THOMSON REUTERS
Westlaw Today
Enter to open, tab to navigate, enter to select
Commercial lenders: Are you getting ready for the CFPB?
2023 PRINDBRF 0245
• Practitioner Insights Commentaries
• May 11, 2023
(May 11, 2023) - Adams and Reese attorneys Amy Hanna Keeney, Lauren Baio and Phil Buffington discuss the Consumer Financial Protection Bureau's rule requiring certain financial institutions to report on their small-business lending activities.
On March 30, 2023, the Consumer Financial Protection Bureau ("CFPB") (finally) issued its Final Rule on Section 1071 — only one day ahead of the court-ordered deadline to do so.1 This means that covered financial institutions ("FIs"), including non-bank commercial lenders, are on the clock to start preparing policies to enable them to collect and report data regarding their small business lending activities.
As you may remember, back in September 2021,2 the CFPB issued a notice of proposed rulemaking to implement Section 1071 of the Dodd-Frank Act ("The Rule"). The Rule amends existing Regulation B, the implementing regulation associated with the Equal Credit Opportunity Act ("ECOA"), to require lenders to collect and report certain data in connection with small business credit applications, including women- and minority-owned businesses, and report that data to the CFPB.
In order to achieve the CFPB's above-mentioned goals, The Rule requires lenders making more than 100 small business loans per year to collect and report certain data about the applications they receive, whether accepted or denied. The data required to be collected and reported, includes, among other information: demographic and geographic data; price of credit; and lending decisions. FIs are required to report data to the CFPB on or before June 1 following the calendar year for which data is collected.
The Rule will work in concert with the Community Reinvestment Act to increase transparency in small business lending, promote economic development, and combat unlawful discrimination. There are several important definitions in The Rule, including the definition of a "small business." The Rule also covers issues involving privacy concerns, recordkeeping and enforcement amount others.
The Rule will become effective 90 days after it is published on the Federal Register, which has not yet occurred as of the date of this alert. The effective date, however, is far less important than the mandatory compliance dates in The Rule. The mandatory compliance dates are staggered depending on the volume of lending a FI does, and FIs will be expected to begin collecting data in compliance with The Rule as early as October 2024. This means data reporting to the CFPB will begin as early as June 2025.
FIs affected by The Rule as defined in the statute are:
•Banks
•Savings associations
•Credit unions
•Non-depository financial institutions (such as venture capitalists, insurance firms, and currency exchanges)
The Rule sets forth requirements based upon the size of the FI, and it provides the applicable reporting requirements ranging from FIs originating at least 2,500 to less than 100 small business loans. The types of lending covered under The Rule include: lines of credit; closed-end loans; business credit cards; online credit products; and merchant cash advances. An equally important provision of The Rule excludes loans that are already reportable under the Home Mortgage Disclosure Act (HMDA).
The Rule also excludes some transactions from coverage, such as factoring, leases, consumer-designated credit and credit transaction purchases, purchases of an interest in a pool of credit transactions, and purchases of a partial interest in a credit transaction.
Finally, a unique provision of The Rule provides for a Firewall to be established as to who can have access to certain data once collected. The Rule requires FIs — "where feasible" — to shield an applicant's demographic information from any employee or officer involved in the credit-making decision. The obvious intent of this provision is to prevent discrimination, but it will be difficult for smaller FIs, with smaller staffs, to create and maintain this firewall.
The CFPB built in an exception of sorts for institutions that cannot feasibly firewall this information, but, in a calculated response to the comments received in response to its Notice of Proposed Rulemaking in September 2021,3 the CFPB declined to develop or define the term "feasible."
Instead, the CFPB explained that the "feasibility" analysis should not occur on a macro level but, rather, should occur on a more granular, employee-by-employee level. In other words, a FI's determination that a particular employee or officer should have access to demographic information collected from applicants means that it is not feasible to maintain a firewall as to that particular employee or officer — not the entire FI.
Notes
1 Back in 2010, Congress enacted requirements for lenders to make data available to the public on their small business lending activities. The CFPB did not issue rules to implement this requirement immediately, however. The California Reinvestment Coalition sued the CFPB in 2019, which resulted in a court order requiring the CFPB to finalize The Rule by March 31, 2023.
2 https://bit.ly/42RoShn.
3 Id.
Amy L. Hanna Keeney, CIPP/US, is a partner in Adams and Reese LLP's Atlanta office and the firm's financial services regulatory and compliance team leader. She has extensive experience helping banks, credit unions, and other financial service providers of all sizes launch and service new financial products, and advises them on the increasingly complex regulatory landscape for fintech services and products. She can be reached at [email protected]. Lauren A. Baio is an associate in the firm's Washington, D.C., office who focuses on financial services, including commercial restructuring and bankruptcy, and commercial litigation. She can be reached at [email protected]. C. Phillip Buffington Jr. is a partner and financial services-community bank team leader in the firm's Jackson, Mississippi, office. He advises financial institutions throughout the United States on federal and state banking laws and regulations. He can be reached at [email protected]. This article was originally published April 29, 2023, on the firm's website. Republished with permission.
)
Amy L. Hanna Keeney)
Lauren A. Baio)
C. Phillip Buffington Jr.| End of Document | © 2024 Thomson Reuters. No claim to original U.S. Government Works. |