Final rule governing data collection and reporting
Regulatory attentions on small businesses at both the federal and state levels put forth “consumer protection-like” requirements/expectations. The release of the long-anticipated Dodd-Frank-required “1071 data” collection rule serves to reinforce the focus on small businesses in addition to the significant data collection, data quality, and regulatory reporting requirements and associated analytics (similar to mortgage lending reporting under the Home Mortgage Disclosure Act (HMDA)). This final rule will subject small business lending to additional supervision under other historically “consumer” laws and regulations. Heightened risk and compliance areas requiring business and risk management include: data (accuracy, privacy, security); fair lending; community development; UDAAP; KYC/AML; operational procedures/training, disclosures; models; and technology (systems upgrades, constraints, reporting).
The Consumer Financial Protection Bureau (CFPB) has issued its final small business lending rule, which amends Regulation B to implement changes to the Equal Credit Opportunity Act (ECOA) made by Section 1071 of the Dodd-Frank Act. Consistent with Section 1071, the rule requires covered financial institutions to collect and report to CFPB data on applications for credit for small businesses, including those that are owned by women or minorities.
The final rule is substantially similar to the proposal with some modifications including:
The final rule will become effective ninety (90) days after publication in the Federal Register.
Highlights from the final rule are outlined below.
The final rule identifies numerous data points that are required to be collected and reported, including: