part 1003 must be retained pursuant to the
requirements of Sec. 1002.12. The information collected pursuant to
subpart B of this part must be retained pursuant to the requirements
set forth in Sec. 1002.111.
* * * * *
Section 1002.12--Record Retention
* * * * *
12(b) Preservation of Records
* * * * *
[[Page 35537]]
12(b)(7) Preapplication Marketing Information
1. Prescreened credit solicitations. The rule requires creditors to
retain copies of prescreened credit solicitations. For purposes of this
part, a prescreened solicitation is an ``offer of credit'' as described
in 15 U.S.C. 1681a(1) of the Fair Credit Reporting Act. A creditor
complies with Sec. 1002.12(b)(7) if it retains a copy of each
solicitation mailing that contains different terms, such as the amount
of credit offered, annual percentage rate, or annual fee.
2. List of criteria. A creditor must retain the list of criteria
used to select potential recipients. This includes the criteria used by
the creditor both to determine the potential recipients of the
particular solicitation and to determine who will actually be offered
credit.
3. Correspondence. A creditor may retain correspondence relating to
consumers' complaints about prescreened solicitations in any manner
that is reasonably accessible and is understandable to examiners. There
is no requirement to establish a separate database or set of files for
such correspondence, or to match consumer complaints with specific
solicitation programs.
* * * * *
Section 1002.13--Information for Monitoring Purposes
* * * * *
13(b) Obtaining of Information
1. Forms for collecting data. A creditor may collect the
information specified in Sec. 1002.13(a) either on an application form
or on a separate form referring to the application. Appendix B to this
part provides for two alternative data collection model forms for use
in complying with the requirements of Sec. 1002.13(a)(1)(i) and (ii)
to collect information concerning an applicant's ethnicity, race, and
sex. When a creditor collects ethnicity and race information pursuant
to Sec. 1002.13(a)(1)(i)(A), the applicant must be offered the option
to select more than one racial designation. When a creditor collects
ethnicity and race information pursuant to Sec. 1002.13(a)(1)(i)(B),
the applicant must be offered the option to select more than one
ethnicity designation and more than one racial designation.
2. Written applications. The regulation requires written
applications for the types of credit covered by Sec. 1002.13. A
creditor can satisfy this requirement by recording on paper or by means
of computer the information that the applicant provides orally and that
the creditor normally considers in a credit decision.
3. Telephone, mail applications. i. A creditor that accepts an
application by telephone or mail must request the monitoring
information.
ii. A creditor that accepts an application by mail need not make a
special request for the monitoring information if the applicant has
failed to provide it on the application form returned to the creditor.
iii. If it is not evident on the face of an application that it was
received by mail, telephone, or via an electronic medium, the creditor
should indicate on the form or other application record how the
application was received.
4. Video and other electronic-application processes. i. If a
creditor takes an application through an electronic medium that allows
the creditor to see the applicant, the creditor must treat the
application as taken in person. The creditor must note the monitoring
information on the basis of visual observation or surname, if the
applicant chooses not to provide the information.
ii. If an applicant applies through an electronic medium without
video capability, the creditor treats the application as if it were
received by mail.
5. Applications through loan-shopping services. When a creditor
receives an application through an unaffiliated loan-shopping service,
it does not have to request the monitoring information for purposes of
the ECOA or subpart A of this Regulation B. Creditors subject to the
Home Mortgage Disclosure Act should be aware, however, that data
collection may be called for under Regulation C (12 CFR part 1003),
which generally requires creditors to report, among other things, the
sex and race of an applicant on brokered applications or applications
received through a correspondent. Similarly, creditors that are covered
financial institutions under subpart B of this Regulation may also be
required to collect, report, and maintain certain data, as set forth in
subpart B of this Regulation.
6. Inadvertent notation. If a creditor inadvertently obtains the
monitoring information in a dwelling-related transaction not covered by
Sec. 1002.13, the creditor may process and retain the application
without violating the regulation.
* * * * *
Section 1002.102--Definitions
102(b) Applicant
1. General. In no way are the limitations to the term applicant in
Sec. 1002.102(b) of subpart B intended to repeal, abrogate, annul,
impair, change, or interfere with the scope of the term applicant in
Sec. 1002.2(e) as applicable to subpart A.
102(l) LGBTQI+-Owned Business
1. General. In order to be an LGBTQI+-owned business for purposes
of subpart B of this part, a business must satisfy both prongs of the
definition of LGBTQI+-owned business. First, one or more LGBTQI+
individuals must own or control more than 50 percent of the business.
However, it is not necessary that one or more LGBTQI+ individuals both
own and control more than 50 percent of the business. For example, a
business that is owned entirely by one or more LGBTQI+ individuals but
is not controlled by any one or more such individuals satisfies the
first prong of the definition. Similarly, a business that is controlled
by an LGBTQI+ individual satisfies this first prong of the definition,
even if none of the individuals with ownership in the business are
LGBTQI+ individuals. If a business does not satisfy this first prong of
the definition, it is not an LGBTQI+-owned business. Second, 50 percent
or more of the net profits or losses must accrue to one or more LGBTQI+
individuals. If a business does not satisfy this second prong of the
definition, it is not an LGBTQI+-owned business, regardless of whether
it satisfies the first prong of the definition.
2. Purpose of definition. The definition of LGBTQI+-owned business
is used only when an applicant determines if it is an LGBTQI+-owned
business for purposes of Sec. 1002.107(a)(18). A financial institution
shall provide an applicant with the definition of LGBTQI+-owned
business when asking the applicant to provide its LGBTQI+-owned
business status pursuant to Sec. 1002.107(a)(18). A financial
institution satisfies this requirement if it provides the definition as
set forth in the sample data collection form in appendix E. The
financial institution must provide additional clarification by
referencing the definition of LGBTQI+ individual as set forth in Sec.
1002.102(k) if asked by the applicant. The financial institution is
neither permitted nor required to make its own determination regarding
the applicant's LGBTQI+-owned business status.
3. Further clarifications of terms used in the definition of
LGBTQI+-owned
[[Page 35538]]
business. In order to assist an applicant when determining whether it
is an LGBTQI+-owned business, a financial institution may provide the
applicant with the definitions of ownership, control, and accrual of
net profits or losses and related concepts set forth in comments
102(l)-4 through -6. A financial institution may assist an applicant
when the applicant is determining its LGBTQI+-owned business status but
is not required to do so. For purposes of reporting an applicant's
status, a financial institution relies on the applicant's
determinations of its ownership, control, and accrual of net profits
and losses.
4. Ownership. For purposes of determining if a business is an
LGBTQI+-owned business, an individual owns a business if that
individual directly or indirectly, through any contract, arrangement,
understanding, relationship or otherwise, has an equity interest in the
business. Examples of ownership include being the sole proprietor of a
sole proprietorship, directly or indirectly owning or holding the stock
of a corporation or company, directly or indirectly having a
partnership interest in a business, or directly or indirectly having a
membership interest in a limited liability company. Indirect as well as
direct ownership are used when determining ownership for purposes of
Sec. Sec. 1002.102(l) and 1002.107(a)(18). Thus, where applicable,
ownership must be traced through corporate or other indirect ownership
structures. For example, assume that the applicant is company A. If
company B owns 60 percent of applicant company A and an individual owns
100 percent of company B, the individual owns 60 percent of applicant
company A. Similarly, if an individual directly owns 20 percent of
applicant company A and is an equal partner in partnership B that owns
the remaining 80 percent of applicant company A, the individual owns 60
percent of applicant company A (i.e., 20 percent due through direct
ownership and 40 percent indirectly through partnership B). A trustee
is considered the owner of the trust. Thus, if a trust owns a business
and the trust has two co-trustees, each co-trustee owns 50 percent of
the business.
5. Control. An individual controls a business if that individual
has significant responsibility to manage or direct the business. An
individual controls a business if the individual is an executive
officer or senior manager (e.g., a chief executive officer, chief
financial officer, chief operating officer, managing member, general
partner, president, vice president, or treasurer) or regularly performs
similar functions. Additionally, a business may be controlled by two or
more LGBTQI+ individuals if those individuals collectively control the
business, such as constituting a majority of the board of directors or
a majority of the partners of a partnership.
6. Accrual of net profits or losses. A business's net profits and
losses accrue to an individual if that individual receives the net
profits or losses, is legally entitled or required to receive the net
profits or losses, or is legally entitled or required to recognize the
net profits or losses for tax purposes.
102(m) Minority-Owned Business
1. General. In order to be a minority-owned business for purposes
of subpart B of this part, a business must satisfy both prongs of the
definition of minority-owned business. First, one or more American
Indian or Alaska Native, Asian, Black or African American, Native
Hawaiian or Other Pacific Islander, or Hispanic or Latino individuals
must own or control more than 50 percent of the business. However, it
is not necessary that one or more American Indian or Alaska Native,
Asian, Black or African American, Native Hawaiian or Other Pacific
Islander, or Hispanic or Latino individuals both own and control more
than 50 percent of the business. For example, a business that is owned
entirely, but is not controlled by, individuals belonging to one of
these groups satisfies the first prong of the definition. Similarly, a
business that is controlled by an American Indian or Alaska Native,
Asian, Black or African American, Native Hawaiian or Other Pacific
Islander, or Hispanic or Latino individual satisfies this first prong
of the definition, even if none of the individuals with ownership in
the business are American Indian or Alaska Native, Asian, Black or
African American, Native Hawaiian or Other Pacific Islander, or
Hispanic or Latino. If a business does not satisfy this first prong of
the definition, it is not a minority-owned business. Second, 50 percent
or more of the net profits or losses must accrue to one or more
individuals belonging to these groups. If a business does not satisfy
this second prong of the definition, it is not a minority-owned
business, regardless of whether it satisfies the first prong of the
definition.
2. Purpose of definition. The definition of minority-owned business
is used only when an applicant determines if it is a minority-owned
business for purposes of Sec. 1002.107(a)(18). A financial institution
shall provide an applicant with the definition of minority-owned
business when asking the applicant to provide its minority-owned
business status pursuant to Sec. 1002.107(a)(18), but the financial
institution is neither permitted nor required to make its own
determination regarding the applicant's minority-owned business status.
3. Further clarifications of terms used in the definition of
minority-owned business. In order to assist an applicant when
determining whether it is a minority-owned business, a financial
institution may provide the applicant with the definitions of
ownership, control, and accrual of net profits or losses and related
concepts set forth in comments 102(m)-4 through -6. A financial
institution may assist an applicant when the applicant is determining
its minority-owned business status but is not required to do so. For
purposes of reporting an applicant's status, a financial institution
relies on the applicant's determinations of its ownership, control, and
accrual of net profits and losses.
4. Ownership. For purposes of determining if a business is a
minority-owned business, an individual owns a business if that
individual directly or indirectly, through any contract, arrangement,
understanding, relationship or otherwise, has an equity interest in the
business. Examples of ownership include being the sole proprietor of a
sole proprietorship, directly or indirectly owning or holding the stock
of a corporation or company, directly or indirectly having a
partnership interest in a business, or directly or indirectly having a
membership interest in a limited liability company. Indirect as well as
direct ownership are used when determining ownership for purposes of
Sec. Sec. 1002.102(m) and 1002.107(a)(18). Thus, where applicable,
ownership must be traced through corporate or other indirect ownership
structures. For example, assume that the applicant is company A. If
company B owns 60 percent of applicant company A and an individual owns
100 percent of company B, the individual owns 60 percent of applicant
company A. Similarly, if an individual directly owns 20 percent of
applicant company A and is an equal partner in partnership B that owns
the remaining 80 percent of applicant company A, the individual owns 60
percent of applicant company A (i.e., 20 percent due through direct
ownership and 40 percent indirectly through partnership B). A trustee
is considered the owner of the trust. Thus, if a trust owns a business
and the trust
[[Page 35539]]
has two co-trustees, each co-trustee owns 50 percent of the business.
5. Control. An individual controls a business if that individual
has significant responsibility to manage or direct the business. An
individual controls a business if the individual is an executive
officer or senior manager (e.g., a chief executive officer, chief
financial officer, chief operating officer, managing member, general
partner, president, vice president, or treasurer) or regularly performs
similar functions. Additionally, a business may be controlled by two or
more American Indian or Alaska Native, Asian, Black or African
American, Native Hawaiian or Other Pacific Islander, or Hispanic or
Latino individuals if those individuals collectively control the
business, such as constituting a majority of the board of directors or
a majority of the partners of a partnership.
6. Accrual of net profits or losses. A business's net profits and
losses accrue to an individual if that individual receives the net
profits or losses, is legally entitled or required to receive the net
profits or losses, or is legally entitled or required to recognize the
net profits or losses for tax purposes.
7. Multi-racial and multi-ethnic individuals. For purposes of
subpart B of this part, an individual who is multi-racial or multi-
ethnic constitutes an individual for whom the definition of minority-
owned business may apply, depending on whether the individual meets the
other requirements of the definition. For example, an individual who is
both Asian and White is an individual for whom the definition of
minority-owned business shall apply if the individual meets the other
requirements of the definition related to ownership or control and
accrual of profits or losses.
8. Relationship to disaggregated subcategories used to determine
ethnicity and race of principal owners. The ethnicity and race
categories used in this section are aggregate ethnicity (Hispanic or
Latino) and race (American Indian or Alaska Native, Asian, Black or
African American, and Native Hawaiian or Other Pacific Islander)
categories. Those ethnicity and race categories are the same aggregate
categories used (along with Not Hispanic or Latino for ethnicity, and
White for race) to collect an applicant's principal owners' ethnicity
and race pursuant to Sec. 1002.107(a)(19).
102(o) Principal Owner
1. Individual. Only an individual can be a principal owner of a
business for purposes of subpart B of this part. Entities, such as
trusts, partnerships, limited liability companies, and corporations,
are not principal owners for this purpose. Additionally, an individual
must directly own an equity share of 25 percent or more in the business
in order to be a principal owner. Unlike the determination of ownership
for purposes of collecting and reporting minority-owned business
status, women-owned business status, and LGBTQI+-owned business status,
indirect ownership is not considered when determining if someone is a
principal owner for purposes of collecting and reporting principal
owners' ethnicity, race, and sex or the number of principal owners.
Thus, when determining who is a principal owner, ownership is not
traced through multiple corporate structures to determine if an
individual owns 25 percent or more of the equity interests. For
example, if individual A directly owns 20 percent of a business,
individual B directly owns 20 percent, and partnership C owns 60
percent, the business does not have any owners who satisfy the
definition of principal owner set forth in Sec. 1002.102(o), even if
individual A and individual B are the only partners in the partnership
C. Similarly, if individual A directly owns 30 percent of a business,
individual B directly owns 20 percent, and trust D owns 50 percent,
individual A is the only principal owner as defined in Sec.
1002.102(o), even if individual B is the sole trustee of trust D.
2. Trustee. Although a trust is not considered a principal owner of
a business for the purposes of subpart B, if the applicant for a
covered credit transaction is a trust, a trustee is considered the
owner of the trust. Thus, if a trust is an applicant for a covered
credit transaction and the trust has two co-trustees, each co-trustee
is considered to own 50 percent of the business and would each be a
principal owner as defined in Sec. 1002.102(o). In contrast, if the
trust has five co-trustees, each co-trustee is considered to own 20
percent of the business and would not meet the definition of principal
owner under Sec. 1002.102(o).
3. Purpose of definition. A financial institution shall provide an
applicant with the definition of principal owner when asking the
applicant to provide the number of its principal owners pursuant to
Sec. 1002.107(a)(20) and the ethnicity, race, and sex of its principal
owners pursuant to Sec. 1002.107(a)(19). See comments 107(a)(19)-2 and
107(a)(20)-1.
102(s) Women-Owned Business
1. General. In order to be a women-owned business for purposes of
subpart B of this part, a business must satisfy both prongs of the
definition of women-owned business. First, one or more women must own
or control more than 50 percent of the business. However, it is not
necessary that one or more women both own and control more than 50
percent of the business. For example, a business that is owned entirely
by women but is not controlled by any women satisfies the first prong
of the definition. Similarly, a business that is controlled by a woman
satisfies this first prong of the definition, even if none of the
individuals with ownership in the business are women. If a business
does not satisfy this first prong of the definition, it is not a women-
owned business. Second, 50 percent or more of the net profits or losses
must accrue to one or more women. If a business does not satisfy this
second prong of the definition, it is not a women-owned business,
regardless of whether it satisfies the first prong of the definition.
2. Purpose of definition. The definition of women-owned business is
used only when an applicant determines if it is a women-owned business
pursuant to Sec. 1002.107(a)(18). A financial institution shall
provide an applicant with the definition of women-owned business when
asking the applicant to provide its women-owned business status
pursuant to Sec. 1002.107(a)(18), but the financial institution is
neither permitted nor required to make its own determination regarding
the applicant's women-owned business status.
3. Further clarifications of terms used in the definition of women-
owned business. In order to assist an applicant when determining
whether it is a women-owned business, a financial institution may
provide the applicant with the definitions of ownership, control, and
accrual of net profits or losses and related concepts set forth in
comments 102(s)-4 through -6. A financial institution may assist an
applicant when the applicant is determining its women-owned business
status but is not required to do so. For purposes of reporting an
applicant's status, a financial institution relies on the applicant's
determinations of its ownership, control, and accrual of net profits
and losses.
4. Ownership. For purposes of determining if a business is a women-
owned business, an individual owns a business if that individual
directly or indirectly, through any contract, arrangement,
understanding, relationship or otherwise, has an equity interest in the
business. Examples of ownership include being the sole proprietor of a
sole proprietorship,
[[Page 35540]]
directly or indirectly owning or holding the stock of a corporation or
company, directly or indirectly having a partnership interest in a
business, or directly or indirectly having a membership interest in a
limited liability company. Indirect as well as direct ownership are
used when determining ownership for purposes of Sec. Sec. 1002.102(s)
and 1002.107(a)(18). Thus, where applicable, ownership must be traced
through corporate or other indirect ownership structures. For example,
assume that the applicant is company A. If company B owns 60 percent of
the applicant company A and an individual owns 100 percent of company
B, the individual owns 60 percent of the applicant company A.
Similarly, if an individual directly owns 20 percent of the applicant
company A and is an equal partner in a partnership B that owns the
remaining 80 percent of the applicant company A, the individual owns 60
percent of applicant company A (i.e., 20 percent due through direct
ownership and 40 percent indirectly through partnership B). A trustee
is considered the owner of the trust. Thus, if a trust owns a business
and the trust has two co-trustees, each co-trustee owns 50 percent of
the business.
5. Control. An individual controls a business if that individual
has significant responsibility to manage or direct the business. An
individual controls a business if the individual is an executive
officer or senior manager (e.g., a chief executive officer, chief
financial officer, chief operating officer, managing member, general
partner, president, vice president, or treasurer) or regularly performs
similar functions. Additionally, a business may be controlled by two or
more women if those women collectively control the business, such as
constituting a majority of the board of directors or a majority of the
partners of a partnership.
6. Accrual of net profits or losses. A business's net profits and
losses accrue to an individual if that individual receives the net
profits or losses, is legally entitled or required to receive the net
profits or losses, or is legally entitled or required to recognize the
net profits or losses for tax purposes.
Section 1002.103--Covered Applications
103(a) Covered Application
1. General. Subject to the requirements of subpart B of this part,
a financial institution has latitude to establish its own application
procedures, including designating the type and amount of information it
will require from applicants.
2. Procedures used. The term ``procedures'' refers to the actual
practices followed by a financial institution as well as its stated
application procedures. For example, if a financial institution's
stated policy is to require all applications to be in writing on the
financial institution's application form, but the financial institution
also makes credit decisions based on oral requests, the financial
institution's procedures are to accept both oral and written
applications.
3. Consistency with subpart A. Bureau interpretations that appear
in this supplement I in connection with Sec. Sec. 1002.2(f) and 1002.9
are generally applicable to the definition of a covered application in
Sec. 1002.103. However, the definition of a covered application in
Sec. 1002.103 does not include inquiries and prequalification
requests. The definition of a covered application also does not include
reevaluation, extension, or renewal requests on an existing business
credit account, unless the request seeks additional credit amounts. See
Sec. 1002.103(b).
4. Solicitations and firm offers of credit. For purposes of subpart
B of this part, the term covered application does not include
solicitations, firm offers of credit, or other evaluations initiated by
the financial institution because in these situations the business has
not made a request for credit. For example, if a financial institution
sends a firm offer of credit to a business for a $10,000 line of
credit, and the business does not respond, it is not a covered
application because the business never made a request for credit.
However, using the same example, if the business seeks to obtain the
credit offered, assuming the requirements of a covered application are
otherwise met, the business's request constitutes a covered application
for purposes of subpart B of this part. See also comment 103(b)-4.
5. Requests for multiple covered credit transactions at one time.
Assuming the requirements of a covered application are met, if an
applicant makes a request for two or more covered credit transactions
at the same time, the financial institution reports each request as a
separate covered application. For example, if an applicant is seeking
both a term loan and a line of credit and requests them both on the
same application form, the financial institution reports the requests
as two separate covered applications, one for a term loan and another
for a line of credit. See Sec. 1002.107(d) for the requirements for
reusing data so that a financial institution need only ask once for
certain data required under Sec. 1002.107(a). If, on the other hand,
the applicant is only requesting a single covered credit transaction,
but has not decided on which particular product, the financial
institution reports the request as a single covered application. For
example, if the applicant indicates interest in either a term loan or a
line of credit, but not both, the financial institution reports the
request as a single covered application. See comment 107(a)(5)-1 for
instructions on reporting credit product in this situation.
6. Initial request for a single covered credit transaction that
would result in the origination of multiple covered credit
transactions. Assuming the requirements of a covered application are
met, if an applicant initially makes a request for one covered credit
transaction, but over the course of the application process requests
multiple covered credit transactions, each covered credit transaction
must be reported as a separate covered application. See Sec.
1002.107(d) for the requirements for reusing data so that a financial
institution need only ask once for certain data required under Sec.
1002.107(a).
7. Requests for multiple lines of credit at one time. Assuming the
requirements of a covered application are met, if an applicant requests
multiple lines of credit on a single credit account, it is reported as
one or more covered applications based on the procedures used by the
financial institution for the type of credit account. For example, if a
financial institution treats a request for multiple lines of credit at
one time as sub-components of a single account, the financial
institution reports the request as a single covered application. If, on
the other hand, the financial institution treats each line of credit as
a separate account, then the financial institution reports each request
for a line of credit as a separate covered application, as set forth in
comment 103(a)-5.
8. Duplicate applications. If a financial institution receives two
or more duplicate covered applications (i.e., from the same applicant,
for the same credit product, for the same amount, at or around the same
time), the financial institution may treat the request as a single
covered application for purposes of subpart B, so long as for purposes
of determining whether to extend credit, it would also treat one or
more of the applications as a duplicate under its procedures.
9. Changes in whether there is a covered credit transaction. In
certain circumstances, an applicant may change the type of product
requested during the course of the application process.
[[Page 35541]]
Assuming other requirements of a covered application are met, if an
applicant initially requests a product that is not a covered credit
transaction, but prior to final action taken decides to seek instead a
product that is a covered credit transaction, the application is a
covered application and must be reported pursuant to Sec. 1002.109. In
this circumstance, the financial institution shall endeavor to compile,
maintain, and report the data required under Sec. 1002.107(a) in a
manner that is reasonable under the circumstances. If, on the other
hand, an applicant initially requests a product that is a covered
credit transaction, but prior to final action taken decides instead to
seek a product that is not a covered credit transaction, the
application is not a covered application and thus is not reported. See
also Sec. 1002.112(c)(4), which provides a safe harbor for incorrect
collection of certain data if, at the time of collection, the financial
institution had a reasonable basis for believing that the application
was a covered application. Assuming other requirements of a covered
application are met, if an applicant initially requests a product that
is a covered credit transaction, the financial institution
counteroffers with a product that is not a covered credit transaction,
and the applicant declines to proceed or fails to respond, the
application is reported as a covered application. For example, if an
applicant initially applies for a term loan, but then, after
consultation with the financial institution, decides that a lease would
better meet its needs and decides to proceed with that product, the
application is not a covered application and thus is not reported.
However, if an applicant initially applies for a term loan, the
financial institution offers to consider the applicant only for a
lease, and the applicant refuses, the transaction is a covered
application that must be reported.
10. Multiple unaffiliated co-applicants. If a covered financial
institution receives a covered application from multiple businesses
that are not affiliates, as defined by Sec. 1002.102(a), it shall
compile, maintain, and report data pursuant to Sec. Sec. 1002.107
through 1002.109 for only a single applicant that is a small business,
as defined in Sec. 1002.106(b). A covered financial institution shall
establish consistent procedures for designating a single small business
for purposes of collecting and reporting data under subpart B in
situations where there is more than one small business co-applicant,
such as reporting on the first small business listed on an application
form. For example, if three businesses jointly apply as co-applicants
for a term loan to purchase a piece of equipment, but only one of the
businesses is a small business, as defined in Sec. 1002.106(b), the
financial institution reports on the single small business. If,
however, two of the businesses are small businesses, as defined in
Sec. 1002.106(b), the financial institution must have a procedure for
designating which small business among multiple small business co-
applicants it will report information on, such as consistently
reporting on the first small business listed on an application form.
See also Sec. 1002.5(a)(4)(x), which permits a creditor to collect
certain protected information about co-applicants under certain
circumstances.
11. Refinancings and evaluation, extension, or renewal requests
that request additional credit amounts. As discussed in comments
103(b)-2 and -3, assuming other requirements of a covered application
are met, an applicant's request to refinance and an applicant's request
for additional credit amounts on an existing account both constitute
covered applications.
103(b) Circumstances That Are Not Covered Applications
1. In general. The circumstances set forth in Sec. 1002.103(b) are
not covered applications for purposes of subpart B of this part, even
if considered applications under subpart A of this part. However, in no
way are the exclusions in Sec. 1002.103(b) intended to repeal,
abrogate, annul, impair, change, or interfere with the scope of the
term application in Sec. 1002.2(f) as applicable to subpart A.
2. Reevaluation, extension, or renewal requests that do not request
additional credit amounts. An applicant's request to change one or more
terms of an existing account does not constitute a covered application,
unless the applicant is requesting additional credit amounts on the
account. For example, an applicant's request to extend the duration on
a line of credit or to remove a guarantor would not be a covered
application. However, assuming other requirements of a covered
application are met, an applicant's request to refinance would be
reportable. A refinancing occurs when an existing obligation is
satisfied and replaced by a new obligation undertaken by the same
borrower.
3. Reevaluation, extension, or renewal requests that request
additional credit amounts. A Assuming other requirements of a covered
application are met, an applicant's request for additional credit
amounts on an existing account constitutes a covered application. For
example, an applicant's request for a line increase on an existing line
of credit, made in accordance with a financial institution's procedures
for the type of credit requested, would be a covered application. As
discussed in comment 107(a)(7)-4, when reporting a covered application
that seeks additional credit amounts on an existing account, the
financial institution need only report the additional credit amount
sought, and not the entire credit amount. For example, if an applicant
currently has a line of credit account for $100,000, and seeks to
increase the line to $150,000, the financial institution reports the
amount applied for as $50,000.
4. Reviews or evaluations initiated by the financial institution.
For purposes of subpart B of this part, the term covered application
does not include evaluations or reviews of existing accounts initiated
by the financial institution because the business has not made a
request for credit. For example, if a financial institution conducts
periodic reviews of its existing lines of credit and decides to
increase the business's line by $10,000, it is not a covered
application because the business never made a request for the
additional credit amounts. However, if such an evaluation or review of
an existing account by a financial institution results in the financial
institution inviting the business to apply for additional credit
amounts on an existing account and the business does so, the business's
request constitutes a covered application for purposes of subpart B of
this part, assuming other requirements of a covered application are
met. Similarly, as noted in comment 103(a)-4, the term covered
application also does not include solicitations and firm offers of
credit.
5. Inquiries and prequalification requests. An inquiry is a request
by a prospective applicant for information about credit terms offered
by the financial institution. A prequalification request is a request
by a prospective applicant for a preliminary determination on whether
the prospective applicant would likely qualify for credit under a
financial institution's standards or for a determination on the amount
of credit for which the prospective applicant would likely qualify.
Inquiries and prequalification requests are not covered applications
under subpart B of this part, even though in certain circumstances
inquiries and prequalification requests may constitute
[[Page 35542]]
applications under subpart A. For example, while an inquiry or
prequalification request may become an ``application'' under subpart A
if the creditor evaluates information about the business, decides to
decline the request, and communicates this to the business, such
inquiries or prequalifications would not be ``covered applications''
under subpart B of this part. Whether a particular request is a covered
application, or whether instead it is an inquiry or prequalification
request that is not reportable under subpart B, may turn, for instance,
on how a financial institution structures and processes such requests:
does the financial institution require or encourage a preliminary
review in order for a business to be considered for a covered credit
transaction, or does the business voluntarily seek preliminary feedback
as a tool to explore its options before it decides whether to apply for
credit with the financial institution? The name used by the financial
institution for such a request is not determinative. For example, under
subpart B, a review is a reportable covered application if the
financial institution requires the business, before it may apply for
credit, to pass through a mandatory screening process that considers
particular information about the business and denies or turns away the
business if it is ineligible or unlikely to qualify for credit. In
contrast, a business that requests a financial institution to identify
credit products for which the business might qualify based on limited
or self-described characteristics, and without any commitment from the
financial institution to extend credit, may not have submitted a
covered application for purposes of subpart B.
Section 1002.104--Covered Credit Transactions and Excluded Transactions
104(a) Covered Credit Transaction
1. General. The term ``covered credit transaction'' includes all
business credit (including loans, lines of credit, credit cards, and
merchant cash advances) unless otherwise excluded under Sec.
1002.104(b).
104(b) Excluded Transactions
1. Factoring. The term ``covered credit transaction'' does not
cover factoring as described herein. For the purpose of this subpart,
factoring is an accounts receivable purchase transaction between
businesses that includes an agreement to purchase, transfer, or sell a
legally enforceable claim for payment for goods that the recipient has
supplied or services that the recipient has rendered but for which
payment in full has not yet been made. The name used by the financial
institution for a product is not determinative of whether or not it is
a ``covered credit transaction.'' This description of factoring is not
intended to repeal, abrogate, annul, impair, or interfere with any
existing interpretations, orders, agreements, ordinances, rules, or
regulations adopted or issued pursuant to comment 9(a)(3)-3. A
financial institution shall report an extension of business credit
incident to a factoring arrangement that is otherwise a covered credit
transaction as ``Other sales-based financing transaction'' under Sec.
1002.107(a)(5).
2. Leases. The term ``covered credit transaction'' does not cover
leases as described herein. A lease, for the purpose of this subpart,
is a transfer from one business to another of the right to possession
and use of goods for a term, and for primarily business or commercial
(including agricultural) purposes, in return for consideration. A lease
does not include a sale, including a sale on approval or a sale or
return, or a transaction resulting in the retention or creation of a
security interest. The name used by the financial institution for a
product is not determinative of whether or not it is a ``covered credit
transaction.''
3. Consumer-designated credit. The term ``covered credit
transaction'' does not include consumer-designated credit that is used
for business or agricultural purposes. A transaction qualifies as
consumer-designated credit if the financial institution offers or
extends the credit primarily for personal, family, or household
purposes. For example, an open-end credit account used for both
personal and business/agricultural purposes is not business credit for
the purpose of subpart B of this part unless the financial institution
designated or intended for the primary purpose of the account to be
business/agricultural-related.
4. Credit transaction purchases, purchases of an interest in a pool
of credit transactions, and purchases of a partial interest in a credit
transaction. The term ``covered credit transaction'' does not cover the
purchase of an originated credit transaction, the purchase of an
interest in a pool of credit transactions, or the purchase of a partial
interest in a credit transaction such as through a loan participation
agreement. Such purchases do not, in themselves, constitute an
application for credit. See also comment 109(a)(3)-2.i.
104(b)(1) Trade Credit
1. General. Trade credit, as defined in Sec. 1002.104(b)(1), is
excluded from the definition of a covered credit transaction. An
example of trade credit involves a supplier that finances the sale of
equipment, supplies, or inventory. However, an extension of business
credit by a financial institution other than the supplier for the
financing of such items is not trade credit. Also, credit extended by a
business providing goods or services to another business is not trade
credit for the purposes of this subpart where the supplying business
intends to sell or transfer its rights as a creditor to a third party.
2. Trade credit under subpart A. The definition of trade credit
under comment 9(a)(3)-2 applies to relevant provisions under subpart A,
and Sec. 1002.104(b)(1) is not intended to repeal, abrogate, annul,
impair, or interfere with any existing interpretations, orders,
agreements, ordinances, rules, or regulations adopted or issued
pursuant to comment 9(a)(3)-2.
Section 1002.105--Covered Financial Institutions and Exempt
Institutions
105(a) Financial Institution
1. Examples. Section 1002.105(a) defines a financial institution as
any partnership, company, corporation, association (incorporated or
unincorporated), trust, estate, cooperative organization, or other
entity that engages in any financial activity. This definition
includes, but is not limited to, banks, savings associations, credit
unions, online lenders, platform lenders, community development
financial institutions, Farm Credit System lenders, lenders involved in
equipment and vehicle financing (captive financing companies and
independent financing companies), commercial finance companies,
organizations exempt from taxation pursuant to 26 U.S.C. 501(c), and
governments or governmental subdivisions or agencies.
2. Motor vehicle dealers. Pursuant to Sec. 1002.101(a), subpart B
of this part excludes from coverage persons defined by section 1029 of
the Consumer Financial Protection Act of 2010, title X of the Dodd-
Frank Wall Street Reform and Consumer Protection Act, Public Law 111-
203, 124 Stat. 1376, 2004 (2010).
105(b) Covered Financial Institution
1. Preceding calendar year. The definition of covered financial
institution refers to preceding calendar years. For example, in 2029,
the two preceding calendar years are 2027 and 2028. Accordingly, in
2029, Financial Institution A does not meet the loan-
[[Page 35543]]
volume threshold in Sec. 1002.105(b) if did not originate at least 100
covered credit transactions for small businesses both during 2027 and
during 2028.
2. Origination threshold. A financial institution qualifies as a
covered financial institution based on total covered credit
transactions originated for small businesses, rather than covered
applications received from small businesses. For example, if in both
2024 and 2025, Financial Institution B received 105 covered
applications from small businesses and originated 95 covered credit
transactions for small businesses, then for 2026, Financial Institution
B is not a covered financial institution.
3. Counting originations when multiple financial institutions are
involved in originating a covered credit transaction. For the purpose
of counting originations to determine whether a financial institution
is a covered financial institution under Sec. 1002.105(b), in a
situation where multiple financial institutions are involved in
originating a single covered credit transaction, only the last
financial institution with authority to set the material terms of the
covered credit transaction is required to count the origination.
4. Counting originations after adjustments to the gross annual
revenue threshold due to inflation. Pursuant to Sec. 1002.106(b)(2),
every five years, the gross annual revenue threshold used to define a
small business in Sec. 1002.106(b)(1) shall be adjusted, if necessary,
to account for inflation. The first time such an adjustment could occur
is in 2030, with an effective date of January 1, 2031. A financial
institution seeking to determine whether it is a covered financial
institution applies the gross annual revenue threshold that is in
effect for each year it is evaluating. For example, a financial
institution seeking to determine whether it is a covered financial
institution in 2032 counts its originations of covered credit
transactions for small businesses in calendar years 2030 and 2031. The
financial institution applies the initial $5 million threshold to
evaluate whether its originations were to small businesses in 2030. In
this example, if the small business threshold were increased to $5.5
million effective January 1, 2031, the financial institution applies
the $5.5 million threshold to count its originations for small
businesses in 2031.
5. Reevaluation, extension, or renewal requests, as well as credit
line increases and other requests for additional credit amounts. While
requests for additional credit amounts on an existing account can
constitute a ``covered application'' pursuant to Sec. 1002.103(b)(1),
such requests are not counted as originations for the purpose of
determining whether a financial institution is a covered financial
institution pursuant to Sec. 1002.105(b). In addition, transactions
that extend, renew, or otherwise amend a transaction are not counted as
originations. For example, if a financial institution originates 50
term loans and 30 lines of credit for small businesses in each of the
preceding two calendar years, along with 25 line increases for small
businesses in each of those years, the financial institution is not a
covered financial institution because it has not originated at least
100 covered credit transactions in each of the two preceding calendar
years.
6. Annual consideration. Whether a financial institution is a
covered financial institution for a particular year depends on its
small business lending activity in the preceding two calendar years.
Therefore, whether a financial institution is a covered financial
institution is an annual consideration for each year that data may be
compiled and maintained for purposes of subpart B of this part. A
financial institution may be a covered financial institution for a
given year of data collection (and the obligations arising from
qualifying as a covered financial institution shall continue into
subsequent years, pursuant to Sec. Sec. 1002.110 and 1002.111), but
the same financial institution may not be a covered financial
institution for the following year of data collection. For example,
Financial Institution C originated 105 covered transactions for small
businesses in both 2024 and 2025. In 2026, Financial Institution C is a
covered financial institution and therefore is obligated to compile and
maintain applicable 2026 small business lending data under Sec.
1002.107(a). During 2026, Financial Institution C originates 95 covered
transactions for small businesses. In 2027, Financial Institution C is
not a covered financial institution with respect to 2027 small business
lending data, and is not obligated to compile and maintain 2027 data
under Sec. 1002.107(a) (although Financial Institution C may volunteer
to collect and maintain 2027 data pursuant to Sec. 1002.5(a)(4)(vii)
and as explained in comment 105(b)-10). Pursuant to Sec. 1002.109(a),
Financial Institution C shall submit its small business lending
application register for 2026 data in the format prescribed by the
Bureau by June 1, 2027 because Financial Institution C is a covered
financial institution with respect to 2026 data, and the data
submission deadline of June 1, 2027 applies to 2026 data.
7. Merger or acquisition--coverage of surviving or newly formed
institution. After a merger or acquisition, the surviving or newly
formed financial institution is a covered financial institution under
Sec. 1002.105(b) if it, considering the combined lending activity of
the surviving or newly formed institution and the merged or acquired
financial institutions (or acquired branches or locations), satisfies
the criteria included in Sec. 1002.105(b). For example, Financial
Institutions A and B merge. The surviving or newly formed financial
institution meets the threshold in Sec. 1002.105(b) if the combined
previous components of the surviving or newly formed financial
institution (A plus B) would have originated at least 100 covered
credit transactions for small businesses for each of the two preceding
calendar years. Similarly, if the combined previous components and the
surviving or newly formed financial institution would have reported at
least 100 covered transactions for small businesses for the year
previous to the merger as well as 100 covered transactions for small
businesses for the year of the merger, the threshold described in Sec.
1002.105(b) would be met and the surviving or newly formed financial
institution would be a covered institution under Sec. 1002.105(b) for
the year following the merger. Comment 105(b)-8 discusses a financial
institution's responsibilities with respect to compiling and
maintaining (and subsequently reporting) data during the calendar year
of a merger.
8. Merger or acquisition--coverage specific to the calendar year of
the merger or acquisition. The scenarios described below illustrate a
financial institution's responsibilities specifically for data from the
calendar year of a merger or acquisition. For purposes of these
illustrations, an ``institution that is not covered'' means either an
institution that is not a financial institution, as defined in Sec.
1002.105(a), or a financial institution that is not a covered financial
institution, as defined in Sec. 1002.105(b).
i. Two institutions that are not covered financial institutions
merge. The surviving or newly formed institution meets all of the
requirements necessary to be a covered financial institution. No data
are required to be compiled, maintained, or reported for the calendar
year of the merger (even though the merger creates an institution that
meets all of the requirements necessary to be a covered financial
institution).
[[Page 35544]]
ii. A covered financial institution and an institution that is not
covered merge. The covered financial institution is the surviving
institution, or a new covered financial institution is formed. For the
calendar year of the merger, data are required to be compiled,
maintained, and reported for covered applications from the covered
financial institution and is optional for covered applications from the
financial institution that was previously not covered.
iii. A covered financial institution and an institution that is not
covered merge. The institution that is not covered is the surviving
institution and remains not covered after the merger, or a new
institution that is not covered is formed. For the calendar year of the
merger, data are required to be compiled and maintained (and
subsequently reported) for covered applications from the previously
covered financial institution that took place prior to the merger.
After the merger date, compiling, maintaining, and reporting data is
optional for applications from the institution that was previously
covered for the remainder of the calendar year of the merger.
iv. Two covered financial institutions merge. The surviving or
newly formed financial institution is a covered financial institution.
Data are required to be compiled and maintained (and subsequently
reported) for the entire calendar year of the merger. The surviving or
newly formed financial institution files either a consolidated
submission or separate submissions for that calendar year.
9. Foreign applicability. As discussed in comment 1(a)-2,
Regulation B (including subpart B) generally does not apply to lending
activities that occur outside the United States.
10. Voluntary collection and reporting. Section 1002.5(a)(4)(vii)
through (x) permits a creditor that is not a covered financial
institution under Sec. 1002.105(b) to voluntarily collect and report
information regarding covered applications from small businesses in
certain circumstances. If a creditor is voluntarily collecting
information for covered applications regarding whether the applicant is
a minority-owned business, a women-owned business, and/or an LGBTQI+-
owned business under Sec. 1002.107(a)(18), and regarding the
ethnicity, race, and sex of the applicant's principal owners under
Sec. 1002.107(a)(19), it shall do so in compliance with Sec. Sec.
1002.107, 1002.108, 1002.111, 1002.112 as though it were a covered
financial institution. If a creditor is reporting those covered
applications from small businesses to the Bureau, it shall do so in
compliance with Sec. Sec. 1002.109 and 1002.110 as though it were a
covered financial institution.
Section 1002.106--Business and Small Business
106(b) Small Business Definition
106(b)(1) Small Business
1. Change in determination of small business status--business is
ultimately not a small business. If a financial institution initially
determines an applicant is a small business as defined in Sec.
1002.106 based on available information and collects data required by
Sec. 1002.107(a)(18) and (19) but later concludes that the applicant
is not a small business, the financial institution does not violate the
Act or this regulation if it meets the requirements of Sec.
1002.112(c)(4). The financial institution shall not report the
application on its small business lending application register pursuant
to Sec. 1002.109.
2. Change in determination of small business status--business is
ultimately a small business. Consistent with comment 107(a)(14)-1, a
financial institution need not independently verify gross annual
revenue. If a financial institution initially determines that the
applicant is not a small business as defined in Sec. 1002.106(b), but
later concludes the applicant is a small business prior to taking final
action on the application, the financial institution must report the
covered application pursuant to Sec. 1002.109. In this situation, the
financial institution shall endeavor to compile, maintain, and report
the data required under Sec. 1002.107(a) in a manner that is
reasonable under the circumstances. For example, if the applicant
initially provides a gross annual revenue of $5.5 million (that is,
above the threshold for a small business as initially defined in Sec.
1002.106(b)(1)), but during the course of underwriting the financial
institution discovers the applicant's gross annual revenue was in fact
$4.75 million (meaning that the applicant is within the definition of a
small business under Sec. 1002.106(b)), the financial institution is
required to report the covered application pursuant to Sec. 1002.109.
In this situation, the financial institution shall take reasonable
steps upon discovery to compile, maintain, and report the data
necessary under Sec. 1002.107(a) to comply with subpart B of this part
for that covered application. Thus, in this example, even if the
financial institution's procedure is typically to request applicant-
provided data together with the application form, in this circumstance,
the financial institution shall seek to collect the data during the
application process necessary to comply with subpart B in a manner that
is reasonable under the circumstances.
3. Applicant's representations regarding gross annual revenue;
inclusion of affiliate revenue; updated or verified information. A
financial institution is permitted to rely on an applicant's
representations regarding gross annual revenue (which may or may not
include any affiliate's revenue) for purposes of determining small
business status under Sec. 1002.106(b). However, if the applicant
provides updated gross annual revenue information or the financial
institution verifies the gross annual revenue information (see comment
107(b)-1), the financial institution must use the updated or verified
information in determining small business status.
4. Multiple unaffiliated co-applicants--size determination. The
financial institution shall not aggregate unaffiliated co-applicants'
gross annual revenues for purposes of determining small business status
under Sec. 1002.106(b). If a covered financial institution receives a
covered application from multiple businesses who are not affiliates, as
defined by Sec. 1002.102(a), where at least one business is a small
business under Sec. 1002.106(b), the financial institution shall
compile, maintain, and report data pursuant to Sec. Sec. 1002.107
through 1002.109 regarding the covered application for only a single
applicant that is a small business. See comment 103(a)-10 for
additional details.
106(b)(2) Inflation Adjustment
1. Inflation adjustment methodology. The small business gross
annual revenue threshold set forth in Sec. 1002.106(b)(1) will be
adjusted upward or downward to reflect changes, if any, in the Consumer
Price Index for All Urban Consumers (U.S. city average series for all
items, not seasonally adjusted), as published by the United States
Bureau of Labor Statistics (``CPI-U''). The base for computing each
adjustment is the January 2025 CPI-U; this base value shall be compared
to the CPI-U value in January 2030 and every five years thereafter. For
example, after the January 2030 CPI-U is made available, the adjustment
is calculated by determining the percentage change in the CPI-U between
January 2025 and January 2030, applying this change to the $5 million
gross annual revenue threshold, and rounding to the nearest $500,000.
If, as a result of this rounding, there is no change in the gross
annual revenue threshold, there will be no adjustment. For example, if
in January
[[Page 35545]]
2030 the adjusted value were $4.9 million (reflecting a $100,000
decrease from January 2025 CPI-U), then the threshold would not adjust
because $4.9 million would be rounded up to $5 million. If on the other
hand, the adjusted value were $5.7 million, then the threshold would
adjust to $5.5 million. Where the adjusted value is a multiple of
$250,000 (e.g., $5,250,000), then the threshold adjusts upward (in this
example, to $5,500,000).
2. Substitute for CPI-U. If publication of the CPI-U ceases, or if
the CPI-U otherwise becomes unavailable or is altered in such a way as
to be unusable, then the Bureau shall substitute another reliable cost
of living indicator from the United States Government for the purpose
of calculating adjustments pursuant to Sec. 1002.106(b)(2).
Section 1002.107--Compilation of Reportable Data
107(a) Data Format and Itemization
1. General. Section 1002.107(a) describes a covered financial
institution's obligation to compile and maintain data regarding the
covered applications it receives from small businesses.
i. A covered financial institution reports these data even if the
credit originated pursuant to the reported application was subsequently
sold by the institution.
ii. A covered financial institution annually reports data for
covered applications for which final action was taken in the previous
calendar year.
iii. A covered financial institution reports data for a covered
application on its small business lending application register for the
calendar year during which final action was taken on the application,
even if the institution received the application in a previous calendar
year.
2. Free-form text fields. A covered financial institution may use
technology such as autocorrect and predictive text when requesting
applicant-provided data under subpart B of this part that the financial
institution reports via free-form text fields, provided that such
technology does not restrict the applicant's ability to write in its
own response instead of using text suggested by the technology.
3. Filing Instructions Guide. Additional details and procedures for
compiling data pursuant to Sec. 1002.107 are included in the Filing
Instructions Guide, which is available at https://www.consumerfinance.gov/data-research/small-business-lending/filing-instructions-guide/.
4. Additional data point response options. The Bureau may add
additional response options to the lists of responses contained in the
commentary that follows for certain of the data points set forth in
Sec. 1002.107(a), via the Filing Instructions Guide. Refer to the
Filing Instructions Guide for any updates for each reporting year.
107(a)(1) Unique Identifier
1. Unique within the financial institution. A financial institution
complies with Sec. 1002.107(a)(1) by compiling and reporting an
alphanumeric application or loan identifier unique within the financial
institution to the specific application. The identifier must not exceed
45 characters, and must begin with the financial institution's Legal
Entity Identifier (LEI), as defined in comment 109(b)(6)-1. Separate
applications for the same applicant must have separate identifiers. The
identifier may only include standard numerical and/or upper-case
alphabetical characters and cannot include dashes, other special
characters, or characters with diacritics. The financial institution
may assign the unique identifier at any time prior to reporting the
application. Refinancings or applications for refinancing must be
assigned a different identifier than the transaction that is being
refinanced. A financial institution with multiple branches must ensure
that its branches do not use the same identifiers to refer to multiple
applications.
2. Does not include directly identifying information. The unique
identifier must not include any directly identifying information, such
as a whole or partial Social Security number or employer identification
number, about the applicant or persons (natural or legal) associated
with the applicant. See also Sec. 1002.111(c) and related commentary.
107(a)(2) Application Date
1. Consistency. Section 1002.107(a)(2) requires that, in reporting
the date of covered application, a financial institution shall report
the date the covered application was received or the date shown on a
paper or electronic application form. Although a financial institution
need not choose the same approach for its entire small business lending
application register, it should generally be consistent in its approach
by, for example, establishing procedures for how to report this date
within particular scenarios, products, or divisions. If the financial
institution chooses to report the date shown on an application form and
the institution retains multiple versions of the application form, the
institution reports the date shown on the first application form
satisfying the definition of covered application pursuant to Sec.
1002.103.
2. Application received. For an application submitted directly to
the financial institution or its affiliate (as described in Sec.
1002.107(a)(4)), the financial institution shall report the date it
received the covered application, as defined under Sec. 1002.103, or
the date shown on a paper or electronic application form. For an
application initially submitted to a third party, see comment
107(a)(2)-3.
3. Indirect applications. For an application that was not submitted
directly to the financial institution or its affiliate (as described in
Sec. 1002.107(a)(4)), the financial institution shall report the date
the application was received by the party that initially received the
application, the date the application was received by the financial
institution, or the date shown on the application form. Although a
financial institution need not choose the same approach for its entire
small business lending application register, it should generally be
consistent in its approach by, for example, establishing procedures for
how to report this date within particular scenarios, products, or
divisions.
4. Safe harbor. Pursuant to Sec. 1002.112(c)(1), a financial
institution that reports on its small business lending application
register an application date that is within three business days of the
actual application date pursuant to Sec. 1002.107(a)(2) does not
violate the Act or subpart B of this part. For purposes of this
paragraph, a business day means any day the financial institution is
open for business.
107(a)(3) Application Method
1. General. A financial institution complies with Sec.
1002.107(a)(3) by reporting the means by which the applicant submitted
the application from one of the following options: in-person,
telephone, online, or mail. If the financial institution retains
multiple versions of the application form, the institution reports the
means by which the first application form satisfying the definition of
covered application pursuant to Sec. 1002.103 was submitted.
i. In-person. A financial institution reports the application
method as ``in-person'' if the applicant submitted the application to
the financial institution, or to another party acting on the financial
institution's behalf, in person. The in-person application method
applies, for example, to applications submitted at a branch office
(including applications hand delivered by the applicant), at the
applicant's place of
[[Page 35546]]
business, or via electronic media with a video component).
ii. Telephone. A financial institution reports the application
method as ``telephone'' if the applicant submitted the application to
the financial institution, or another party acting on the financial
institution's behalf, by telephone call or via audio-based electronic
media without a video component.
iii. Online. A financial institution reports the application method
as ``online'' if the applicant submitted the application to the
financial institution, or another party acting on the financial
institution's behalf, through a website, mobile application (app), fax
transmission, electronic mail, text message, or some other form of
text-based electronic communication.
iv. Mail. A financial institution reports the application method as
``mail'' if the applicant submitted the application to the financial
institution, or another party acting on the financial institution's
behalf, via United States mail, courier or overnight service, or an
overnight drop box.
107(a)(4) Application Recipient
1. Agents. When a financial institution is reporting actions taken
by its agent consistent with comment 109(a)(3)-3, the agent is
considered the financial institution for the purposes of Sec.
1002.107(a)(4). For example, assume that an applicant submitted an
application to Financial Institution B, and Financial Institution B
made the credit decision acting as Financial Institution A's agent
under State law. Financial Institution A reports the application and
indicates that the application was submitted directly to Financial
Institution A.
107(a)(5) Credit Type
1. Reporting credit product--in general. A financial institution
complies with Sec. 1002.107(a)(5)(i) by selecting the credit product
applied for or originated, from the list below. If the credit product
applied for or originated is not included on this list, the financial
institution selects ``other,'' and reports the credit product via free-
form text field. If an applicant requested more than one credit product
at the same time, the financial institution reports each credit product
requested as a separate application. However, if the applicant only
requested a single covered credit transaction, but had not decided on
which particular product, the financial institution complies with Sec.
1002.107(a)(5)(i) by reporting the credit product originated (if
originated), or the credit product denied (if denied), or the credit
product of greater interest to the applicant, if readily determinable.
If the credit product of greater interest to the applicant is not
readily determinable, the financial institution complies with Sec.
1002.107(a)(5)(i) by reporting one of the credit products requested as
part of the request for a single covered credit transaction, in its
discretion. See comment 103(a)-5 for instructions on reporting requests
for multiple covered credit transactions at one time.
i. Term loan--unsecured.
ii. Term loan--secured.
iii. Line of credit--unsecured.
iv. Line of credit--secured.
v. Credit card account, not private-label.
vi. Private-label credit card account.
vii. Merchant cash advance.
viii. Other sales-based financing transaction.
ix. Other.
x. Not provided by applicant and otherwise undetermined.
2. Credit card account, not private-label. A financial institution
complies with Sec. 1002.107(a)(5)(i) by reporting the credit product
as a ``credit card account, not private-label'' when the product is a
business-purpose open-end credit account that is not private label and
that may be accessed from time to time by a card, plate, or other
single credit device to obtain credit, except that accounts or lines of
credit secured by real property and overdraft lines of credit accessed
by debit cards are not credit card accounts. The term credit card
account does not include debit card accounts or closed-end credit that
may be accessed by a card, plate, or single credit device. The term
credit card account does include charge card accounts that are
generally paid in full each billing period, as well as hybrid prepaid-
credit cards. A financial institution reports multiple credit card
account, not private-label applications requested at one time using the
guidance in comment 103(a)-7.
3. Private-label credit card account. A financial institution
complies with Sec. 1002.107(a)(5)(i) by reporting the credit product
as a ``private-label credit card account'' when the product is a
business-purpose open-end private-label credit account that otherwise
meets the description of a credit card account in comment 107(a)(5)-2.
A private-label credit card account is a credit card account that can
only be used to acquire goods or services provided by one business (for
example, a specific merchant, retailer, independent dealer, or
manufacturer) or a small group of related businesses. A co-branded or
other card that can also be used for purchases at unrelated businesses
is not a private-label credit card. A financial institution reports
multiple private-label credit card account applications requested at
one time in the same manner as credit card account, not private-label
applications, using the guidance in comment 103(a)-7.
4. Credit product not provided by the applicant and otherwise
undetermined. Pursuant to Sec. 1002.107(c), a financial institution is
required to maintain procedures reasonably designed to collect
applicant-provided data, which includes credit product. However, if a
financial institution is nonetheless unable to collect or otherwise
determine credit product information because the applicant does not
indicate what credit product it seeks and the application is denied,
withdrawn, or closed for incompleteness before a credit product is
identified, the financial institution reports that the credit product
is ``not provided by applicant and otherwise undetermined.''
5. Reporting credit product involving counteroffers. If a financial
institution presents a counteroffer for a different credit product than
the product the applicant had initially requested, and the applicant
does not agree to proceed with the counteroffer, the financial
institution reports the application for the original credit product as
denied pursuant to Sec. 1002.107(a)(9). If the applicant agrees to
proceed with consideration of the financial institution's counteroffer,
the financial institution reports the disposition of the application
based on the credit product that was offered and does not report the
original credit product applied for. See comment 107(a)(9)-2.
6. Other sales-based financing transaction. For an extension of
business credit incident to a factoring arrangement that is otherwise a
covered credit transaction, a financial institution selects ``other
sales-based financing transaction'' as the credit product. See comment
104(b)-1.
7. Guarantees. A financial institution complies with Sec.
1002.107(a)(5)(ii) by selecting the type or types of guarantees that
were obtained for an originated covered credit transaction, or that
would have been obtained if the covered credit transaction was
originated, from the list below. The financial institution selects, if
applicable, up to a maximum of five guarantees for a single
application. If the type of guarantee does not appear on the list, the
financial institution selects ``other'' and reports the type of
guarantee via free-form text field. If no guarantee is obtained or
would have been obtained if the covered credit transaction was
originated, the
[[Page 35547]]
financial institution selects ``no guarantee.'' If an application is
denied, withdrawn, or closed for incompleteness before any guarantee
has been identified, the financial institution selects ``no
guarantee.'' The financial institution chooses State government
guarantee or local government guarantee, as applicable, based on the
entity directly administering the program, not the source of funding.
i. Personal guarantee--owner(s).
ii. Personal guarantee--non-owner(s).
iii. SBA guarantee--7(a) program.
iv. SBA guarantee--504 program.
v. SBA guarantee--other.
vi. USDA guarantee.
vii. FHA insurance.
viii. Bureau of Indian Affairs guarantee.
ix. Other Federal guarantee.
x. State government guarantee.
xi. Local government guarantee.
xii. Other.
xiii. No guarantee.
8. Loan term. A financial institution complies with Sec.
1002.107(a)(5)(iii) by reporting the number of months in the loan term
for the covered credit transaction. The loan term is the number of
months after which the legal obligation will mature or terminate,
measured from the date of origination. For transactions involving real
property, the financial institution may instead measure the loan term
from the date of the first payment period and disregard the time that
elapses, if any, between the settlement of the transaction and the
first payment period. For example, if a loan closes on April 12, but
the first payment is not due until June 1 and includes the interest
accrued in May (but not April), the financial institution may choose
not to include the month of April in the loan term. In addition, the
financial institution may round the loan term to the nearest full month
or may count only full months and ignore partial months, as it so
chooses. If a credit product, such as a credit card, does not have a
loan term, the financial institution reports that the loan term is
``not applicable.'' The financial institution also reports that the
loan term is ``not applicable'' if the credit product is reported as
``not provided by applicant and otherwise undetermined.'' For a credit
product that generally has a loan term, the financial institution
reports ``not provided by applicant and otherwise undetermined'' if the
application is denied, withdrawn, or determined to be incomplete before
a loan term has been identified. For merchant cash advances and other
sales-based financing transactions, the financial institution complies
with Sec. 1002.107(a)(5)(iii) by reporting the loan term, if any, that
the financial institution estimated or specified in processing,
underwriting or providing disclosures for the application or
transaction. If more than one such loan term is estimated or specified,
the financial institution reports the one it considers to be most
accurate, in its discretion. For merchant cash advances and other
sales-based financing transactions that do not have a loan term, the
financial institution reports ``not provided by applicant and otherwise
undetermined.''
107(a)(6) Credit Purpose
1. General. A financial institution complies with Sec.
1002.107(a)(6) by selecting the purpose or purposes of the covered
credit transaction applied for or originated from the list below.
i. Purchase, construction/improvement, or refinance of non-owner-
occupied real property.
ii. Purchase, construction/improvement, or refinance of owner-
occupied real property.
iii. Purchase, refinance, or rehabilitation/repair of motor
vehicle(s) (including light and heavy trucks).
iv. Purchase, refinance, or rehabilitation/repair of equipment.
v. Working capital (includes inventory or floor planning).
vi. Business start-up.
vii. Business expansion.
viii. Business acquisition.
ix. Refinance existing debt (other than refinancings listed above).
x. Line increase.
xi. Overdraft.
xii. Other.
xiii. Not provided by applicant and otherwise undetermined.
xiv. Not applicable.
2. More than one purpose. If the applicant indicates or the
financial institution is otherwise aware of more than one purpose for
the credit applied for or originated, the financial institution reports
those purposes, up to a maximum of three, using the list provided, in
any order it chooses. For example, if an applicant refinances a
commercial building it owns and uses the funds to purchase a motor
vehicle and expand the business it runs in a part of that building, the
financial institution reports that the three purposes of the credit are
purchase, construction/improvement, or refinance of owner-occupied real
property; purchase, refinance, or rehabilitation/repair of motor
vehicle(s) (including light and heavy trucks); and business expansion.
If an application has more than three purposes, the financial
institution reports any three of those purposes. In the example above,
if the funds were also used to purchase equipment, the financial
institution would select only three of the relevant purposes to report.
3. ``Other'' credit purpose. If a purpose of an application does
not appear on the list of purposes provided, the financial institution
reports ``other'' as the credit purpose and reports the credit purpose
via free-form text field. If the application has more than one
``other'' purpose, the financial institution chooses the most
significant ``other'' purpose, in its discretion, and reports that
``other'' purpose. The financial institution reports a maximum of three
credit purposes, including any ``other'' purpose.
4. Credit purpose not provided by applicant and otherwise
undetermined. Pursuant to Sec. 1002.107(c), a financial institution
shall maintain procedures reasonably designed to collect applicant-
provided data, which includes credit purpose. However, if a financial
institution is nonetheless unable to collect or determine credit
purpose information, the financial institution reports that the credit
purpose is ``not provided by applicant and otherwise undetermined.''
5. Not applicable. If the application is for a credit product that
generally has indeterminate or numerous potential purposes, such as a
credit card, the financial institution may report credit purpose as
``not applicable.''
6. Collecting credit purpose. Pursuant to Sec. 1002.107(c), a
financial institution shall maintain procedures reasonably designed to
collect applicant-provided data, including credit purpose. The
financial institution is permitted, but not required, to present the
list of credit purposes provided in comment 107(a)(6)-1 to the
applicant. The financial institution is also permitted to ask about
purposes not included on the list provided in comment 107(a)(6)-1. If
the applicant chooses a purpose or purposes not included on the
provided list, the financial institution follows the instructions in
comment 107(a)(6)-3 regarding reporting of ``other'' as the credit
purpose. If an applicant chooses a purpose or purposes that are similar
to purposes on the list provided, but uses different language, the
financial institution reports the purpose or purposes from the list
provided.
7. Owner-occupied real property. Real property is owner-occupied if
any physical portion of the property is used by the owner for any
activity, including storage.
8. Overdraft. When overdraft is provided as an aspect of the
covered credit transaction applied for or
[[Page 35548]]
originated, the financial institution reports ``Overdraft'' as a
purpose of the credit. The financial institution reports credit type
pursuant to Sec. 1002.107(a)(5)(i) as appropriate for the underlying
covered credit transaction, such as ``Line of credit--unsecured.''
Providing occasional overdraft services as part of a deposit account
offering would not be reported for the purpose of subpart B.
107(a)(7) Amount Applied For
1. Initial amount requested. A financial institution complies with
Sec. 1002.107(a)(7) by reporting the initial amount of credit or the
initial credit limit requested by the applicant. The financial
institution is not required to report credit amounts or limits
discussed before an application is made, but must capture the initial
amount requested at the application stage. If the applicant requests an
amount as a range of numbers, the financial institution reports the
midpoint of that range.
2. No amount requested. If the applicant does not request a
specific amount at the application stage, but the financial institution
underwrites the application for a specific amount, the financial
institution complies with Sec. 1002.107(a)(7) by reporting the amount
considered for underwriting as the amount applied for. If the
particular type of credit product applied for does not involve a
specific amount requested, the financial institution reports that the
requirement is ``not applicable.''
3. Firm offers. When an applicant responds to a ``firm offer'' that
specifies an amount or limit, which may occur in conjunction with a
pre-approved credit solicitation, the financial institution reports the
amount of the firm offer as the amount applied for, unless the
applicant requests a different amount. If the firm offer does not
specify an amount or limit and the applicant does not request a
specific amount, the amount applied for is the amount underwritten by
the financial institution. If the firm offer specifies an amount or
limit as a range and the applicant does not request a specific amount,
the amount applied for is the amount underwritten by the financial
institution.
4. Additional amounts on an existing account. When reporting a
covered application that seeks additional credit amounts on an existing
account, the financial institution reports only the additional credit
amount sought, and not any previous amounts extended. See comment
103(b)-3.
5. Initial amount otherwise undetermined. Pursuant to Sec.
1002.107(c), a financial institution shall maintain procedures
reasonably designed to collect applicant-provided data, which includes
the credit amount initially requested by the applicant (other than for
products that do not involve a specific amount requested). However, if
a financial institution is nonetheless unable to collect or otherwise
determine the amount initially requested, the financial institution
reports that the amount applied for is ``not provided by applicant and
otherwise undetermined.'' But see comment 107(a)(7)-2 for how to report
the credit amount initially requested by the applicant for particular
types of credit products that do not involve a specific amount
requested.
107(a)(8) Amount Approved or Originated
1. General. A financial institution complies with Sec.
1002.107(a)(8) by reporting the amount approved or originated for
credit that is originated or approved but not accepted. For
applications that the financial institution, pursuant to Sec.
1002.107(a)(9), reports as denied, withdrawn by the applicant, or
incomplete, the financial institution reports that the amount approved
or originated is ``not applicable.''
2. Multiple approval amounts. A financial institution may sometimes
approve an applicant for more than one credit amount, allowing the
applicant to choose which amount the applicant prefers for the
extension or line of credit. When multiple approval amounts are offered
for a closed-end credit transaction for which the action taken is
approved but not accepted, and the applicant does not accept the
approved offer of credit in any amount, the financial institution
reports the highest amount approved. If the applicant accepts the offer
of closed-end credit, the financial institution reports the amount
originated. When multiple approval amounts are offered for an open-end
credit transaction for which the action taken is approved but not
accepted, and the applicant does not accept the approved offer of
credit in any amount, the financial institution reports the highest
amount approved. If the applicant accepts the offer of open-end credit,
the financial institution reports the actual credit limit established.
3. Amount approved or originated--closed-end credit transaction.
For an originated closed-end credit transaction, the financial
institution reports the principal amount to be repaid. This amount will
generally be disclosed on the legal obligation.
4. Amount approved or originated--refinancing. For a refinancing,
the financial institution reports the amount of credit approved or
originated under the terms of the new debt obligation.
5. Amount approved or originated--counteroffer. If an applicant
agrees to proceed with consideration of a counteroffer for an amount or
limit different from the amount for which the applicant applied, and
the covered credit transaction is approved and originated, the
financial institution reports the amount granted. If an applicant does
not agree to proceed with consideration of a counteroffer or fails to
respond, the institution reports the application as denied and reports
``not applicable'' for the amount approved or originated. See comment
107(a)(9)-2.
6. Amount approved or originated--existing accounts. For additional
credit amounts that were approved for or originated on an existing
account, the financial institution reports only the additional credit
amount approved or originated, and not any previous amounts extended.
107(a)(9) Action Taken
1. General. A financial institution complies with Sec.
1002.107(a)(9) by selecting the action taken by the financial
institution on the application from the following list: originated,
approved but not accepted, denied, withdrawn by the applicant, or
incomplete. A financial institution identifies the applicable action
taken code based on final action taken on the covered application.
i. Originated. A financial institution reports that the application
was originated if the financial institution made a credit decision
approving the application and that credit decision resulted in an
extension of credit.
ii. Approved but not accepted. A financial institution reports that
the application was approved but not accepted if the financial
institution made a credit decision approving the application, but the
applicant or the party that initially received the application failed
to respond to the financial institution's approval within the specified
time, or the covered credit transaction was not otherwise consummated
or the account was not otherwise opened.
iii. Denied. A financial institution reports that the application
was denied if it made a credit decision denying the application before
an applicant withdrew the application, before the application was
closed for incompleteness, or before the application was denied on the
basis of incompleteness.
[[Page 35549]]
iv. Withdrawn by the applicant. A financial institution reports
that the application was withdrawn if the application was expressly
withdrawn by the applicant before the financial institution made a
credit decision approving or denying the application, before the
application was closed for incompleteness, or before the application
was denied on the basis of incompleteness.
v. Incomplete. A financial institution reports that the application
was incomplete if the financial institution took adverse action on the
basis of incompleteness under Sec. 1002.9(a)(1)(ii) and (c)(1)(i) or
provided a written notice of incompleteness under Sec.
1002.9(c)(1)(ii) and (2), and the applicant did not respond to the
request for additional information within the period of time specified
in the notice.
2. Treatment of counteroffers. If a financial institution makes a
counteroffer to grant credit on terms other than those originally
requested by the applicant (for example, for a shorter loan maturity,
with a different interest rate, or in a different amount) and the
applicant declines the counteroffer or fails to respond, the
institution reports the action taken as a denial on the original terms
requested by the applicant. If the applicant agrees to proceed with
consideration of the financial institution's counteroffer, the
financial institution reports the action taken as the disposition of
the application based on the terms of the counteroffer. For example,
assume an applicant applies for a term loan and the financial
institution makes a counteroffer to proceed with consideration of a
line of credit. If the applicant declines to be considered for a line
of credit, the financial institution reports the application as a
denied request for a term loan. If, on the other hand, the applicant
agrees to be considered for a line of credit, then the financial
institution reports the action taken as the disposition of the
application for the line of credit. For instance, using the same
example, if the financial institution makes a credit decision approving
the line of credit, but the applicant fails to respond to the financial
institution's approval within the specified time by accepting the
credit offer, the financial institution reports the application on the
line of credit as approved but not accepted.
3. Treatment of rescinded transactions. If a borrower successfully
rescinds a transaction after closing but before a financial institution
is required to submit its small business lending application register
containing the information for the application under Sec. 1002.109,
the institution reports the application as approved but not accepted.
4. Treatment of pending applications. A financial institution does
not report any application still pending at the end of the calendar
year; it reports such applications on its small business lending
application register for the year in which final action is taken.
5. Treatment of conditional approvals. If a financial institution
issues an approval that is subject to the applicant meeting certain
conditions prior to closing, the financial institution reports the
action taken as provided below dependent on whether the conditions are
solely customary commitment or closing conditions or if the conditions
include any underwriting or creditworthiness conditions. Customary
commitment or closing conditions may include, for example, a clear-
title requirement, proof of insurance policies, or a subordination
agreement from another lienholder. Underwriting or creditworthiness
conditions may include, for example, conditions that constitute a
counteroffer (such as a demand for a higher down-payment), satisfactory
loan-to-value ratios, or verification or confirmation, in whatever form
the institution requires, that the applicant meets underwriting
conditions concerning applicant creditworthiness, including
documentation or verification of revenue, income or assets.
i. Conditional approval--denial. If the approval is conditioned on
satisfying underwriting or creditworthiness conditions, those
conditions are not met, and the financial institution takes adverse
action on some basis other than incompleteness, the financial
institution reports the action taken as denied.
ii. Conditional approval--incompleteness. If the approval is
conditioned on satisfying underwriting or creditworthiness conditions
that the financial institution needs to make the credit decision, and
the financial institution takes adverse action on the basis of
incompleteness under Sec. 1002.9(a)(1)(ii) and (c)(1)(i), or has sent
a written notice of incompleteness under Sec. 1002.9(c)(1)(ii) and
(2), and the applicant did not respond within the period of time
specified in the notice, the financial institution reports the action
taken as incomplete.
iii. Conditional approval--approved but not accepted. If the
approval is conditioned on satisfying conditions that are solely
customary commitment or closing conditions and the conditions are not
met, the financial institution reports the action taken as approved but
not accepted. If all the conditions (underwriting, creditworthiness, or
customary commitment or closing conditions) are satisfied and the
financial institution agrees to extend credit but the covered credit
transaction is not originated (for example, because the applicant
withdraws), the financial institution reports the action taken as
approved but not accepted.
iv. Conditional approval--withdrawn by the applicant. If the
applicant expressly withdraws before satisfying all underwriting or
creditworthiness conditions and before the institution denies the
application or before the institution closes the file for
incompleteness, the financial institution reports the action taken as
withdrawn.
107(a)(10) Action Taken Date
1. Reporting action taken date for denied applications. For
applications that are denied, a financial institution reports either
the date the application was denied or the date the denial notice was
sent to the applicant.
2. Reporting action taken date for applications withdrawn by
applicant. For applications that are withdrawn by the applicant, the
financial institution reports the date the express withdrawal was
received, or the date shown on the notification form in the case of a
written withdrawal.
3. Reporting action taken date for applications that are approved
but not accepted. For applications approved by a financial institution
but not accepted by the applicant, the financial institution reports
any reasonable date, such as the approval date, the deadline for
accepting the offer, or the date the file was closed. A financial
institution should generally be consistent in its approach to reporting
by, for example, establishing procedures for how to report this date
for particular scenarios, products, or divisions.
4. Reporting action taken date for originated applications. For
applications that result in an extension of credit, a financial
institution generally reports the closing or account opening date. If
the disbursement of funds takes place on a date later than the closing
or account opening date, the institution may, alternatively, use the
date of initial disbursement. A financial institution should generally
be consistent in its approach to reporting by, for example,
establishing procedures for how to report this date for particular
scenarios, products, or divisions.
5. Reporting action taken date for incomplete applications. For
applications closed for incompleteness or denied for incompleteness,
the financial institution reports either the date the action was taken
or the date the
[[Page 35550]]
denial or incompleteness notice was sent to the applicant.
107(a)(11) Denial Reasons
1. Reason for denial--in general. A financial institution complies
with Sec. 1002.107(a)(11) by reporting the principal reason or reasons
it denied the application, indicating up to four reasons. The financial
institution reports only the principal reason or reasons it denied the
application. For example, if a financial institution denies an
application due to insufficient cashflow, unacceptable collateral, and
unverifiable business information, the financial institution is
required to report these three reasons. The reasons reported must
accurately describe the principal reason or reasons the financial
institution denied the application. A financial institution reports
denial reasons by selecting its principal reason or reasons for denying
the application from the following list:
i. Credit characteristics of the business. A financial institution
reports the denial reason as ``credit characteristics of the business''
if it denies the application based on an assessment of the business's
ability to meet its current or future credit obligations. Examples
include business credit score, history of business bankruptcy or
delinquency, and/or a high number of recent business credit inquiries.
ii. Credit characteristics of the principal owner(s) or
guarantor(s). A financial institution reports the denial reason as
``credit characteristics of the principal owner(s) or guarantor(s)'' if
it denies the application based on an assessment of the principal
owner(s) or guarantor(s)'s ability to meet its current or future credit
obligations. Examples include principal owner(s) or guarantor(s)'s
credit score, history of charge offs, bankruptcy or delinquency, low
net worth, limited or insufficient credit history, or history of
excessive overdraft.
iii. Use of credit proceeds. A financial institution reports the
denial reason as ``use of credit proceeds'' if it denies an application
because, as a matter of policy or practice, it places limits on lending
to certain kinds of businesses, products, or activities it has
identified as high risk.
iv. Cashflow. A financial institution reports the denial reason as
``cashflow'' when it denies an application due to insufficient or
inconsistent cashflow.
v. Collateral. A financial institution reports the denial reason as
``collateral'' when it denies an application due to collateral that it
deems insufficient or otherwise unacceptable.
vi. Time in business. A financial institution reports the denial
reason as ``time in business'' when it denies an application due to
insufficient time or experience in a line of business.
vii. Government loan program criteria. Certain loan programs are
backed by government agencies that have specific eligibility
requirements. When those requirements are not met by an applicant, and
the financial institution denies the application, the financial
institution reports the denial reason as ``government loan program
criteria.'' For example, if an applicant cannot meet a government-
guaranteed loan program's requirement to provide a guarantor or proof
of insurance, the financial institution reports the reason for the
denial as ``government loan program criteria.''
viii. Aggregate exposure. Aggregate exposure is a measure of the
total exposure or level of indebtedness of the business and its
principal owner(s) associated with an application. A financial
institution reports the denial reason as ``aggregate exposure'' where
the total debt associated with the application is deemed high or
exceeds certain debt thresholds set by the financial institution. For
example, if an application for unsecured credit exceeds the maximum
amount a financial institution is permitted to approve per applicant,
as stated in its credit guidelines, and the financial institution
denies the application for this reason, the financial institution
reports the reason for denial as ``aggregate exposure.''
ix. Unverifiable information. A financial institution reports the
denial reason as ``unverifiable information'' when it is unable to
verify information provided as part of the application, and denies the
application for that reason. The unverifiable information must be
necessary for the financial institution to make a credit decision based
on its procedures for the type of credit requested. Examples include
unverifiable assets or collateral, unavailable business credit report,
and unverifiable business ownership composition.
x. Other. A financial institution reports the denial reason as
``other'' where none of the enumerated denial reasons adequately
describe the principal reason or reasons it denied the application, and
the institution reports the denial reason or reasons via free-form text
field.
2. Reason for denial--not applicable. A financial institution
complies with Sec. 1002.107(a)(11) by reporting that the requirement
is not applicable if the action taken on the application, pursuant to
Sec. 1002.107(a)(9), is not a denial. For example, if the application
resulted in an originated covered credit transaction, or the
application was approved but not accepted, the financial institution
complies with Sec. 1002.107(a)(11) by reporting not applicable.
107(a)(12) Pricing Information
1. General. For applications that a financial institution, pursuant
to Sec. 1002.107(a)(9), reports as denied, withdrawn by the applicant,
or incomplete, the financial institution reports that pricing
information is ``not applicable.''
107(a)(12)(i) Interest Rate
1. General. A financial institution complies with Sec.
1002.107(a)(12)(i) by reporting the interest rate applicable to the
amount of credit approved or originated as reported pursuant to Sec.
1002.107(a)(8).
2. Interest rate--initial period. If a covered credit transaction
includes an initial period with an introductory interest rate of 12
months or less, after which the interest rate adjusts upwards or shifts
from a fixed to variable rate, a financial institution complies with
Sec. 1002.107(a)(12)(i) by reporting information about the interest
rate applicable after the initial period. If a covered transaction
includes an initial period with an interest rate of more than 12 months
after which the interest rate resets, a financial institution complies
with Sec. 1002.107(a)(12)(i) by reporting information about the
interest rate applicable prior to the reset period. For example, if a
financial institution originates a covered credit transaction with a
fixed, initial interest rate of 0 percent for six months following
origination, after which the interest rate will adjust according to a
Prime index rate plus a 3 percent margin, the financial institution
reports the 3 percent margin, Prime as the name of the index used to
adjust the interest rate, the number 6 for the length of the initial
period, and ``not applicable'' for the index value. As another example,
in a 10/1 adjustable-rate mortgage transaction, where the first 10
years of the repayment period has a fixed rate of 3 percent and after
year 10 the interest rate will adjust according to a Prime index rate
plus a 3 percent margin, a financial institution complies with Sec.
1002.107(a)(12)(i) by reporting the fixed rate of 3 percent, the number
120 for the initial period, and ``not applicable'' in the fields for
the index, margin, and index value.
3. Multiple interest rates. If a covered credit transaction
includes multiple
[[Page 35551]]
interest rates applicable to different credit features, a financial
institution complies with Sec. 1002.107(a)(12)(i) by reporting the
interest rate applicable to the amount of credit approved or originated
reported pursuant to Sec. 1002.107(a)(8). For example, if a financial
institution originates a credit card with different interest rates for
purchases, balance transfers, cash advances, and overdraft advances,
the financial institution reports the interest rate applicable for
purchases.
4. Index names. A financial institution complies with Sec.
1002.107(a)(12)(i) by selecting the index used from the following list:
Wall Street Journal Prime, 6-month CD rate, 1-year T-Bill, 3-year T-
Bill, 5-year T-Note, 12-month average of 10-year T-Bill, Cost of Funds
Index (COFI)-National, Cost of Funds Index (COFI)-11th District,
Constant Maturity Treasury (CMT). If the index used is internal to the
financial institution, the financial institution reports ``internal
index'' via the list of indices provided. If the index used does not
appear on the list of indices provided (and is not internal to the
financial institution), the financial institution reports ``other'' and
reports the name of the index via free-form text field.
5. Index value. For covered transactions with an adjustable
interest rate, a financial institution complies with Sec.
1002.107(a)(12)(i)(B) by reporting the index value used to set the rate
that is or would be applicable to the covered transaction.
107(a)(12)(ii) Total Origination Charges
1. Charges in comparable cash transactions. Charges imposed
uniformly in cash and credit transactions are not reportable under
Sec. 1002.107(a)(12)(ii). In determining whether an item is part of
the total origination charges, a financial institution should compare
the covered credit transaction in question with a similar cash
transaction. A financial institution financing the sale of property or
services may compare charges with those payable in a similar cash
transaction by the seller of the property or service.
2. Charges by third parties. A financial institution includes fees
and amounts charged by someone other than the financial institution in
the total charges reported if the financial institution:
i. Requires the use of a third party as a condition of or an
incident to the extension of credit, even if the applicant can choose
the third party; or
ii. Retains a portion of the third-party charge, to the extent of
the portion retained.
3. Special rule; broker fees. A financial institution complies with
Sec. 1002.107(a)(12)(ii) by including fees charged by a broker
(including fees paid by the applicant directly to the broker or to the
financial institution for delivery to the broker) in the total
origination charges reported even if the financial institution does not
require the applicant to use a broker and even if the financial
institution does not retain any portion of the charge. For more
information on broker fees, see commentary for Sec.
1002.107(a)(12)(iii).
4. Bundled services. Total origination charges include all charges
imposed directly or indirectly by the financial institution at or
before origination as an incident to or a condition of the extension of
credit. Accordingly, a financial institution complies with Sec.
1002.107(a)(12)(ii) by including charges for other products or services
paid at or before origination in the total origination charges reported
if the financial institution requires the purchase of such other
product or service as a condition of or an incident to the extension of
credit.
5. Origination charges--examples. Examples of origination charges
may include application fees, credit report fees, points, appraisal
fees, and other similar charges.
6. Net lender credit. If a financial institution provides a credit
to an applicant that is greater than the total origination charges the
applicant would have paid, the financial institution complies with
Sec. 1002.107(a)(12)(ii) by reporting the net lender credit as a
negative amount. For example, if a covered transaction has $500
provided to the applicant at origination to offset closing costs, and
the financial institution does not charge any origination charges, the
financial institution complies with Sec. 1002.107(a)(12)(ii) by
reporting negative $500 as the total origination charges.
107(a)(12)(iii) Broker Fees
1. Amount. A financial institution complies with Sec.
1002.107(a)(12)(iii) by including the fees reported in Sec.
1002.107(a)(12)(ii) that are fees paid by the applicant directly to the
broker or to the financial institution for delivery to the broker. For
example, a covered transaction has $3,000 of total origination charges.
Of that $3,000, $250 are fees paid by the applicant directly to a
broker and an additional $300 are fees paid to the financial
institution for delivery to the broker. The financial institution
complies with Sec. 1002.107(a)(12)(iii) by reporting $550 in the
broker fees reported.
2. Fees paid directly to a broker by an applicant. A financial
institution complies with Sec. 1002.107(a)(12)(iii) by relying on the
best information readily available to the financial institution at the
time final action is taken. Information readily available could
include, for example, information provided by an applicant or broker
that the financial institution reasonably believes regarding the amount
of fees paid by the applicant directly to the broker.
107(a)(12)(iv) Initial Annual Charges
1. Charges during the initial annual period. The total initial
annual charges include all charges scheduled to be imposed during the
initial annual period following origination. For example, if a
financial institution originates a covered credit transaction with a
$50 monthly fee and a $100 annual fee, the financial institution
complies with Sec. 1002.107(a)(12)(iv) by reporting $700 in the
initial annual charges reported. If there will be a charge in the
initial annual period following origination but the amount of that
charge is uncertain at the time of origination, a financial institution
complies with Sec. 1002.107(a)(12)(iv) by not reporting that charge as
scheduled to be imposed during the initial annual period following
origination.
2. Interest excluded. A financial institution complies with Sec.
1002.107(a)(12)(iv) by excluding any interest expense from the initial
annual charges reported.
3. Avoidable charges. A financial institution complies with Sec.
1002.107(a)(12)(iv) by only including scheduled charges and excluding
any charges for events that are avoidable by the applicant from the
initial annual charges reported. Examples of avoidable charges include
charges for late payment, for exceeding a credit limit, for delinquency
or default, or for paying items that overdraw an account.
4. Initial annual charges--examples. Examples of charges scheduled
to be imposed during the initial annual period may include monthly
fees, annual fees, and other similar charges.
5. Scheduled charges with variable amounts. A financial institution
complies with Sec. 1002.107(a)(12)(iv) by reporting as the default the
highest amount for a charge scheduled to be imposed. For example, if a
covered credit transaction has a $75 monthly fee, but the fee is
reduced to $0 if the applicant maintains an account at the financial
institution originating the
[[Page 35552]]
covered credit transaction, the financial institution complies with
Sec. 1002.107(a)(12)(iv) by reporting $900 ($75 x 12) in the initial
annual charges reported.
6. Transactions with a term of less than one year. For a
transaction with a term of less than one year, a financial institution
complies with Sec. 1002.107(a)(12)(iv) by reporting all charges
scheduled to be imposed during the term of the transaction.
107(a)(12)(v) Additional Cost for Merchant Cash Advances or Other
Sales-Based Financing
1. Merchant cash advances. Section 1002.107(a)(12)(v) requires a
financial institution to report the difference between the amount
advanced and the amount to be repaid for a merchant cash advance or
other sales-based financing transaction. Thus, in a merchant cash
advance, a financial institution reports the difference between the
amount advanced and the amount to be repaid, using the amounts
(expressed in dollars) provided in the contract between the financial
institution and the applicant.
107(a)(12)(vi) Prepayment Penalties
1. Policies and procedures applicable to the covered credit
transaction. The policies and procedures applicable to the covered
credit transaction include the practices that the financial institution
follows when evaluating applications for the specific credit type and
credit purpose requested. For example, assume that a financial
institution's written procedures permit it to include prepayment
penalties in the loan agreement for its term loans secured by non-owner
occupied commercial real estate. For such transactions, the financial
institution includes prepayment penalties in some loan agreements but
not others. For an application for, or origination of, a term loan
secured by non-owner occupied commercial real estate, the financial
institution reports under Sec. 1002.107(a)(12)(vi)(A) that a
prepayment penalty could have been included under the policies and
procedures applicable to the transaction, regardless of whether the
term loan secured by non-owner occupied commercial real estate actually
includes a prepayment penalty.
2. Balloon finance charges. A financial institution complies with
Sec. 1002.107(a)(12)(vi) by reporting as a prepayment penalty any
balloon finance charge that may be imposed for paying all or part of
the transaction's principal before the date on which the principal is
due. For example, under the terms of a transaction, the amount of funds
advanced is $12,000, the amount to be repaid is $24,000 (which includes
$12,000 in principal and $12,000 in interest and fees), the length of
the transaction is 12 months, and the applicant must repay $2,000 per
month. The terms of the transaction state that if the applicant prepays
the principal before the 12-month period is over, the applicant is
responsible for paying the difference between $24,000 and the amount
the applicant has already repaid prior to initiating prepayment. The
difference between the $24,000 to be repaid and what the applicant has
already repaid prior to initiating prepayment is a balloon finance
charge and should be reported as a prepayment penalty.
107(a)(13) Census Tract
1. General. A financial institution complies with Sec.
1002.107(a)(13) by reporting a census tract number as defined by the
U.S. Census Bureau, which includes State and county numerical codes. A
financial institution complies with Sec. 1002.107(a)(13) if it uses
the boundaries and codes in effect on January 1 of the calendar year
covered by the small business lending application register that it is
reporting. The financial institution reports census tract based on the
following:
i. Proceeds address. A financial institution complies with Sec.
1002.107(a)(13) by reporting a census tract based on the address or
location where the proceeds of the credit applied for or originated
will be or would have been principally applied, if known. For example,
a financial institution would report a census tract based on the
address or location of the site where the proceeds of a construction
loan will be applied.
ii. Main office or headquarters address. If the address or location
where the proceeds of the credit applied for or originated will be or
would have been principally applied is unknown, a financial institution
complies with Sec. 1002.107(a)(13) by reporting a census tract number
based on the address or location of the main office or headquarters of
the applicant, if known. For example, the address or location of the
main office or headquarters of the applicant may be the home address of
a sole proprietor or the office address of a sole proprietor or other
applicant.
iii. Another address or location. If neither the address or
location where the proceeds of the credit applied for or originated
will be or would have been principally applied nor the address or
location of the main office or headquarters of the applicant are known,
a financial institution complies with Sec. 1002.107(a)(13) by
reporting a census tract number based on another address or location
associated with the applicant.
iv. Type of address used. In addition to reporting the census
tract, pursuant to Sec. 1002.107(a)(13)(iv) a financial institution
must report which one of the three types of addresses or locations
listed in Sec. 1002.107(a)(13)(i) through (iii) and described in
comments 107(a)(13)-1.i through iii that the census tract is determined
from.
2. Financial institution discretion. A financial institution
complies with Sec. 1002.107(a)(13) by identifying the appropriate
address or location and the type of that address or location in good
faith, using appropriate information from the applicant's credit file
or otherwise known by the financial institution. A financial
institution is not required to make inquiries beyond its standard
procedures as to the nature of the addresses or locations it collects.
3. Address or location not provided by applicant and otherwise
undetermined. Pursuant to Sec. 1002.107(c), a financial institution
shall maintain procedures reasonably designed to collect applicant-
provided data, which includes at least one address or location for an
applicant for census tract reporting. However, if a financial
institution is nonetheless unable to collect or otherwise determine any
address or location for an application, the financial institution
reports that the census tract information is ``not provided by
applicant and otherwise undetermined.''
4. Safe harbor. As described in Sec. 1002.112(c)(2) and comment
112(c)-1, a financial institution that obtains an incorrect census
tract by correctly using a geocoding tool provided by the FFIEC or the
Bureau does not violate the Act or subpart B of this part.
107(a)(14) Gross Annual Revenue
1. Collecting gross annual revenue. A financial institution reports
the applicant's gross annual revenue, expressed in dollars, for its
fiscal year preceding when the information was collected. A financial
institution may rely on the applicant's statements or on information
provided by the applicant in collecting and reporting gross annual
revenue, even if the applicant's statement or information is based on
estimation or extrapolation. However, pursuant to Sec. 1002.107(b), if
the financial institution verifies the gross annual revenue provided by
the applicant, it must report the verified information. Also, pursuant
to comment 107(c)(1)-5, a financial institution reports updated gross
annual revenue
[[Page 35553]]
data if it obtains more current data from the applicant during the
application process. If a financial institution has already verified
gross annual revenue data and then the applicant updates it, the
financial institution reports the information it believes to be more
accurate, in its discretion. The financial institution may use the
following language to ask about gross annual revenue and may rely on
the applicant's answer (unless subsequently verified or updated):
What was the gross annual revenue of the business applying for
credit in its last full fiscal year? Gross annual revenue is the amount
of money the business earned before subtracting taxes and other
expenses. You may provide gross annual revenue calculated using any
reasonable method.
2. Gross annual revenue not provided by applicant and otherwise
undetermined. Pursuant to Sec. 1002.107(c), a financial institution
shall maintain procedures reasonably designed to collect applicant-
provided data, which includes the gross annual revenue of the
applicant. However, if a financial institution is nonetheless unable to
collect or determine the gross annual revenue of the applicant, the
financial institution reports that the gross annual revenue is ``not
provided by applicant and otherwise undetermined.''
3. Affiliate revenue. A financial institution is permitted, but not
required, to report the gross annual revenue for the applicant that
includes the revenue of affiliates as well. Likewise, as explained in
comment 106(b)(1)-3, in determining whether the applicant is a small
business under Sec. 1002.106(b), a financial institution may rely on
an applicant's representations regarding gross annual revenue, which
may or may not include affiliates' revenue.
4. Gross annual revenue for a startup business. In a typical
startup business situation where the applicant has no gross annual
revenue for its fiscal year preceding when the information is
collected, the financial institution reports that the applicant's gross
annual revenue in the preceding fiscal year is ``zero.'' The financial
institution shall not report pro forma projected revenue figures
because these figures do not reflect actual gross revenue.
107(a)(15) NAICS Code
1. General. NAICS stands for North American Industry Classification
System. The Office of Management and Budget has charged the Economic
Classification Policy Committee with the maintenance and review of
NAICS. A financial institution complies with Sec. 1002.107(a)(15) if
it uses the 3-digit NAICS subsector codes in effect on January 1 of the
calendar year covered by the small business lending application
register that it is reporting.
2. NAICS not provided by applicant and otherwise undetermined.
Pursuant to Sec. 1002.107(c), a financial institution shall maintain
procedures reasonably designed to collect applicant-provided data,
which includes NAICS code. However, if a financial institution is
nonetheless unable to collect or otherwise determine a NAICS code for
the applicant, the financial institution reports that the NAICS code is
``not provided by applicant and otherwise undetermined.''
3. Safe harbor. As described in Sec. 1002.112(c)(3) and comment
112(c)-2, a financial institution that obtains an incorrect NAICS code
does not violate the Act or subpart B of this part if it either relies
on an applicant's representations or on an appropriate third-party
source, in accordance with Sec. 1002.107(b), regarding the NAICS code,
or identifies the NAICS code itself, provided that the financial
institution maintains procedures reasonably adapted to correctly
identify a 3-digit NAICS code.
107(a)(16) Number of Workers
1. General. A financial institution complies with Sec.
1002.107(a)(16) by reporting the number of people who work for the
applicant, using the ranges prescribed in the Filing Instructions
Guide.
2. Collecting number of workers. A financial institution may
collect number of workers from an applicant using the ranges for
reporting as specified by the Bureau (see comment 107(a)(16)-1) or as a
numerical value. When asking for the number of workers from an
applicant, a financial institution shall explain that full-time, part-
time and seasonal employees, as well as contractors who work primarily
for the applicant, would be counted as workers, but principal owners of
the applicant would not. If asked, the financial institution shall
explain that volunteers are not counted as workers, and workers for
affiliates of the applicant are counted if the financial institution
were also collecting the affiliates' gross annual revenue. The
financial institution may use the following language to ask about the
number of workers and may rely on the applicant's answer (unless
subsequently verified or updated):
Counting full-time, part-time and seasonal workers, as well as
contractors who work primarily for the business applying for credit,
but not counting principal owners of the business, how many people work
for the business applying for credit?
3. Number of workers not provided by applicant and otherwise
undetermined. Pursuant to Sec. 1002.107(c), a financial institution
shall maintain procedures reasonably designed to collect applicant-
provided data, which includes the number of workers of the applicant.
However, if a financial institution is nonetheless unable to collect or
determine the number of workers of the applicant, the financial
institution reports that the number of workers is ``not provided by
applicant and otherwise undetermined.''
107(a)(17) Time in Business
1. Collecting time in business. A financial institution complies
with Sec. 1002.107(a)(17) by reporting the time the applicant has been
in business.
i. If a financial institution collects or otherwise obtains the
number of years an applicant has been in business as part of its
procedures for evaluating an application for credit, it reports the
time in business in whole years, rounded down to the nearest whole
year.
ii. If a financial institution does not collect time in business as
described in comment 107(a)(17)-1.i, but as part of its procedures
determines whether or not the applicant's time in business is less than
two years, it reports the applicant's time in business as either less
than two years or two or more years in business.
iii. If a financial institution does not collect time in business
as part of its procedures for evaluating an application for credit as
described in comments 107(a)(17)-1.i or .ii, the financial institution
complies with Sec. 1002.107(a)(17) by asking the applicant whether it
has been in existence for less than two years or two or more years and
reporting the information provided by the applicant accordingly.
2. Time in business collected as part of the financial
institution's procedures for evaluating an application for credit. A
financial institution that collects or obtains an applicant's time in
business as part of its procedures for evaluating an application for
credit is not required to collect or obtain time in business pursuant
to any particular definition of time in business for this purpose. For
example, if the financial institution collects the number of years the
applicant has existed (such as by asking the applicant when its
business was started, or by obtaining the applicant's date of
incorporation from a Secretary of State or other State or Federal
agency that registers or licenses businesses) as
[[Page 35554]]
the time in business, the financial institution reports that
information accordingly pursuant to comment 107(a)(17)-1.i. Similarly,
if the financial institution collects the number of years of experience
the applicant's owners have in the current line of business, the
financial institution reports that information accordingly pursuant to
comment 107(a)(17)-1.i. If, however, the financial institution collects
both the number of years the applicant has existed as well as some
other measure of time in business (such as the number of years of
experience the applicant's owners have in the current line of
business), the financial institution reports the number of years the
applicant has existed as the time in business pursuant to comment
107(a)(17)-1.i.
3. Time in business not provided by applicant and otherwise
undetermined. Pursuant to Sec. 1002.107(c), a financial institution
shall maintain procedures reasonably designed to collect applicant-
provided data, which includes the applicant's time in business.
However, if a financial institution is nonetheless unable to collect or
determine the applicant's time in business, the financial institution
reports that the time in business is ``not provided by applicant and
otherwise undetermined.''
107(a)(18) Minority-Owned, Women-Owned, and LGBTQI+-Owned Business
Statuses
1. General. A financial institution must ask an applicant whether
it is a minority-owned, women-owned, and/or LGBTQI+-owned business. The
financial institution must permit an applicant to refuse (i.e.,
decline) to answer the financial institution's inquiry regarding
business status and must inform the applicant that the applicant is not
required to provide the information. See the sample data collection
form in appendix E to this part for sample language for providing this
notice to applicants. The financial institution must report the
applicant's substantive response regarding each business status, that
the applicant declined to answer the inquiry (that is, selected an
answer option of ``I do not wish to provide this information'' or
similar), or its failure to respond to the inquiry (that is, ``not
provided by applicant''), as applicable.
2. Definitions. When inquiring about minority-owned, women-owned,
and LGBTQI+-owned business statuses (regardless of whether the request
is made on a paper form, electronically, or orally), the financial
institution also must provide the applicant with definitions of the
terms ``minority-owned business,'' ``women-owned business,'' and
``LGBTQI+-owned business'' as set forth in Sec. 1002.102 (m), (s) and
(l), respectively. The financial institution satisfies this requirement
if it provides the definitions as set forth in the sample data
collection form in appendix E.
3. Combining questions. A financial institution may combine on the
same paper or electronic data collection form the questions regarding
minority-owned, women-owned, and LGBTQI+-owned business status pursuant
to Sec. 1002.107(a)(18) with principal owners' ethnicity, race, and
sex pursuant to Sec. 1002.107(a)(19) and the applicant's number of
principal owners pursuant to Sec. 1002.107(a)(20). See the sample data
collection form in appendix E.
4. Notices. When requesting minority-owned, women-owned, and
LGBTQI+-owned business statuses from an applicant, a financial
institution must inform the applicant that the financial institution
cannot discriminate on the basis of the applicant's minority-owned,
women-owned, or LGBTQI+-owned business statuses, or on whether the
applicant provides its minority-owned, women-owned, or LGBTQI+-owned
business statuses. A financial institution must also inform the
applicant that Federal law requires it to ask for an applicant's
minority-owned, women-owned, and LGBTQI+-owned business statuses to
help ensure that all small business applicants for credit are treated
fairly and that communities' small business credit needs are being
fulfilled. A financial institution may combine these notices regarding
minority-owned, women-owned, and LGBTQI+-owned business statuses with
the notices that a financial institution is required to provide when
requesting principal owners' ethnicity, race, and sex if a financial
institution requests information pursuant to Sec. 1002.107(a)(18) and
(19) in the same data collection form or at the same time. See the
sample data collection form in appendix E for sample language that a
financial institution may use for these notices.
5. Maintaining the record of an applicant's response regarding
minority-owned, women-owned, and LGBTQI+-owned business statuses
separate from the application. A financial institution must maintain
the record of an applicant's responses to the financial institution's
inquiry pursuant to Sec. 1002.107(a)(18) separate from the application
and accompanying information. See Sec. 1002.111(b) and comment 111(b)-
1. If the financial institution provides a paper or electronic data
collection form, the data collection form must not be part of the
application form or any other document that the financial institution
uses to provide or collect any information other than minority-owned
business status, women-owned business status, LGBTQI+-owned business
status, principal owners' ethnicity, race, and sex, and the number of
the applicant's principal owners. See the sample data collection form
in appendix E. For example, if the financial institution sends the data
collection form via email, the data collection form should be a
separate attachment to the email or accessed through a separate link in
the email. If the financial institution uses a web-based data
collection form, the form should be on its own page.
6. Minority-owned, women-owned, and/or LGBTQI+-owned business
statuses not provided by applicant. Pursuant to Sec. 1002.107(c), a
financial institution shall maintain procedures reasonably designed to
collect applicant-provided data, which includes the applicant's
minority-owned, women-owned, and LGBTQI+-owned business statuses.
However, if a financial institution does not receive a response to the
financial institution's inquiry pursuant to Sec. 1002.107(a)(18), the
financial institution reports that the applicant's business statuses
were ``not provided by applicant.''
7. Applicant declines to provide information about minority-owned,
women-owned, and/or LGBTQI+-owned business statuses. A financial
institution reports that the applicant responded that it did not wish
to provide the information about an applicant's minority-owned, women-
owned, and LGBTQI+-owned business statuses, if the applicant declines
to provide the information by selecting such a response option on a
paper or electronic form (e.g., by selecting an answer option of ``I do
not wish to provide this information'' or similar). The financial
institution also reports an applicant's refusal to provide such
information in this way, if the applicant orally declines to provide
such information for a covered application taken by telephone or
another medium that does not involve providing any paper or electronic
documents.
8. Conflicting responses provided by applicants. If the applicant
both provides a substantive response to the financial institution's
inquiry regarding business status (that is, indicates that it is a
minority-owned, women-owned, and/or LGBTQI+-owned business, or checks
``none apply'' or similar) and also checks the box indicating ``I do
not wish to provide this information'' or
[[Page 35555]]
similar, the financial institution reports the substantive response(s)
provided by the applicant (rather than reporting that the applicant
declined to provide the information).
9. No verification of business statuses. Notwithstanding Sec.
1002.107(b), a financial institution must report the applicant's
substantive response(s), that the applicant declined to answer the
inquiry (that is, selected an answer option of ``I do not wish to
provide this information'' or similar), or the applicant's failure to
respond to the inquiry (that is, that the information was ``not
provided by applicant'') pursuant to Sec. 1002.107(a)(18), even if the
financial institution verifies or otherwise obtains an applicant's
minority-owned, women-owned, and/or LGBTQI+-owned business statuses for
other purposes. For example, if a financial institution uses a paper
data collection form to ask an applicant if it is a minority-owned
business, a women-owned business, and/or an LGBTQI+-owned business and
the applicant does not indicate that it is a minority-owned business,
the financial institution must not report that the applicant is a
minority-owned business, even if the applicant indicates that it is a
minority-owned business for other purposes, such as for a special
purpose credit program or a Small Business Administration program.
107(a)(19) Ethnicity, Race, and Sex of Principal Owners
1. General. A financial institution must ask an applicant to
provide its principal owners' ethnicity, race, and sex. The financial
institution must permit an applicant to refuse (i.e., decline) to
answer the financial institution's inquiry and must inform the
applicant that it is not required to provide the information. See the
sample data collection form in appendix E to this part for sample
language for providing this notice to applicants. The financial
institution must report the applicant's substantive responses regarding
principal owners' ethnicity, race, and sex, that the applicant declined
to answer an inquiry (that is, selected an answer option of ``I do not
wish to provide this information'' or similar), or its failure to
respond to an inquiry (that is, ``not provided by applicant''), as
applicable. The financial institution must report an applicant's
responses about its principal owners' ethnicity, race, and sex,
regardless of whether an applicant declines or fails to answer an
inquiry about the number of its principal owners under Sec.
1002.107(a)(20). If an applicant provides some, but not all, of the
requested information about the ethnicity, race, and sex of a principal
owner, the financial institution reports the information that was
provided by the applicant and reports that the applicant declined to
provide or did not provide (as applicable) the remainder of the
information. See comments 107(a)(19)-6 and -7.
2. Definition of principal owner. When requesting a principal
owner's ethnicity, race, and sex, the financial institution must also
provide the applicant with the definition of the term ``principal
owner'' as set forth in Sec. 1002.102(o). The financial institution
satisfies this requirement if it provides the definition of principal
owner as set forth in the sample data collection form in appendix E.
3. Combining questions. A financial institution may combine on the
same paper or electronic data collection form the questions regarding
the principal owners' ethnicity, race, and sex pursuant to Sec.
1002.107(a)(19) with the applicant's number of principal owners
pursuant to Sec. 1002.107(a)(20) and the applicant's minority-owned,
women-owned, and LGBTQI+-owned business statuses pursuant to Sec.
1002.107(a)(18). See the sample data collection form in appendix E.
4. Notices. When requesting a principal owner's ethnicity, race,
and sex from an applicant, a financial institution must inform the
applicant that the financial institution cannot discriminate on the
basis of a principal owner's ethnicity, race, or sex/gender, or on
whether the applicant provides the information. A financial institution
must also inform the applicant that Federal law requires it to ask for
the principal owners' ethnicity, race, and sex/gender to help ensure
that all small business applicants for credit are treated fairly and
that communities' small business credit needs are being fulfilled. A
financial institution may combine these notices with the similar
notices that a financial institution is required to provide when
requesting minority-owned business status, women-owned business status,
and LGBTQI+-owned business status, if a financial institution requests
information pursuant to Sec. 1002.107(a)(18) and (19) in the same data
collection form or at the same time. See the sample data collection
form in appendix E for sample language that a financial institution may
use for these notices.
5. Maintaining the record of an applicant's responses regarding
principal owners' ethnicity, race, and sex separate from the
application. A financial institution must maintain the record of an
applicant's response to the financial institution's inquiries pursuant
to Sec. 1002.107(a)(19) separate from the application and accompanying
information. See Sec. 1002.111(b) and comment 111(b)-1. If the
financial institution provides a paper or electronic data collection
form, the data collection form must not be part of the application form
or any other document that the financial institution uses to provide or
collect any information other than minority-owned business status,
women-owned business status, LGBTQI+-owned business status, principal
owners' ethnicity, race, and sex, and the number of the applicant's
principal owners. See the sample data collection form in appendix E for
sample language. For example, if the financial institution sends the
data collection form via email, the data collection form should be a
separate attachment to the email or accessed through a separate link in
the email. If the financial institution uses a web-based data
collection form, the form should be on its own page.
6. Ethnicity, race, or sex of principal owners not provided by
applicant. Pursuant to Sec. 1002.107(c), a financial institution shall
maintain procedures reasonably designed to collect applicant-provided
data, which includes the ethnicity, race, and sex of an applicant's
principal owners. However, if an applicant does not provide the
information, such as in response to a request for a principal owner's
ethnicity, race, or sex on a paper or electronic data collection form,
the financial institution reports the ethnicity, race, or sex (as
applicable) as ``not provided by applicant'' for that principal owner.
For example, if the financial institution provides a paper data
collection form to an applicant with two principal owners, and asks the
applicant to complete and return the form but the applicant does not do
so, the financial institution reports that the two principal owners'
ethnicity, race, and sex were ``not provided by applicant.'' Similarly,
if the financial institution provides an electronic data collection
form, the applicant indicates that it has two principal owners, the
applicant provides ethnicity, race, and sex for the first principal
owner, and the applicant does not make any selections for the second
principal owner's ethnicity, race, and sex, the financial institution
reports the ethnicity, race, and sex that the applicant provided for
the first principal owner and reports that each of the ethnicity, race,
and sex for the second principal owner was ``not provided by
applicant.'' Additionally, if the financial institution provides an
[[Page 35556]]
electronic or paper data collection form, the applicant indicates that
it has one principal owner, provides the principal owner's ethnicity
and sex information, but does not provide information about the
principal owner's race and also does not select a response of ``I do
not wish to provide this information'' with regard to race, the
financial institution reports the ethnicity and sex provided by the
applicant and reports that the race of the principal owner was ``not
provided by applicant.''
7. Applicant declines to provide information about a principal
owner's ethnicity, race, or sex. A financial institution reports that
the applicant responded that it did not wish to provide the information
about a principal owner's ethnicity, race, or sex (as applicable), if
the applicant declines to provide the information by selecting such a
response option on a paper or electronic form (e.g., by selecting an
answer option of ``I do not wish to provide this information'' or
similar). The financial institution also reports an applicant's refusal
to provide such information in this way, if the applicant orally
declines to provide such information for a covered application taken by
telephone or another medium that does not involve providing any paper
or electronic documents.
8. Conflicting responses provided by applicant. If the applicant
both provides a substantive response to a request for a principal
owner's ethnicity, race, or sex (that is, identifies a principal
owner's race, ethnicity, or sex) and also checks the box indicating ``I
do not wish to provide this information'' or similar, the financial
institution reports the information on ethnicity, race, or sex that was
provided by the applicant (rather than reporting that the applicant
declined provide the information). For example, if an applicant is
completing a paper data collection form and writes in a response that a
principal owner's sex is female and also indicates on the form that the
applicant does not wish to provide information regarding that principal
owner's sex, the financial institution reports the principal owner's
sex as female.
9. No verification of ethnicity, race, and sex of principal owners.
Notwithstanding Sec. 1002.107(b), a financial institution must report
the applicant's substantive responses as to its principal owners'
ethnicity, race, and sex (that is, the applicant's identification of
its principal owners' race, ethnicity, and sex), that the applicant
declined to answer the inquiry (that is, selected an answer option of
``I do not wish to provide this information'' or similar), or the
applicant's failure to respond to the inquiry (that is, the information
was ``not provided by applicant'') pursuant to Sec. 1002.107(a)(19),
even if the financial institution verifies or otherwise obtains the
ethnicity, race, or sex of the applicant's principal owners for other
purposes.
10. Reporting for fewer than four principal owners. If an applicant
has fewer than four principal owners, the financial institution reports
ethnicity, race, and sex information for the number of principal owners
that the applicant has and reports the ethnicity, race, and sex fields
for additional principal owners as ``not applicable.'' For example, if
an applicant has only one principal owner, the financial institution
reports ethnicity, race, and sex information for the first principal
owner and reports as ``not applicable'' the ethnicity, race, and sex
data fields for principal owners two through four.
11. Previously collected ethnicity, race, and sex information. If a
financial institution reports one or more principal owners' ethnicity,
race, or sex information based on previously collected data under Sec.
1002.107(d), the financial institution does not need to collect any
additional ethnicity, race, or sex information for other principal
owners (if any). See also comment 107(d)-9.
12. Guarantors. A financial institution does not collect or report
a guarantor's ethnicity, race, and sex unless the guarantor is also a
principal owner of the applicant, as defined in Sec. 1002.102(o).
13. Ethnicity. i. Aggregate categories. A financial institution
must permit an applicant to provide each principal owner's ethnicity
for purposes of Sec. 1002.107(a)(19) using one or more of the
following aggregate categories:
A. Hispanic or Latino.
B. Not Hispanic or Latino.
ii. Disaggregated subcategories. A financial institution must
permit an applicant to provide each principal owner's ethnicity for
purposes of Sec. 1002.107(a)(19) using one or more of the following
disaggregated subcategories, regardless of whether the applicant has
indicated that the relevant principal owner is Hispanic or Latino and
regardless of whether the applicant selects any aggregate categories:
Cuban; Mexican; Puerto Rican; or Other Hispanic or Latino. If an
applicant indicates that a principal owner is Other Hispanic or Latino,
the financial institution must permit the applicant to provide
additional information regarding the principal owner's ethnicity, by
using free-form text on a paper or electronic data collection form or
using language that informs the applicant of the opportunity to self-
identify when taking the application by means other than a paper or
electronic data collection form, such as by telephone. The financial
institution must permit the applicant to provide additional information
indicating, for example, that the principal owner is Argentinean,
Colombian, Dominican, Nicaraguan, Salvadoran, or Spaniard. See the
sample data collection form in appendix E for sample language. If an
applicant chooses to provide additional information regarding a
principal owner's ethnicity, such as by indicating that a principal
owner is Argentinean orally or in writing on a paper or electronic
form, a financial institution must report that additional information
via free-form text. If the applicant provides such additional
information but does not also indicate that the principal owner is
Other Hispanic or Latino (e.g., by selecting Other Hispanic or Latino
on a paper or electronic form), a financial institution is permitted,
but not required, to report Other Hispanic or Latino as well.
iii. Selecting multiple categories. The financial institution must
permit the applicant to select one, both, or none of the aggregate
categories and as many disaggregated subcategories as the applicant
chooses. A financial institution must permit an applicant to select a
disaggregated subcategory even if the applicant does not select the
corresponding aggregate category. For example, an applicant must be
permitted to select the Mexican disaggregated subcategory for a
principal owner without being required to select the Hispanic or Latino
aggregate category. If an applicant provides ethnicity information for
a principal owner, the financial institution reports all of the
aggregate categories and disaggregated subcategories provided by the
applicant. For example, if an applicant selects both aggregate
categories and four disaggregated subcategories for a principal owner,
the financial institution reports the two aggregate categories that the
applicant selected and all four of the disaggregated subcategories that
the applicant selected. Additionally, if an applicant selects only the
Mexican disaggregated subcategory for a principal owner and no
aggregate categories, the financial institution reports Mexican for the
ethnicity of the applicant's principal owner but does not also report
Hispanic or Latino. Further, if the applicant selects an aggregate
category (e.g., Not Hispanic or Latino) and a disaggregated
[[Page 35557]]
subcategory that does not correspond to the aggregate category (e.g.,
Puerto Rican), the financial institution reports the information as
provided by the applicant (e.g., Not Hispanic or Latino, and Puerto
Rican).
14. Race. i. Aggregate categories. A financial institution must
permit an applicant to provide each principal owner's race for purposes
of Sec. 1002.107(a)(19) using one or more of the following aggregate
categories:
A. American Indian or Alaska Native.
B. Asian.
C. Black or African American.
D. Native Hawaiian or Other Pacific Islander.
E. White.
ii. Disaggregated subcategories. The financial institution must
permit an applicant to provide a principal owner's race for purposes of
Sec. 1002.107(a)(19) using one or more of the disaggregated
subcategories as listed in this comment 107(a)(19)-14.ii, regardless of
whether the applicant has selected the corresponding aggregate
category.
A. The Asian aggregate category includes the following
disaggregated subcategories: Asian Indian; Chinese; Filipino; Japanese;
Korean; Vietnamese; and Other Asian. An applicant must also be
permitted to provide the principal owner's race using one or more of
these disaggregated subcategories regardless of whether the applicant
indicates that the principal owner is Asian and regardless of whether
the applicant selects any aggregate categories. Additionally, if an
applicant indicates that a principal owner is Other Asian, the
financial institution must permit the applicant to provide additional
information about the principal owner's race, by using free-form text
on a paper or electronic data collection form or using language that
informs the applicant of the opportunity to self-identify when taking
the application by means other than a paper or electronic data
collection form, such as by telephone. The financial institution must
permit the applicant to provide additional information indicating, for
example, that the principal owner is Cambodian, Hmong, Laotian,
Pakistani, or Thai. See the sample data collection form in appendix E
for sample language.
B. The Black or African American aggregate category includes the
following disaggregated subcategories: African American; Ethiopian;
Haitian; Jamaican; Nigerian; Somali; or Other Black or African
American. An applicant must also be permitted to provide the principal
owner's race using one or more of these disaggregated subcategories
regardless of whether the applicant indicates that the principal owner
is Black or African American and regardless of whether the applicant
selects any aggregate categories. Additionally, if an applicant
indicates that a principal owner is Other Black or African American,
the financial institution must permit the applicant to provide
additional information about the principal owner's race, by using free-
form text on a paper or electronic data collection form or using
language that informs the applicant of the opportunity to self-identify
when taking the application by means other than a paper or electronic
data collection form, such as by telephone. The financial institution
must permit the applicant to provide additional information indicating,
for example, that the principal owner is Barbadian, Ghanaian, or South
African. See the sample data collection form in appendix E for sample
language.
C. The Native Hawaiian or Other Pacific Islander aggregate category
includes the following disaggregated subcategories: Guamanian or
Chamorro; Native Hawaiian; Samoan; and Other Pacific Islander. An
applicant must also be permitted to provide the principal owner's race
using one or more of these disaggregated subcategories regardless of
whether the applicant indicates that the principal owner is Native
Hawaiian or Other Pacific Islander and regardless of whether the
applicant selects any aggregate categories. Additionally, if an
applicant indicates that a principal owner is Other Pacific Islander,
the financial institution must permit the applicant to provide
additional information about the principal owner's race, by using free-
form text on a paper or electronic data collection form or using
language that informs the applicant of the opportunity to self-identify
when taking the application by means other than a paper or electronic
data collection form, such as by telephone. The financial institution
must permit the applicant to provide additional information indicating,
for example, that the principal owner is Fijian or Tongan. See the
sample data collection form in appendix E for sample language.
D. If an applicant chooses to provide additional information
regarding a principal owner's race, such as indicating that a principal
owner is Cambodian, Barbadian, or Fijian orally or in writing on a
paper or electronic form, a financial institution must report that
additional information via free-form text in the appropriate data
reporting field. If the applicant provides such additional information
but does not also indicate that the principal owner is Other Asian,
Other Black or African American, or Other Pacific Islander, as
applicable (e.g., by selecting Other Asian on a paper or electronic
form), a financial institution is permitted, but not required, to
report the corresponding ``Other'' race disaggregated subcategory
(i.e., Other Asian, Other Black or African American, or Other Pacific
Islander).
E. In addition to permitting an applicant to indicate that a
principal owner is American Indian or Alaska Native, a financial
institution must permit an applicant to provide the name of an enrolled
or principal tribe, by using free-form text on a paper or electronic
data collection form or using language that informs the applicant of
the opportunity to self-identify when taking the application by means
other than a paper or electronic data collection form, such as by
telephone. If an applicant chooses to provide the name of an enrolled
or principal tribe, a financial institution must report that
information via free-form text in the appropriate data reporting field.
If the applicant provides the name of an enrolled or principal tribe
but does not also indicate that the principal owner is American Indian
or Alaska Native (e.g., by selecting American Indian or Alaska Native
on a paper or electronic form), a financial institution is permitted,
but not required, to report American Indian or Alaska Native as well.
iii. Selecting multiple categories. The financial institution must
permit the applicant to select as many aggregate categories and
disaggregated subcategories as the applicant chooses. A financial
institution must permit an applicant to select one or more
disaggregated subcategories even if the applicant does not select an
aggregate category. For example, an applicant must be permitted to
select the Chinese disaggregated subcategory for a principal owner
without being required to select the Asian aggregate category. If an
applicant provides race information for a principal owner, the
financial institution reports all of the aggregate categories and
disaggregated subcategories provided by the applicant. For example, if
an applicant selects two aggregate categories and five disaggregated
subcategories for a principal owner, the financial institution reports
the two aggregate categories that the applicant selected and the five
disaggregated subcategories that the applicant selected. Additionally,
if an applicant selects only the Chinese disaggregated subcategory for
a principal owner, the financial institution reports Chinese for the
race of the principal owner but does
[[Page 35558]]
not also report that the principal owner is Asian. Similarly, if the
applicant selects an aggregate category (e.g., Asian) and a
disaggregated subcategory that does not correspond to the aggregate
category (e.g., Native Hawaiian), the financial institution reports the
information as provided by the applicant (e.g., Asian and Native
Hawaiian).
15. Sex. Generally, a financial institution must permit an
applicant to provide each principal owner's sex for purposes of Sec.
1002.107(a)(19). When requesting information about a principal owner's
sex, a financial institution shall use the term ``sex/gender.'' If the
financial institution uses a paper or electronic data collection form
to collect the information, the financial institution must allow the
applicant to provide each principal owner's sex/gender using free-form
text. When a financial institution collects the information orally,
such as by telephone, the financial institution must inform the
applicant of the opportunity to provide each principal owner's sex/
gender and record the applicant's response. A financial institution
reports the substantive information provided by the applicant (reported
via free-form text in the appropriate data reporting field), or reports
that the applicant declined to provide the information.
16. Ethnicity and race information requested orally. As described
in comments 107(a)(19)-13 and -14, when collecting principal owners'
ethnicity and race pursuant to Sec. 1002.107(a)(19), a financial
institution must present the applicant with the specified aggregate
categories and disaggregated subcategories. When collecting ethnicity
and race information orally, such as by telephone, a financial
institution may not present the applicant with the option to decline to
provide the information without also presenting the applicant with the
specified aggregate categories and disaggregated subcategories.
i. Ethnicity and race categories. Notwithstanding comments
107(a)(19)-13 and -14, a financial institution is not required to read
aloud every disaggregated subcategory when collecting ethnicity and
race information orally, such as by telephone. Rather, the financial
institution must orally present the lists of aggregate ethnicity and
race categories, followed by the disaggregated subcategories (if any)
associated with the aggregate categories selected by the applicant or
which the applicant requests to be presented. After the applicant makes
any disaggregated category selections associated with the aggregate
ethnicity or race category, the financial institution must also ask if
the applicant wishes to hear the lists of disaggregated subcategories
for any aggregate categories not selected by the applicant. The
financial institution must record any aggregate categories selected by
the applicant, as well as any disaggregated subcategories regardless of
whether such subcategories were selected based on the disaggregated
subcategories read by the financial institution or were otherwise
provided by the applicant.
ii. More than one principal owner. If an applicant has more than
one principal owner, the financial institution is permitted to ask
about ethnicity and race in a manner that reduces repetition when
collecting ethnicity and race information orally, such as by telephone.
For example, if an applicant has two principal owners, the financial
institution may ask for both principal owners' ethnicity at the same
time, rather than asking about ethnicity, race, and sex for the first
principal owner followed by ethnicity, race, and sex for the second
principal owner.
107(a)(20) Number of Principal Owners
1. General. If the financial institution asks the applicant to
provide the number of its principal owners pursuant to Sec.
1002.107(a)(20), a financial institution must provide the definition of
principal owner set forth in Sec. 1002.102(o). The financial
institution satisfies this requirement if it provides the definition of
principal owner as set forth in the sample data collection form in
appendix E.
2. Number of principal owners provided by applicant; verification
of number of principal owners. The financial institution may rely on
statements or information provided by the applicant in collecting and
reporting the number of the applicant's principal owners. However,
pursuant to Sec. 1002.107(b), if the financial institution verifies
the number of principal owners provided by the applicant, it must
report the verified information.
3. Number of principal owners not provided by applicant and
otherwise undetermined. Pursuant to Sec. 1002.107(c), a financial
institution shall maintain procedures reasonably designed to collect
applicant-provided data, which includes the number of principal owners
of the applicant. However, if a financial institution is nonetheless
unable to collect or otherwise determine the applicant's number of
principal owners, the financial institution reports that the number of
principal owners is ``not provided by applicant and otherwise
undetermined.''
107(b) Reliance on and Verification of Applicant-Provided Data
1. Reliance on information provided by an applicant or appropriate
third-party sources. A financial institution may rely on statements
made by an applicant (whether made in writing or orally) or information
provided by an applicant when compiling and reporting data pursuant to
subpart B of this part for applicant-provided data; the financial
institution is not required to verify those statements or that
information. However, if the financial institution does verify
applicant statements or information for its own business purposes, such
as statements relating to gross annual revenue or time in business, the
financial institution reports the verified information. Depending on
the circumstances and the financial institution's procedures, certain
applicant-provided data can be collected from appropriate third-party
sources without a specific request from the applicant, and such
information may also be relied on. For example, gross annual revenue or
NAICS code may be collected from tax return documents; a financial
institution may also collect an applicant's NAICS code using third-
party sources such as business information products. Applicant-provided
data are the data that are or could be provided by the applicant,
including Sec. 1002.107(a)(5) through (7) and (13) through (20). See
comment 107(c)(1)-3. In regard to restrictions on verification of
minority-owned, women-owned, and LGBTQI+-owned business statuses, and
principal owners' ethnicity, race, and sex, see comments 107(a)(18)-9
and 107(a)(19)-9.
107(c) Time and Manner of Collection
107(c)(1) In General
1. Procedures. The term ``procedures'' refers to the actual
practices followed by a financial institution as well as its stated
procedures. For example, if a financial institution's stated procedure
is to collect applicant-provided data on or with a paper application
form, but employees encourage applicants to skip the page that asks
whether the applicant is a minority-owned business, a women-owned
business, or an LGBTQI+-owned business under Sec. 1002.107(a)(18), the
financial institution's procedures are not reasonably designed to
obtain a response.
2. Latitude to design procedures. A financial institution has
flexibility to establish procedures concerning the
[[Page 35559]]
timing and manner in which it collects applicant-provided data that
work best for its particular lending model and product offerings,
provided those procedures are reasonably designed to collect the
applicant-provided data in Sec. 1002.107(a), as required pursuant to
Sec. 1002.107(c)(1), and where applicable comply with the minimum
requirements set forth in Sec. 1002.107(c)(2).
3. Applicant-provided data. Applicant-provided data are the data
that are or could be provided by the applicant, including Sec.
1002.107(a)(5) (credit type), Sec. 1002.107(a)(6) (credit purpose),
Sec. 1002.107(a)(7) (amount applied for), Sec. 1002.107(a)(13)
(address or location for purposes of determining census tract), Sec.
1002.107(a)(14) (gross annual revenue), Sec. 1002.107(a)(15) (NAICS
code, or information about the business such that the financial
institution can determine the applicant's NAICS code), Sec.
1002.107(a)(16) (number of workers), Sec. 1002.107(a)(17) (time in
business), Sec. 1002.107(a)(18) (minority-owned business status,
women-owned business status, and LGBTQI+-owned business status), Sec.
1002.107(a)(19) (ethnicity, race, and sex of the applicant's principal
owners), and Sec. 1002.107(a)(20) (number of principal owners).
Applicant-provided data do not include data that are generated or
supplied only by the financial institution, including Sec.
1002.107(a)(1) (unique identifier), Sec. 1002.107(a)(2) (application
date), Sec. 1002.107(a)(3) (application method), Sec. 1002.107(a)(4)
(application recipient), Sec. 1002.107(a)(8) (amount approved or
originated), Sec. 1002.107(a)(9) (action taken), Sec. 1002.107(a)(10)
(action taken date), Sec. 1002.107(a)(11) (denial reasons), Sec.
1002.107(a)(12) (pricing information), and Sec. 1002.107(a)(13)
(census tract, based on address or location provided by the applicant).
4. Collecting applicant-provided data without a direct request to
the applicant. Depending on the circumstances and the financial
institution's procedures, certain applicant-provided data can be
collected without a direct request to the applicant. For example,
credit type may be collected based on the type of product chosen by the
applicant. Similarly, a financial institution may rely on appropriate
third-party sources to collect certain applicant-provided data. See
Sec. 1002.107(b) concerning the use of third-party sources.
5. Data updated by the applicant. A financial institution reports
updated data if it obtains more current data from the applicant during
the application process. For example, if an applicant states its gross
annual revenue for the preceding fiscal year was $3 million, but then
the applicant notifies the financial institution that its revenue in
the preceding fiscal year was actually $3.2 million, the financial
institution reports gross annual revenue of $3.2 million. For reporting
verified applicant-provided data, see Sec. 1002.107(b) and comment
107(b)-1. If a financial institution has already verified data and then
the applicant updates it, the financial institution reports the
information it believes to be more accurate, in its discretion. If a
financial institution receives updates from the applicant after the
application process has closed (for example, after closing or account
opening), the financial institution may, at its discretion, update the
data at any time prior to reporting the covered application to the
Bureau.
107(c)(2) Applicant-Provided Data Collected Directly From the Applicant
1. In general. Whether a financial institution's procedures are
reasonably designed to collect applicant-provided data is a fact-based
determination and may depend on the financial institution's particular
lending model, product offerings, and other circumstances; procedures
that are reasonably designed to obtain a response may therefore require
additional provisions beyond the minimum criteria set forth in Sec.
1002.107(c)(2). In general, reasonably designed procedures will seek to
maximize collection of applicant-provided data and minimize missing or
erroneous data. While the requirements of Sec. 1002.107(c)(2) do not
apply to applicant-provided data that a financial institution obtains
without a direct request to the applicant, as explained in comment
107(c)(1)-4, in such instances, a covered financial institution must
still comply with Sec. 1002.107(c)(1).
2. Specific components. i. Timing of initial collection attempt.
While a financial institution has some flexibility concerning when
applicant-provided data is are collected, under no circumstances may
the initial request for applicant-provided data occur simultaneous with
or after notifying an applicant of final action taken on a covered
application. Generally, the earlier in the application process the
financial institution initially seeks to collect applicant-provided
data, the more likely the timing of collection is reasonably designed
to obtain a response.
ii. The request for applicant-provided data is prominently
displayed or presented. Pursuant to Sec. 1002.107(c)(2)(ii), a
financial institution must ensure an applicant actually sees, hears, or
is otherwise presented with the request for applicant-provided data. If
an applicant is likely to overlook or miss a request for applicant-
provided data, the financial institution does not have reasonably
designed procedures. Similarly, a financial institution also does not
have reasonably designed procedures if it obscures, prevents, or
inhibits an applicant from accessing or reviewing a request for
applicant-provided data.
iii. The collection does not have the effect of discouraging an
applicant from responding to a request for applicant-provided data. A.
A covered financial institution avoids discouraging a response by, for
example, communicating to the applicant that the collection of
applicant-provided data is worthy of the applicant's attention or is as
important as information collected in connection with the financial
institution's creditworthiness determination. In contrast, a covered
financial institution that collects applicant-provided data in a time
or manner that directly or indirectly discourages or obstructs an
applicant from responding or providing a particular response violates
Sec. 1002.107(c)(2)(iii). For example, a financial institution may not
discourage a response to inquiries regarding the demographic data
pursuant to Sec. 1002.107(a)(18) and (19) by communicating to the
applicant that the request is unimportant, encouraging the applicant to
bypass the form altogether, or attempting to influence or alter the
applicant's preferred response.
B. A covered financial institution also avoids discouraging a
response by requiring an applicant to provide a response to one or more
requests for applicant-provided data in order to proceed with a covered
application, including, as applicable, a response of ``I do not wish to
provide this information'' or similar. (As described in comments
107(a)(18)-1 and 107(a)(19)-1, a financial institution must permit an
applicant to decline to provide the demographic data required by Sec.
1002.107(a)(18) and (19), which can be satisfied by providing a
response option of ``I do not wish to provide this information'' or
similar.) For example, in an electronic application, a financial
institution may require the applicant to either make a substantive
selection about a principal owner's ethnicity, race, or sex, select an
option of ``I do not wish to provide this information'' or similar, or
indicate there are no principal owners before allowing the applicant to
proceed to the next page of requested information.
[[Page 35560]]
iv. The applicant can easily provide a response. Pursuant to Sec.
1002.107(c)(2)(iv), a financial institution must structure the request
for information in a manner that makes it easy for the applicant to
provide a response. For example, a financial institution requests
applicant-provided data in the same format as other information
required for the covered application, provides applicants multiple
methods to provide or return applicant-provided data (for example, on a
written form, through a web portal, or through other means), or
provides the applicant some other type of straightforward and seamless
method to provide a response. Conversely, a financial institution must
avoid imposing unnecessary burden on an applicant to provide the
information requested or requiring the applicant to take steps that are
inconsistent with the rest of its application process. For example, a
financial institution does not have reasonably designed procedures if
it collects application information related to its own creditworthiness
determination in electronic form, but mails a paper form to the
applicant initially seeking the data required under Sec. 1002.107(a)
that the financial institution does not otherwise need for its
creditworthiness determination and requiring the applicant to mail it
back. On the other hand, a financial institution complies with Sec.
1002.107(c)(2)(iv) if, at its discretion, it requests the applicant to
respond to inquiries made pursuant to Sec. 1002.107(a)(18) and (19)
through a reasonable method intended to keep the applicant's responses
discrete and protected from view.
v. Multiple requests for applicant-provided data. A financial
institution is permitted, but not required, to make more than one
attempt to obtain applicant-provided data if the applicant does not
respond to an initial request. For example, if an applicant initially
does not respond when asked early in the application process (before
notifying the applicant of final action taken on the application,
pursuant to Sec. 1002.107(c)(2)(i)) to inquiries made pursuant to
Sec. 1002.107(a)(18) and (19), a financial institution may request
this information again, for example, during a subsequent in-person
meeting with the applicant or after notifying the applicant of final
action taken on the covered application.
107(c)(3) Procedures To Monitor Compliance
1. Procedures to identify and respond to indicia of potential
discouragement, including low response rates. Section 1002.107(c)(3)
requires a covered financial institution to maintain procedures
designed to identify and respond to indicia of potential
discouragement, including low response rates for applicant-provided
data. In general, these include monitoring for low response rates
(i.e., the percentage of covered applications for which the financial
institution has obtained some type of response to requests for
applicant-provided data, including, as applicable, an applicant
response of ``I do not wish to provide this information'' or similar);
monitoring for significant irregularities in any particular response
that may indicate steering, improper interference, or other potential
discouragement or obstruction of applicants' preferred responses;
monitoring response rates and responses by division, location, loan
officer, or other factors to ensure that no discouragement or improper
conduct is occurring in some parts of a financial institution, even if
the financial institution maintains adequate response rates and
responses overall; providing adequate training to loan officers and
other persons involved in collecting applicant-provided data; promptly
investigating any indicia of potential discouragement; and taking
prompt remedial action if discouragement or other improper conduct is
identified.
107(c)(4) Low Response Rates
1. In general. A low response rate for applicant-provided data may
indicate that the financial institution has engaged in discouragement
or otherwise failed to maintain reasonably designed procedures.
Response rate generally refers to whether the financial institution has
obtained some type of response to requests for applicant-provided data
(including, as applicable, an applicant response of ``I do not wish to
provide this information'' or similar). A response rate may be
measured, as appropriate, as compared to financial institutions of a
similar size, type, and/or geographic reach, or other factors, as
appropriate. Similarly, significant irregularities in a particular
response (for example, very high rates of an applicant response of ``I
do not wish to provide this information'' or similar) may also indicate
that a financial institution does not have reasonably designed
procedures, for example, because of steering, improper interference, or
other potential discouragement or obstruction of applicants' preferred
responses. Response rates may be relevant across all applicant-provided
data, though are particularly relevant for the collection of the
demographic data pursuant to Sec. 1002.107(a)(18) and (19) given the
heightened sensitivity of these inquiries and the importance of those
data to the purposes of subpart B.
107(d) Previously Collected Data
1. In general. A financial institution may, for the purpose of
reporting such data pursuant to Sec. 1002.109, reuse certain
previously collected data if the requirements of Sec. 1002.107(d) are
met. In that circumstance, a financial institution need not seek to
collect the data anew in connection with a subsequent covered
application to satisfy the requirements of this subpart. For example,
if an applicant applies for and is granted a term loan, and then
subsequently applies for a credit card in the same calendar year, the
financial institution need not request again the data specified in
Sec. 1002.107(d). Similarly, if an applicant applies for more than one
covered credit transaction at one time, a financial institution need
only ask once for the data specified in Sec. 1002.107(d).
2. Data that can be reused. Subject to the requirements of Sec.
1002.107(d), a financial institution may reuse the following data:
Sec. 1002.107(a)(13) (address or location for purposes of determining
census tract), Sec. 1002.107(a)(14) (gross annual revenue) (subject to
comment 107(d)-7), Sec. 1002.107(a)(15) (NAICS code), Sec.
1002.107(a)(16) (number of workers), Sec. 1002.107(a)(17) (time in
business) (subject to comment 107(d)-8), Sec. 1002.107(a)(18)
(minority-owned business status, women-owned business status, and
LGBTQI+-owned business status) (subject to comment 107(d)-9), Sec.
1002.107(a)(19) (ethnicity, race, and sex of applicant's principal
owners) (subject to comment 107(d)-9), and Sec. 1002.107(a)(20)
(number of principal owners). A financial institution is not, however,
permitted to reuse other data, such as Sec. 1002.107(a)(6) (credit
purpose).
3. Previously reported data without a substantive response. Data
have not been ``previously collected'' within the meaning of Sec.
1002.107(d) if the applicant did not provide a substantive response to
the financial institution's request for that data and the financial
institution was not otherwise able to obtain the requested data (for
example, from the applicant's credit report, or tax returns).
4. Updated data. If, after the application process has closed on a
prior covered application, a financial institution obtains updated
information relevant to the data required to be collected and reported
pursuant to Sec. 1002.107(a)(13) through (20), and the
[[Page 35561]]
applicant subsequently submits a new covered application, the financial
institution must use the updated information in connection with the new
covered application (if the requirements of Sec. 1002.107(d) are
otherwise met) or seek to collect the data again. For example, if a
business notifies a financial institution of a change of address of its
sole business location, and subsequently submits a covered application
within the time period specified in Sec. 1002.107(d)(1) for reusing
previously collected data, the financial institution must report census
tract based on the updated information. In that circumstance, the
financial institution may still reuse other previously collected data
to satisfy Sec. 1002.107(a)(14) through (20) if the requirements of
Sec. 1002.107(d) are met.
5. Collection within the preceding 36 months. Pursuant to Sec.
1002.107(d)(1), data can be reused to satisfy Sec. 1002.107(a)(13) and
(15) through (20) if they are collected within the preceding 36 months.
A financial institution may measure the 36-month period from the date
of final action taken (Sec. 1002.107(a)(9)) on a prior application to
the application date (Sec. 1002.107(a)(2)) on a subsequent
application. For example, if a financial institution takes final action
on an application on February 1, 2025, it may reuse certain previously
collected data pursuant to Sec. 1002.107(d)(1) for subsequent covered
applications dated or received by the financial institution through
January 31, 2028.
6. Reason to believe data are inaccurate. Whether a financial
institution has reason to believe data are inaccurate pursuant to Sec.
1002.107(d)(2) depends on the particular facts and circumstances. For
example, a financial institution may have reason to believe data on the
applicant's minority-owned business status, women-owned business
status, and LGBTQI+-owned business status may be inaccurate if it knows
that the applicant has had a change in ownership or a change in an
owner's percentage of ownership.
7. Collection of gross annual revenue in the same calendar year.
Pursuant to Sec. 1002.107(d)(1), gross annual revenue information can
be reused to satisfy Sec. 1002.107(a)(14) provided it is collected in
the same calendar year as the current covered application, as measured
from the application date. For example, if an application is received
and gross annual revenue is collected in connection with a covered
application in one calendar year, but then final action was taken on
the application in the following calendar year, the data may only be
reused for the calendar year in which it was collected and not the
calendar year in which final action was taken on the application.
However, if an application is received and gross annual revenue is
collected in connection with a covered application in one calendar
year, a financial institution may reuse that data pursuant to Sec.
1002.107(d) in a subsequent application initiated in the same calendar
year, even if final action was taken on the subsequent application in
the following calendar year.
8. Time in business. A financial institution that decides to reuse
previously collected data to satisfy Sec. 1002.107(a)(17) (time in
business) must update the data to reflect the passage of time since the
data were collected. If a financial institution only knows that the
applicant had been in business less than two years at the time the data
was initially collected, as described in comment 107(a)(17)-1.ii or
iii, it updates the data based on the assumption that the applicant had
been in business for 12 months at the time of the prior collection. For
example:
i. If a financial institution previously collected data on a prior
covered application that the applicant has been in business for four
years, and then seeks to reuse that data for a subsequent covered
application submitted one year later, it must update the data to
reflect that the applicant has been in business for five years.
ii. If a financial institution previously collected data on a prior
covered application that the applicant had been in business less than
two years (and was not aware of the business's actual length of time in
business at the time), and then seeks to reuse that data for a
subsequent covered application submitted 18 months later, the financial
institution reports time in business on the subsequent covered
application as over two years in business.
9. Minority-owned business status, women-owned business status,
LGBTQI+-owned business status, and principal owners' ethnicity, race,
and sex. A financial institution may not reuse data to satisfy Sec.
1002.107(a)(18) and (19) unless the data were collected in connection
with a prior covered application pursuant to this subpart B. If the
financial institution previously asked the applicant to provide its
minority-owned business status, women-owned business status, and
LGBTQI+-owned business status, and principal owners' ethnicity, race,
and sex for purposes of Sec. 1002.107(a)(18) and (19), and the
applicant declined to provide the information (such as by selecting ``I
do not wish to provide this information'' or similar on a data
collection form or by telling the financial institution that it did not
wish to provide the information), the financial institution may use
that response when reporting data for a subsequent application pursuant
to Sec. 1002.107(d). However, if the applicant failed to respond (such
as by leaving the response to the question blank or by failing to
return a data collection form), the financial institution must inquire
about the applicant's minority-owned business status, women-owned
business status, LGBTQI+-owned business status, and principal owners'
ethnicity, race, or sex, as applicable, in connection with a subsequent
application because the data were not previously obtained. See also
comment 107(a)(19)-11 concerning previously collected ethnicity, race,
and sex information.
Section 1002.108--Firewall
108(a) Definitions
1. Involved in making any determination concerning a covered
application from a small business. i. General. An employee or officer
is involved in making a determination concerning a covered application
from a small business for purposes of Sec. 1002.108 if the employee or
officer makes, or otherwise participates in, a decision regarding the
evaluation of a covered application from a small business or the
creditworthiness of a small business applicant for a covered credit
transaction. This includes, but is not limited to, employees and
officers serving as underwriters. The decision that an employee or
officer makes or participates in must be about a specific covered
application or about the creditworthiness of a specific applicant. An
employee or officer is not involved in making a determination
concerning a covered application if the employee or officer is only
involved in making a decision that affects covered applications
generally, or if the employee or officer only interacts with small
businesses prior to them becoming applicants or submitting an
application. An employee or officer may be participating in a
determination concerning a covered application even if the employee or
officer is not the ultimate decision maker or the sole decision maker.
For example, an employee participates in a determination concerning a
covered application if the employee recommends that another employee or
officer approve or deny the application. Similarly, an employee or
officer participates in a determination concerning a covered
application if the employee or officer is part of a larger group, such
as a committee, that makes
[[Page 35562]]
a determination concerning a covered application. For example, an
employee participates in a decision if the employee is a member of a
committee that approves the terms offered to an applicant for a covered
application. This is true even if the employee does not support the
committee's ultimate decision regarding the terms offered. Conversely,
an employee or officer does not participate in a determination
concerning a covered application if the employee or officer only
performs ministerial functions for the committee, such as recording the
minutes, or if the committee does not make a determination concerning a
specific covered application.
ii. Examples of activities that do not constitute being involved in
making a determination concerning a covered application from a small
business. The following are examples of activities that do not
constitute being involved in making a determination concerning a
covered application:
A. Developing policies and procedures, designing or programming
computer or other systems, or conducting marketing.
B. Discussing credit products, loan terms, or loan requirements
with a small business before it submits a covered application.
C. Making or participating in a decision after the financial
institution has taken final action on the covered application, such as
a decision about servicing or collecting a covered credit transaction.
D. Using a check box form to confirm whether an applicant has
submitted all necessary documents or handling a minor or clerical
matter during the application process, such as suggesting or selecting
a time for an appointment with an applicant.
E. Gathering information (including information collected pursuant
to Sec. 1002.107(a)(18) or (19)) and forwarding the information or a
covered application to other individuals or entities.
F. Reviewing previously collected data to determine if it can be
reused for a later covered application pursuant to Sec. 1002.107(d).
iii. Examples of activities that constitute being involved in
making a determination concerning a covered application from a small
business. The following are examples of activities (done individually
or as part of a group) that constitute being involved in making a
determination concerning a covered application:
A. Making or participating in a decision to approve or deny a
specific covered application. This includes, but is not limited to,
making or participating in a decision that an applicant does not
satisfy one or more of the requirements for the covered credit
transaction for which it has applied.
B. Making or participating in a decision regarding the reason(s)
for denial of a covered application.
C. Making or participating in a decision that a guarantor or
collateral is required in order to approve a specific covered
application.
D. Making or participating in a decision regarding the credit
amount or credit limit that will be approved for a specific covered
application.
E. Making or participating in a decision to set one or more of the
other terms that will be offered for a specific covered credit
transaction. This includes, but is not limited to, making or
participating in a decision regarding the interest rate, the loan term,
or the payment schedule that will be offered for a specific covered
credit transaction.
F. Making or participating in a decision regarding a counteroffer
made to a specific applicant, including a decision regarding the terms
of such a counteroffer.
G. Recommending that another decision maker approve or deny a
specific covered application, provide a specific reason for denying a
covered application, require a guarantor or collateral in order to
approve a covered application, approve a credit amount or credit limit
for a covered credit transaction, set one or more other terms for a
covered credit transaction, make a counteroffer regarding a covered
application, or set a specific term for such a counteroffer.
2. Should have access. i. General. A financial institution may
determine that an employee or officer who is involved in making a
determination concerning a covered application from a small business
should have access to information otherwise subject to the prohibition
in Sec. 1002.108(b) if that employee or officer is assigned one or
more job duties that may require the employee or officer to collect,
see, consider, refer to, or otherwise use information subject to the
prohibition in Sec. 1002.108(b). If the employee or officer might need
to collect, see, consider, refer to, or use such information to perform
the employee's or officer's assigned job duties, the financial
institution may determine that the employee or officer should have
access. For example, if a loan officer is involved in making a
determination concerning a covered application and that loan officer's
job description or the financial institution's policies and procedures
state that the loan officer may need to collect information pursuant to
Sec. 1002.107(a)(18) or (19), the financial institution may determine
that the loan officer should have access.
ii. When a group of employees or officers should have access. A
financial institution may determine that all employees or officers with
the same job description or assigned duties should have access for
purposes of Sec. 1002.108. For example, if a job description, a
policy, a procedure, or another document states that a loan officer may
have to collect or explain any part of a data collection form that
includes the inquiries described in Sec. 1002.107(a)(18) and (19), the
financial institution may determine that all employees and officers who
have been assigned the position of loan officer should have access for
purposes of Sec. 1002.108.
iii. Making a determination regarding who should have access. A
financial institution is permitted to choose what lawful factors it
will consider when determining whether an employee or officer should
have access. A financial institution's determination that an employee
or officer should have access may take into account relevant
operational factors and lawful business practices. For example, a
financial institution may consider its size, the number of employees
and officers within the relevant line of business or at a particular
branch or office location, and/or the number of covered applications
the financial institution has received or expects to receive.
Additionally, a financial institution may consider its current or its
reasonably anticipated staffing levels, operations, systems, processes,
policies, and procedures. A financial institution is not required to
hire additional staff, upgrade its systems, change its lending or
operational processes, or revise its policies or procedures for the
sole purpose of limiting who should have access.
108(b) Prohibition on Access to Certain Information
1. Scope of persons subject to the prohibition. The prohibition in
Sec. 1002.108(b) applies to an employee or officer of a covered
financial institution or its affiliate if the employee or officer is
involved in making any determination concerning a covered application
from a small business. For example, if a financial institution is
affiliated with company B and an employee of company B is involved in
making a determination concerning a covered application on behalf of
the financial institution, then the financial institution must comply
with Sec. 1002.108 with regard to company B's employee.
[[Page 35563]]
Section 1002.108 does not require a financial institution to limit the
access of employees and officers of third parties who are not
affiliates of the financial institution.
2. Scope of information that cannot be accessed when the
prohibition applies to an employee or officer. i. Information that
cannot be accessed when the prohibition applies. If a particular
employee or officer is involved in making a determination concerning a
covered application from a small business, the prohibition in Sec.
1002.108(b) only limits that employee's or officer's access to that
small business applicant's responses to the inquiries that the covered
financial institution makes to satisfy Sec. 1002.107(a)(18) and (19).
For example, if a financial institution uses a paper data collection
form to request information pursuant to Sec. 1002.107(a)(18) and (19),
an employee or officer that is subject to the prohibition is not
permitted access to the paper data collection form that contains the
applicant's responses to the inquiries made pursuant to pursuant to
Sec. 1002.107(a)(18) and (19), or to any other record that identifies
how the particular applicant responded to those inquires. Similarly, if
a financial institution makes the inquiries required pursuant to Sec.
1002.107(a)(18) and (19) during a telephone call, the prohibition
applies to the applicant's responses to those inquiries provided during
that telephone call and to any record that identifies how the
particular applicant responded to those inquiries.
ii. Information that can be accessed when the prohibition applies.
If a particular employee or officer is involved in making a
determination concerning a covered application, the prohibition in
Sec. 1002.108(b) does not limit that employee's or officer's access to
an applicant's responses to inquiries regarding whether the applicant
is a minority-owned, women-owned, or LGBTQI+-owned business, or
principal owners' ethnicity, race, or sex, made for purposes other than
compliance with Sec. 1002.107(a)(18) or (19). Thus, for example, an
employee or officer who is subject to the prohibition in Sec.
1002.108(b) may have access to information regarding whether an
applicant is eligible for a Small Business Administration program for
women-owned businesses without regard to whether the exception in Sec.
1002.108(c) is satisfied. Additionally, an employee or officer who
knows that an applicant is a minority-owned business, women-owned
business, or LGBTQI+-owned business, or who knows the ethnicity, race,
or sex of any of the applicant's principal owners due to activities
unrelated to the inquiries made to satisfy the financial institution's
obligations under Sec. 1002.107(a)(18) and (19) is not prohibited from
making a determination concerning the applicant's covered application.
Thus, an employee or officer who knows, for example, that an applicant
is a minority-owned business due to a social relationship or another
professional relationship with the applicant or any of its principal
owners may make determinations concerning the applicant's covered
application. Furthermore, an employee or officer that is involved in
making a determination concerning a covered application may see,
consider, refer to, or use data collected to satisfy aspects of Sec.
1002.107 other than Sec. 1002.107(a)(18) or (19), such as gross annual
revenue, number of workers, and time in business.
108(c) Exception to the Prohibition on Access to Certain Information
1. General. A financial institution is not required to limit the
access of an employee or officer who is involved in making
determinations concerning a covered application from a small business
if the financial institution determines that the particular employee or
officer should have access to the information collected pursuant to
Sec. 1002.107(a)(18) or (19), and the financial institution provides
the notice required by Sec. 1002.108(d). A financial institution is
not required to perform a separate analysis of the feasibility of
maintaining a firewall. A determination that an employee or officer
should have access means that it is not feasible to maintain a firewall
as to that particular employee or officer, and the exception applies to
that employee or officer if the financial institution provides the
notice required by Sec. 1002.108(d). However, the fact that a
financial institution has made a determination that an employee or
officer should have access does not mean that the financial institution
can permit other employees and officers who are involved in making
determinations concerning a covered application to have access to the
information collected pursuant to Sec. 1002.107(a)(18) and (19). A
financial institution may only permit an employee or officer who is
involved in making a determination concerning a covered application to
have access to information collected pursuant to Sec. 1002.107(a)(18)
and (19) if it has determined that employee or officer or a group of
which the employee or officer is a member should have access to the
information.
2. Applying the exception to a specific employee or officer or
group of similarly situated employees or officers. The exception
applies to an employee or officer if the financial institution
determines that the employee or officer should have access to the
information collected pursuant to Sec. 1002.107(a)(18) or (19), and
the financial institution provides the notice required by Sec.
1002.108(d). A financial institution can also determine that several
employees and officers should have access, that all of a group of
similarly situated employees or officers should have access, and that
multiple groups of similarly situated employees or officers should have
access to information collected pursuant to Sec. 1002.107(a)(18) or
(19). See also comment 108(a)-2. For example, a financial institution
could determine that all its small business loan officers, small
business loan processors, compliance officers, and legal officers
should have access. If the financial institution provides the notice
required in Sec. 1002.108(d), the financial institution may permit all
of its small business loan officers, small business loan processors,
compliance officers, and legal officers to have access. However, the
financial institution cannot permit other employees and officers to
have access simply because it has determined that the small business
loan officers, loan processors, compliance officers, and legal officers
should have access. For example, in this case, the financial
institution may not permit its underwriters or chief executive officer
to have access to the information collected from the applicant pursuant
to Sec. 1002.107(a)(18) or (19) if they are involved in making any
determination concerning a covered application, unless the financial
institution also determines that they should have access. This would be
true even if the chief executive officer or underwriter had some of the
same assigned duties as a loan officer, such as being a member of a
credit committee, but has not been assigned the task(s) that may
require access to one or more applicants' responses to the financial
institution's inquiries under Sec. 1002.107(a)(18) or (19). If the
financial institution separately determines that underwriters and the
chief executive officer should have access, then the underwriters and
chief executive officer may also have access.
108(d) Notice
1. General. If a financial institution determines that one or more
employees or officers should have access pursuant to Sec. 1002.108(c),
the financial institution must provide the required notice to, at
[[Page 35564]]
a minimum, the applicant or applicants whose responses will be accessed
by an employee or officer involved in making determinations concerning
the applicant's or applicants' covered applications. Alternatively, a
financial institution may also provide the required notice to
applicants whose responses will not or might not be accessed. For
example, a financial institution could provide the notice to all
applicants for covered credit transactions or all applicants for a
specific type of product.
2. Content of the required notice. The notice must inform the
applicant that one or more employees and officers involved in making
determinations concerning the applicant's covered application may have
access to the applicant's responses regarding the applicant's minority-
owned business status, women-owned business status, LGBTQI+-owned
business status, and its principal owners' ethnicity, race, and sex.
See the sample data collection form in appendix E to this part for
sample language for providing this notice to applicants. If a financial
institution establishes and maintains a firewall and chooses to use the
sample data collection form, the financial institution can delete this
sample language from the form.
3. Timing for providing the notice. If the financial institution is
providing the notice orally, it must provide the notice required by
Sec. 1002.108(d) prior to asking the applicant if it is a minority-
owned business, women-owned business, or LGBTQI+-owned business and
prior to asking for a principal owner's ethnicity, race, or sex. If the
notice is provided on the same paper or electronic data collection form
as the inquiries about minority-owned business status, women-owned
business status, LGBTQI+-owned business status and the principal
owners' ethnicity, race, or sex, the notice must appear before the
inquiries. If the notice is provided in an electronic or paper document
that is separate from the data collection form, the notice must be
provided at the same time as the data collection form or prior to
providing the data collection form. Additionally, the notice must be
provided with the non-discrimination notices required pursuant to Sec.
1002.107(a)(18) and (19). See appendix E for sample language.
Section 1002.109--Reporting of Data to the Bureau
109(a) Reporting to the Bureau
109(a)(2) Reporting by Subsidiaries
1. Subsidiaries. A covered financial institution is considered a
subsidiary of another covered financial institution for purposes of
reporting data pursuant to Sec. 1002.109 if more than 50 percent of
the ownership or control of the first covered financial institution is
held by the second covered financial institution.
109(a)(3) Reporting Obligations Where Multiple Financial Institutions
Are Involved in a Covered Credit Transaction
1. General. The following clarifies how to report applications
involving more than one financial institution. The discussion below
assumes that all parties involved with the covered credit transaction
are covered financial institutions. However, the same principles apply
if any party is not a covered financial institution.
i. A financial institution shall report the action that it takes on
a covered application, whether or not the covered credit transaction
closed in the financial institution's name and even if the financial
institution used underwriting criteria supplied by another financial
institution. However, where it is necessary for more than one financial
institution to make a credit decision in order to approve a single
covered credit transaction, only the last financial institution with
authority to set the material terms of the covered credit transaction
is required to report. Setting the material terms of the covered credit
transaction include, for example, selecting among competing offers, or
modifying pricing information, amount approved or originated, or
repayment duration. In this situation, the determinative factor is not
which financial institution actually made the last credit decision
prior to closing, but rather which financial institution last had the
authority for setting the material terms of the covered credit
transaction prior to closing. Whether a financial institution has taken
action for purposes of Sec. 1002.109(a)(3) and comment 109(a)(3)-1 is
not relevant to, and is not intended to repeal, abrogate, annul,
impair, or interfere with, section 701(d) (15 U.S.C. 1691(d)) of the
Act, Sec. 1002.9, or any other provision within subpart A of this
Regulation.
ii. A financial institution takes action on a covered application
for purposes of Sec. 1002.109(a)(3) if it denies the application,
originates the application, approves the application but the applicant
did not accept the transaction, or closes the file or denies for
incompleteness. The financial institution must also report the
application if it was withdrawn. For reporting purposes, it is not
relevant whether the financial institution receives the application
directly from the applicant or indirectly through another party, such
as a broker, or (except as otherwise provided in comment 109(a)(3)-1.i)
whether another financial institution also reviews and reports an
action taken on a covered application involving the same credit
transaction.
iii. Where it is necessary for more than one financial institution
to make a credit decision in order to approve a single covered credit
transaction and where more than one financial institution denies the
application or otherwise does not approve the application, the
reporting financial institution (the last financial institution with
authority to set the material terms of the covered credit transaction)
shall have a consistent procedure for determining how it reports
inconsistent or differing data points for purposes of subpart B. For
example, Financial Institution A is the reporting entity because it has
the last authority to set the material credit terms. Financial
Institution A sends the application to Financial Institution B and
Financial Institution C for review, but both Financial Institution B
and Financial Institution C deny the application, with different denial
reasons. Based on these denials, Financial Institution A follows suit
and denies the application. Financial Institution A must have a
consistent procedure for what denial reason(s) to report, such as
reporting the denial reason(s) from the first financial institution
that denied the covered application.
2. Examples. The following scenarios illustrate how a financial
institution reports a particular covered application. The illustrations
assume that all parties involved with the covered credit transaction
are covered financial institutions. However, the same principles apply
if any party is not a covered financial institution. Examples i through
iv involve a single financial institution with responsibility for
making a credit decision without the involvement of an intermediary.
Example v describes a financial institution intermediary with only
passive involvement in the covered credit transaction. Example vi
describes a transaction where multiple financial institutions
independently decision and take action on a covered application.
Examples vii and viii describe situations where more than one financial
institution must make a credit decision in order to approve the covered
credit transaction. Examples ix and x describe situations involving
pooled and participation interests.
i. Financial Institution A received a covered application from an
applicant
[[Page 35565]]
and approved the application before closing the covered credit
transaction in its name. Financial Institution A was not acting as
Financial Institution B's agent. Financial Institution B later
purchased the covered credit transaction from Financial Institution A.
Financial Institution A was not acting as Financial Institution B's
agent. Financial Institution A reports the application. Financial
Institution B has no reporting obligation for this transaction.
ii. Financial Institution A received a covered application from an
applicant. If approved, the covered credit transaction would have
closed in Financial Institution B's name. Financial Institution A
denied the application without sending it to Financial Institution B
for approval. Financial Institution A was not acting as Financial
Institution B's agent. Since Financial Institution A took action on the
application, Financial Institution A reports the application as denied.
Financial Institution B does not report the application.
iii. Financial Institution A reviewed a covered application and
made a credit decision to approve it using the underwriting criteria
provided by a Financial Institution B. Financial Institution B did not
review the application and did not make a credit decision prior to
closing. Financial Institution A was not acting as Financial
Institution B's agent. Financial Institution A reports the application.
Financial Institution B has no reporting obligation for this
application.
iv. Financial Institution A reviewed and made the credit decision
on a covered application based on the criteria of a third-party insurer
or guarantor (for example, a government or private insurer or
guarantor). Financial Institution A reports the action taken on the
application.
v. Financial Institution A received a covered application from an
applicant and forwarded that application to Financial Institution B.
Financial Institution B reviewed the application and made a credit
decision approving the application prior to closing. The covered credit
transaction closed in Financial Institution A's name. Financial
Institution B purchased the covered credit transaction from Financial
Institution A after closing. Financial Institution B was not acting as
Financial Institution A's agent. Since Financial Institution B made the
credit decision prior to closing, and Financial Institution A's
approval was not necessary for the credit transaction, Financial
Institution B reports the origination. Financial Institution A does not
report the application. Assume the same facts, except that Financial
Institution B reviewed the application before the covered credit
transaction would have closed, but Financial Institution B denied the
application. Financial Institution B reports the application as denied.
Financial Institution A does not report the application because it did
not take an action on the application. If, under the same facts, the
application was withdrawn before Financial Institution B made a credit
decision, Financial Institution B would report the application as
withdrawn and Financial Institution A would not report the application
for the same reason.
vi. Financial Institution A received a covered application and
forwarded it to Financial Institutions B and C. Financial Institution A
made a credit decision, acting as Financial Institution D's agent, and
approved the application. Financial Institutions B and C are not
working together with Financial Institutions A or D, or with each
other, and are solely responsible for setting the terms of their own
credit transactions. Financial Institution B made a credit decision
approving the application, and Financial Institution C made a credit
decision denying the application. The applicant did not accept the
covered credit transaction from Financial Institution D. Financial
Institution D reports the application as approved but not accepted.
Financial Institution A does not report the application, because it was
acting as Financial Institution D's agent. The applicant accepted the
offer of credit from Financial Institution B, and credit was extended.
Financial Institution B reports the application as originated.
Financial Institution C reports the application as denied.
vii. Financial Institution A received a covered application and
made a credit decision to approve it using the underwriting criteria
provided by Financial Institution B. Financial Institution A was not
acting as Financial Institution B's agent. Financial Institution A
forwarded the application to Financial Institution B. Financial
Institution B reviewed the application and made a credit decision
approving the application prior to closing. Financial Institution A
makes a credit decision on the application and modifies the credit
terms (the interest rate and repayment term) offered by Financial
Institution B. The covered credit transaction reflecting the modified
terms closes in Financial Institution A's name. Financial Institution B
purchases the covered credit transaction from Financial Institution A
after closing. As the last financial institution with the authority for
setting the material terms of the covered credit transaction, Financial
Institution A reports the application as originated. Financial
Institution B does not report the origination because it was not the
last financial institution with the authority to set the material terms
on the application. If, under the same facts, Financial Institution A
did not modify the credit terms offered by Financial Institution B,
Financial Institution A still reports the application as originated
because it was still the last financial institution with the authority
for setting the material terms, even if it chose not to so do in a
particular instance. Financial Institution B does not report the
origination.
viii. Financial Institution A received a covered application and
forwarded it to Financial Institutions B, C, and D. Financial
Institution A was not acting as anyone's agent. Financial Institution B
and C reviewed the application and made a credit decision approving the
application and Financial Institution D reviewed the application and
made a credit decision denying the application. Prior to closing,
Financial Institution A makes a credit decision on the application by
deciding to offer to the applicant the credit terms offered by
Financial Institution B and does not convey to the applicant the credit
terms offered by Financial Institution C. The applicant does not accept
the covered credit transaction. As the last financial institution with
the authority for setting the material terms of the covered credit
transaction, Financial Institution A reports the application as
approved but not accepted. Financial Institutions B, C, and D do not
report the application because they were not the last financial
institution with the authority for setting the material terms of the
covered credit transaction. Assume the same facts, except the applicant
accepts the terms of the covered credit transaction from Financial
Institution B as offered by Financial Institution A. The covered credit
transaction closes in Financial Institution A's name. Financial
Institution B purchases the transaction after closing. Here, Financial
Institution A reports the application as originated. Financial
Institutions B, C, and D do not report the application because they
were not the last financial institution responsible for setting the
material terms of the covered credit transaction.
ix. Financial Institution A receives a covered application and
approves it, and then Financial Institution A elects to organize a loan
participation agreement where Financial Institutions B and C agree to
purchase a partial interest in the covered credit
[[Page 35566]]
transaction. Financial Institution A reports the application. Financial
Institutions B and C have no reporting obligation for this application.
x. Financial Institution A purchases an interest in a pool of
covered credit transactions, such as credit-backed securities or real
estate investment conduits. Financial Institution A does not report
this purchase.
3. Agents. If a covered financial institution takes action on a
covered application through its agent, the financial institution
reports the application. For example, acting as Financial Institution
A's agent, Financial Institution B approved an application prior to
closing and a covered credit transaction was originated. Financial
Institution A reports the covered credit transaction as an origination.
State law determines whether one party is the agent of another.
109(b) Financial Institution Identifying Information
1. Changes to financial institution identifying information. If a
financial institution's information required pursuant to Sec.
1002.109(b) changes, the financial institution shall provide the new
information with the data submission for the collection year of the
change. For example, assume two financial institutions that previously
reported data under subpart B of this part merge and the surviving
institution retained its Legal Entity Identifier but obtained a new TIN
in February 2026. The surviving institution must report the new TIN
with its data submission for its 2026 data (which is due by June 1,
2027) pursuant to Sec. 1002.109(b)(5). Likewise, if that financial
institution's Federal prudential regulator changes in February 2026 as
a result of the merger, it must identify its new Federal prudential
regulator in its annual submission for its 2026 data.
Paragraph 109(b)(4)
1. Federal prudential regulator. For purposes of Sec.
1002.109(b)(4), Federal prudential regulator means, if applicable, the
Federal prudential regulator for a financial institution that is a
depository institution as determined pursuant to section 3q of the
Federal Deposit Insurance Act (12 U.S.C. 1813(q)), including the Office
of the Comptroller of the Currency, the Federal Deposit Insurance
Corporation, or the Board of Governors of the Federal Reserve System;
or the National Credit Union Administration Board for financial
institutions that are Federal credit unions.
Paragraph 109(b)(6)
1. Legal Entity Identifier (LEI). A Legal Entity Identifier is a
utility endorsed by the LEI Regulatory oversight committee, or a
utility endorsed or otherwise governed by the Global LEI Foundation
(GLEIF) (or any successor of the GLEIF) after the GLEIF assumes
operational governance of the global LEI system. A financial
institution complies with Sec. 1002.109(b)(6) by reporting its current
LEI number. A financial institution that does not currently possess an
LEI number must obtain an LEI number, and has an ongoing obligation to
maintain the LEI number. The GLEIF website provides a list of LEI
issuing organizations. A financial institution may obtain an LEI, for
purposes of complying with Sec. 1002.109(b)(6), from any one of the
issuing organizations listed on the GLEIF website.
Paragraph 109(b)(7)
1. RSSD ID number. The RSSD ID is a unique identifying number
assigned to institutions, including main offices and branches, by the
Board of Governors of the Federal Reserve System. A financial
institution's RSSD ID may be found on the website of the National
Information Center, which provides comprehensive financial and
structure information on banks and other institutions for which the
Federal Reserve Board has a supervisory, regulatory, or research
interest including both domestic and foreign banking organizations that
operate in the United States. If a financial institution does not have
an RSSD ID, it reports that this information is not applicable.
Paragraph 109(b)(8)
1. Immediate parent entity. An entity is the immediate parent of a
financial institution for purposes of Sec. 1002.109(b)(8)(i) through
(iii) if it is a separate entity that directly owns more than 50
percent of the financial institution.
2. Top-holding parent entity. An entity is the top-holding parent
of a financial institution for purposes of Sec. 1002.109(b)(8)(iv)
through (vi) if it ultimately owns more than 50 percent of the
financial institution, and the entity itself is not controlled by any
other entity. If the immediate parent entity and the top-holding parent
entity are the same, the financial institution reports that Sec.
1002.109(b)(8)(iv) through (vi) are not applicable.
3. LEI. For purposes of Sec. 1002.109(b)(8)(ii) and (v), a
financial institution shall report the LEI of a parent entity if the
parent entity has an LEI number. If a financial institution's parent
entity does not have an LEI, the financial institution reports that
this information is not applicable.
4. RSSD ID numbers. For purposes of Sec. 1002.109(b)(8)(iii) and
Sec. 1002.109(b)(8)(vi), a financial institution shall report the RSSD
ID number of a parent entity if the entity has an RSSD ID number. If a
financial institution's parent entity does not have an RSSD ID, the
financial institution reports that this information is not applicable.
Paragraph 109(b)(9)
1. Type of financial institution. A financial institution complies
with Sec. 1002.109(b)(9) by selecting the applicable type or types of
financial institution from the list below. A financial institution
shall select all applicable types.
i. Bank or savings association.
ii. Minority depository institution.
iii. Credit union.
iv. Nondepository institution.
v. Community development financial institution (CDFI).
vi. Other nonprofit financial institution.
vii. Farm Credit System institution.
viii. Government lender.
ix. Commercial finance company.
x. Equipment finance company.
xi. Industrial loan company.
xii. Online lender.
xiii. Other.
2. Use of ``other'' for type of financial institution. A financial
institution reports type of financial institution as ``other'' where
none of the enumerated types of financial institution appropriately
describe the applicable type of financial institution, and the
institution reports the type of financial institution via free-form
text field. A financial institution that selects at least one type from
the list is permitted, but not required, to also report ``other'' (with
appropriate free-form text) if there is an additional aspect of its
business that is not one of the enumerated types set out in comment
109(b)(9)-1.
3. Additional types of financial institution. The Bureau may add
additional types of financial institutions via the Filing Instructions
Guide and related materials. Refer to the Filing Instructions Guide for
any updates for each reporting year.
Paragraph 109(b)(10)
1. Financial institutions that voluntarily report covered
applications under subpart B of this part. A financial institution that
is not a covered financial institution pursuant to Sec. 1002.105(b)
but that elects to voluntarily compile, maintain, and
[[Page 35567]]
report data under Sec. Sec. 1002.107 through 1002.109 (see comment
105(b)-10) complies with Sec. 1002.109(b)(10) by selecting ``voluntary
reporter.''
Section 1002.110--Publication of Data and Other Disclosures
110(c) Statement of Financial Institution's Small Business Lending Data
Available on the Bureau's Website
1. Statement. A financial institution shall provide the statement
required by Sec. 1002.110(c) using the following, or substantially
similar, language:
Small Business Lending Data Notice
Data about our small business lending are available online for
review at the Consumer Financial Protection Bureau's (CFPB's) website
at https://www.consumerfinance.gov/data-research/small-business-lending/. The data show the geographic distribution of our small
business lending applications; information about our loan approvals and
denials; and demographic information about the principal owners of our
small business applicants. The CFPB may delete or modify portions of
our data prior to posting it if doing so would advance a privacy
interest. Small business lending data for many other financial
institutions are also available at this website.
2. Website. A financial institution without a website complies with
Sec. 1002.110(c) by making a written statement using the language in
comment 110(c)-1, or substantially similar language, available upon
request.
3. Revised location for publicly available data. The Bureau may
modify the location specified in comment 110(c)-1 at which small
business lending data are available via the Filing Instructions Guide
and related materials. Refer to the Filing Instructions Guide for any
updates for each reporting year.
Section 1002.111--Recordkeeping
111(a) Record Retention
1. Evidence of compliance. Section 1002.111(a) requires a financial
institution to retain evidence of compliance with subpart B of this
part for at least three years after its small business lending
application register is required to be submitted to the Bureau pursuant
to Sec. 1002.109. In addition to the financial institution's small
business lending application register, such evidence of compliance is
likely to include, but is not limited to, the applications for credit
from which information in the register is drawn, as well as the files
or documents that, under Sec. 1002.111(b), are kept separate from the
applications for credit. This three-year record retention requirement
applies to any records covered by Sec. 1002.111(a), notwithstanding
the more general 12-month retention period for records related to
business credit specified in Sec. 1002.12(b).
2. Record retention for creditors under Sec. 1002.5(a)(4)(vii) and
(viii). A creditor that is voluntarily, under Sec. 1002.5(a)(4)(vii)
and (viii), collecting information pursuant to subpart B of this part
complies with Sec. 1002.111(a) by retaining evidence of compliance
with subpart B for at least three years after June 1 of the year
following the year that data was collected.
111(b) Certain Information Kept Separate From the Rest of the
Application
1. Separate from the application. A financial institution may
satisfy the requirement in Sec. 1002.111(b) by keeping an applicant's
responses to the financial institution's request pursuant to Sec.
1002.107(a)(18) and (19) in a file or document that is discrete or
distinct from the application and its accompanying information. For
example, such information could be collected on a piece of paper that
is separate from the rest of the application form. In order to satisfy
the requirement in Sec. 1002.111(b), an applicant's responses to the
financial institution's request pursuant to Sec. 1002.107(a)(18) and
(19) need not be maintained in a separate electronic system, nor need
they be removed from the physical files containing the application so
long as there is some separation between the demographic information
and the rest of the application and its accompanying information.
However, the financial institution may nonetheless need to keep this
information in a different electronic or physical file in order to
satisfy the prohibition in Sec. 1002.108(b).
2. Number of principal owners. A financial institution is permitted
to maintain information regarding the applicant's number of principal
owners pursuant to Sec. 1002.107(a)(20) with an applicant's responses
to the financial institution's request pursuant to Sec.
1002.107(a)(18) and (19).
111(c) Limitation on Personally Identifiable Information in Certain
Records Retained Under This Section
1. Small business lending application register. The prohibition in
Sec. 1002.111(c) applies to data in the small business lending
application register submitted by the financial institution to the
Bureau under Sec. 1002.109, the version of the register that the
financial institution maintains under Sec. 1002.111(a), and the
separate record of certain information created pursuant to Sec.
1002.111(b).
2. Examples. Section 1002.111(c) prohibits a financial institution
from including any name, specific address (other than the census tract
required under Sec. 1002.107(a)(13)), telephone number, or email
address of any individual who is, or is connected with, an applicant in
the small business lending application register it reports pursuant to
Sec. 1002.109, in the copy of the register the financial institution
retains under Sec. 1002.111(a), and in the records of certain
information it must retain separately from the application pursuant to
Sec. 1002.111(b). It likewise prohibits a financial institution from
including any other personally identifiable information concerning any
individual who is, or is connected with, an applicant, except as
required pursuant to Sec. 1002.107 or Sec. 1002.111(b). Examples of
such personally identifiable information that a financial institution
may not include in its small business lending application register
include, but are not limited to, the following: date of birth, Social
Security number, official government-issued driver's license or
identification number, alien registration number, government passport
number, or employer or taxpayer identification number.
3. Other records. The prohibition in Sec. 1002.111(c) does not
extend to an application for credit, or any other records that the
financial institution maintains that are not specifically enumerated in
Sec. 1002.111(c).
4. Name and business contact information for submission. The
prohibition in Sec. 1002.111(c) does not bar financial institutions
from providing to the Bureau, pursuant to Sec. 1002.109(b)(3), the
name and business contact information of the person who may be
contacted by the Bureau or other regulators with questions about the
financial institution's submission under Sec. 1002.109.
Section 1002.112--Enforcement
112(b) Bona Fide Errors
1. Tolerances for bona fide errors. Section 1002.112(b) provides
that a financial institution is presumed to maintain procedures
reasonably adapted to avoid errors with respect to a given data field
if the number of errors found in a random sample of the financial
institution's data submission for the data field does not equal or
exceed a threshold specified by the Bureau for this purpose. The
Bureau's thresholds
[[Page 35568]]
appear in column C of the table in appendix F. The size of the random
sample, set out in column B, shall depend on the size of the financial
institution's small business lending application register, as shown in
column A of the table in appendix F. A financial institution has not
maintained procedures reasonably adapted to avoid errors if either
there is a reasonable basis to believe the error was intentional or
there is evidence that the financial institution has not maintained
procedures reasonably adapted to avoid errors.
2. Tolerances and data fields. For purposes of determining whether
an error is bona fide under Sec. 1002.112(b), the term ``data field''
generally refers to individual fields. All required data fields, and
valid response options for those fields, are set forth in the Bureau's
Filing Instructions Guide, available at https://www.consumerfinance.gov/data-research/small-business-lending/filing-instructions-guide/. Some data fields may allow for more than one
response. For example, with respect to information on the ethnicity and
race of an applicant's principal owner, a data field may identify more
than one race or ethnicity. If there are one or more errors within an
ethnicity data field, or within a race data field, for a particular
principal owner, they would count as one (and only one) error for that
data field. For instance, in the ethnicity data field, if an applicant
indicates that one of its principal owners is Cuban, but the financial
institution reports that the principal owner is Mexican and Puerto
Rican, the financial institution has made one error in the ethnicity
data field for that principal owner. For purposes of the error
threshold table in appendix F, the financial institution is deemed to
have made one error, not two.
3. Tolerances and safe harbors. An error that meets the criteria
for one of the four safe harbor provisions in Sec. 1002.112(c) is not
counted as an error for purposes of determining whether a financial
institution has exceeded the relevant error threshold in appendix F for
a given data field.
112(c) Safe Harbors
1. Information from a Federal agency--census tract. Section
1002.112(c)(2) provides that an incorrect entry for census tract is not
a violation of the Act or subpart B of this part, if the financial
institution obtained the census tract using a geocoding tool provided
by the FFIEC or the Bureau. However, this safe harbor provision does
not extend to a financial institution's failure to provide the correct
census tract number for a covered application on its small business
lending application register, as required by Sec. 1002.107(a)(13),
because the FFIEC or Bureau geocoding tool did not return a census
tract for the address provided by the financial institution. In
addition, this safe harbor provision does not extend to a census tract
error that results from a financial institution entering an inaccurate
address into the FFIEC or Bureau geocoding tool.
2. Applicability of NAICS code safe harbor. The safe harbor in
Sec. 1002.112(c)(3) applies to an incorrect entry for the 3-digit
NAICS code that financial institutions must collect and report pursuant
to Sec. 1002.107(a)(15), provided certain conditions are met. For
purposes of Sec. 1002.112(c)(3)(i), a financial institution is
permitted to rely on statements made by the applicant, information
provided by the applicant, or on other information obtained through its
use of appropriate third-party sources, including business information
products. See also comments 107(a)(15)-4 and 107(b)-1.
3. Incorrect determination of small business status, covered credit
transaction, or covered application--examples. Section 1002.112(c)(4)
provides a safe harbor from violations of the Act or this regulation
for a financial institution that initially collects data under Sec.
1002.107(a)(18) and (19) regarding whether an applicant for a covered
credit transaction is a minority-owned, a women-owned, or LGBTQI+-owned
business, and the ethnicity, race, and sex of the applicant's principal
owners, but later concludes that it should not have collected this
data, if certain conditions are met. Specifically, to qualify for this
safe harbor, Sec. 1002.112(c)(4) requires that the financial
institution have had a reasonable basis at the time it collected data
under Sec. 1002.107(a)(18) and (19) for believing that the application
was a covered application for a covered credit transaction from a small
business pursuant to Sec. Sec. 1002.103, 1002.104, and 1002.106,
respectively. For example, Financial Institution A collected data under
Sec. 1002.107(a)(18) and (19) from an applicant for a covered credit
transaction that had self-reported its gross annual revenue as $4.8
million. Sometime after Financial Institution A had collected this data
from the applicant, the financial institution reviewed the applicant's
tax returns, which indicated the applicant's gross annual revenue was
in fact $5.2 million. Financial Institution A is permitted to rely on
representations made by the applicant regarding gross annual revenue in
determining whether an applicant is a small business (see Sec.
1002.107(b) and comments 106(b)(1)-3 and 107(a)(14)-1). Thus, Financial
Institution A may have had a reasonable basis to believe, at the time
it collected data under Sec. 1002.107(a)(18) and (19), that the
applicant was a small business pursuant to Sec. 1002.106, in which
case Financial Institution A's collection of such data would not
violate the Act or this regulation.
Section 1002.114--Effective Date, Compliance Date, and Special
Transition Rules
114(b) Compliance Date
1. Application of compliance date. The applicable compliance date
in Sec. 1002.114(b) is the date by which the covered financial
institution must begin to compile data as specified in Sec. 1002.107,
comply with the firewall requirements of Sec. 1002.108, and begin to
maintain records as specified in Sec. 1002.111. In addition, the
covered financial institution must comply with Sec. 1002.110(c) and
(d) no later than June 1 of the year after the applicable compliance
date. For instance, if Sec. 1002.114(b)(2) applies to a financial
institution, it must comply with Sec. Sec. 1002.107 and 1002.108, and
portions of Sec. 1002.111, beginning April 1, 2025, and it must comply
with Sec. 1002.110(c) and (d), and portions of Sec. 1002.111, no
later than June 1, 2026.
2. Initial partial year collections pursuant to Sec. 1002.114(b).
i. When the compliance date of October 1, 2024 specified in Sec.
1002.114(b)(1) applies to a covered financial institution, the
financial institution is required to collect data for covered
applications during the period from October 1, 2024 to December 31,
2024. The financial institution must compile data for this period
pursuant to Sec. 1002.107, comply with the firewall requirements of
Sec. 1002.108, and maintain records as specified in Sec. 1002.111. In
addition, for data collected during this period, the covered financial
institution must comply with Sec. Sec. 1002.109 and 1002.110(c) and
(d) by June 1, 2025.
ii. When the compliance date of April 1, 2025 specified in Sec.
1002.114(b)(2) applies to a covered financial institution, the
financial institution is required to collect data for covered
applications during the period from April 1, 2025 to December 31, 2025.
The financial institution must compile data for this period pursuant to
Sec. 1002.107, comply with the firewall requirements of Sec.
1002.108, and maintain records as specified in Sec. 1002.111. In
addition, for data collected during this period, the covered financial
institution must
[[Page 35569]]
comply with Sec. Sec. 1002.109 and 1002.110(c) and (d) by June 1,
2026.
3. Informal names for compliance date provisions. To facilitate
discussion of the compliance dates specified in Sec. 1002.114(b)(1),
(2), and (3), in the official commentary and any other documents
referring to these compliance dates, the Bureau adopts the following
informal simplified names. Tier 1 refers to the cohort of covered
financial institutions that have a compliance date of October 1, 2024
pursuant to Sec. 1002.114(b)(1). Tier 2 refers to the cohort of
covered financial institutions that have a compliance date of April 1,
2025 pursuant to Sec. 1002.114(b)(2). Tier 3 refers to the cohort of
covered financial institutions that have a compliance date of January
1, 2026 pursuant to Sec. 1002.114(b)(3).
4. Examples. The following scenarios illustrate how to determine
whether a financial institution is a covered financial institution and
which compliance date specified in Sec. 1002.114(b) applies.
i. Financial Institution A originated 3,000 covered credit
transactions for small businesses in calendar year 2022, and 3,000 in
calendar year 2023. Financial Institution A is in Tier 1 and has a
compliance date of October 1, 2024.
ii. Financial Institution B originated 2,000 covered credit
transactions for small businesses in calendar year 2022, and 3,000 in
calendar year 2023. Because Financial Institution B did not originate
at least 2,500 covered credit transactions for small businesses in each
of 2022 and 2023, it is not in Tier 1. Because Financial Institution B
did originate at least 500 covered credit transactions for small
businesses in each of 2022 and 2023, it is in Tier 2 and has a
compliance date of April 1, 2025.
iii. Financial Institution C originated 400 covered credit
transactions to small businesses in calendar year 2022, and 1,000 in
calendar year 2023. Because Financial Institution C did not originate
at least 2,500 covered credit transactions for small businesses in each
of 2022 and 2023, it is not in Tier 1, and because it did not originate
at least 500 covered credit transactions for small businesses in each
of 2022 and 2023, it is not in Tier 2. Because Financial Institution C
did originate at least 100 covered credit transactions for small
businesses in each of 2022 and 2023, it is in Tier 3 and has a
compliance date of January 1, 2026.
iv. Financial Institution D originated 90 covered credit
transactions to small businesses in calendar year 2022, 120 in calendar
year 2023, and 90 in both of the calendar years 2024 and 2025. Because
Financial Institution D did not originate at least 100 covered credit
transactions for small businesses in each of 2022 and 2023, it is not
in Tier 1, Tier 2, or Tier 3. Because Financial Institution D did not
originate at least 100 covered credit transactions for small businesses
in subsequent consecutive calendar years, it is not a covered financial
institution under Sec. 1002.105(b) and is not required to comply with
the rule in 2024, 2025, or 2026.
v. Financial Institution E originated 120 covered credit
transactions for small businesses in each of calendar years 2022, 2023,
and 2024, and 90 in 2025. Because Financial Institution E did not
originate at least 2,500 or 500 covered credit transactions for small
businesses in each of 2022 and 2023, it is not in Tier 1 or Tier 2.
Because Financial Institution E originated at least 100 covered credit
transactions for small businesses in each of 2022 and 2023, it is in
Tier 3 and has a compliance date of January 1, 2026. However, because
Financial Institution E did not originate at least 100 covered credit
transactions for small businesses in each of 2024 and 2025, it no
longer satisfies the definition of a covered financial institution in
Sec. 1002.105(b) at the time of the compliance date for Tier 3
institutions and thus is not required to comply with the rule in 2026.
vi. Financial Institution F originated 90 covered credit
transactions for small businesses in calendar year 2022, and 120 in
2023, 2024, and 2025. Because Financial Institution F did not originate
at least 100 covered credit transactions for small businesses in each
of 2022 and 2023, it is not in Tier 1, Tier 2, or Tier 3. Because
Financial Institution F originated at least 100 covered credit
transactions for small businesses in subsequent calendar years, Sec.
1002.114(b)(4), which cross-references Sec. 1002.105(b), applies to
Financial Institution F. Because Financial Institution F originated at
least 100 covered credit transactions for small businesses in each of
2024 and 2025, it is a covered financial institution under Sec.
1002.105(b) and is required to comply with the rule beginning January
1, 2026.
vii. Financial Institution G originated 90 covered credit
transactions for small businesses in each of calendar years 2022, 2023,
2024, and 2025, and 120 in each of 2026 and 2027. Because Financial
Institution F did not originate at least 100 covered credit
transactions for small businesses in each of 2022 and 2023, it is not
in Tier 1, Tier 2, or Tier 3. Because Financial Institution G
originated at least 100 covered credit transactions for small
businesses in subsequent calendar years, Sec. 1002.114(b)(4), which
cross-references Sec. 1002.105(b), applies to Financial Institution G.
Because Financial Institution G originated at least 100 covered credit
transactions for small businesses in each of 2026 and 2027, it is a
covered financial institution under Sec. 1002.105(b) and is required
to comply with the rule beginning January 1, 2028.
114(c) Special Transition Rules
1. Collection of certain information prior to a financial
institution's compliance date. Notwithstanding Sec. 1002.5(a)(4)(ix),
a financial institution that chooses to collect information on covered
applications as permitted by Sec. 1002.114(c)(1) in the 12 months
prior to its initial compliance date as specified in Sec.
1002.114(b)(1), (2) or (3) need comply only with the requirements set
out in Sec. Sec. 1002.107(a)(18) and (19), 1002.108, and 1002.111(b)
and (c) with respect to the information collected. During this 12-month
period, a covered financial institution need not comply with the
provisions of Sec. 1002.107 (other than Sec. Sec. 1002.107(a)(18) and
(19)), 1002.109, 1002.110, 1002.111(a), or 1002.114.
2. Transition rule for applications received prior to a compliance
date but final action is taken after a compliance date. If a covered
financial institution receives a covered application from a small
business prior to its initial compliance date specified in Sec.
1002.114(b), but takes final action on or after that date, the
financial institution is not required to collect data regarding that
application pursuant to Sec. 1002.107 nor to report the application
pursuant to Sec. 1002.109. For example, if a financial institution is
subject to a compliance date of October 1, 2024, and it receives an
application on September 15, 2024 but does not take final action on the
application until October 5, 2024, the financial institution is not
required to collect data pursuant to Sec. 1002.107 nor to report data
to the Bureau pursuant to Sec. 1002.109 regarding that application.
3. Has readily accessible the information needed to determine small
business status. A financial institution has readily accessible the
information needed to determine whether its originations of covered
credit transactions were for small businesses as defined in Sec.
1002.106 if, for instance, it in the ordinary course of business
collects data on the precise gross annual revenue of the businesses for
which it originates loans, it obtains information sufficient to
determine whether an applicant for business credit had gross annual
revenues of $5 million or less, or if it collects and reports similar
data to
[[Page 35570]]
Federal or State government agencies pursuant to other laws or
regulations.
4. Does not have readily accessible the information needed to
determine small business status. A financial institution does not have
readily accessible the information needed to determine whether its
originations of covered credit transactions were for small businesses
as defined in Sec. 1002.106 if it did not in the ordinary course of
business collect either precise or approximate information on whether
the businesses to which it originated covered credit had gross annual
revenue of $5 million or less. In addition, even if precise or
approximate information on gross annual revenue was initially
collected, a financial institution does not have readily accessible
this information if, to retrieve this information, for example, it must
review paper loan files, recall such information from either archived
paper records or scanned records in digital archives, or obtain such
information from third parties that initially obtained this information
but did not transmit such information to the financial institution.
5. Reasonable method to estimate the number of originations. The
reasonable methods that financial institutions may use to estimate
originations for 2022 and 2023 include, but are not limited to, the
following:
i. A financial institution may comply with Sec. 1002.114(c)(2) by
determining the small business status of covered credit transactions by
asking every applicant, prior to the closing of approved transactions,
to self-report whether it had gross annual revenue for its preceding
fiscal year of $5 million or less, during the period October 1 through
December 31, 2023. The financial institution may annualize the number
of covered credit transactions it originates to small businesses from
October 1 through December 31, 2023 by quadrupling the originations for
this period, and apply the annualized number of originations to both
calendar years 2022 and 2023.
ii. A financial institution may comply with Sec. 1002.114(c)(2) by
assuming that every covered credit transaction it originates for
business customers in calendar years 2022 and 2023 is to a small
business.
iii. A financial institution may comply with Sec. 1002.114(c)(2)
by using another methodology provided that such methodology is
reasonable and documented in writing.
6. Examples. The following scenarios illustrate the potential
application of Sec. 1002.114(c)(2) to a financial institution's
compliance date under Sec. 1002.114(b).
i. Prior to October 1, 2023, Financial Institution A did not
collect gross annual revenue or other information that would allow it
to determine the small business status of the businesses for whom it
originated covered credit transactions in calendar years 2022 and 2023.
Financial Institution A chose to use the methodology set out in comment
114(c)-5.i and as of October 1, 2023 began to collect information on
gross annual revenue as defined in Sec. 1002.107(a)(14) for its
covered credit transactions originated for businesses. Using this
information, Financial Institution A determined that it had originated
750 covered credit transactions for businesses that were small as
defined in Sec. 1002.106. On an annualized basis, Financial
Institution A originated 3,000 covered credit transactions for small
businesses (750 originations * 4 = 3,000 originations per year).
Applying this annualized figure of 3,000 originations to both calendar
years 2022 and 2023, Financial Institution A is in Tier 1 and has a
compliance date of October 1, 2024.
ii. Prior to July 1, 2023, Financial Institution B collected gross
annual revenue information for some applicants for business credit, but
such information was only noted in its paper loan files. Financial
Institution B thus does not have reasonable access to information that
would allow it to determine the small business status of the businesses
for whom it originated covered credit transactions for calendar years
2022 and 2023. Financial Institution B chose to use the methodology set
out in comment 114(c)-5.i, and as of October 1, 2023, Financial
Institution B began to ask all businesses for whom it was closing
covered credit transactions if they had gross annual revenues in the
preceding fiscal year of $5 million or less. Using this information,
Financial Institution B determined that it had originated 350 covered
credit transactions for businesses that were small as defined in Sec.
1002.106. On an annualized basis, Financial Institution B originated
1,400 covered credit transactions for small businesses (350
originations * 4 = 1,400 originations per year). Applying this
estimated figure of 1,400 originations to both calendar years 2022 and
2023, Financial Institution B is in Tier 2 and has a compliance date of
April 1, 2025.
iii. Prior to April 1, 2023, Financial Institution C did not
collect gross annual revenue or other information that would allow it
to determine the small business status of the businesses for whom it
originated covered credit transactions in calendar years 2022 and 2023.
Financial Institution C chose its own methodology pursuant to comment
114(c)-5.iii, basing it in part on the methodology specified in comment
114(c)-5.i. Starting on April 1, 2023, Financial Institution C began to
ask all business applicants for covered credit transactions if they had
gross annual revenue in their preceding fiscal year of $5 million or
less. Using this information, Financial Institution C determined that
it had originated 100 covered credit transactions for businesses that
were small as defined in Sec. 1002.106. On an annualized basis,
Financial Institution C originated approximately 133 covered credit
transactions for small businesses ((100 originations * 365 days)/275
days = 132.73 originations per year). Applying this estimate of 133
originations to both calendar years 2022 and 2023, Financial
Institution C is in Tier 3 and has a compliance date of January 1,
2026.
iv. Financial Institution D did not collect gross annual revenue or
other information that would allow it to determine the small business
status of the businesses for whom it originated covered credit
transactions in calendar years 2022 and 2023. Financial Institution D
determined that it had originated 3,000 total covered credit
transactions for businesses in each of 2022 and 2023. Applying the
methodology specified in comment 114(c)-5.ii, Financial Institution D
assumed that all 3,000 covered credit transactions originated in each
of 2022 and 2023 were to small businesses. On that basis, Financial
Institution D is in Tier 1 and has a compliance date of October 1,
2024.
v. Financial Institution E did not collect gross annual revenue or
other information that would allow it to determine the small business
status of the businesses for whom it originated covered credit
transactions in calendar years 2022 and 2023. Financial Institution E
determined that it had originated 700 total covered credit transactions
for businesses in each of 2022 and 2023. Applying the methodology
specified in comment 114(c)-5.ii, Financial Institution E assumed that
all such transactions in each of 2022 and 2023 were originated for
small businesses. On that basis, Financial Institution E is in Tier 2
and has a compliance date of April 1, 2025.
vi. Financial Institution F did does not have readily accessible
gross annual revenue or other information that would allow it to
determine the small business status of the businesses for whom it
originated covered credit transactions in calendar years 2022 and 2023.
Financial Institution F determined that it had originated 80 total
covered credit transactions for businesses in 2022 and
[[Page 35571]]
150 total covered credit transactions for businesses in 2023. Applying
the methodology set out in comment 114(c)-5.ii, Financial Institution F
assumed that all such transactions originated in 2022 and 2023 were
originated for small businesses. On that basis, Financial Institution E
is not in Tier 1, Tier 2 or Tier 3, and is subject to the compliance
date provision specified in Sec. 1002.114(b)(4).
* * * * *
Rohit Chopra,
Director, Consumer Financial Protection Bureau.
[FR Doc. 2023-07230 Filed 5-30-23; 8:45 am]
BILLING CODE 4810-AM-P
