Small Business Lending Data Collection

What’s the issue?

Section 1071 of the Dodd-Frank act requires lenders to collect and report to the Consumer Financial Protection Bureau (CFPB) information on small business lending for the purposes of enforcing fair lending laws and supporting community development efforts. The CFPB recently finalized a rule implementing Section 1071, which directs what data must be collected, but there are still unanswered questions about how that data will be used and how much of it may be public. Banks and other lenders who make at least 100 small business loans in each of the two preceding calendar years will be required to collect the information.

The current rule states that 81 data points must be collected on lending to businesses that make $5 million or less in gross annual revenue. Data points to be collected include:

  • the loan’s purpose
  • the amount requested and approved
  • whether the business is women-owned, minority-owned and/or LGBTQI+-owned
  • the race, gender, and ethnicity of the business’s principal owners
  • loan pricing (including interest rates, fees, broker charges, and prepayment penalties)
  • the number of employees and contractors

The final rule provides a phased-in approach to when lenders must start collecting the information, depending on a lender’s loan volume. Some lenders will have only 18 months to prepare for collection, while others may have 2 years or 3 years, depending on their loan volume.

How does this impact my community?

The enormity of the data points to be collected will drive up the cost of making small business loans for banks, which will ultimately drive up the cost of credit for small businesses. The low threshold for determining which lenders must report may also lead to fewer banks offering small business loans, since the cost of maintaining the necessary compliance regime will make low-volume small business lending programs unviable.   Without some adjustments to right-size the data collection requirements of the rule, it could have the unintended consequences of restricting access to credit for small businesses and making small business loans more expensive.

Additionally, the final rule states that the CFPB will not go through a public rule-making procedure to determine whether and how data will be redacted prior to publication. Publication will create privacy concerns for small businesses that do not want their information made public and will not have a say in it.

What can policymakers do about it?

The CFPB has issued its final rule, which means it is unlikely to change it without a directive from Congress.

Congress has an opportunity to pass legislation that would prevent unintended consequences for access to credit for small businesses, ease the burden on community banks and protect small businesses’ privacy. H.R. 1806, the Small LENDER Act, would adjust the final rule to apply to lenders originating at least 500 small business loans in each of the two preceding calendar years rather than those originating at least 100 small business loans; and only cover loans to businesses with gross annual revenues of $1 million or less, rather than businesses with revenues of $5 million or less. A 500-loan threshold would still cover 70% of bank lending to small businesses, which would produce a robust data set for enforcement of fair lending and support for community development, without driving small lenders out of the market.

H.R. 1810, the Bank Loan Privacy Act would direct the CFPB to issue a rule-making for public comment about how the 1071 information collected will be shared and used. Opening up the privacy considerations to a rule-making procedure would allow small business customers to weigh in with their views and concerns about privacy.

Congress should move quickly to consider these bills.